Privacy Policy

Privacy Statement – APA-Group 

May 2018 

The following privacy statement is for the APA-Group and applies to all APA-Group websites.  

Participating Companies Role Note
APA – Austria Presse Agentur eG Laimgrubengasse 10, 1060 Vienna phone: +43 1 36060-0, e-mail:, Commercial Register No.: 93359v Commercial Register Court: Commercial Court Vienna, VAT No.: ATU16310105,

Data controller as defined by Art. 24 of the GDPR



Responsible for the respective websites if specified as media owner in the legal notice/disclosure of APA eG.
APA-IT Informations Technologie GmbH, Laimgrubengasse 10, 1060 Vienna, phone: +43 1 36060-0, e-mail:, Commercial Register No.: 195806a, Commercial Register Court: Commercial Court Vienna, VAT No.: ATU53122400

Data controller as defined by Art. 24 of the GDPR


Data processor for the other companies of the APA-Group; responsible for website hosting as a technical service provider

Responsible for the respective websites if specified as media owner in the legal notice/disclosure of APA-IT.
APA-DeFacto Datenbank & Contentmanagement GmbH, Laimgrubengasse 10, 1060 Vienna
phone: +43 1 36060-5601, e-mail:, Commercial Register No.: 191528i, Commercial Register Court: Commercial Court Vienna, VAT No.: ATU53197008

Data controller as defined by Art. 24 of the GDPR


Responsible for the respective websites if specified as media owner in the legal notice/disclosure of APA-DeFacto.
APA-OTS Originaltext-Service GmbH, Laimgrubengasse 10,
1060 Vienna, phone: +43/1/360 60-5310, fax: +43/1/360 60-5399, e-mail:, Commercial Register No.: 200206x, Commercial Register Court: Commercial Court Vienna, VAT No.: ATU50159000

Data controller as defined by Art. 24 of the GDPR


Responsible for the respective websites if specified as media owner in the legal notice/disclosure of APA-DeFacto.

The data protection notices listed here serve to fulfil our information-related requirements concerning data protection. 

The APA-Group and its participating companies ensure compliance with the data protection provisions of the General Data Protection Regulation (GDPR) of 25 May 2018 and of other national regulations such as the Austrian Data Protection Act and Austrian Telecommunications Act. We process your data exclusively on the basis of these legal provisions. The data used in processing is appropriately protected on the basis of the usual technical standard. 

Notices on cookies 

We use a variety of cookies in order to make the visit to our websites attractive and to enable the use of certain functions. Cookies are small text files that are stored on your device. Session cookies are deleted when you close your browser; other cookies remain stored on your device and allow us to recognise your browser the next time you visit (persistent cookies). The following data is generally collected: browser data, location data and IP address. Persistent cookies are deleted after various lengths of time, depending on the cookie. 

If personal data is processed through individual cookies which we use, processing takes place in accordance with Article 6 (1) lit f of the GDPR in order to safeguard our legitimate interests in the best possible functionality of the websites or with your explicit consent, if this is necessary. 

The following cookies may be used

  • Technically necessary cookies
  • Functionality cookies
  • Marketing cookies  

All cookies can be accessed in the cookie preferences stated in our cookie banner on our homepage. 

Technically necessary cookies:

These cookies store registration information, for example, or enable a secure login. After completion of the respective browser session, these cookies are deleted. The use of these cookies does not require your legal consent, nor can they be disabled in the cookie preferences. You can only deactivate the use of these cookies directly via your browser settings. Thus visiting the websites is no longer guaranteed. 

Functionality cookies:

Functionality cookies improve the functionality of the websites accessed. For example, the video player remembers the volume you set and the subtitles or video quality selected. On your next visit to the website, your preset functions are automatically accessed. We refer you to these cookies – they are activated and can be deactivated by you at any time. On deactivation, the functionality of the websites is restricted; previous settings must be re-configured each time you visit. 

Marketing cookies:

To gain useful insight into how our websites are used, we use marketing cookies, i.e. web analytics tools. These count the number of visitors and provide us with information about general user behaviour, e.g. how long users usually stay on the respective website or how many subpages are accessed on average. We use such cookies on our websites exclusively for statistical purposes – at no time do we display advertisements. Such cookies are only used with your explicit consent. Refusing marketing cookies does not restrict your visit to the websites. 

If we have received the explicit consent from you, we use the following marketing cookies: 

Google Analytics – the following data is processed upon consent: IP address, origin (country, province/state/canton, city), language, operating system, device (PC, tablet, smartphone), browser, visitor source (e.g. search engine, website used, social networks) , surfing behaviour (e.g. pages visited, length of stay, click paths, bounce rates), page views, average length of stay, date of last session, device used, and time of day. All of the data stated here is provided to Google Inc. The purpose of the transfer is the analysis of user activities on our websites and the creation of a profile. The legal basis of the transfer is Privacy Shield. More information on Google Analytics can be found here:

Krux – the following data is processed upon consent: session date, timestamp, user ID, IP address, and browser. This cookie registers a unique, cross-device ID that identifies a returning user. This helps us to provide more relevant information using a variety of data points and to create a high-quality user experience. Following consent, third-party cookies are used that can only be consented to as a whole.

ÖWA – the following data is processed upon consent: timestamp, user ID, IP address (anonymized with the last 3 numbers), user agent information, hostname, referrer tracking pixel, extern link-referrer. The audience measurement helps to define the use intensity and the number of users on the website. We will never identify users; our websites are free of advertisement. Usage statistics can monthly be downloaded on

The legal basis for processing the data for these marketing cookies is your explicit consent in accordance with Article 6 (1) lit a of the GDPR. The purpose of web analytics is to analyse the behaviour of our users in order to optimise our websites for them. The data is deleted as soon as it is no longer required for achieving the purpose for which it was collected or if you revoke consent by deleting the cookie. 

On the respective websites, you are provided exact information on the requirements for consent via a cookie banner and further explanations in the cookie preferences. 

You can configure your browser in order to be informed about cookie use; this allows you to decide whether to accept or refuse them. Each browser differs in the way cookie settings are managed.
Here is the respective procedure per browser: 


Internet Explorer: 




Technically necessary data/log files
When visiting one of our websites, the following data is collected: data transmitted by your browser to our server (so-called "server logs"). When you visit our websites, we collect the following data, which is technically necessary to properly display the website:
• website visited
• date and time at the moment of access/server request
• amount of data sent in bytes
• source/reference from which you ended up on the website
• browser/browser version used
• operating system used
• IP address (= host name of the accessing computer) 

The data stored in log files is deleted at regular intervals, but no later than after six months. For this data there is no possibility for revocation, as it is essential for the operation of the websites. 

For us, this data is not assigned to specific persons, nor is it assigned as such in the case of an IP address (which theoretically can be assigned to a specific person in accordance with existing case law and is therefore classified as personal data). This data is not merged with other data sources. Processing to this effect takes place in accordance with Article 6 (1) lit f of the GDPR. There is no use in excess thereof. However, we reserve the right to retroactively check the server logs should concrete evidence indicate unlawful use. 

Notices on newsletters
If you have explicitly consented to the sending of a newsletter via an APA-Group website, you are entitled to the right of revocation at any time. As promised under the consent you have provided, your data is used exclusively for the specified purpose of sending information concerning products and services or sending invitations by e-mail. More information is specified during the active registration option for sending newsletters. 

You have the opportunity to subscribe to newsletters for mailings on products or services or to be informed about events via our websites. For this, we require your e-mail address and your name as well as your explicit consent.
Optionally, you can specify additional data, e.g. company, address, phone number. If you provide this data, we can also contact you by mail or telephone for the purposes indicated.

You can revoke permission to receive mailings. To do so, you can send an e-mail to a link in the respective mail at any time. We then remove you from our mailing list without delay and erase all of the data provided by you. Until your revocation, we are permitted to store the data you provide and use it for the stated purpose. For any existing contractual relationships, the statutory retention periods apply. If you are already a customer, we are permitted to contact you for the same or similar products or services until further notice. We refer you to your right of revocation in all e-mails. 

Our mailings can be sent via technical service providers. These service providers receive the relevant e-mail addresses from us. The data is stored exclusively in Austria. The service providers use the data exclusively for sending mailings on our behalf. Corresponding data processor agreements as defined by the GDPR have been concluded with these service providers, i.e. there is compliance with necessary organisational and technical measures. There is no transfer to third parties outside of the APA-Group, or if there is, it is exclusively on the basis of legal requirements for executing any independently existing contractual relationship or on the basis of your explicit consent. 

Notices on whitepapers
If you have decided to receive a whitepaper via our websites, the data necessary for this will be used solely for this purpose. Further activities are carried out only with your explicit consent. Additional information is provided as part of the active registration process for receiving whitepapers. 

Social media share bar/plug-ins
The APA-Group's websites do not use any social media shares, which generally results in the immediate tracking of every visitor to a page by these services using his or her IP address. On every website we use only simple links to social media platforms so that no personal data can be collected. 

Please note: and

Photographs and videos of APA-Group events are also provided for free editorial use by third parties on these platforms. The APA-Group can use its images/videos on the basis of existing legal principles, particularly in compliance with Section 78 of the Austrian Copyright Act (UrhG), for editorial purposes, and for marketing and PR purposes in connection with APA-Group events. With regard to marketing and PR purposes, the APA-Group relies on its predominant legitimate interest in accordance with Article 6 (1) lit f of the GDPR. 

Photographs are stored for a maximum of twelve months and then erased. 

For photographs/videos of APA-Group customers, the customers are responsible with respect to the rights of the data subject. 

Google Forms about G-Suite

We use, only for online surveys, forms based on Google Forms, a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). Google Forms connects to a Google server when you visit our website. Google will then know your IP address and the website you visited. If you enter data in such a form, it will only be transferred to Google if you submit the form with a corresponding button. Further information on data collection can be found at Online surveys are completely anonymous for us, we can assign the information you provide to certain persons. The legal basis of the transfer is Privacy Shield.  

Data protection information 

1. Applicable data protection provisions 

The protection of personal data is naturally important to us. The data is therefore processed exclusively on the basis of statutory provisions (GDPR, Austrian Telecommunications Act 2003). When processing the personal data necessary for the performance of the contract, Article 6 (1) lit b of the GDPR serves as the legal basis. This also applies to processing operations required to carry out measures prior to entering into a contract. 

If processing is necessary to safeguard a legitimate interest, and the interests, fundamental rights and fundamental freedoms of the data subject concerned do not override the former interest, then Article 6 (1) lit f of the GDPR serves as the legal basis for processing. 


Personal data is erased or blocked as soon as the purpose of storage no longer applies. Personal data may also be stored if stipulated by the legislative authority. Unless there is need for continued storage of the data for conclusion or fulfilment of a contract, data is also blocked or erased when a legally prescribed storage period expires. 

3. Rights of the data subject

In the following, we comply with our information requirements in accordance with Articles 13 and 14 of the GDPR. If personal data is processed, you are a data subject as defined by the GDPR or national regulations based thereon, and as a data subject you are entitled to the following rights: rights of access, rectification, erasure, restriction, data portability, revocation and objection.

With respect to data protection requirements, the participating companies of the APA-Group emphasise their compliance with all necessary GDPR provisions. 

       a. Right of access

You may request confirmation from us as to whether we process personal data pertaining you. In particular, you may request information about the purposes and categories of the personal data processed or the recipients or categories of recipient to whom the personal data relating to the data subject has been or will be disclosed. Likewise, information concerning the duration of storage or criteria for determining the duration of storage can be requested. You have the right to request information on whether the personal data concerned is transferred to a third-party country or to an international organisation. In this regard, you can request to be informed of the appropriate safeguards relating to the transfer in accordance with Article 46 of the GDPR. 

       b. Right to rectification  

You have the right to rectification and/or completion of your data if the processed personal data pertaining to you is incorrect or incomplete. We will rectify this without delay. 

       c. Right to restriction of processing 

You can also request restriction of data processing in cases that justify a claim for erasure – then the stored data must remain stored (e.g. for the purposes of preservation of evidence) but may no longer be used in another manner. In particular, you can request a restriction on processing personal data pertaining to you if the processing is unlawful and you refuse erasure and request a restriction on the use of the data instead, if we no longer need the data for processing purposes but you require it for the establishment and exercise of legal claims or you have objected to processing and verification is pending as to whether our legitimate grounds will override yours. Where processing has been restricted, the data may be processed – with the exception of storage – only with your consent or for the purposes of establishing and exercising legal claims or for the protection of the rights of third parties or for reasons of important public interest.  

       d. Right to erasure 

Under certain circumstances, you have the right to erasure, for example, in connection with an objection or if data was collected unlawfully. If the legal prerequisites for erasure are present, particularly if there are no legal requirements or an overriding legitimate interest, we will carry out the desired erasure without delay. Erasure is especially justified if the personal data concerned is no longer necessary for the purpose for which it was collected and processed, if you have a legitimate objection to the processing or if the data in question has been processed unlawfully, or if the erasure is required to fulfil a legal obligation to which we are subject. 

       e. Right to notification 

If you have established your right to rectify, erase or restrict processing, we will notify all recipients to whom the personal data has been disclosed of this rectification or erasure of data or restriction of processing – unless this proves to be impossible or is associated with a disproportionate effort.
You have the right to be notified about these recipients. 

       f. Right to data portability 

You have the right to receive the personal data pertaining to you in a structured, commonly used and machine-readable format. The right to data portability does not apply to the processing of personal data necessary for the performance of a task that is required in the public interest or in the exercise of official authority that has been vested in us. 

       g. Right to object 

You have the right at any time to object to the processing of personal data for reasons arising from your particular situation, provided that processing would take place on the basis of Article 6 (1) lit e or f of the GDPR. 

4. General

The operation of APA-IT is certified in accordance with ISO/IEC 27001: 2013 (information security management system) and ISO 2000-1-2011 (service management) and is regularly audited. This puts into practice the highest possible standards for organisational and technical measures of protection.

If you are of the opinion that the processing of your data violates the Federal Act Concerning the Personal Protection of Data you can file a complaint with the Data Protection Authority.

We will revise these data protection notices from time to time, if necessary. The use of your data is subject to the respective current version, which can be accessed under

The APA-Group has appointed a data protection officer, who can be reached at and will be pleased to assist you with any of your inquiries.

Seite empfehlen
Mehr zu diesem Artikel