Privacy Policy

Last updated: January 19, 2026

1. Data Controller

The data controller responsible for processing your personal data on this website is:

CogniShift GmbH
Veronikagasse 38/15
1170 Vienna, Austria
Email: office@cognishift.at

2. Data We Collect

When you visit our website, we collect the following types of information:

  • Server Logs: Your IP address, browser type, referring page, and access time (stored for 14 days)
  • Contact Inquiries: When you contact us via email, we store your email address and message content

3. Purpose of Processing

We process your personal data for the following purposes:

  • To provide and maintain our website
  • To respond to your inquiries
  • To ensure the security of our website

4. Legal Basis (GDPR Art. 6)

The legal basis for processing your data is:

  • Legitimate Interest (Art. 6(1)(f)): For website operation and security
  • Contract Performance (Art. 6(1)(b)): For handling business inquiries
  • Consent (Art. 6(1)(a)): Where explicitly provided

5. Data Retention

We retain your personal data only as long as necessary for the purposes stated above or as required by law. Server logs are automatically deleted after 14 days. Business correspondence is retained for 7 years as required by Austrian tax law.

6. Your Rights

Under GDPR, you have the following rights:

  • Right of Access (Art. 15): Request information about your stored data
  • Right to Rectification (Art. 16): Request correction of inaccurate data
  • Right to Erasure (Art. 17): Request deletion of your data
  • Right to Restriction (Art. 18): Request restriction of processing
  • Right to Data Portability (Art. 20): Receive your data in a portable format
  • Right to Object (Art. 21): Object to processing based on legitimate interest

To exercise these rights, contact us at office@cognishift.at.

7. Third-Party Services & Infrastructure

To provide our services, we use selected third-party providers who process data on our behalf:

  • Hosting: Our website is hosted on Vercel (Vercel Inc.). Vercel processes server log data to ensure the performance and security of the site.
  • Domains & DNS: Our domains are managed through Hetzner (Hetzner Online GmbH).

These providers are used to reliably and securely provide our online offering (GDPR Art. 6(1)(f)). This website does not use cookies or external tracking/analytics tools. All fonts and assets are self-hosted to protect your privacy.

8. Data Security

We use industry-standard security measures including SSL/TLS encryption to protect your data during transmission.

9. Supervisory Authority

If you believe your data protection rights have been violated, you have the right to lodge a complaint with:

Österreichische Datenschutzbehörde
Barichgasse 40-42
1030 Vienna, Austria
www.dsb.gv.at

← Back to Home