Skip to content
ONLINECOLLECTION
Search

Data privacy

We, the Leopold Museum-Privatstiftung, commercial register FN 112 406d, commercial court Vienna, Museumsplatz 1, A-1070 Vienna (hereinafter “Leopold Museum” / “we”) comply in terms of data privacy with the statutory provisions of the EU General Data Protection Regulation (GDPR) and wish to inform you about our approach to collecting and processing personal and non-personal data.

Our privacy officer Mag. Sabrina Oberlojer can be contacted at:

via email: datenschutz@leopoldmuseum.org or
by post: Leopold Museum-Privatstiftung, FAO Privacy Officer, Museumsplatz 1, A-1070 Vienna

1. PERSONAL DATA

“Personal data” includes all data containing particulars about personal or material circumstances, including name, address, email address, telephone number, date of birth, age, gender, social security number, video recordings, photographs, voice recordings of persons as well as biometrical data such as fingerprints. It may also include sensitive data, such as health data. We only gather personal data essential to the implementation and processing of our goods and services and to the purpose of our enterprise, or data which you have provided voluntarily.

2. DATA SECURITY

Your personal data is protected through appropriate organizational and technical provisions. These provisions apply especially to the protection of your data against unauthorized, unlawful or random access, processing, loss, use and manipulation.

We always endeavor to detect data breaches early and, if applicable, to report such breaches without delay to you or to the appropriate regulatory authority citing the data categories concerned.

Our website has a SSL (Secure Socket Layer) certificate. This certificate allows for the encrypted transfer of your personal data.

Despite our efforts to uphold a high standard of diligence requirements we cannot rule out that information provided by you to us may be seen and used by others.

Please note that we therefore assume no liability whatsoever for the disclosure of information due to errors occurring during data transfer that are not caused by us and/or due to unauthorized access by third parties (e.g. hacker attack on email account or telephone, interception of faxes).

3. DATA PROCESSING

We gather, process and use your personal data only with your consent, or in connection with your commission or order for the purposes agreed with you, or if any other legal basis applies in keeping with the GDPR; the only exception to this is use for statistical purposes, provided that the data has been anonymized.

Data processing is carried out subject to data protection law and civil law regulations (Telecommunications Act, EU GDPR and Data Protection Act, in the relevant latest versions).

DATA PROCESSING OF WEBSITE USERS:

You can visit our website without providing any personal data. When you access our website we will only process certain access data (your IP address as well as other metadata, e.g. user agent) by automated means for the purpose of member support, for security reasons and for the improvement of the services offered by the website, and, if applicable, may pass this data on to third parties once it has been anonymized. Plausible uses your IP address anonymously to determine the approximate location of the user, whereby no storage of the same takes place. As a mere visitor to the website you will generally be able to access the information on offer in its full extent.

4. DATA STORAGE

We do not store data longer than necessary for us to fulfil our contractual and lawful obligations and to ward off possible liability claims.

5. YOUR RIGHTS

In accordance with data protection rules, you have the following rights:

  • Having proved your identity, you may inquire at any time what type of personal data is being processed by us and have the right to be informed as to the data’s origin, recipients and the purpose of data processing. The initial information is free, while further information may in certain cases incur a charge;
  • you may demand at any time that outdated or incorrect personal data be corrected or that incorrect or improperly processed data be deleted;
  • you may object at any time to the use of (all or some of) your personal data due to special, personal interests in confidentiality meriting protection;
  • in keeping with data protection requirements, you may ask for your data to be passed on to third parties.

Should you wish to exercise one or several of these rights, please contact us:

via email: datenschutz@leopoldmuseum.org or
by post: Leopold Museum Private Foundation, FAO Privacy Officer, Museumsplatz 1, A-1070 Vienna

If you feel that the processing of your personal data by us infringes the current data protection laws or that your data protection rights have been infringed in some other way, you have the right to lodge a complaint with the appropriate regulating authority. In Austria, the competent authority is the Austrian Data Protection Authority.

6. WEB ANALYSIS

For the purpose of analytics and for the sake of the continuous improvement of our website https://onlinecollection.leopoldmuseum.org/en/, we use Plausible, a simple open-source web analytics tool which doesn’t use cookies and is entirely compliant with GDPR, CCPA and PECR. It is made and hosted in the EU, and powered by a European-owned cloud infrastructure.

The following local storage is used on our website:

Local storage: If you do not agree with this, you can configure your browser to inform you about the setting of cookies and allow them only in individual cases.
Disabling cookies may restrict the functionality of our website.

7. YOUTUBE

Our website https://onlinecollection.leopoldmuseum.org/en/ uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you start a YouTube video one of our pages, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited.

If you’re logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account. YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO. Further information about handling user data, can be found in the data protection declaration of YouTube under https://policies.google.com/privacy?hl=en.