Privacy Policy

1. Introduction

xeltrivano.top AG ("we", "our", or "us") is committed to protecting and respecting your privacy. This privacy policy explains how we collect, use, and protect your personal data when you visit our website xeltrivano.top or use our restaurant feedback management services.

As a company registered in Austria, we comply with the General Data Protection Regulation (GDPR) and Austrian data protection laws. We are the data controller for the personal data we process as described in this policy.

2. Data Controller Information

3. Data We Collect

The data we collect depends on how you interact with our website and services. We collect and process personal data in accordance with GDPR principles of lawfulness, fairness, and transparency.

3.1 Information You Provide Directly

When you contact us or use our services, we may collect:

• Name and contact details (email address, phone number)
• Company information (restaurant name, business details)
• Communication preferences and enquiry details
• Any other information you choose to provide in forms or communications

3.2 Technical Data Collection

When you visit our website, we automatically collect certain technical information:

• IP address and browser information
• Device type and operating system
• Pages visited and time spent on our website
• Referral source and website navigation patterns

4. How We Use Your Information

We process your personal data for specific, explicit, and legitimate purposes. The use of your data is always based on a legal basis under GDPR, such as consent, legitimate interests, or contractual necessity.

4.1 Service Provision

We use your information to:

• Respond to your enquiries and provide customer support
• Deliver our restaurant feedback management services
• Process service agreements and billing
• Communicate important service updates and notifications

4.2 Website Improvement and Analytics

We analyse website usage data to:

• Improve our website functionality and user experience
• Understand visitor behaviour and preferences
• Optimise our content and services
• Ensure website security and prevent misuse

5. Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about the cookies we use, their purposes, and how to control them, please refer to our Cookie Policy.

We implement Google Consent Mode v2 to ensure that tracking and advertising technologies respect your consent preferences and comply with privacy regulations.

6. Data Sharing and Third Parties

We do not sell, trade, or rent your personal information to third parties. We may share your data only in the following circumstances:

• With service providers who assist us in operating our website and services (under strict confidentiality agreements)
• When required by law, court order, or government authority
• To protect our rights, property, or safety, or that of our users
• In connection with a business transfer or merger (with appropriate safeguards)

All third-party service providers are carefully selected and required to maintain appropriate security measures and data protection standards.

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements.

• Contact enquiry data: Retained for 3 years after last contact
• Service agreement data: Retained for 7 years after contract termination (Austrian legal requirements)
• Website analytics data: Retained for 26 months (Google Analytics default)
• Marketing data: Retained until consent is withdrawn or for 3 years, whichever is earlier

After the retention period expires, we securely delete or anonymise your personal data in accordance with our data retention schedule.

8. Your Rights

Under GDPR and Austrian data protection law, you have several rights regarding your personal data:

• Right of access: Request copies of your personal data
• Right to rectification: Request correction of inaccurate or incomplete data
• Right to erasure: Request deletion of your personal data under certain circumstances
• Right to restrict processing: Request limitation of how we use your data
• Right to data portability: Request transfer of your data to another service provider
• Right to object: Object to processing based on legitimate interests or for marketing purposes
• Right to withdraw consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us at [email protected] or +43 7325446449. We will respond to your request within one month.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and staff training
• Secure data centres and backup systems
• Incident response and breach notification procedures

While we strive to protect your personal data, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security but are committed to maintaining industry-standard protection measures.

10. International Data Transfers

We primarily process data within the European Union. If we transfer your personal data outside the EU/EEA, we ensure appropriate safeguards are in place, such as:

• European Commission adequacy decisions
• Standard contractual clauses approved by the European Commission
• Certification schemes or codes of conduct
• Binding corporate rules for multinational companies

11. Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and updating the "last updated" date.

We encourage you to review this privacy policy periodically to stay informed about how we protect your personal data.

12. Contact Information

If you have any questions, concerns, or requests regarding this privacy policy or our data processing practices, please contact us:

13. Supervisory Authority

If you believe that our processing of your personal data violates data protection law, you have the right to lodge a complaint with the relevant supervisory authority. In Austria, this is: