Privacy Policy
Last updated: May 2026
1. Introduction
We are pleased that you are interested in our website. The protection of your personal data is very important to us. We process personal data exclusively in accordance with the applicable legal provisions, in particular the General Data Protection Regulation, GDPR.
This Privacy Policy explains which personal data we process on our website, for what purposes this is done, and which rights you are entitled to. Under the GDPR, this information must be provided in a clear, understandable, and easily accessible form.
2. Controller
Obersteiner Solutions LTD
Kafizi 26
8570 Peyia/Paphos
Cyprus
Email: contact@obersteiner-solutions.com
Phone: +357 99547691
Web: https://obersteiner-solutions.com
Authorized representative: Martin Obersteiner, Managing Director & Owner
3. General Information on Data Processing
We process personal data only to the extent necessary for providing a functional website, handling inquiries, ensuring technical security, providing our services, and, subject to your consent, analyzing and optimizing our marketing activities.
Personal data means any information relating to an identified or identifiable natural person, such as name, email address, telephone number, IP address, or communication content.
4. Hosting und Server-Logfiles
Our website is hosted by ALL-INKL.COM. ALL-INKL provides web hosting, domain, and server services.
When you access our website, technically necessary data is processed by the server. This may include in particular:
- IP address
- Date and time of access
- Browser type and browser version
- Operating system used
- Referrer-URL
- Pages and files accessed
This data is processed in order to technically provide the website, ensure its security and stability, and prevent misuse.
Legal basis: Art. 6(1)(f) GDPR.
Our legitimate interest lies in the secure, stable, and technically error-free provision of our website.
5. Contact Form and Contact Requests
A contact form is integrated on our website. If you contact us through it or by email, we process the data you provide in order to handle your inquiry and for further communication.
Depending on your input, the following data may be processed in particular:
- Name
- E-Mail adress
- Telephone number, if provided
- Content of your message
- Any other information voluntarily submitted
Providing this data is voluntary. Without the information marked as required, your inquiry may not be processed, or may not be processed in full.
Legal basis:
- Art. 6(1)(b) GDPR, insofar as your inquiry relates to pre-contractual measures or the conclusion of a contract
- Art. 6(1)(f) GDPR, insofar as it concerns general inquiries. Our legitimate interest lies in the efficient handling of inquiries.
6. Sending Website Emails via WP Mail SMTP
We use WP Mail SMTP to ensure the reliable sending of messages from the website. WP Mail SMTP improves the deliverability of WordPress emails by configuring WordPress to send emails through a suitable SMTP provider.78uutzghreflö.
Messages sent via the contact form are processed through our email infrastructure hosted by ALL-INKL. In particular, sender data, recipient data, subject line, message content, and technical transmission data may be processed to the extent necessary for delivery.
At present, no separate email logging is activated via WP Mail SMTP.
Legal basis:
- Art. 6(1)(b) GDPR for inquiry-related or contract-related communication
- Art. 6(1)(f) GDPR for the reliable technical delivery of website emails.
7. Elementor and Elementor Pro
Our website is created and operated using Elementor and Elementor Pro. These tools are used for the design, display, and technical provision of website content.
Insofar as functions such as forms, popups, or other interactive elements are used through Elementor, the data entered there may be processed in order to execute the respective function.
Legal basis: Art. 6(1)(f) GDPR.
Our legitimate interest lies in the professional, functional, and user-friendly presentation of our website.
8. Cookies and Consent Management with CookieYes
Our website uses CookieYes | GDPR Cookie Consent. This plugin provides a cookie banner, manages consents, documents cookie settings, and can block non-essential scripts until consent has been given.
Using CookieYes, you can decide for yourself whether, in addition to technically necessary cookies, you also consent to other categories such as analytics or marketing cookies. Non-essential cookies and comparable technologies are only set if you have given your prior consent.
Depending on the technical configuration, the consent tool may store information in particular about the consents you have granted, rejected, or withdrawn.
Legal bases:
- Art. 6(1)(c) GDPR, insofar as the storage of consent records is necessary to fulfill data protection obligations
- Art. 6(1)(f) GDPR for the technically necessary management of cookie settings
- Art. 6(1)(a) GDPR and Section 25(1) TDDDG, insofar as consent-based cookies or comparable technologies are used.
You can change or withdraw your consent at any time with effect for the future via the cookie settings on our website.
9. Google Tag Manager
We use Google Tag Manager, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google Tag Manager is used to centrally manage website tags and trigger them technically. To the best of our understanding, Google Tag Manager itself does not create independent user profiles and does not store cookies for analytics or marketing purposes. However, it may trigger other tags that in turn process data, provided that corresponding consent has been given.
On our website, Google Tag Manager is used in particular to technically integrate the LinkedIn Insight Tag and to control its activation depending on your cookie consent.
Legal basis: Art. 6(1)(f) GDPR for the technical management of tags.
Our legitimate interest lies in the efficient, secure, and privacy-friendly management of website tags. Insofar as consent-based services are activated via Google Tag Manager, such use is based solely on your consent pursuant to Art. 6(1)(a) GDPR and Section 25(1) TDDDG.
10. LinkedIn Insight Tag
We use the LinkedIn Insight Tag on our website, a service provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.
The LinkedIn Insight Tag enables us to measure the effectiveness of our LinkedIn advertising campaigns, track conversions, build website audiences for LinkedIn advertising, and receive aggregated information about how visitors interact with our website.
When you visit our website, the LinkedIn Insight Tag may set cookies or comparable technologies in your browser, provided that you have given your prior consent. In this context, information about your visit to our website may be transmitted to LinkedIn. This may include in particular:
- Pages visited
- Referrer-URL
- IP address
- Device and browser information
- Timestamp
- Information about interactions with our website
Processing takes place exclusively on the basis of your consent.
Legal basis: Art. 6(1)(a) GDPR and Section 25(1) TDDDG.
The LinkedIn Insight Tag is only activated once you have consented to the “Marketing” or “Advertisement” category. You can withdraw your consent at any time via the cookie settings on our website with effect for the future.
The data collected via the LinkedIn Insight Tag is processed by LinkedIn. We do not receive any directly identifiable personal data of individual visitors from LinkedIn, but generally aggregated reports on the use of our website and the effectiveness of our LinkedIn campaigns.
LinkedIn may also process the data for its own purposes, in particular for providing, measuring, and improving LinkedIn advertising services. If you are logged in to LinkedIn, LinkedIn may be able to associate your visit to our website with your LinkedIn account.
Further information on LinkedIn’s data processing can be found in LinkedIn’s Privacy Policy:
https://www.linkedin.com/legal/privacy-policy
Information on LinkedIn’s cookie policies can be found here:
https://www.linkedin.com/legal/cookie-policy
11. Antispam Bee
Insofar as anti-spam protection mechanisms are used on our website, we use the Antispam Bee plugin. It serves to protect our website against abusive or automated submissions.
As part of spam detection, technical data and input data may be processed insofar as this is necessary for the detection and prevention of spam.
Legal basis: Art. 6(1)(f) GDPR.
Our legitimate interest lies in protecting our website against spam, misuse, and automated attacks.
12. Recipients of Personal Data
Personal data is only disclosed insofar as this is necessary for the technical provision of our website, the handling of inquiries, communication, the technical management of consent, or on the basis of your consent.
Recipients may in particular include:
- ALL-INKL.COM as hosting and email service provider
- Technical service providers involved in providing the website
- Service providers for spam protection or consent management
- Google Ireland Limited in connection with Google Tag Manager
- LinkedIn Ireland Unlimited Company in connection with the LinkedIn Insight Tag, provided you have consented to the marketing category
Data will not be disclosed to other third parties unless this is legally required or you have expressly consented to it.
13. Third-Country Transfers
In connection with the technical services used, it cannot be ruled out that personal data may also be processed outside the European Union or the European Economic Area.
This applies in particular to services provided by international providers such as Google and LinkedIn. Where personal data is transferred to third countries, this is done only on the basis of the legal requirements, in particular on the basis of an adequacy decision by the European Commission or appropriate safeguards such as Standard Contractual Clauses pursuant to Art. 46 GDPR.
In the case of LinkedIn, a transfer of personal data to affiliated companies or service providers outside the EU or EEA, in particular to the United States, cannot be ruled out. According to LinkedIn, appropriate safeguards are used for this purpose.
14. Storage period
We store personal data only for as long as is necessary for the respective purposes or as long as statutory retention obligations apply.
This applies in particular to:
- Server log data for a limited technical period
- Contact inquiries until they have been fully processed and beyond that only insofar as statutory obligations apply
- Consent data from the consent tool for documentation and record-keeping obligations
- Technical email transmission data only insofar as necessary for delivery and system security
- Data from marketing and tracking services only for as long as necessary for the respective purposes or until you withdraw your consent
Once the respective purpose no longer applies, the data will be deleted unless statutory retention obligations prevent this.
15. Your Rights
Under the GDPR, you have the following rights in particular:
- Right of access
- Right to rectification
- Right to erasure
- Right to restriction of processing
- Right to data portability
- Right to object to processing based on legitimate interests
- Right to withdraw consent at any time with effect for the future
- Right to lodge a complaint with a supervisory authority
To exercise your rights, simply send an informal message to:
contact@obersteiner-solutions.com
16. Right to Lodge a Complaint with a Supervisory Authority
You have the right to lodge a complaint with a data protection supervisory authority. In Cyprus, this is the Office of the Commissioner for Personal Data Protection.
17. Data Security
We take appropriate technical and organizational measures to protect your personal data against loss, misuse, unauthorized access, unauthorized disclosure, or alteration.
Data transmission between your browser and our website is encrypted using SSL or TLS.
18. No Automated Decision-Making
We do not carry out automated decision-making within the meaning of Art. 22 GDPR.
Insofar as LinkedIn processes data within its own services for advertising, measurement, or profiling purposes, this takes place outside our immediate sphere of influence. Further information on this can be found in LinkedIn’s privacy information.
19. Changes to This Privacy Policy
We reserve the right to amend this Privacy Policy if our website, our services, or the legal requirements change. The current version published on this website shall apply in each case.