Novid20 GmbH

Zieglergasse 6/1/7, 1070 Wien
Telefon:+43 720 393226
Firmenbuchnummer: 540139y
Firmenbuchgericht: HG Wien
UID-Nummer: ATU75873912

Mitglied der Wirtschaftskammer Wien
Geschäftsführung: Christoph Tockner, Moritz Miedler

Novid20 GmbH (hereinafter “NOVID20“, „we“, „us”) is aware of the importance of the personal data entrusted to it. It is therefore particularly important to us to ensure the confidentiality and lawful processing of your data on our online platform (the “Website”).

In this privacy policy you will find information on the processing of personal. We use the terms laid down in the General Data Protection Regulation (“GDPR”). In the following we would like to explain the most important terms as defined by the GDPR:

  • Personal data: any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
  • Processing: any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
  • data subject The person whose personal data are processed.
  • Controller: the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
  • Processor: a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
  • Consent (of the data subject): any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
  • Personal data breach: a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.




1. Who is the controller?

Novid20 GmbH is controller pursuant to Article 4 (7) GDPR.


Novid20 GmbH

Zieglergasse 6/1/7,

1070 Vienna, Austria

Telefon: + 43 664 2203 909

E-Mail: [email protected]


Our data protection officer is:


Dr. Klaus Pateter, LL.M. (Columbia)

Gauermanngasse 2

1010 Vienna, Austria

+43 1 40443 6850

[email protected]

Subject: Data Protection Novid20



2. For what purposes do we process your personal data?


2.1 Operation of the website and contact via the website

a. Description: NOVID20 operates the Website with the following address to provide Information about services Novid20 provides. Novid20 further provides a mailto-link on the website, in order to make it easier for you to contact us. In general, data subjects may use the Website without processing of personal data, but the processing of your personal data is necessary in order to contact you or process your inquiry.

b. Categories of data: For the aforementioned purposes, we process your e-mail address, IP address, date and time of the enquiry as well as additional personal data that you provide to us voluntarily for the purpose of contacting you (via the mailto-link), such as your first and last name or telephone number. In addition, the address (URL) of the website accessed, browser and browser version, the operating system used, the address (URL) of the previously visited pages (referrer URL), the host name and IP address of the device from which access is made as well as the date and time are stored in web server log files.

c. Legal basis: We process the above-mentioned personal data on the basis of legitimate legal interests (Article 6 (1) (f) GDPR) for the proper operation of our website and to provide information on Novid20.

d. Duration of storage: We store your personal data for the aforementioned processing purposes for the duration of your visit to our website or, in the case of an enquiry via mailto link, for the duration of the processing of your enquiry.


2.2 Processing of personal data for sending information about Novid20

a. Description: Upon request, we will send you information about Novid20 by e-mail. For this purpose, we process your personal data. Without this data, we cannot send you any information.

b. Datenkategorien: Für die vorerwähnten Verarbeitungszwecke verarbeiten ihren Vor-und Nachnamen, Geschlecht, Ihre E-Mail-Adresse und Ihre User-ID.

c. Legal basis: We process your personal data for the aforementioned processing purposes on the basis of your consent (Article 6 (1) (a) GDPR).

d. Storage period: We process your personal data for the above-mentioned processing purposes for the duration of the existence of our legitimate interests and until the time of revocation of your consent. A revocation has the consequence that we will no longer process your data from this point in time, whereby the legality of the data processing carried out on the basis of your consent until the revocation remains unaffected by the revocation. To revoke your consent, please contact us at [email protected]


2.3 Prosecution

a. Description: If a legal dispute arises during the upright contractual relationship between you and us or after its termination, the data necessary for the appropriate prosecution will be transmitted to legal representatives and courts.

b. Categories of data: Contact details (e.g. first and last name, academic title, address), data relating to the dispute in question (e.g. your behaviour in relation to the use of the website).

c. Legal basis: We process the above-mentioned personal data on the basis of legitimate legal interests (Article 6 (1) (f) in conjunction with Article 9 (2) (f) GDPR) for appropriate legal prosecution.

d. Duration of storage: We store the aforementioned personal data for the purpose of pursuing or defending legal claims, insofar as this is necessary for potential proceedings or until the expiry of the statutory limitation periods, whereby the regular statutory limitation period is three years.


3. To which recipients will your personal data be transmitted?

3.1 In the course of our data processing, we transmit your personal data to the following recipients to the extent necessary: Service partners and experts, consulted service providers, legal representatives, courts as well as administrative authorities, tax consultants or external payroll accounting as well as companies commissioned to support our internal IT infrastructure (software, hardware).

3.2 We use processors who perform services on our behalf. The processors may only process the data provided to them in accordance with our instructions and to the extent necessary to perform services for us. We contractually obligate these processors to ensure the confidentiality and security of the personal data processed as part of the order.


4. Profiling

4.1 We do not process your personal data in an automated or non-automated way with the aim of evaluating certain personal aspects (profiling).


5. To what extend is there automated decision-making?

6.1 We do not use fully automated decision-making pursuant to Article 22 of the GDPR. Should we use these procedures in the future, we will inform you separately about this and about your rights in this regard, insofar as this is required by law.


6. What rights do you have?

6.1 You have the right of access under Art. 15 GDPR, the right of rectification under Art. 16 GDPR, the right of deletion under Art. 17 GDPR, the right to restrict processing under Art. 18 GDPR, the right of objection under Art. 21 GDPR, the right not to be subject to automated decisions in individual cases including profiling, and the right of data transferability under Art. 20 GDPR. Furthermore, there is a right of appeal to a competent data protection supervisory authority (Art 77 GDPR). Further information on your rights can be found at:

6.2 The competent supervisory authority is the Austrian Data Protection Authority, Barichgasse 40-42, 1030 Vienna (


7. Use of cookies, social media and similar technologies

7.1 Use and application of cookies

a. Cookies are a small set of data generated by a web server, sent through the Internet and stored on your terminal device with the help of your browser program. The website uses "cookies" essentially to recognize users or their end devices, to store the user's preferences or information for the duration of browsing or in the event of a return. Furthermore, cookies are also used to play behavior-based advertising and to control ad content.


7.2 What types of cookies are there?

a. Differentiation according to domain
  1. First-Party-Cookies:
    Are sent and read exclusively by the service provider's domain.
  2. Third-Party-Cookies:
    Are sent and read by domains of other service providers.
b. Differentiation according to storage period
  1. Session cookies (session-id): Temporary cookies that are automatically deleted when the browser is closed. Session cookies enable the recognition of the user's movements on the website so that information is retained. Without cookies, websites have no "memory".
  2. Persistent cookies: permanent cookies that must be manually deleted or that delete themselves after a certain amount of time has elapsed. These cookies help the website remember the user and their preferences, e.g. language selection, menu preferences, internal bookmarks or favourites.


c. Differentiation according to the use
  1. Technically necessary cookies: These cookies are needed to ensure the functionality of the website and web application and cannot be disabled for this reason.
  2. Analysis cookies: These cookies collect anonymised information to create statistics to better understand user behaviour on the website and web application and to improve the application.
  3. Marketing cookies: These cookies store information about websites visited in order to display personalised advertising.


8. Use of cookies without consent

8.1 Novid20 is entitled to store cookies on the terminal device of the (informed) user, the sole purpose of which is to carry out or facilitate the transmission of a message via an electronic communications network or, if absolutely necessary, to provide a service requested by the subscriber or user (Art 5 (3) ePrivacy-Directive).


9. Which cookies are used?

9.1 Analysis Cookies:


Storage period



5 years

Analysis of website usage for technical improvement