Privacy policy

1. Legal Basis

1.1. The EU General Data Protection Regulation, the Data Protection Act 2000 and the Data Protection Adaptation Act 2018 serve the right to the protection of personal data. We process your data exclusively on the basis of the legal provisions (GDPR, DSG 2018, TKG 2003).

2. Basics

2.1. Responsible is Marc Heiss Digital GmbH.

2.2. It is particularly important to us to protect and keep safe all personal data that you entrust to us. In this document you will learn more about how we use and process your personal data. Here you can find our detailed Cookie notice.

3. Purpose limitation, legal basis, storage period and data recipient

3.1. We need the collected personal data for the fulfillment of the contract, billing, assertion of contractual claims, for customer service purposes and for advertising purposes. The data is collected, stored, processed and used for this purpose.

3.2. The legal basis for the processing of your personal data is, on the one hand, the fulfillment of a contract (e.g. online purchase, service order, etc.), legitimate interests, the fulfillment of our legal or contractual obligations and, on the other hand, your consent (e.g. contact form, newsletter, cookies). Failure to provide the data can have different consequences.

3.3. We process your personal data such as first name, last name, address, telephone number, e-mail address and product-specific data as far as necessary for the duration of the entire business relationship (from the initiation, processing to the end of a contract) and beyond that in accordance with the statutory retention periods.

and documentation obligations resulting from the Austrian Commercial Code (UGB), the Federal Fiscal Code (BAO) and until the end of any legal dispute, ongoing warranty and guarantee periods, etc.

3.4. As part of the operation of our websites, we commission software service providers and agencies who can gain access to your personal data in the course of their activities, provided that they need the data to fulfill their respective service. They have committed themselves to us to comply with the applicable data protection regulations. Order processing contracts have been concluded in accordance with Art. 28 GDPR. You can request more information about the processors commissioned by us at

4. Contact form

4.1. Your details, including personal data, from our contact form will be sent to us via our own mail server to process your request, processed further and stored by us. This data will not be collected or passed on without your consent. We cannot process your inquiries without this data.

4.2. Data processing takes place on the basis of the legal provisions of Section 96 (3) TKG and Art 6 (1) (a) (consent) GDPR.

5. Newsletter

5.1. You can register for our newsletter on the website using the double opt-in procedure. After registering, you will receive an email asking you to confirm your registration. Without the disclosure of this data, the transmission of our newsletter is not possible. You can unsubscribe from the newsletter by clicking on the unsubscribe link at the end of each newsletter.

5.2. We commission processors to send our newsletter. They have committed themselves to us to comply with the applicable data protection regulations. An order processing contract was concluded in accordance with Art. 28 GDPR. You can request more information about the processors commissioned by us at

5.3. Data processing takes place on the basis of the legal provisions of Section 96 (3) TKG and Art 6 (1) (a) (consent) GDPR.

6. Cookies, other tracking tools and web analysis
Cookies are small data files that allow a website to collect and store a variety of data on your desktop computer, laptop, or mobile device. Cookies help us provide important features and functionality on our websites and mobile apps, and we use them to improve your customer experience. Please also note our separate Cookie notice.

7. Social Plugins

Our websites or mobile apps may contain social media features such as Facebook, Twitter, Google+ or Pinterest, which have their own privacy notices.

We use the following plugin on our website: Facebook. If you do not want social networks to collect data about you via the active plugin, you can select the “Block third-party cookies” function in your browser settings. Then the browser does not send any cookies to the server for embedded content from other providers. With this setting, however, other cross-site functions may no longer work apart from the plugin.

If this plugin is activated, your browser establishes a direct connection with the servers of the respective social network as soon as you call up a website on our website. The content of the plugin is transmitted directly from the social network to your browser, which integrates it into the website. By integrating the plugin, the social network receives the information that you have accessed the corresponding page of our website. If you are logged into the social network, this can assign the visit to your account. If you interact with the plugin, for example by clicking the Facebook “Like” button or by making a comment, the corresponding information is transmitted directly from your browser to the social network and stored there. The purpose and scope of the data collection and the further processing and use of the data by social networks as well as your rights in this regard and setting options for protecting your privacy can be found in the data protection information of the respective networks or websites. The links to this can be found below.

Even if you are not logged in to the social networks, data can be sent to the networks from websites with active social plugins. An active plugin sets a cookie with an identifier each time the website is accessed. Since your browser sends this cookie with every connection to a network server without being asked, the network could in principle use it to create a profile of which websites the user belonging to the ID has accessed. And it would then also be possible to assign this identifier to a person again later – for example when logging on to the social network later.

Integration of Facebook social plugins
Social plugins (“plugins”) from the social network, which is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”), are integrated into our website. The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as your rights in this regard and setting options for protecting your privacy can be found in Facebook’s data protection information:
You can also block Facebook social plugins with add-ons for your browser, for example with the “Facebook Blocker”.

Please ensure you read the Terms of Use and Privacy Notice carefully before submitting any personal information, as we do not accept any responsibility or liability for these features.

+1 Schaltfläche von Google+
This website uses the “+1” button of the social network Google Plus, which is operated by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States (“Google “). The button is attached to the sign “+1? recognizable on a white or colored background.

When a user calls up a website that contains such a button, the browser establishes a direct connection with the Google servers. The content of the “+1?” button is sent directly to your browser by Google, which integrates it into the website. the provider therefore has no influence on the amount of data that Google collects with the button. According to Google, no personal data is collected without a click on the button. Such data, including the IP address, is only collected and processed for logged-in members.

The purpose and scope of the data collection and the further processing and use of the data by Google as well as your rights in this regard and setting options for protecting your privacy can be found in Google’s data protection information on the “+1?” button: intl/de/+/policy/+1button.html and the FAQ:

This website uses the Twitter service buttons. These buttons are offered by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. They can be recognized by terms such as “Twitter” or “Follow” combined with a stylized blue bird. With the help of the buttons it is possible to share a post or page of this website on Twitter or to follow the provider on Twitter.

When a user calls up a website on this website that contains such a button, their browser establishes a direct connection to the Twitter servers. The content of the Twitter button is transmitted directly from Twitter to the user’s browser. The provider therefore has no influence on the scope of the data that Twitter collects with the help of this plugin and informs the users according to their level of knowledge. According to this, only the IP address of the user and the URL of the respective website are transmitted when the button is accessed, but not used for purposes other than displaying the button.

Further information on this can be found in Twitter’s privacy policy at

8. Consent and Right of Withdrawal

8.1. If your consent is required for the processing of your data, we will only process it after your express consent.

8.2. In principle, we do not process any data of minors and are not authorized to do so. By giving your consent, you confirm that you have reached the age of 14 or that you have the consent of your legal representative.

8.3. You can revoke your consent at any time at the following e-mail address: In such a case, the data previously stored about you will be deleted. The revocation of the consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the point of revocation.

9. Links to other websites

Our websites or mobile apps may contain links to websites of other organizations that have their own privacy notices. Please ensure that you read the Terms of Use and Privacy Notice carefully before providing any personal information on any other organization’s website, as we do not accept any responsibility or liability for any other organization’s website.

10. Your Rights

10.1. You have the right to information from the person responsible, Marc Heiss Digital GmbH, about the personal data concerned at any time. If there is no statutory storage obligation, you have the right to delete this data and to object to the processing. You also have the right to correct the data and to restrict processing, to data transferability and to lodge a complaint with the Austrian data protection authority (Wickenburggasse 8-10, 1080 Vienna, email:

10.2. Regarding your rights, please contact us at or write to:

Marc Heiss Digital GmbH
Römerstraße 101
A-6103 Reith bei Seefeld
Telephone 0043 (0) 664 439 2224

Firmenbuchnummer: FN 548209s
UID: ATU76540049

11. Data Security

Marc Heiss Digital GmbH uses technical and organizational security measures to protect the stored personal data against accidental or intentional manipulation, loss or destruction and against access by unauthorized persons. Our security measures are continuously improved in line with technical progress.

This privacy notice replaces all previous versions. We may change the notice at any time, so please check our website regularly for any updates. If the changes are significant, we will provide a prominent notice on our website. In addition, we will send electronic notification of changes to our privacy notice when we deem it appropriate.

12. Use of – Live Chat

This website optionally offers the use of (a live chat software from ltd, Old Town, Riga). The chat is integrated into the source text on our website via a script. By using the chat you automatically use the services of The data collected includes: chat history, IP address at the time of the chat and country of origin. This data is not passed on to third parties and is only used for protection and internal statistics.

By using the chat you agree that you agree with this. The data collected with the technologies are not used to personally identify the visitor to this website. They will not be saved and will be deleted after the chat. The purpose and scope of the data collection and the further processing and use of the data by as well as your rights in this regard and setting options for protecting your privacy can be found in the data protection information:

13. Hotjar

This website uses functions of the web service Hotjar, operated by Hotjar Ltd. Hotjar Ltd. is a European company based in Malta. Hotjar uses cookies. The information generated by the cookie about your use of this website is usually transmitted to a server of Hotjar and stored there. Hotjar is an analytics and feedback service designed to anonymously understand and interpret user behavior without personally identifying individual users. Website visitors are assigned a unique user ID so that Hotjar can track returning visitors without relying on personal information. Hotjar has several automatic suppression features that are applied when recording user sessions. The data is suppressed client-side in the visitor’s browser, which means that personally identifiable information never reaches the Hotjar servers and the session is kept private. You can object to the use of Hotjar. Instructions are available at  before.

14. Microsoft Clarity

This website uses Clarity, a web analysis tool from Microsoft, to record individual visits (only with an anonymized IP address). This creates a log of mouse movements and clicks with the intention of playing back website visits and deriving potential improvements for the website from them. Among other things, Clarity uses cookies, which enable an analysis of the use of our website, as well as a so-called tracking code. The information collected is transmitted to Clarity and stored there. According to Microsoft, these can also be used for advertising purposes. See Microsoft Privacy Statements. For more information on Clarity see Clarity Privacy Policy.

15. Facebook Remarketing

Remarketing tags from the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA are integrated on our website. When you visit our pages, a direct connection is established between your browser and the Facebook server via the remarketing tags. Facebook receives the information that you have visited our site with your IP address. This allows Facebook to associate your visit to our site with your user account. We can use the information obtained in this way to display Facebook Ads. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the data transmitted or how it is used by Facebook. You can find more information on this in Facebook’s privacy policy at

Please click here to withdraw your consent:

16. Conversion tracking with the Facebook pixel

With your consent, our website uses the Conversion Tracking Pixel Service from Facebook, Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA (“Facebook”). This allows us to track user actions after they have been redirected to a provider website by clicking on a Facebook ad. This enables us to record the effectiveness of Facebook ads for statistical and market research purposes. The data collected remains anonymous. This means that we cannot see the personal data of individual users. However, the collected data is stored and processed by Facebook. We will inform you about this matter according to our current information. Facebook can link the data to your Facebook account data and uses the data for its own advertising purposes, in accordance with the Facebook data guidelines Facebook Conversion Tracking also allows Facebook and its partners to show you advertising inside and outside of Facebook. In addition, a cookie is stored on your computer for this purpose.
Only users over the age of 13 are allowed to give their permission. If you are under the age of 13, please contact your legal guardian.
Please click here to withdraw your consent: .

17. Bing Universal Event Tracking

We use Bing Universal Event Tracking (“UET”), a service provided by Microsoft Corporation, One Microsoft Way, Redmond WA 98052-6399, USA (“Microsoft”). When you access our websites through ads served by Bing Ads, a cookie will be placed on your computer. In addition, a UET tag is integrated on our websites. A UET tag is a code that is used together with the cookie to store pseudonymised data about the use of the website. In combination with the cookie, the tag records pseudonymised data in order to understand what actions you take after clicking on a Bing Ads ad on our websites. The data collected includes time spent on the website, which areas of the website were viewed and which ad brought you to the website. In addition, Microsoft may use cross-device tracking to track your usage across multiple electronic devices. The data collected is sent to a Microsoft server in the United States.

Bing Webmaster-Tools: Microsoft’s Bing Webmaster Tools stores both cookies and so-called “beacons” on your computer. Beacons, or counting pixels, are small invisible graphics that can be used to register whether a website has been accessed.

Zwecke, für die die Daten verarbeitet werden: Bing Universal Event Tracking: UET enables us to track your activities on our websites if you have accessed our websites via ads from Bing Ads; this in turn enables us to improve our online offering. Cross-device tracking enables Microsoft to display personalized advertising.

Bing Webmaster Tools: This tool allows Microsoft to provide its Bing services and optimize search results.

Speicherdauer und Kontrollmöglichkeiten: Microsoft stores the data for a maximum period of 180 days. You can prevent the collection and processing of your data by deactivating the use of cookies. Please note that this may limit the functionality of the websites concerned. You can use this link to disable cross-device tracking.

For more information about Bing’s analytics services, visit the Bing Ads website. For more information about privacy at Microsoft and Bing, see the Microsoft Privacy Policy.

18. LeadRebel

We analyze our visitor data with the help of an external service provider. For this purpose, we pass on the data obtained from the use of IP research to Pulserio AG, Schellenrainstrasse 13, 6210 Sursee, Switzerland. weiter.

Categories of data subjects are website visitors and users of our web services. The purpose of the processing is the evaluation of the data obtained from IP research for lead generation.

If visitors to our site are asked for their consent, the legal basis for processing the data is consent within the meaning of Art. 6 para. 1 lit. a DSGVO. Otherwise, the data will be processed on the basis of our legitimate interest within the meaning of art. 6 para. 1 lit. f DSGVO verarbeitet. Our legitimate interest lies in lead generation by analyzing the data obtained with the help of IP research.

On this page: you have an opt-out option. In the event of an opt-out, your data will no longer be recorded by LeadRebel.

19. Calendly

You can register for an appointment on our website. We use the online calendar “Calendly” to request and select an appointment. “Calendly” is an offer from Calendly, LLC, 3423 Piedmont Road NE, Atlanta, GA 30305-1754, United States.

When you click on the online appointment booking link, you will automatically be connected to our appointment booking page on Calendly. After choosing your appointment, confirming it and entering your contact details and concerns, you will receive an email from Calendly confirming your appointment. You can find more information about Calendly and data protection at Calendly here:

Your details from the Calendly form, including the data you provide there, will be stored by us and by Calendly for the purpose of processing the request and in the event of follow-up questions. This data remains with us and Calendly until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. appointment has taken place). Mandatory legal provisions – in particular retention periods – remain unaffected.

20. WordFence

We have integrated Wordfence on this website. The provider is Defiant Inc., Defiant, Inc., 800 5th Ave Ste 4100, Seattle, WA 98104, USA (hereinafter Wordfence).

Wordfence is used to protect our website from unwanted access or malicious cyber attacks. For this purpose, our website establishes a permanent connection to the Wordfence servers so that Wordfence can compare and, if necessary, block its databases with the access made to our website.

Wordfence is used on the basis of Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in protecting its website from cyber attacks as effectively as possible. If a corresponding consent was requested, the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a DSGVO, insofar as the consent includes the storage of cookies or access to information in the user’s end device (e.g. device fingerprinting). The consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here:

Last updated: January 2023