Choose a different country or region to view content for your location and shop online.

Sign In
Language
International International
  • Search
  • 0
    Wishlist
  • Minicart

Privacy Policy

Version: 06.11.2025

When you use our services, you entrust us with your data. We understand that this is a great responsibility. Therefore, we do our utmost to protect your data and ensure that you retain control over it. To fully inform you about the use of personal data, please take note of the following privacy policy.

For all inquiries, explanations and questions regarding data usage, please contact us using the following contact details:

 

myProduct GmbH

Karl Kastner Street 1

3910 Zwettl

Office address: Industriestraße 2, 3300 Amstetten

Email: datenschutz@myproduct.at

 

  1. DATA COLLECTION, USE OF DATA, STORAGE PERIOD, CUSTOMER ACCOUNT

You can visit the website and online shop without registering. For technical reasons, in particular to ensure a functional and secure website, we process technically necessary data about visits to our website in so-called server log files, which your browser automatically transmits to us. 

When you visit our website, we process:

  • Date and time of the call,
  • the amount of data transferred,
  • the browser type and version,
  • the operating system you are using,
  • requested file (URL and name),
  • whether the request was successful,
  • Your IP address,
  • Website from which access was made (if this was via a link)

 

This data is not linked to any individual and is used solely for statistical analysis, the operation and improvement of our website, system security, and the optimization of our online services. This data is only transmitted to our website host. It is not combined or merged with other data sources. If there is suspicion of unlawful use of our website, we reserve the right to subsequently review this data. This data processing is based on our legitimate interest, pursuant to Article 6(1)(f) GDPR, in the technically flawless presentation and optimization of our website. 

Server logs are stored for a maximum of 3 months and then deleted, unless further retention is required for evidentiary purposes. Otherwise, the data is retained until the incident is fully resolved.

Using the myProduct shop network does not require user registration. If registration is chosen, it may only be done in one's own name and only by natural persons and legal entities. Registration is free and is completed by filling out the online registration form. The data requested during registration must be provided completely and accurately. The user is responsible for the completeness and accuracy of this information. myProduct collects the data you provide during registration. This includes the following personal data: name, address, contact details (email, telephone number, date of birth). To improve customer service, customer data in the B2B sector (name and email address) is occasionally shared with selected partners .

When using user data, myProduct complies with applicable data protection regulations. In particular, myProduct only collects, stores, and processes personal data if one of the following legal bases applies. 

  • Fulfillment of contractual or pre-contractual obligations (Art. 6 para. 1 lit. b GDPR): Your data will be processed for the initiation and execution of contracts with you and the processing of your orders. 
  • Fulfillment of a legal obligation (Art. 6 para. 1 lit. c GDPR): We are obliged to process certain data, in particular for civil law, administrative law and tax law reasons. 
  • Consent (Art. 6 para. 1 lit. a GDPR): If we have received your consent, we will only use your data to the extent of the consent given (e.g., for sending newsletters or passing on data to third parties). You can revoke your consent at any time with effect for the future. 
  • Safeguarding legitimate interests (Art. 6 para. 1 lit. f GDPR): myProduct's legitimate interests in processing your data include, in particular, marketing measures for customer acquisition, the improvement of the service offering or the protection against default risks.

The personal data that the user provides to myProduct when placing an order or contacting us via email (e.g., name, address, email address, telephone number) will only be processed for correspondence with the user and only for the purpose for which the user provided the data. Payment processing is handled directly through the respective portals of the credit or banking institutions – myProduct does not store any account-related data (account details such as account number, sort code, etc.) but only receives confirmation of payment receipt from the respective credit or banking institution. myProduct assures that personal data will not be disclosed to third parties unless myProduct is legally obligated to do so or the user has given prior consent. 

Personal data that has been shared with myProduct via its shop network will only be stored until the purpose for which it was entrusted to myProduct has been fulfilled. Where commercial and tax law retention periods must be observed, the storage period for certain data may be up to 7 years.

"Further information on the processing of personal data by Google can be found at https://business.safety.google/privacy/ ."

 

  1. NEWSLETTER

You can subscribe to our newsletter on the website. A valid email address is required for registration. To verify your email address, you will first receive a registration email which you must confirm via a link (double opt-in procedure). Upon your consent, we store your email address and the date of your consent. Without this information, we cannot send you our newsletter.   We have commissioned Campaign Monitor, 404/3-5 Stapleton Ave, Sutherland NSW 2232, Sydney, Australia, to send our newsletter and to measure its success (especially open rates and readership). 

When you register for our newsletter, the data you provide (name, email address) will be transferred to and stored by Campaign Monitor. Campaign Monitor is based in Australia, and the data is processed on servers/data centers in the USA. This data processing is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR and Art. 49 para. 1 sentence 1 lit. a GDPR, and for data transfers to third countries pursuant to Art. 49 para. 1 lit. a GDPR. For information on the risks associated with data transfers to third countries, please see section 14. 

You can unsubscribe from the newsletter by clicking the unsubscribe link at the bottom of each newsletter. If you unsubscribe, we will store the date of your unsubscription along with your email address.   Campaign Monitor has committed to complying with applicable data protection regulations. You can find more information at https://www.campaignmonitor.com/trust/gdpr-compliance .

"Further information on the processing of personal data by Google can be found at https://business.safety.google/privacy/ ."

 

  1. RECIPIENTS OF DATA

myProduct may share your personal data with the following categories of recipients:

  • Companies affiliated with myProduct within the KASTNER Group, external service providers that process data on our behalf or otherwise (e.g., IT service providers, parcel service providers, banks, payment service providers, tax advisors or legal advisors, etc.) or companies with which we cooperate;
  • competent authorities, public bodies, courts or other third parties, if this is necessary due to legal provisions, for the exercise, protection or defense of our legal rights or for the protection of your important interests or the important interests of another person;
  • any other natural or legal person, provided you have consented to the disclosure.

"Further information on the processing of personal data by Google can be found at https://business.safety.google/privacy/ ."

 

  1. USER RIGHTS

You have the right to receive information free of charge about the data we have stored about you. Unless there is a legal obligation to retain the data, you have the right to have this data deleted and to object to its processing. Furthermore, you have the right to rectification of the data, to restriction of processing, to data portability, and to lodge a complaint with a supervisory authority (in Austria: Data Protection Authority).

"Further information on the processing of personal data by Google can be found at https://business.safety.google/privacy/ ."

 

  1. PAYMENT SERVICE PROVIDERS

As part of the purchase transactions in our shop network, we offer efficient and secure payment options and use additional service providers besides banks and credit institutions (hereinafter referred to as "payment service providers").

The data processed by payment service providers includes inventory data (e.g., names, addresses); payment data (e.g., bank details, invoices, payment history); contract data (e.g., subject matter of the contract, term, customer category); usage data (e.g., websites visited, interest in content, access times); meta/communication data (e.g., device information, IP addresses); contact data (e.g., email, telephone numbers).

This information is required to process the transactions. The processing of this data therefore serves the purpose of fulfilling the contract and handling pre-contractual inquiries in accordance with Article 6(1)(b) GDPR.

The data you enter is processed and stored only by the payment service providers. myProduct does not receive any account or credit card information, but only confirmation or rejection of the payment. The payment service providers may transmit this data to credit reference agencies for identity and creditworthiness verification purposes. 

The terms and conditions and privacy policies of the respective payment service providers apply to payment transactions and can be accessed on their respective websites or transaction applications. We also refer you to these for further information and to exercise your rights of withdrawal, access, and other data subject rights.

The services of the following payment service providers can be used by the user:

 

"Further information on the processing of personal data by Google can be found at https://business.safety.google/privacy/ ."

 

  1. EMBEDDED CONTENT AND FEATURES

Our website integrates functional and content elements that are retrieved from the servers of the following providers. These may include, in particular, videos and maps (hereinafter referred to as "Content"). For this integration, it is necessary for the respective provider to process the users' IP addresses. Without this processing, the use and display of the Content is not possible. The use of the following Content is in the interest of presenting our online services in an appealing manner and constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. As part of this service, data is transferred to the USA, or such a transfer cannot be ruled out. We would like to point out that, according to the European Court of Justice, there is currently no adequate level of data protection when data is transferred to the USA, and therefore various risks exist (such as, among others, possible access by US intelligence agencies). Further information on data transfers to third countries can be found in section 14.

YOUTUBE (OPT IN)

We have embedded YouTube videos on our website. These videos are stored on www.youtube.com and can be played directly from our website. To enhance the protection of your data when visiting our website, the videos are embedded using a so-called 2-click solution. This means that no data about you as a user is transmitted to YouTube unless you play the videos. Only when you play the videos and thereby consent to the data transfer will YouTube cookies be stored on your device and data (IP address) be transmitted to Google LLC, Google Ireland Limited, Gordon House, Barrow Street, Dublin 4. Further information on the protection of your data at Google LLC can be found at https://www.google.com/policies/privacy/. If you are logged into your YouTube account, you allow YouTube to directly associate your browsing behavior with your personal profile. You can prevent this by logging out of your YouTube account. The use of YouTube is based on your consent, which you may have given for data processing in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR in the cookie banner. The basis for the transfer to third countries is the EU-US Data Privacy Framework (DPF). 

GOOGLE MAPS (OPT IN)

This website uses the Google Maps service to display map information. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Maps is an online map service that displays geographical information on the user's device. In particular, it allows directions and map sections to be integrated into the website.

When using Google Maps, Google also collects, processes, and uses data about how users of the website use the map functions. As part of using this service, data is transferred to the USA, or such a transfer cannot be ruled out. 

Further information about data processing by Google can be found in Google's privacy policy at https://www.google.at/intl/de/policies/privacy/. There, in the Privacy Center, you can also change your settings to manage and protect your data.  The use of Google Maps is based on your consent, which you may have given for data processing in accordance with Art. 6 Para. 1 Sentence 1 lit. a GDPR in the cookie banner. The EU-US Data Privacy Framework (DPF) forms the basis for the transfer of data to third countries.

"Further information on the processing of personal data by Google can be found at https://business.safety.google/privacy/ ."

 

  1. SOCIAL MEDIA PRESENCE

We maintain an online presence on social networks to provide further information about our company and to interact with users. When visiting or interacting with these social media platforms, user data may be processed. 

The processing of user data may take place outside the European Union or EEA. This may pose risks for users, for example, it could make it more difficult to enforce their rights.

Furthermore, user data within social networks is generally processed for market research and advertising purposes. For example, user profiles can be created based on usage patterns and the resulting user interests. These user profiles can then be used to display advertisements both within and outside the networks that are presumably tailored to the users' interests. For these purposes, cookies are typically stored on users' computers, recording their usage patterns and interests. Additionally, user profiles can also store data independent of the devices used by the users (especially if the users are members of the respective platforms and are logged in).

For a detailed description of the respective processing methods and the options for objecting (opt-out), we refer to the privacy policies and information provided by the operators of the respective networks.

Regarding requests for information and the assertion of data subject rights, we would like to point out that these can be most effectively addressed directly with the service providers. Only the providers have access to user data and can take appropriate action and provide information directly. 

myProduct uses the following social media platforms for its online presence. Please note that you use the respective social networks and their functions at your own risk. We have no control over the data collection and further processing.

 

  • Facebook: Service provider : Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland 

Further information on how your personal data is handled   can be found in the privacy policy at:  Meta Privacy Policy – ​​How Meta collects and uses user data | Privacy Center | Manage your privacy on Facebook, Instagram and Messenger | Facebook Privacy

  • Instagram: Service provider : Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland 

For more information on how we handle personal data, please see: Meta Privacy Policy – ​​How Meta collects and uses user data | Privacy Center | Manage your privacy on Facebook, Instagram and Messenger | Facebook Privacy

  • LinkedIn: Service provider : LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland 

Further information on how we handle personal data can be found at: https://de.linkedin.com/legal/privacy-policy

"Further information on the processing of personal data by Google can be found at https://business.safety.google/privacy/ ."

 

  1. USE OF COOKIES

Cookies, other tracking technologies, and functions of the web analytics service Google Analytics (more information can be found in the section below) may be used on our website in various ways. This website uses so-called cookies, which are stored on your computer. Cookies are small text files that a website can store locally in your internet browser's memory on the computer you are using. Cookies enable, in particular, the recognition of your internet browser. The cookies used on our website do not collect any personal data about you or your usage. 

The use of cookies depends on the consent given by users in the cookie banner. Further information about the specific cookies used, their purposes, and their lifespan can be found in our cookie banner. If data processing is based on your consent, you can revoke this consent at any time with effect for the future (so-called "opt-out"). You can revoke and/or change your consent to cookies. You can delete cookies that have already been set at any time by accessing the relevant menu item in your internet browser or by deleting the cookies from your hard drive.   Details on how to do this can be found in your internet browser's help menu. 

Change cookie settings

"Further information on the processing of personal data by Google can be found at https://business.safety.google/privacy/ ."

 

  1. WEB ANALYSIS WITH GOOGLE ANALYTICS

When you visit our website, your browsing behavior may be statistically analyzed. This is done primarily using cookies and so-called analytics programs. This website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics uses "cookies," which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website will generally be transmitted to and stored by Google on servers in the United States. However, if IP anonymization is activated on this website, your IP address will be shortened by Google beforehand within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity, and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. 

The use of Google Analytics is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR, which you may have given when selecting cookies. You can also withdraw your consent at any time for the future via the cookie banner. This service involves the transfer of data to the USA, or such a transfer cannot be ruled out. The legal basis for this transfer to a third country is the EU-US Data Privacy Framework (DFP). Further information on data transfers to third countries can be found in section 16. You can also prevent the storage of cookies by adjusting your browser settings accordingly.

If you do not consent to or revoke your consent to the use of Google Analytics, please note that in this case you may not be able to fully utilize all the functions of this website. Furthermore, you can prevent Google from collecting and processing data generated by the cookie and related to your use of the website (including your IP address) by downloading and installing the browser plugin available at the following link:  http://tools.google.com/dlpage/gaoptout?hl=de

GOOGLE ANALYTICS REPORTS ON DEMOGRAPHIC CHARACTERISTICS AND INTERESTS

This website uses Google Analytics demographic reports, which utilize data from Google's interest-based advertising as well as visitor data from third-party providers (e.g., interests, age, gender). This data is anonymous and cannot be traced back to any specific individual; it can also be deactivated in the ad settings.

"Further information on the processing of personal data by Google can be found at https://business.safety.google/privacy/ ."

 

  1. GOOGLE TAG MANAGER

Our website uses the Google Tag Manager service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

The Tag Manager is a service that allows us to manage website tags via a single interface. This enables us to integrate code snippets, such as tracking codes or conversion pixels, into websites without modifying the source code. The Tag Manager only forwards the data; it neither collects nor stores it. The Tag Manager itself is a cookie-less domain and does not process any personal data, as it serves solely to manage other services within our online offering. This constitutes a legitimate interest based on Article 6(1)(f) of the GDPR. The Tag Manager ensures the resolution of other tags, which may in turn collect data. However, the Tag Manager does not access this data. If deactivation has been performed at the domain or cookie level, it remains in effect for all tracking tags implemented via the Tag Manager.

This service involves the transfer of data to the USA, or such a transfer cannot be ruled out.   Further information on data transfers to third countries can be found in section 16. The legal basis for the data transfer is the EU-US Data Privacy Framework (DFP).

When Google Tag Manager starts, your browser establishes a connection to Google's servers.   These are primarily located in the USA. This allows Google to know that our website was accessed via your IP address. You can find out more about the exact locations of Google's data centers here: https://www.google.com/about/datacenters/inside/locations/

To prevent this service, you can install a JavaScript blocker. However, this may cause the website to no longer function as expected.

Further information on data protection can be found on the following Google websites:

Privacy policy: https://policies.google.com/privacy

FAQ Google Tag Manager: https://www.google.com/intl/de/tagmanager/faq.html

Google Tag Manager Terms of Service: https://marketingplatform.google.com/intl/de/about/analytics/tag-manager/use-policy/

Google Ads Data Processing Terms including standard contractual clauses for third-country transfers: https://business.safety.google/adsprocessorterms/

"Further information on the processing of personal data by Google can be found at https://business.safety.google/privacy/ ."

 

  1. FACEBOOK PIXELS, CUSTOM AUDIENCES AND FACEBOOK CONVERSION 

Within our online service, we use the "Facebook Pixel" of the social network Facebook, which is operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (hereinafter "Facebook"). 

With the help of the Facebook pixel, Facebook can identify visitors to our website as a target audience for displaying advertisements (so-called "Facebook Ads"). Accordingly, we use the Facebook pixel to ensure that the Facebook Ads we place are only shown to Facebook users who have demonstrated an interest in our website or who exhibit certain characteristics (e.g., interests in specific topics or products, determined based on the websites they visit) that we transmit to Facebook (so-called "Custom Audiences"). We also use the Facebook pixel to ensure that our Facebook Ads correspond to the potential interests of users and are not perceived as intrusive. Furthermore, the Facebook pixel allows us to track the effectiveness of Facebook ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Facebook ad (so-called "conversion").

Facebook processes data in accordance with Meta's Data Policy. General information on how Facebook ads are displayed can be found in Meta's Data Policy at:  Meta Privacy Policy – ​​How Meta collects and uses user data | Privacy Center | Manage your privacy on Facebook, Instagram, and Messenger | Facebook Privacy

The use of Facebook Pixel and the storage of conversion cookies are based on your consent pursuant to Art. 6 para. 1 lit. a GDPR. The legal basis for data transfer is the EU-US Data Privacy Framework. You can grant your consent via the cookie banner and revoke it at any time. This service involves data transfer to the USA, or such a transfer cannot be ruled out. Further information on data transfers to third countries can be found in section 16.

Furthermore, you can object to the collection of data by Facebook Pixel and the use of your data for displaying Facebook ads. To adjust which types of ads are displayed to you on Facebook, you can visit the page provided by Facebook and follow the instructions for managing your ad preferences:  https://www.facebook.com/settings?tab=ads . These settings are platform-independent, meaning they apply to all devices, such as desktop computers and mobile devices.

"Further information on the processing of personal data by Google can be found at https://business.safety.google/privacy/ ."

 

  1. MICROSOFT ADS

We use the Microsoft Advertising service on our website, provided by Microsoft Ireland Operations Limited (Ireland/EU) (formerly Bing Ads). Microsoft Advertising is an online marketing service that uses Universal Event Tracking (UET) to help us target advertisements via the Microsoft Bing search engine. Microsoft Advertising uses cookies for this purpose. This involves processing personal data in the form of online identifiers (including cookie IDs), IP addresses, device identifiers, and information about device and browser settings.

 

Microsoft Advertising is used to optimize ad delivery. Further information about these processing activities, the technologies used, the data stored, and the storage period can be found in the settings of our consent management tool. Processing only takes place with your consent in accordance with Article 6(1)(a) GDPR. You can withdraw your consent via our consent management tool.

When using Microsoft services, the transfer of data to Microsoft Corp. in the USA cannot be ruled out. Please refer to the information in the section "Data Transfer to Third Countries." Further information on data protection at Microsoft can be found in Microsoft's privacy statement at https://privacy.microsoft.com/de-de/privacystatement .

"Further information on the processing of personal data by Google can be found at https://business.safety.google/privacy/ ."

 

  1. RETARGETING/REMARKETING

This website uses retargeting services from the following provider: Google Ads Remarketing, a retargeting service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ( Google AdWords Privacy Policy ). Retargeting technology allows us to target visitors to our website with personalized, interest-based advertising who have already shown interest in our products. The display of advertisements is based on a cookie-based analysis of previous browsing behavior, but no personal data is stored. In the case of retargeting technology, a cookie is stored on your computer or mobile device to collect anonymized data about your interests and thus tailor the advertising to the stored information. These cookies are small text files that are stored on your computer or mobile device. This allows you to see advertisements that are highly likely to match your product and information interests. You can  permanently opt out of Google's use of cookies for ad preferences here .

"Further information on the processing of personal data by Google can be found at https://business.safety.google/privacy/ ."

 

  1. KLAVIYO

We use Klaviyo for our email marketing. The service provider is the American company Klaviyo, 125 Summer St, Boston, MA 02110, USA.

Klaviyo processes your data, among other things, in the USA. Klaviyo is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data of EU citizens to the USA. More information can be found at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en .

Furthermore, Klaviyo uses so-called Standard Contractual Clauses (pursuant to Article 46, paragraphs 2 and 3 of the GDPR). Standard Contractual Clauses (SCCs) are model clauses provided by the European Commission and are designed to ensure that your data complies with European data protection standards even when it is transferred to and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the Standard Contractual Clauses, Klaviyo commits to maintaining the European level of data protection when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the European Commission. You can find the decision and the corresponding Standard Contractual Clauses here, among other places: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de .

We use Klaviyo to analyze our newsletter campaigns. When you open an email sent via Klaviyo, a file embedded in the email (a so-called web beacon) connects to Klaviyo's servers. This allows us to determine whether a newsletter message has been opened and which links, if any, have been clicked. Technical information is also collected (e.g., time of access, IP address, browser type, and operating system). This information is not linked to individual newsletter recipients. The analysis of this information helps us understand our users' reading habits and tailor our content to you, or send different content based on your interests.

Further information on data protection can be found here:
klaviyo

 

  1. SHOP REVIEWS 

eKomi

We use the independent review portal eKomi, operated by eKomi Ltd., Markgrafenstr. 11, 10969 Berlin, Germany. We are committed to continuously improving ourselves and our service, which is why we have chosen to use this solution. Consequently, we are unable to individually control or influence review invitations. Ten days after your order is shipped, you will receive a unique review link generated specifically for your order. Clicking this link will take you to a review page where you can rate our products and services. The data you provide to eKomi for this purpose will be used by eKomi itself or shared with third parties to fulfill the contract. Submitting a review is entirely voluntary. By submitting a review/providing feedback, you agree to eKomi's current communication guidelines. 

"Further information on the processing of personal data by Google can be found at https://business.safety.google/privacy/ ."

 

  1. USE OF AI

Chatbot Chatbase

We offer a chatbot function as a means of communication. On our website, we use a chatbot from the provider Chatbase.co Inc. , located at 4700 Keele Street, 215 Bergeron Centre of Engineering Excellence, Toronto, ON, Canada, M3J 1P3 (hereinafter referred to as Chatbase), to provide you with better service. A chatbot is software that answers user questions. The conversations you have with our chatbot are not stored for any purpose other than providing the necessary answers to your inquiry. When you interact with the chatbot on our website, the following data is collected from you:

  • Interaction data: Information about your chat conversations.
  • Device information: Details about your device and browser to ensure functionality.
  • Usage data: Data for optimizing chatbot performance and preventing abuse.

 

Please note that when interacting with the chat function, only the personal data that you disclose during your input will be processed.

This data is stored by chatbase.co in the USA. You can find chatbase's privacy policy here:  https://www.chatbase.co/privacy

The legal basis for data processing is your consent (Art. 6 para. 1 lit. a GDPR), which you can change at any time in the cookie banner ( https://myproduct.at/datenschutz ). Chatbase's processes and services comply with the requirements of the General Data Protection Regulation (GDPR).

 

  1. DATA TRANSFER TO THIRD COUNTRIES

As explained in this privacy policy, we use services whose providers are located outside the European Union (EU) or the European Economic Area (EEA), i.e., countries whose data protection standards do not correspond to those of the European Union. Where this is the case and the European Commission has not issued an adequacy decision (Art. 45 GDPR) for these countries, we base the data transfer on exceptions under Art. 49 GDPR in conjunction with your explicit consent, the necessity of the transfer for the performance of a contract, or our legitimate interest. If a transfer to a third country is planned and no adequacy decision or suitable safeguards are in place, it is possible and there is a risk that authorities (e.g., intelligence services) in the respective third country may gain access to the transferred data in order to collect and analyze it, and that the enforceability of your data subject rights cannot be guaranteed. You will also be informed of this when we obtain your consent via the cookie banner. Legally compliant data transfers to the USA: The EU-US Data Privacy Framework provides a new adequacy decision for data transfers from the EU to the USA. Under this new adequacy decision, US companies can be certified and included on a list maintained by the US Federal Trade Commission (FTC) for companies that voluntarily adhere to the principles of the GDPR. This ensures an adequate level of data protection. If data is transferred to a US service provider that is not certified under the adequacy decision, standard contractual clauses can be used: The standard contractual clauses adopted by the European Commission in 2010 (2010/87/EU of 5 February 2010), Art. 46 para. 2 c GDPR, remain valid; however, a level of protection for personal data equivalent to that in the European Union must be ensured. Therefore, not only are the contractual relationships with our service providers relevant, but also the possibility of access to data by authorities in the USA and the legal system there (legislation and jurisprudence, administrative practices of authorities). Where possible, your consent will be requested before the use of a US tool, and you will be informed transparently in advance about how the service works. We strive to conclude standard contractual clauses with providers from third countries, especially with US service providers, in accordance with Regulation (EU) 2016/679.

"Further information on the processing of personal data by Google can be found at https://business.safety.google/privacy/ ."

 

  1. MISCELLANEOUS

myProduct occasionally links to third-party websites within its online shop network. Although myProduct carefully selects these third parties, myProduct cannot guarantee or assume liability for the accuracy or completeness of the content or the data security of third-party websites. This privacy policy also does not apply to linked third-party websites. Use of the myProduct online shop network involves the use of cookies. This requires that the user has enabled cookies in their browser settings; otherwise, display errors may occur on the respective online portal. This privacy policy will be updated whenever myProduct introduces new products or services, changes its internet procedures, or when internet and IT security technology evolves. myProduct therefore reserves the right to amend or supplement this policy as needed. MyProduct will publish any changes here. Users should therefore check this website regularly to stay informed about the current version of the privacy policy.

"Further information on the processing of personal data by Google can be found at https://business.safety.google/privacy/ ."