Legal Notice 

Information in accordance with §5 of the E-Commerce Act, §14 of the Unternehmensgesetzbuch, §63 of the Commercial Code and disclosure requirements under §25 of the Media Act.

Cryptico GmbH​
Schubertring 6,
1010 Wien,​

Object of the company: IT Dienstleistungen​
Corporate register number: FN 562498 d​
Corporate register court: Wien​
Company location: 1010 Wien

UID: ATU77307219

Chief executive​: Ben Schönfeld, Swen Brüseke 

Privacy policy 

We have written this privacy policy (version 16.08.2021-121808382) in order to explain to you, in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (data for short) we as the controller – and the processors commissioned by us (e.g. providers) – process, will process in the future and what legal options you have. The terms used are to be considered as gender-neutral.​

In short: We provide you with comprehensive information about any personal data we process about you. 

Privacy policies usually sound very technical and use legal terminology. However, this privacy policy is intended to describe the most important things to you as simply and transparently as possible. So long as it aids transparency, technical terms are explained in a reader-friendly manner, links to further information are provided and graphics are used. We are thus informing in clear and simple language that we only process personal data in the context of our business activities if there is a legal basis for it. This is certainly not possible with brief, unclear and legal-technical statements, as is often standard on the Internet when it comes to data protection. I hope you find the following explanations interesting and informative. Maybe you will also find some information that you have not been familiar with.​ If you still have questions, we would like to ask you to contact the responsible body named below or in the imprint, to follow the existing links and to look at further information on third-party sites. You can of course also find our contact details in the imprint.


This privacy policy applies to all personal data processed by our company and to all personal data processed by companies commissioned by us (processors). With the term personal data, we refer to information within the meaning of Article 4 No. 1 GDPR, such as the name, email address and postal address of a person. The processing of personal data ensures that we can offer and invoice our services and products, be it online or offline. The scope of this privacy policy includes: 

  • all online presences (websites, online shops) that we operate
  • Social media presences and email communication
  • mobile apps for smartphones and other devices

In short: This privacy policy applies to all areas in which personal data is processed in a structured manner by the company via the channels mentioned. Should we enter into legal relations with you outside of these channels, we will inform you separately if necessary.

Legal bases

In the following privacy policy, we provide you with transparent information on the legal principles and regulations, i.e. the legal bases of the General Data Protection Regulation, which enable us to process personal data.​ Whenever EU law is concerned, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 27, 2016. You can of course access the General Data Protection Regulation of the EU online at EUR-Lex, the gateway to EU law, at 

We only process your data if at least one of the following conditions applies: 

  1. Consent (Article 6 Paragraph 1 lit. a GDPR): You have given us your consent to process data for a specific purpose. An example would be the storage of data you entered into a contact form. 
  2. Contract (Article 6 Paragraph 1 lit. b GDPR): We process your data in order to fulfill a contract or pre-contractual obligations with you. For example, if we conclude a sales contract with you, we need personal information in advance. 
  3. Legal obligation (Article 6 Paragraph 1 lit. c GDPR): If we are subject to a legal obligation, we will process your data. For example, we are legally required to keep invoices for our bookkeeping. These usually contain personal data. 
  4. Legitimate interests (Article 6 Paragraph 1 lit. f GDPR): In the case of legitimate interests that do not restrict your basic rights, we reserve the right to process personal data. For example, we have to process certain data in order to be able to operate our website securely and economically. Therefore, the processing is a legitimate interest.

Other conditions such as making recordings in the interest of the public, the exercise of official authority as well as the protection of vital interests do not usually occur with us. Should such a legal basis be relevant, it will be disclosed in the appropriate place. 

In addition to the EU regulation, national laws also apply: 

  • In Austria this is the Austrian Data Protection Act (Datenschutzgesetz), in short DSG. 

Should other regional or national laws apply, we will inform you about them in the following sections. 

Contact details of the data protection controller 

If you have any questions about data protection, you will find the contact details of the responsible person or controller below:​

Cryptico GmbH​
Schubertring 6,
1010 Wien​

Authorised to represent: Ben Schönfeld, Swen Brüseke​

Storage Period

It is a general criterion for us to store personal data only for as long as is absolutely necessary for the provision of our services and products. This means that we delete personal data as soon as any reason for the data processing no longer exists. In some cases, we are legally obliged to keep certain data stored even after the original purpose no longer exists, such as for accounting purposes. 

If you want your data to be deleted or if you want to revoke your consent to data processing, the data will be deleted as soon as possible, provided there is no obligation to continue its storage. 

We will inform you below about the specific duration of the respective data processing, provided we have further information. 

Rights in accordance with the General Data Protection Regulation

You are granted the following rights in accordance with the provisions of the GDPR (General Data Protection Regulation) and the Austrian Data Protection Act (DSG): 

  • right to rectification (article 16 GDPR) 
  • right to erasure (“right to be forgotten“) (article 17 GDPR) 
  • right to restrict processing (article 18 GDPR) 
  • righ to notification – notification obligation regarding rectification or erasure of personal data or restriction of processing (article 19 GDPR) 
  • right to data portability (article 20 GDPR) 
  • Right to object (article 21 GDPR) 
  • right not to be subject to a decision based solely on automated processing – including profiling – (article 22 GDPR) 

If you think that the processing of your data violates the data protection law, or that your data protection rights have been infringed in any other way, you can lodge a complaint with your respective regulatory authority. For Austria this is the data protection authority, whose website you can access at 

Web hosting 

Web hosting Overview​

Affected parties: visitors to the website​
Purpose: professional hosting of the website and security of operations​
Processed data: IP address, time of website visit, browser used and other data. You can find more details on this below or at the respective web hosting provider.​
Storage period: dependent on the respective provider, but usually 2 weeks​
Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interests) 

What is web hosting? 

Every time you visit a website nowadays, certain information – including personal data – is automatically created and stored, including on this website. This data should be processed as sparingly as possible, and only with good reason. By website, we mean the entirety of all websites on your domain, i.e. everything from the homepage to the very last subpage (like this one here). By domain we mean or 

When you want to view a website on a screen, you use a program called a web browser. You probably know the names of some web browsers: Google Chrome, Microsoft Edge, Mozilla Firefox, and Apple Safari. 

The web browser has to connect to another computer which stores the website’s code: the web server. Operating a web server is complicated and time-consuming, which is why this is usually done by professional providers. They offer web hosting and thus ensure the reliable and flawless storage of website data. 

Whenever the browser on your computer establishes a connection (desktop, laptop, smartphone) and whenever data is being transferred to and from the web server, personal data may be processed. After all, your computer stores data, and the web server also has to retain the data for a period of time in order to ensure it can operate properly. 

Why do we process personal data? 

The purposes of data processing are: 

  1. Professional hosting of the website and operational security 
  2. To maintain the operational as well as IT security 
  3. Anonymous evaluation of access patterns to improve our offer, and if necessary, for prosecution or the pursuit of claims. 

Which data are processed? 

Even while you are visiting our website, our web server, that is the computer on which this website is saved, usually automatically saves data such as 

  • the full address (URL) of the accessed website (e. g. 
  • browser and browser version (e.g. Chrome 87) 
  • the operating system used (e.g. Windows 10) 
  • the address (URL) of the previously visited page (referrer URL) (e. g. 
  • the host name and the IP address of the device from the website is being accessed from (e.g. COMPUTERNAME and 
  • date and time 
  • in so-called web server log files 

How long is the data stored? 

Generally, the data mentioned above are stored for two weeks and are then automatically deleted. We do not pass these data on to others, but we cannot rule out the possibility that this data may be viewed by the authorities in the event of illegal conduct. 

In short: Your visit is logged by our provider (company that runs our website on special computers (servers)), but we do not pass on your data without your consent!

Legal basis 

The lawfulness of processing personal data in the context of web hosting is justified in Art. 6 para. 1 lit. f GDPR (safeguarding of legitimate interests), as the use of professional hosting with a provider is necessary to present the company in a safe and user-friendly manner on the internet, as well as to have the ability to track any attacks and claims, if necessary.
Legal Notice 
Information in accordance with §5 of the E-Commerce Act, §14 of the 
Unternehmensgesetzbuch, §63 of the Commercial Code and disclosure requirements under 
§25 of the Media Act. 
Cryptico GmbH
Schubertring 6, 
1010 Wien, 
Object of the company: IT Dienstleistungen
Corporate register number: FN 562498 d
Corporate register court: Wien
Company location: 1010 Wien 
Chief executive
Ben Schönfeld, Swen Brüseke 
Privacy policy 
Privacy Policy 
We have written this privacy policy (version 16.08.2021-121808382) in order to explain to 
you, in accordance with the provisions of the General Data Protection Regulation (EU) 
2016/679 and applicable national laws, which personal data (data for short) we as the 
controller – and the processors commissioned by us (e.g. providers) – process, will process in 
the future and what legal options you have. The terms used are to be considered as 
In short: We provide you with comprehensive information about any personal data we 
process about you. 
Privacy policies usually sound very technical and use legal terminology. However, this 
privacy policy is intended to describe the most important things to you as simply and 
transparently as possible. So long as it aids transparency, technical terms are explained in a 
reader-friendly manner, links to further information are provided and graphics are used. We 
are thus informing in clear and simple language that we only process personal data in the 
context of our business activities if there is a legal basis for it. This is certainly not possible 
with brief, unclear and legal-technical statements, as is often standard on the Internet when it 
comes to data protection. I hope you find the following explanations interesting and 
informative. Maybe you will also find some information that you have not been familiar with.
If you still have questions, we would like to ask you to contact the responsible body named 
below or in the imprint, to follow the existing links and to look at further information on 
third-party sites. You can of course also find our contact details in the imprint. 
This privacy policy applies to all personal data processed by our company and to all personal 
data processed by companies commissioned by us (processors). With the term personal data, 
we refer to information within the meaning of Article 4 No. 1 GDPR, such as the name, email 
address and postal address of a person. The processing of personal data ensures that we can 
offer and invoice our services and products, be it online or offline. The scope of this privacy 
policy includes: 
all online presences (websites, online shops) that we operate 
Social media presences and email communication 
mobile apps for smartphones and other devices 
In short: This privacy policy applies to all areas in which personal data is processed in a 
structured manner by the company via the channels mentioned. Should we enter into legal 
relations with you outside of these channels, we will inform you separately if necessary. 
Legal bases 
In the following privacy policy, we provide you with transparent information on the legal 
principles and regulations, i.e. the legal bases of the General Data Protection Regulation, 
which enable us to process personal data.
Whenever EU law is concerned, we refer to REGULATION (EU) 2016/679 OF THE 
EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 27, 2016. You can of course 
access the General Data Protection Regulation of the EU online at EUR-Lex, the gateway to 
EU law, at 
We only process your data if at least one of the following conditions applies: 
1.Consent (Article 6 Paragraph 1 lit. a GDPR): You have given us your consent to 
process data for a specific purpose. An example would be the storage of data you 
entered into a contact form. 
2.Contract (Article 6 Paragraph 1 lit. b GDPR): We process your data in order to fulfill 
a contract or pre-contractual obligations with you. For example, if we conclude a sales 
contract with you, we need personal information in advance. 
3.Legal obligation (Article 6 Paragraph 1 lit. c GDPR): If we are subject to a legal 
obligation, we will process your data. For example, we are legally required to keep 
invoices for our bookkeeping. These usually contain personal data. 
4.Legitimate interests (Article 6 Paragraph 1 lit. f GDPR): In the case of legitimate 
interests that do not restrict your basic rights, we reserve the right to process personal 
data. For example, we have to process certain data in order to be able to operate our 
website securely and economically. Therefore, the processing is a legitimate interest. 
Other conditions such as making recordings in the interest of the public, the exercise of 
official authority as well as the protection of vital interests do not usually occur with us. 
Should such a legal basis be relevant, it will be disclosed in the appropriate place. 
In addition to the EU regulation, national laws also apply: 
In Austria this is the Austrian Data Protection Act (Datenschutzgesetz), in short 
Should other regional or national laws apply, we will inform you about them in the following 
Contact details of the data protection controller 
If you have any questions about data protection, you will find the contact details of the 
responsible person or controller below:
Cryptico GmbH
Schubewrtring 6, 1010 Wien
Authorised to represent: Ben Schönfeld, Swen Brüseke
Storage Period 
It is a general criterion for us to store personal data only for as long as is absolutely necessary 
for the provision of our services and products. This means that we delete personal data as 
soon as any reason for the data processing no longer exists. In some cases, we are legally 
obliged to keep certain data stored even after the original purpose no longer exists, such as for 
accounting purposes. 
If you want your data to be deleted or if you want to revoke your consent to data processing, 
the data will be deleted as soon as possible, provided there is no obligation to continue its 
We will inform you below about the specific duration of the respective data processing, 
provided we have further information. 
Rights in accordance with the General Data Protection 
You are granted the following rights in accordance with the provisions of the GDPR (General 
Data Protection Regulation) and the Austrian Data Protection Act (DSG): 
right to rectification (article 16 GDPR) 
right to erasure (“right to be forgotten“) (article 17 GDPR) 
right to restrict processing (article 18 GDPR) 
righ to notification – notification obligation regarding rectification or erasure of 
personal data or restriction of processing (article 19 GDPR) 
right to data portability (article 20 GDPR) 
Right to object (article 21 GDPR) 
right not to be subject to a decision based solely on automated processing – including 
profiling – (article 22 GDPR) 
If you think that the processing of your data violates the data protection law, or that your data 
protection rights have been infringed in any other way, you can lodge a complaint with your 
respective regulatory authority. For Austria this is the data protection authority, whose website 
you can access at 
Web hosting 
Web hosting Overview
👥 Affected parties: visitors to the website
🤝 Purpose: professional hosting of the website and security of operations
📓 Processed data: IP address, time of website visit, browser used and other data. You 
can find more details on this below or at the respective web hosting provider.
📅 Storage period: dependent on the respective provider, but usually 2 weeks
⚖️ Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interests) 
What is web hosting? 
Every time you visit a website nowadays, certain information – including personal data – is 
automatically created and stored, including on this website. This data should be processed as 
sparingly as possible, and only with good reason. By website, we mean the entirety of all 
websites on your domain, i.e. everything from the homepage to the very last subpage (like this 
one here). By domain we mean or 
When you want to view a website on a screen, you use a program called a web browser. You 
probably know the names of some web browsers: Google Chrome, Microsoft Edge, Mozilla 
Firefox, and Apple Safari. 
The web browser has to connect to another computer which stores the website’s code: the web 
server. Operating a web server is complicated and time-consuming, which is why this is 
usually done by professional providers. They offer web hosting and thus ensure the reliable 
and flawless storage of website data. 
Whenever the browser on your computer establishes a connection (desktop, laptop, 
smartphone) and whenever data is being transferred to and from the web server, personal data 
may be processed. After all, your computer stores data, and the web server also has to retain 
the data for a period of time in order to ensure it can operate properly. 
Why do we process personal data? 
The purposes of data processing are: 
1.Professional hosting of the website and operational security 
2.To maintain the operational as well as IT security 
3.Anonymous evaluation of access patterns to improve our offer, and if necessary, for 
prosecution or the pursuit of> 
Which data are processed? 
Even while you are visiting our website, our web server, that is the computer on which this 
website is saved, usually automatically saves data such as 
the full address (URL) of the accessed website (e. g. 
browser and browser version (e.g. Chrome 87) 
the operating system used (e.g. Windows 10) 

the address (URL) of the previously visited page (referrer URL) (e. g. 
the host name and the IP address of the device from the website is being accessed 
from (e.g. COMPUTERNAME and 
date and time 
in so-called web server log files 
How long is the data stored? 
Generally, the data mentioned above are stored for two weeks and are then automatically 
deleted. We do not pass these data on to others, but we cannot rule out the possibility that this 
data may be viewed by the authorities in the event of illegal conduct. 
In short: Your visit is logged by our provider (company that runs our website on special 
computers (servers)), but we do not pass on your data without your consent! 
Legal basis 
The lawfulness of processing personal data in the context of web hosting is justified in Art. 6 
para. 1 lit. f GDPR (safeguarding of legitimate interests), as the use of professional hosting 
with a provider is necessary to present the company in a safe and user-friendly manner on the 
internet, as well as to have the ability to track any attacks and claims, if necessary.