Data Protection – Riding Dinner OG
V1.1 November 2020

Data Protection Preamble

We are pleased that you want to inform yourself about the data protection of our website.

We are the Riding Dinner OG and our websites and its data protection embodiment shall be considered as client-oriented, understandable quality characteristic.

We inform you which of your personal data are being processed in our systems and in the systems of our service providers. Personal data are the information that can be assigned to a person, either directly or indirectly.

1. Web Site Request

By calling up our website, several data will be exchanged by your terminal device and our server.

The information which are transferred to the server of this website are the following:

  • IP address of the requesting device

  • date and time of call, time zone difference to Greenwich Mean Time (GMT)

  • name and URL of the called data file

  • web site/application from which the access is made (referrer URL)

  • content of the request

  • status of the access/http status code

  • respective transferred data volume

  • website from which the request is coming

  • used browser

  • operating system and its surface

  • language and version of the browser software

These so-called log files are stored for the following purposes:

  • guarantee of a smooth connecting

  • guarantee of a comfortable use of our website/application

  • evaluation of system security and stability

This legitimate interest is legal basis for the processing according to article 6, paragraph 1 lit f GDPR.

Data transfer and storage time
Data transfers to security authorities and courts in charge only take place following an unlawful action. The data will then be stored in terms of §§ 1293 ff ABGB up to three years.

The server is provided by a service provider which has been obliged contractually according to article 28 GDPR.

2. Online orders

Purpose of data processing, legal basis
We are processing your data on the legal basis of the performance of contract in terms of article 6 paragraph 1 lit b GDPR to fulfil the following purposes:

  • delivery and conducting of your booked order

  • conducting of requests for the interruption of delivery

  • delivery of the confirmation of order via mail or via e-mail

  • drawing up and delivery of invoices and assertion of open invoices (dunning)

For the conclusion of the contract, the data necessary for the fulfillment of the contract are being stored: name, invoice address, delivery address, product/booking, delivery data, contact data, correspondence, payment information (credit card number, account information etc.)

For the booking of our services, you’re being linked to FAREHABOR, that’s a provider from the USA which also has headquarters in the EU.

If you have any doubts because of this booking modality, you can also fulfill your booking under contact@ridingdinner.com / Tel.: +43 660 70 60 502 oder contact@365days.at / Tel. +43 660 365 365 1 Ihre Buchung vervollständigen.

Appendix for payment information
You can pay your invoice with different systems, the legal basis for the usage of these data is art 6 paragraph 1 lit b GDPR.

Your payment information is being transferred in the order process coded via the internet. Due to a special integration in the order process, we don’t have any inspect to your payment information at any time. Because of this, we’re also not the processors of these data. They are only being processed by these payment service providers:

STRIPE
Stripe Payments Europe, Ltd
1 Grand Canal Street Lower,
Grand Canal Dock,
Dublin
Irland
Privacy Policy und GTC

If you don’t wish payment via STRIPE, you can pay via invoice, credit card or transfer, please contact contact@ridingdinner.com or contact@365days.at for these matters.

Data transfer and storage time
The legal basis of the data transfers to the payment provider you chose (for the purpose of the debit of the purchase price) is regulated in § 96 Abs 3 TKG in combination with art 6 paragraph 1 lit a and b GDPR. The legal bases for the transfer to the dispatch company commissioned by us (for the purpose of the delivery of goods) and our tax consultant (for the fulfillment of our duties related to tax law) are regulated in in § 96 Abs 3 TKG in combination with art 6 paragraph 1 lit b and f GDPR.

If you stop the purchase processing, your indicated data will be deleted.

In case of contract conclusion, any data from the contractual relationship will be stored until the expiry of the tax retention obligation (seven years).

The data name, address, purchased goods and purchase date will be, in addition, stored until the expiry of the product liability (ten years).

3. Newsletter Delivery

Purpose of data transfer/legal bases:
The contents of the newsletter comprise acts as well as goods and services of the Riding Dinner OG.

To be able to receive our newsletter, you need a valid e-mail-address. The e-mail-address you entered will be checked by us (double opt-in) to the effect whether you are the owner of the indicated e-mail-address or rather the owner has authorized the receipt of the newsletter. With your registration to our newsletter we will store your IP address and the date as well as the time of your registration. This serves our protection, if a third party misuses your e-mail address and subscribes your newsletter without your knowledge. Only when you click on our confirmation link, your e-mail address will be included in our mailing list.

With your agreement, we collect your usage patterns on the web presences operated by us and the newsletters sent by us.

For this purpose, we use https://mailchimp.com.

The legal basis for this is the existence of an appropriate consent according to art. 6 paragraph 1 lit a GDPR.

Consent
Consent Newsletter
Referring to the usage of your personal data for the receipt of our newsletter, you will be asked for an agreement at the given location as follows: I agree with the receipt of the newsletter which includes information about the offer of Riding Dinner OG. Further information about the newsletter dispatch can be found in our privacy policy.

Addressees/Categories of addressees
The Rocket Science Group, LLC is as external processor indentured to carrying out the newsletter dispatch (Mailchip) according to article 28 GDPR.

Newsletter-Tracking
Our newsletters include so-called web bugs, with which we can detect whether and when an e-mail has been opened and which links have been followed in the e-mail by the personalized addressee. These data are being stored by us so we can optimally adapt our newsletters to the wishes and interests of our subscribers. With the revocation of the agreement for the receipt of our newsletter, the agreement to the tracking will also be revoked.

Storage time/Criteria for determining the storage duration
The storage time is three years if you’re not our client, otherwise until the revocation of your agreement.

Withdrawal/Revocation
You can cancel or revoke the subscription of our newsletter free of charge and anytime for future newsletters. Details for the cancellation can be found in the newsletters.

If you file an objection, the concerning contact address will be blocked for any further data processing for advertising purposes.

Due to technical specifications and the necessary lead time of advertisements, it can occur that you receive advertising material although you have filed an objection. This doesn’t mean that we don’t realize your objection but that the advertisement was processed at the same time. We thank you for your understanding.

4. Security measurements

In terms of art. 32 GDPR we take technical and organizational measures to protect the rights and liberties of persons.

5. Your rights

You can contact us anytime free of charge via e-mail to contact@ridingdinner.com or contact@365days.atcontact@365days.at or by post because of the data protection regulations. This concerns questions about the gathering, processing or usage of your personal data and the legal claims like information, correction, blocking, deletion, transfer or a revocation of a consent.

If there are changes of your personal data, e.g. name change, change of the company headquarters etc., we ask for a notification in this connection.

We will react to all appropriate inquiries in accordance with the law free of change and immediately. We inform you that a legal duty to preserve can stand in the way of a deletion or a revocation.

If you think that the processing of data contravenes the data protection law or your data protection claims have been violated in any other means, you can complain at the regulatory authority. In Austria, the data protection authority is in charge.