Skip to content

Data protection

PRIVACY POLICY

Last updated: 20/01/2026

1) Controller (Data Controller)

BUGSLOCK GmbH
St. Stefan 106 – Gewerbe-Zone West
A-9142 Globasnitz, Austria
Tel.: +43 1 236 1919
E-mail: info(@)bugslock.at

Privacy contact: info(@)bugslock.at
Data Protection Officer (DPO): Thomas Thonhofer

2) General Information

We process personal data in accordance with the General Data Protection Regulation (GDPR) and applicable national data protection and telecommunications laws (in Austria in particular the TKG 2021).

Personal data is any information relating to an identified or identifiable natural person (e.g., name, e-mail address, IP address).

3) Data Processing When You Visit This Website (Server Logs)

When you access this website, our hosting provider and/or we process technical access data (server log files) to deliver the website and ensure security. In particular, the following data may be processed:

  • IP address (possibly shortened/anonymized – depending on hosting/server configuration)
  • date and time of access
  • page/file accessed
  • browser type/version and operating system
  • referrer URL (the previously visited page)
  • amount of data transferred / status codes (e.g., 200, 404)

Purposes: operation of the website, error analysis, prevention of attacks and misuse (IT security).
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in a secure, stable website operation).
Retention period: generally 14 days, then deletion/anonymization, unless longer retention is required for security reasons.

Hosting (processor):
Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany.
We have concluded a data processing agreement pursuant to Art. 28 GDPR with the hosting provider.

4) Cookies & Consent Management (Cookie Banner)

We use a consent management tool (“CookieAdmin”) so that you can grant or refuse consent for optional cookies/services and so that your selection is stored.

Technically necessary information may be processed, e.g.:

  • your consent decision (accept/decline per category)
  • technical identifiers (cookie/local storage) to store your selection
  • if applicable, timestamp/version of the consent (for documentation)

Purpose: management and documentation of your cookie preferences.
Legal basis: Art. 6(1)(c) GDPR (legal obligation) and/or Art. 6(1)(f) GDPR (legitimate interest in lawful consent handling).

Note:
Strictly necessary cookies are required for operating the website. Statistics/analytics cookies (Google Analytics) are set only if you actively consent via the cookie banner.

Retention period (CookieAdmin): until you change your selection or delete the stored consent data (e.g., by deleting browser data), at the latest after 12 months (depending on the tool settings).

5) Google Analytics (Statistics/Analytics)

We use Google Analytics 4 (GA4) to analyze the use of our website and create reports about website activity. This helps us improve the website and its content.

Provider:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
It cannot be ruled out that data may also be processed by Google LLC (USA).

Data processed (typically):

  • usage/interaction data (e.g., page views, clicks, scroll/session information, events)
  • technical information (e.g., browser, operating system, device type, screen resolution)
  • approximate location (derived, e.g., region)
  • referrer URL
  • where applicable, an identifier (cookie ID) to recognize the browser

Cookies:
Depending on the implementation, GA4 may set cookies such as _ga and ga* to recognize users and generate statistics.

Legal basis:
Processing takes place only with your consent (Art. 6(1)(a) GDPR in conjunction with Sec. 165(3) TKG 2021).
You can withdraw your consent at any time via the cookie settings (with effect for the future).

Retention period:
The retention of analytics data depends on the GA4 configuration (typically 2 months or 14 months for event data; depending on settings). Cookies have their own lifetime depending on the cookie.

Recipients:
Google acts as a processor (data processing terms/DPA).

International transfers (third countries):
If data is transferred to the USA, Google generally relies on appropriate safeguards (e.g., EU Standard Contractual Clauses) and, where applicable, additional mechanisms.

Objection / opt-out:

  • You can refuse analytics cookies in the cookie banner or disable them later via cookie settings.
  • In addition, you can use the Google Analytics Opt-out Browser Add-on (depending on browser/device).

6) Contact

If you contact us by e-mail or telephone, we process your details (e.g., name, e-mail address, content of the inquiry) to handle your request.

Legal basis: Art. 6(1)(b) GDPR (pre-contractual/contractual communication) or Art. 6(1)(f) GDPR (legitimate interest in responding to inquiries).
Retention period: as long as necessary to handle the request; thereafter in accordance with statutory retention obligations or after an internal deletion period of generally 6 months, unless further retention is required.

7) External Links / Redirect to Shop

This website contains links to external websites, e.g.:

  • “Shop” (buddycare.eu) – orders/payments are processed there.
  • “Pharmacy Finder” (apothekerkammer.at)

When clicking a link, you leave our website. The respective operator is responsible for data processing on the linked site. Please refer to the privacy policy of the respective website.

8) Recipients / Disclosures

We disclose data only if this is necessary for providing the website (e.g., hosting provider) or if you have consented.

Possible recipient categories:

  • hosting/IT service providers (Hetzner)
  • analytics service providers (Google Analytics – only with consent)

9) Your Rights

Subject to the legal requirements, you have the following rights:

  • right of access (Art. 15 GDPR)
  • right to rectification (Art. 16 GDPR)
  • right to erasure (Art. 17 GDPR)
  • right to restriction of processing (Art. 18 GDPR)
  • right to data portability (Art. 20 GDPR)
  • right to object (Art. 21 GDPR), where processing is based on Art. 6(1)(f) GDPR
  • right to withdraw consent at any time with effect for the future (Art. 7(3) GDPR)

To exercise your rights, contact: info(@)bugslock.at

10) Right to Lodge a Complaint

If you believe that the processing of your data violates data protection law, you may lodge a complaint with the competent supervisory authority.

Austrian Data Protection Authority (Österreichische Datenschutzbehörde)
Barichgasse 40–42, 1030 Vienna, Austria
E-mail: dsb@dsb.gv.at

11) Data Security

We implement technical and organizational measures to protect your data and use encrypted transmission (HTTPS), provided your browser supports it.

12) Changes

We update this privacy policy if legal requirements, the website, or our data processing activities change.

 

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by