Privacy Policy

1. Introduction

Filteraoeco ("we", "us", "our") is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you visit our website filteraoeco.world and use our services.

This policy is compliant with the General Data Protection Regulation (GDPR) (EU) 2016/679, the Austrian Data Protection Act (Datenschutzgesetz, DSG) as amended, and other applicable data protection laws in Austria and the EU.

2. Data Controller

The data controller responsible for your personal data is:

Filteraoeco
Ardning 31
8904 Ardning
Austria
Email: connectuse@filteraoeco.world

3. Personal Data We Collect

We may collect and process the following categories of personal data:

3.1 Information You Provide

• Contact Information: Name, email address, phone number (optional)
• Order Information: Shipping address, billing information, order details
• Communication Data: Messages, inquiries, and feedback you send us
• Consent Records: Records of your consent for data processing

3.2 Information Collected Automatically

• Technical Data: IP address, browser type, operating system, device information
• Usage Data: Pages visited, time spent on pages, navigation paths
• Cookie Data: Information collected through cookies and similar technologies

4. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR Article 6:

• Contract Performance (Art. 6(1)(b)): Processing necessary to fulfill your orders and provide our services
• Consent (Art. 6(1)(a)): Processing based on your explicit consent, such as marketing communications, non-essential cookies, and—where applicable—personalized advertising
• Legitimate Interests (Art. 6(1)(f)): Processing necessary for our legitimate interests, including: operating and securing our website; IT operations and troubleshooting; fraud prevention; enforcing legal claims; and limited analytics where permitted without consent under applicable law. We balance these interests against your rights and, where required, rely on consent instead
• Legal Obligation (Art. 6(1)(c)): Processing required to comply with legal requirements (for example tax, accounting, and regulatory obligations)

5. Purposes of Data Processing

We use your personal data for the following purposes:

• Processing and fulfilling your orders
• Communicating with you about your orders and inquiries
• Providing customer support
• Improving our website and services
• Analyzing website usage and performance
• Sending marketing communications (with your consent)
• Complying with legal obligations
• Preventing fraud and ensuring security

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

• Order Data: 7 years from the date of purchase (for tax and accounting purposes as required by Austrian law)
• Marketing Consent: Until you withdraw your consent
• Communication Records: 3 years from the last interaction
• Server and Security Logs: Typically a limited number of days or weeks, unless longer retention is required for security incidents or legal claims
• Cookie Data: As specified in our Cookie Policy

After the retention period, your data will be securely deleted or anonymized.

7. Your Rights Under GDPR

Under the GDPR, you have the following rights regarding your personal data:

• Right of Access (Art. 15): Request a copy of your personal data
• Right to Rectification (Art. 16): Request correction of inaccurate data
• Right to Erasure (Art. 17): Request deletion of your data ("right to be forgotten")
• Right to Restriction (Art. 18): Request limitation of data processing
• Right to Data Portability (Art. 20): Receive your data in a structured, machine-readable format
• Right to Object (Art. 21): Object to processing based on legitimate interests or direct marketing
• Right to Withdraw Consent (Art. 7): Withdraw consent at any time without affecting prior processing

To exercise your rights, please contact us using the contact information provided below.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• SSL/TLS encryption for data transmission
• Secure storage systems with access controls
• Regular security assessments and updates
• Staff training on data protection
• Data minimization principles

9. Data Sharing and Transfers

We may share your personal data with:

• Service Providers (Processors): Hosting providers, email and IT service providers, payment processors, shipping and logistics partners, and customer support tools, solely on our instructions and under data processing agreements where required by law
• Advertising and Analytics Providers: If you consent, providers such as Google (for example Google Ireland Limited for Google Ads, Analytics, or similar products) may receive device or usage data to measure campaigns or personalize ads. Their use is governed by their privacy policies and your cookie choices
• Legal Authorities: When required by law or to protect our legal rights

We do not sell your personal data to third parties. When we share data with service providers, we ensure appropriate data processing agreements are in place.

If we transfer data outside the European Economic Area (EEA) or to countries without an EU adequacy decision (including, where applicable, the United States), we implement appropriate safeguards such as EU Standard Contractual Clauses (SCCs) and supplementary measures as required by case law and regulatory guidance.

10. Cookies

Our website uses cookies and similar technologies. For detailed information about our use of cookies, please see our Cookie Policy.

11. Children's Privacy

Our services are not intended for individuals under 16 years of age. We do not knowingly collect personal data from children under 16. If you believe we have collected data from a child, please contact us immediately.

12. Automated Decision-Making and Profiling

We do not use automated decision-making within the meaning of Article 22 GDPR that produces legal effects concerning you or similarly significantly affects you.

Where we or our partners use profiling or personalization for advertising (for example after you accept marketing cookies), this is based on consent or other permitted grounds under applicable law and does not constitute solely automated decisions with legal effect under Article 22 GDPR.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting a notice on our website or by email.

14. Complaints

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with a supervisory authority under Article 77 GDPR, without prejudice to any other administrative or judicial remedy.

In Austria, the relevant authority is:

Austrian Data Protection Authority (Datenschutzbehörde)
Barichgasse 40-42
1030 Vienna
Austria
Website: www.dsb.gv.at