Our website address is: https://cosmosfactory.at

Conformity with GDPR

The use of cookies, the processing of personal data and the transmission of such data to third parties by this website conform to the General Data Protection Regulation (GDPR) and require no consent. For details please see the following sections.
There are no contents or functions which allow third parties to track the surfing behaviour of visitors of this website except for the security plugin Wordfence, see section Transmission of personal data to third parties.

Gathering and processing of personal data

Comments

At cosmosfactory.at, commments to published content are not allowed, thus no cookies are set and no personal data are generated in connection with comments (such as name, email, text of comment, website, user agent string, IP address).

WP Statistics

We use the WordPress Statistics Plugin WP Statistics. The data gathered and stored by this plugin with every visit of this website include browser type, date and time of visit, which are not “personal data” in the sense of the GDPR. IP addresses are gathered, but are “pseudonymized” and “hashed” before they are stored. With pseudonymization, the last three digits of IP addresses are eliminated so that no connection to a specific person can be established. These pseudonymized IP addresses are then “hashed”, i.e. they are transformed by an algorithm into a string of characters based on which the original IP addresses can no longer be reconstructed. Only these character strings are stored in the database.

The stored data are used to optimize the website and for counting of visitors and downloads. No personal data are thereby processed.

Cookies

All cookies set by this website are technically required for the operation and the security of the website. Visitors may block even these cookies by changing their browser settings, but then the website may cease to function as intended.

Technical, Session and Login Cookies

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select "Remember Me", your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply refers to the post ID of the article you just edited. It expires after 1 day.

Wordfence, Cookies. This website uses the security plugin Wordfence by Defiant Inc. (800 5th Ave., Suite 4100, Seattle, WA 98104, USA) to protect the website and its visitors from hackers. When a registered user logs in, Wordfence sets a cookie (“wfwaf-authcookie”) which enables the Wordfence Firewall to identify logged-in visitors and to allow them extended access. It also enables Wordfence to identify not logged-in visitors and to restrict their access accordingly. This cookie expires after one day. For the Privacy Policy of Wordfence see section Wordfence, gathering and transmission of personal data.

Newsletter

Currently, we don’t send newsletters, thus no related personal data are gathered or stored.

Polylang

We use the WordPress Plugin Polylang to make cosmosfactory.at bilingual. Polylang uses temporary cookies to register the language version chosen which are deleted when users close their browser. Apart from that, Polylang uses cookies only in connection with an optional function allowing to identify the preferred language of a user’s browser and directing him/her automatically to the corresponding language version of the website. At cosmosfactory.at, this function has not been activated.

Starting with version 4.9.6, WordPress allows to export personal data. This includes biographical information. Polylang allows users to translate their biographical information and these translations are added to the exportable data. Their export can be requested under the General Data Protection Regulation (GDPR), see section What rights you have over your data.

Transmission of personal data to third parties

Google fonts

We only use locally installed Google Fonts, i.e. the fonts are stored in a local directory and are retrieved from there. Thus no corresponding user data are transmitted to Google. In addition, we use the WordPress plugin Disable and Remove Google Fonts to prevent any loading of Google Fonts from Google-related servers.

Social Media Buttons

At cosmosfactory.at, we currently don’t use social media buttons for sharing content on social media and other platforms. Should such buttons be integrated in future, we would use those provided by the WordPress plugin Shariff Wrapper. By design, the Shariff Wrapper plugin does not transmit any data to the social media platforms and other sharing services unless one of the sharing buttons is explicitly clicked. A previous transmission of user data to Facebok & Co is thus impeded, and users not logged in into the respective social media platform cannot be tracked. We would also disable Shariff Wrapper’s statistics feature, so that no personal data about sharing activity is stored.

More on that (in German] see Shariff: Social-Media-Buttons mit Datenschutz.

Embedded content from other websites

At cosmosfactory.at, we don’t embed content from other websites (e.g. videos, images, articles, etc.).

Information on embedded content. Embedding content from other websites is a potential nightmare in terms of privacy. Embedded content behaves in the exact same way as if the visitor had visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Wordfence

Wordfence, gathering and transmission of personal data

This website uses the security plugin Wordfence by Defiant Inc. (800 5th Ave., Suite 4100, Seattle, WA 98104, USA) to protext the website and its visitors from hackers. The use of Wordfence is based on Article 6 General Data Protection Regulation, paragraph 1 point (f) (“necessary for the purposes of the legitimate interests pursued by the controller or by a third party”). The operator of the website has a legitimate interest in protecting its website from cyber attacks as effectively as possible. For this purpose, data of visitors are gathered, including their IP addresses which are deemed to be personal data under the GDPR. The data gathered are stored for a maximum of 30 days.

If you are just browsing our website or following links published on other websites or in emails your IP address will not be sent to Wordfence.

Only in case you demonstrate malicious behaviour (e.g. a browsing pattern typical for hackers, trying to hack this website with manipulated URLs or trying to gain access to administration pages not intended to be accessed by the public) Wordfence transmits your IP address to its servers in the United States and adds the IP address to the Wordfence blacklist. The transfer of personal data from the European Union to the United States is based on the Standard Contractual Clauses laid down by the European Commission which are part of the agreement with Defiant/Wordfence, see https://www.wordfence.com/terms-of-service.

The privacy policy of Defiant Inc./Wordfence is available at https://www.wordfence.com/terms-of-use/ and at https://www.wordfence.com/privacy-policy/. For details in regard of the General Data Protection Regulation (GDPR) see https://www.wordfence.com/help/general-data-protection-regulation.

While such transmission of personal data to the United States is admissible under the GDPR, we try to reduce or prevent it as far as possible. For this purpose, the Wordfence function “Participate in the Real-Time Wordfence Security Network” was deactivated. For further information see Participate in the Real-Time Wordfence Security Network.

How long we retain your data

For users that register on our website, we store the personal information they provide in their user profile. This includes translations of their biographical information. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

Wordfence: The data gathered are stored for a maximum of 30 days.

What rights you have over your data

If you have an account on this site, you are entitled under the GDPR to request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

All related requests should be directed to:
Christ Pokieser OG, Sonnenfelsgasse 13/6, A-1010 Wien, Austria
E-Mail: office@cosmosfactory.at

In addition, registered users of this website have a right to file a complaint to the supervisory authority if they consider that their rights under the GDPR or under Article 1 and Articles 7-10 of the Austrian Data Protection Act (Datenschutzgesetz, DSG) are infringed. The supervisory authority in Austria is the Austrian Data Protection Authority.