Controller: Leu Advisory Services GmbH, Mag. Rainer Leu
Julius-Raab-Platz 4, 1010 Vienna, Austria
Email: office@leu-advisory.at
No data protection officer is required under Art. 37 GDPR.
1) Scope
This policy explains how we process personal data when you visit leu-advisory.com, contact us, or subscribe to our newsletter. For cookies and similar technologies, please see our Cookie Policy.
2) Purposes, data and legal bases
Website delivery & security (server logs)
When you access our website, our hosting provider automatically processes log data (IP address, date/time, URL, referrer, browser/OS).
Legal basis: Art. 6(1)(f) GDPR (our legitimate interest in operating a secure, technically functioning website). Logs are kept only as long as needed for security/diagnostics.
Contacting us (contact form or email)
If you contact us, we process the data you provide (e.g., name, email, message) to handle your request and any follow-ups.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in responding to enquiries). If your enquiry is aimed at concluding a contract, Art. 6(1)(b) GDPR.
Newsletter
If you subscribe, we process your email address and, if provided, your first/last name to send updates. We use double opt-in and you can unsubscribe at any time via the link in each email.
Legal basis: Art. 6(1)(a) GDPR (your consent). You can withdraw consent at any time with effect for the future.
Cookies & consent
We use cookies and similar technologies as described in our Cookie Policy. Where required, technologies are only activated after your consent via the banner.
Legal basis: Art. 6(1)(a) GDPR (consent) or Art. 6(1)(f) GDPR (strictly necessary/legitimate interest), as detailed in the Cookie Policy.
3) Recipients and processors
We work with service providers (processors) who support hosting, newsletter delivery and similar services. They process data strictly under our instructions.
Hosting: [Your hosting provider] (processor).
Newsletter delivery: Mailchimp (Intuit Inc.). We have a data-processing agreement in place.
4) International data transfers
Where service providers are located outside the EU/EEA (e.g., Mailchimp, USA), appropriate safeguards apply, such as the EU-U.S. Data Privacy Framework (DPF) certification and/or Standard Contractual Clauses (SCCs), together with supplementary measures where necessary.
5) Web services we may integrate
Google Maps
If you interact with embedded maps, Google LLC may receive usage data (see Google’s privacy policy). The map loads only after consent via the cookie banner or on user interaction, as configured.
Legal basis: consent (Art. 6(1)(a) GDPR).
Web fonts (Google Fonts)
To ensure consistent typography we primarily serve fonts locally. If, in exceptional cases, fonts are retrieved from Google servers, Google receives technical data (see Google’s privacy policy).
Legal basis: our legitimate interest in a consistent website (Art. 6(1)(f) GDPR) or consent where configured.
Note: We do not operate an online shop and do not process online payments on this website.
6) Retention
We store personal data only as long as necessary for the respective purpose or as required by law (e.g., statutory retention obligations). Enquiry data are deleted when the conversation is finished unless further retention is required; newsletter data are stored until you unsubscribe.
7) Your rights
You have the rights of access, rectification, erasure, restriction, objection, and data portability (Art. 15–20 GDPR), and the right to withdraw consent at any time (Art. 7(3) GDPR). You also have the right to lodge a complaint with the supervisory authority.
Austrian Data Protection Authority
Wickenburggasse 8, 1080 Vienna, Austria
Email: dsb@dsb.gv.at • Phone: +43 1 521 52-25 69
For requests, please contact office@leu-advisory.at.
