Terms & Conditions
1. General
For us, Emmi AI GmbH, Bürgerstraße 6, 4020 Linz, Austria ("Emmi AI", "we", "us"), the protection of your personal data is a matter of utmost importance. Thus, Emmi AI complies with all the applicable provisions on data protection, in particular the General Data Protection Regulation ("GDPR"), the Austrian Data Protection Act (Datenschutzgesetz, "DSG") and the Austrian Telecommunications Act (Telekommunikationsgesetz, "TKG").
This privacy policy informs you about the type, scope and purpose of collection and processing of your personal data through Emmi AI in connection with visiting and using our website www.emmi.ai ("Website").
2. Name and address of the controller
The controller responsible for processing your personal data in accordance with data protection regulations is:
Emmi AI GmbH
Bürgerstraße 6
4020 Linz
Austria
Email: privacy@emmi.ai
3. What is personal data?
Personal data refers to information about data subjects (natural persons) whose identity is determined or at least identifiable (eg, name, email address, or IP address).
4. What data do we collect from visitors and users of our website?
4.1 Get in contact
If you contact us via the contact form provided on our website or by post, we will process the personal data you provide (e-mail address, name, telephone number and your inquiry or the associated documents) for the purpose of processing your inquiry and responding to you accordingly.
For the processing and responding, we rely on our legitimate interest in accordance with Art 6 para 1 lit f GDPR, which is to process and respond to your request quickly and, if necessary, to respond to further queries. If your request results in the conclusion of a contract, we also process the personal data from your request on the basis of our (pre-)contractual obligations in accordance with Art 6 para 1 lit b GDPR.
We store your data for a period of six months to process your contact/enquiry so that we can respond appropriately to follow-up questions. Data will only be stored for longer if a contract is subsequently concluded, due to statutory retention periods or for defense in the event of any legal disputes.
4.2 Social Media
You can interact with us on our social media pages by commenting on our posts, reacting to them (e.g. using the "Like" button), sharing them, or sending them to other users. We process your interactions, your username and personal data of invited third parties. These data may also be processed by the social media platforms. In this case, we and the respective platform are joint controllers according to Art 26 GDPR. For more information about data processing carried out by the platforms, please refer to the following links:
We process your personal data to answer your questions, give you the opportunity to express yourself, respond to your opinions or feedback and to promote our services. Therefore, the processing is based on both our and your legitimate interests pursuant to Art 6 para 1 lit f GDPR or the fulfilment of our (pre-)contractual obligations pursuant to Art 6 para 1 lit b GDPR.
We retain your personal data for as long as we need it to fulfil the stated purposes. Your data will then be deleted.
5. Storage period
We only store your personal data for as long as it is necessary for the purpose. After that, your data will be permanently deleted or, in any case, irrevocably anonymized.
In addition, we store your personal data until the expiry of the statutory limitation period (usually three years after the end of the contract, but no longer than 30 years) and until the conclusion of any legal proceedings if the data is required as evidence. We store your requests as a data subject for 18 months.
This applies without prejudice to cases in which longer storage is required for legal disputes, inquiries from the competent authorities, or in accordance with applicable law.
If the data processing is carried out in the legitimate interest of us or a third party, your personal data will be deleted as soon as this interest no longer exists, unless the above-mentioned statutory retention obligations require us to store it for a longer period. This also applies to data processing based on consent given. As soon as you revoke this consent for the future, the personal data will be deleted immediately, unless one of the above legal retention obligations requires longer storage.
6. Do we share your data?
We will not pass on your collected personal data mentioned above to third parties unless this is necessary to fulfil our obligations or is required by law/authorities.
However, your personal data will also be processed by our service providers (processors) in order to operate our website and our communication channels. These processors are, in particular, providers of marketing tools, IT service providers, providers of other tools and software solutions, IT maintenance services and other providers of similar services. All our processors process your data only on our behalf and on the basis of our instructions for the purposes described above in accordance with the agreement concluded pursuant to Art 28 GDPR.
Moreover, we may disclose your personal data to the following recipients:
- to external third parties to the extent necessary based on our legitimate interests (e.g. auditors, collection agencies, insurance companies in case of insurance claims, legal representatives in case of legal matters, etc);
- to courts, authorities and other public bodies to the extent legally required (e.g. tax authorities etc).
Your personal data will not be disclosed to any other third parties for their purposes without your consent.
7. Will your data be transferred to countries outside the EU/EEA?
In principle, we do not transfer your data to countries outside the European Union (EU) or the European Economic Area (EEA). In cases, where we do need to transfer your data to countries outside the EU or EEA, we only transfer your data to countries that offer an adequate level of data protection as determined by adequacy decisions of the European Commission (https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en).
The transfer of your personal data to countries outside the EU/EEA that do not ensure an adequate level of protection will only take place if Emmi AI and the recipients of the data have concluded the standard contractual clauses of the European Commission (SCCs) as adequate safeguards for the protection of your personal data and have implemented supplementary security measures, or if you have given your express voluntary consent.
8. How do we protect your data?
We do our best to make your visit and use of our website as secure as possible. Thus, we comply with the provisions of Art 32 GDPR to ensure the confidentiality and security of your personal data and have implement appropriate technical and organizational security measures.
9. What are your rights?
As a data subject, you can exercise the rights provided for in the applicable legislation on the protection of personal data with regard to the data processing described here:
- to obtain confirmation as to whether personal data concerning you is being processed and, if so, to obtain access to the data and related information (in particular the purposes of the processing; the categories of personal data processed; the recipients or categories of recipients to whom the data have been or will be disclosed; the duration of storage of the data or the criteria for determining this; the existence of the right to rectify or delete the data or to restrict or object to its processing; the right to lodge a complaint with a supervisory authority; the origin of the data; the possible existence of automated decision-making, including profiling, and, in such cases, meaningful information about the logic involved and the significance and expected consequences of such processing for the data subject; the appropriate safeguards in the event of personal data being transferred outside the EU/EEA), as well as a copy of this personal data, provided that this does not affect the rights and freedoms of other persons (right of access, Art 15 GDPR).
- The rectification of your personal data, i.e. the correction, modification or updating of inaccurate or no longer applicable data, as well as the completion of incomplete personal data, including by means of a supplementary statement (right to rectification, Art 16 GDPR).
- to request the erasure of your personal data, in particular if (i) it is no longer necessary for the purposes for which it was collected or processed, or (ii) it has been processed unlawfully, or (iii) it must be erased to comply with a legal obligation, or finally (iv) you have objected to the processing (see below "Right to object") and there are no overriding legitimate grounds for Emmi AI to continue the processing in any case (right to erasure, Art 17 GDPR). In particular, deletion cannot take place if the processing is necessary for compliance with a legal obligation or for the establishment, exercise, or defense of legal claims in court.
- to obtain restriction of the processing of your personal data, i.e. that Emmi AI retains this data without being able to use it. This right may be exercised in particular if (i) the accuracy of the personal data is contested, for the period required by Emmi AI to verify the accuracy of the data, or (ii) the processing of the data is unlawful and a restriction on the use of the data is requested instead of its erasure, or (iii) although Emmi AI no longer needs them for the purposes of the processing, the personal data is required by the data subject for the establishment, exercise, or defense of legal claims; or (iv) you have objected to the processing (see below "Right to object") pending verification of whether the legitimate grounds of Emmi AI override those of the data subject (right to restriction of processing, Art 18 GDPR).
- to request Emmi AI to store the personal data processed on the basis of your consent or on the basis of a contract in a commonly used format and, where technically feasible, to transmit it directly to a third party designated by you (right to data portability, Art 20 GDPR).
- To withdraw your consent at any time without giving reasons with effect for the future, e.g. by email to privacy@emmi.ai (right to withdraw consent, Art 7 para 3 GDPR).
Furthermore, as a data subject, you have the right to object (Art 21 GDPR) to direct marketing measures and, at any time, on grounds relating to your particular situation, to the processing of your personal data for the purpose of contract execution and fulfillment between Emmi AI and the provider. In this case, Emmi AI will refrain from further processing of your personal data unless it can demonstrate compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject or the processing serves to assert, exercise, or defend legal claims.
If you believe that your personal data has been processed unlawfully, you have the right to lodge a complaint with the data protection authority at Barichgasse 40-42, 1030 Vienna, Austria, or lodge a judicial appeal (Art 77 GDPR). The complaint may also be lodged with the supervisory authority of the EU country in which you have your habitual residence or place of work, or with the supervisory authority of the place where the alleged infringement took place.
To exercise these rights, you can contact us at any time, for example in writing to Emmi AI GmbH, Bürgerstraße 6, 4020 Linz, Austria, or at the email address privacy@emmi.ai.
10. Changes
The continuous development of our activities may lead to changes in the characteristics of the processing of your personal data described above. Therefore, this privacy policy may be subject to changes and additions over time, which may also be necessary in view of new laws on the protection of personal data.
In the event of significant changes to this policy, we will inform you separately. In addition, the current version of the privacy policy can be accessed at any time via https://emmi.ai/privacy-policy.
.svg)
