Privacy Policy
The responsible management of personal data is very important to us. This also includes that we let you know exactly what happens with all personal data that is shared with us.
You can find out what personal data we process and why here in our privacy policy. It applies to all processing of personal data carried out by us, both in the context of providing our services and, in particular, on our websites, in mobile apps and within external online presences, such as our social media profiles.
Status: January 2023
Content
Information on the Processing of Data
General Information
1. Data Controller
LearnChamp Consulting GmbH & Co KG
Währinger Straße 3/9
A-1090 Wien
Authorised representatives: Michael Repnik
E-mail: michael.repnik@learnchamp.com
Imprint
2. Transmission of Personal Data
In the course of our processing of personal data, the data may be transferred to or disclosed to other bodies, companies, legally independent organisational units or persons. The recipients of this data may include, for example, software providers, service providers commissioned with IT tasks or providers of services and content that are integrated into our website. In such cases, we comply with all legal requirements and conclude corresponding contracts or agreements with the recipients that serve to protect your data.
Insofar as we use third-party providers or platforms to provide our services, the terms and conditions and data protection notices of the respective third-party providers or platforms apply in the relationship between the users and the providers.
3. Data in Third Countries
If we process data in a third country (outside the EU) or transfer the data to recipients in third countries, this is only done in accordance with the legal requirements. Subject to explicit consent or contractually or legally required transfer, we only process or have data processed in third countries with a recognised level of data protection, contractual obligation through so-called standard protection clauses of the EU Commission, in the presence of certifications or binding internal data protection regulations (Art. 44 to 49 DSGVO, information page of the EU Commission: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection_en).
4. Rights of the Data Subjects
With regard to personal data, data subjects have the following rights, which arise in particular from Art. 15 to 21 GDPR:
- Right to object:
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(e) or (f) GDPR; this also applies to profiling based on these provisions. If personal data concerning you are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling insofar as it is related to such direct marketing. - Right of withdrawal for consent:
You have the right to revoke any consent you have given at any time. - Right to information:
You have the right to request confirmation as to whether data in question is being processed and to information about this data, as well as further information and a copy of the data in accordance with the legal requirements. - Right of rectification:
In accordance with the legal requirements, you have the right to request that the data concerning you be completed or that the incorrect data concerning you be corrected. - Right to erasure and restriction of processing:
In accordance with the statutory provisions, you have the right to demand that data relating to you be deleted immediately or, alternatively, to demand restriction of the processing of the data in accordance with the statutory provisions. - Right to data portability:
You have the right to receive data relating to you that you have provided to us in a structured, common and machine-readable format in accordance with the legal requirements, or to request that it be transferred to another data controller. - Complaint to supervisory authority:
In accordance with the law and without prejudice to any other administrative or judicial remedy, you also have the right to lodge a complaint with a data protection supervisory authority, in particular a supervisory authority in the Member State where you usually reside, the supervisory authority of your place of work or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR.
5. Amendment and Update of the Privacy Policy
We ask you to regularly inform yourself about the content of our data protection declaration. We adapt the data protection declaration as soon as the changes in the data processing carried out by us make this necessary. We will inform you as soon as the changes require an act of cooperation on your part (e.g.consent) or other individual notification.
Where we provide addresses and contact details of companies and organisations in this privacy statement, please note that the addresses may change over time and please check the details before contacting us.
Information on the Processing of Data
1. Visiting the Website
- What data is processed?
a. IP address
b. Usage data (websites visited, duration of access)
c. Device and browser data - For what purpose is the data processed?
a. User-friendly provision of the website within the framework of the legitimate interest - How long will the data be stored?
a. Server log files up to max. 30 days - What types of recipients are there?
a. Website and hosting providers
b. Cookie provider
c. Website and customer management software provider
1.1 Cookies Used
1. Technically necessary cookies:
Name: __cfruid
Provider: learnchamp.com
Storage Period: Session
Purpose: Identification of trusted web traffic
Name: __cf_bm
Provider: learnchamp.com
Storage Period: 30 min
Purpose: Reading and filtering of automatically created requests. (Bot-Filter)
Name: __cf_bm
Provider: hubspot.com
Storage Period: 30 min
Purpose: Reading and filtering of automatically created requests. (Bot-Filter)
Name: __cf_bm
Provider: vimeo.com
Storage Period: 30 min
Purpose: Reading and filtering of automatically created requests. (Bot-Filter)
Name: __hs_initial_opt_in
Provider: learnchamp.com
Storage Period: Session
Purpose: Prevents the cookie banner from being displayed continuously when the website is opened in incognito mode.
Name: __hs_opt_out
Provider: learnchamp.com
Storage Period: 6 Monate
Purpose: Prevents the repeated display of the cookie banner
Name: __hs_do_not_track
Provider: learnchamp.com
Storage Period: 6 Monate
Purpose: Prevents the forwarding of tracking information to Hubspot
Name: Vuid
Provider: Vimeo.com
Storage Period: 2 Jahre
Purpose: We use Vimeo to embed videos on the website. This cookie is used by Vimeo to analyse user behaviour.
Name: _GRECAPTCHA
Provider: google.com
Storage Period: 6 Monate
Purpose: Risk analysis for the Google reCAPTCHA
Name: hs-messages-is-open
Provider: learnchamp.com
Storage Period: 30 Minuten
Purpose: This cookie is used to determine and store whether the chat widget is open on future visits.
Identification of trusted web traffic
Reading and filtering of automatically created requests. (Bot-Filter)
Reading and filtering of automatically created requests. (Bot-Filter)
Reading and filtering of automatically created requests. (Bot-Filter)
Prevents the cookie banner from being displayed continuously when the website is opened in incognito mode.
Prevents the repeated display of the cookie banner
Prevents the forwarding of tracking information to Hubspot
We use Vimeo to embed videos on the website. This cookie is used by Vimeo to analyse user behaviour.
Risk analysis for the Google reCAPTCHA
This cookie is used to determine and store whether the chat widget is open on future visits.
2. Cookies after consent
Name: YSC
Provider: youtube.com
Storage Period: Session
Purpose: This cookie is used by Youtube to analyse user behaviour.
Name: messagesUtk
Provider: learnchamp.com
Storage Period: 180 Tage
Purpose: This cookie is used to recognise visitors who chat via the Chatflows tool.
Name: AnalyticsSyncHistory
Provider: linkedin.com
Storage Period: 29 Tage
Purpose: This cookie is used to store when asynchronisation with the cookie "lms_analytics cookie" has taken place.
Name: lang
Provider: linkedin.com
Storage Period: Session
Zweck: This cookie stores a user's language setting and ensures that LinkedIn.com is displayed in the language the user has selected intheir settings.
Name: JSESSIONID
Provider: nr-data.net
Storage Period: Session
Purpose: Is necessary to enable browsing of the website in incognito mode.
Name: __hssc
Provider: learnchamp.com
Storage Period: 29 Minuten
Purpose: Analyses the traffic on the website anonymously.
Name: hubspotutk
Provider: learnchamp.com
Storage Period: 179 Tage
Purpose: Stores the identity of the user.
Name: __hstc
Provider: learnchamp.com
Storage Period: 179 Tage
Purpose: Analyses the usage behaviour of users anonymously.
Name: __hssrc
Provider: learnchamp.com
Storage Period: Session
Purpose: Detects whether a session is a new session.
Name: li_sugr
Provider: linkedin.com
Storage Period: 89 Tage
Purpose: This cookie is used to determine probabilistic matches of a user's identity outside of the designated countries.
Name: lidc
Provider: linkedin.com
Storage Period: 1 Tag
Purpose: This cookie facilitates the selection of the data centre.
Name: UserMatchHistory
Provider: linkedin.com
Storage Period: 29 Tage
Purpose: This cookie is used to synchronise the IDs of LinkedIn Ads.
Name: bscookie
Provider: linkedin.com
Storage Period: 364Tage
Purpose: This cookie is a browser identifier. This uniquely identifies devices accessing LinkedIn in order to detect misuse of the platform.
Name: bcookie
Provider: linkedin.com
Storage Period: 365 Tage
Purpose: This cookie remembers the two-factor authentication status of a logged-in user.
Name: _fbp
Provider: learnchamp.com
Storage Period: 89 Tage
Purpose: Used by Facebook to display a range of advertising products, for example real-time bids from third party advertisers.
Name: ln_or
Provider: learnchamp.com
Storage Period: 1 Tage
Purpose: Used to determine whether Oribi analyses can be performed for a particular domain
This cookie is used by Youtube to analyse user behaviour.
This cookie is used to recognise visitors who chat via the Chatflows tool.
This cookie is used to store when a synchronisation with the cookie "lms_analytics cookie" has taken place.
This cookie stores a user's language setting and ensures that LinkedIn.com is displayed in the language the user has selected in their settings.
Is necessary to enable browsing of the website in incognito mode.
Analyses the traffic on the website anonymously.
Stores the identity of the user.
Analyses the usage behaviour of users anonymously.
Detects whether a session is a new session.
This cookie is used to determine probabilistic matches of a user's identity outside of the designated countries.
This cookie facilitates the selection of the data centre.
This cookie is used to synchronise the IDs of LinkedIn Ads.
This cookie is a browser identifier. This uniquely identifies devices accessing LinkedIn in order to detect misuse of the platform.
This cookie remembers the two-factor authentication status of a logged-in user.
Used by Facebook to display a range of advertising products, for example real-time bids from third party advertisers.
Used to determine whether Oribi analyses can be performed for a particular domain
1.2 Web Analysis, Monitoring and Optimisation
- What data is processed?
a. IP adress (pseudonymised)
b. Usage data (websites visited, duration of access, access times)
c. Device and browser data - For what purpose is the data processed?
a. Reach measurement on the basis of voluntary consent (consent to the use of cookies) or within the scope of our legitimate interest - How long will the data be stored?
a. Until consent is revoked, max. 2 years - What types of recipients are there?
a. Website and hosting providers
b. Cookie provider
c. Website and customer management software provider
We use an IP masking procedure to protect users. In general, no personal user data (such as email addresses or names) is stored in the context of web analysis, A/B testing and optimisation by us, but pseudonyms are.
With the help of the reach analysis, we can, for example, recognise at what time our online offer or its functions or contents are most frequently used or invite re-use. Likewise, we can understand which areas require optimisation. Unless otherwise stated below, profiles may be stored in and read from a browser or a device for these purposes. The information collected includes visited websites and elements used there as well as technical information such as information on the browser, the computer system and usage times. If users have agreed to the collection of their location data from us or from the providers of the services we use, location data may also be processed.
1.3 Contact forms
- What data is processed?
a. First and last name and contact details of participants as provided in the form
b. All data processed in connection with a visit to our website
- For what purpose is the data processed?
a. Communication in connection with the contact request on the basis of voluntary consent
b. Documentation within the framework of legitimate interest
c. Marketing measures on the basis of voluntary consent - How long will the data be stored?
a. Until after successful processing ofthe request
b. If a business relationship is established, up to a maximum of 4 years after termination of the relationship.
c. In the case of consent to use for marketing, until consent is revoked
d. Furthermore, within the framework of existing legal obligations - What types of recipients are there?
The data is passed on to third parties within the scope of our activities, insofar as this is necessary for the business activity. This includes
a. Website and hosting providers
b. Cookie provider
c. Website and customer management software provider
When registering for our events, as well as requests for product sheets or other downloads, consent to receive marketing updates is required, as we can not provide event or download links otherwise. This consent can be revoked at anytime by unsubscribing via the link provided in all marketing e-mails, or by contacting us directly.
Double opt-in procedure:
Registration for our marketing updates is always carried out in a so-called double opt-in procedure. This means that after registration you will receive an e-mail asking you to confirm your registration. The registrations are logged in order to be able to prove the registration process in accordance with the legal requirements. This includes saving the time of registration and confirmation as well as the IP address. Changes to your data stored with the shipping service provider are also logged.
Potential check:
The potential check is carried out with the help of Typeform. The answers will be kept and processed for counselling purposes until revoked. Use for any other purpose is excluded. The data will not be passed on to third parties for use for any other purpose.
1.4 Chat
- What data is processed?
a. Communication data
b. Email address if applicable
c. All data processed in connection with a visit to our website
- For what purpose is the data processed?
a. Communication via chat or follow-upvia e-mail based on their consent - How long will the data be stored?
a. Personal communication data untilthe request is answered
b. Furthermore, within the framework of existinglegal obligations - What types of recipients are there?
a. Website and hosting providers
b. Cookie provider
c. Website and customer management software provider
2. Interested Parties, Customers and Contractual Partners
- What data is processed?
a. First and last name and contact details of contact persons
b. Inventory, contract and payment data of the customer
c. Communication data
- For what purpose is the data processed?
a. Communication and documentationwithin the framework of contractual obligations and pre-contractual measures
b. Communication and documentationwithin the framework of legal obligations
c. Marketing measures within the framework of legitimate interest
d. Documentation and evaluation of data within the scope of legitimate interest in account management - How long will the data be stored?
a. For the duration of the existing businessrelationship plus any warranty periods
b. Furthermore, within the scope of legitimate interest for marketing purposes until revoked
c. Furthermore, within the framework of existing legal obligations - What types of recipients are there?
The data is passed on to third parties within the scope of our activities, insofar as this is necessary for the business activity. This includes
a. any subcontractors as stated in our offers,
b. IT service providers (such as software providersor external support),
c. Website and customer management software provider
ShouldLearnChamp act as a commissioned data processor, the details of the processing will be regulated in a corresponding agreement. In this case, the details of the processing may differ from the points listed here.
3. Online Events and Webinars
- What data is processed?
a. First name, surname and contact details ofparticipants, as provided during registration in the contact form
b. Username as entered when participating in the online event
- For what purpose is the data processed?
a. Communication in connection with the relevant event based on voluntary consent
b. Marketing measures im Rahmen des berechtigten Interesses
c. Documentation and evaluation of data during participation in events within the scope of legitimate interest - How long will the data be stored?
a. within the scope of legitimate interest for marketing purposes until revoked, if applicable, until voluntary consent is revoked
b. Furthermore, within the framework of existing legal obligations - What types of recipients are there?
The data is passed on to third parties within the scope of our activities, insofar as this is necessary for business activities. This includes
a. the respective streaming provider
b. Website and customer management software provider
c. IT service providers (such as software providersor external support)
All ouronline events and webinars are recorded. During these recordings no personal data of participants is recorded. Any surveys conducted during events are anonymised.
4. Video Conferences, Online Meetings, Trainigs and Screen Sharing
- What data is processed?
a. User data (email address, username, profile picture)
b. Image and sound recordings, if applicable
c. Chat history (incl. chat functions such as polls)
d. Metadata (date, time)
- For what purpose is the data processed?
a. Provision of functions necessary to host online meetings in the context of contractual obligations or precontractual measures
b. Documentation meetings through recordings under contractualobligations or voluntary consent
- How long will the data be stored?
a. For the duration of the respective online meeting
b. Records are stored at the longest for the duration of the existing business relationship or until consent is revoked - What types of recipients are there?
The data is passed on to third parties within the scope of our activities, insofar as this is necessary for business activities. This includes
a. Microsoft Teams (or comparable meeting software)
b. IT service providers (such as software providersor external support),
If participants are registered as users with the meeting software provider, then further data may be processed in accordance with the agreement with the software provider. Please note the details of the processing of your data in their data protection information and select the optimum security and data protection settings for you within the framework of the software settings.
Furthermore, please ensure data and privacy protection in the background of your recording for the duration of a video conference (e.g. by notifying everybody present, locking doors and using the function to make the background unrecognisable, if technically possible). Links to the conference rooms as well as access data, may not be passed on to unauthorised third parties.
If text entries, participation results (e.g.from surveys) as well as video or audio recordings are logged, this will be transparently communicated to the participants in advance and they will be asked for consent – if necessary.
5. Digital Learning Academy
- What data is processed?
a. Login data (email address)
b. Profile data (first and last name, if provided: locationdata as specified, company data)
c. Communication and content data
d. User ID
e. Payment data
f. Metadata (IP address, device data, browser data)
- For what purpose is the data processed?
a. Provision of the functions of the Digital Learning Academy within the framework of the contractual obligations (among other things: Identification of users, allocation of course completions, use of community functions, billing of subscriptions)
b. Protection against misuse within the framework of the legitimate interest
c. Evaluation of user and usage data to optimisethe offer provided within the scope of legitimate insterest
d. Marketing measures within the framework of legitimate interest
- How long will the data be stored?
a. Account data, as well as user-specific course and usage data for the duration of the respective Digital Learning Academy Subscription
b. Community and chat contributions remain even after deletion of the user account, in which case the user name is removed from the contributions. Users can request the deletion of contributions within the scope of their right of objection.
c. Within the scope of the legitimate interest for marketing purposes until revoked
d. Furthermore, within the framework of existing legal obligations - What types of recipients are there?
The data is passed on to third parties within the scope of our activities, insofar as this is necessary for business activities. This includes
a. Website and customer management software provider
b. Hosting providers
c. IT service providers (such as software providers orexternal support)
Due to the nature of our community, we ask users to use our services only under their real names. This means that the use of pseudonyms is not permitted.
Aside from that, Users decide for themselves what data they disclose about themselves within the Digital Learning Academy. For example, when users provide information about themselves in their profile or in comments or participate in conversations. We ask users to protect their data and to publish personal data with caution and only to the extent it is necessary. In particular, we ask users to take special care to protect their login data and to use secure passwords (i.e. especially character combinations that are as long and random as possible).
It is the responsibility of the users to save their data before the end of the contractin the event of termination. We are entitled to irretrievably delete all user data stored during the term of the contract after its end.
6. Email Marketing
- What data is processed?
a. Contact details
b. First and last name
c. IP adress
d. Usage data (tracking of emails, use of links, reading behaviour on website)
e. Device data
f. Metadata (date, time)
- For what purpose is the data processed?
a. Marketing
b. Reach analysis (anonymized)
- How long will the data be stored?
a. Within the scope of the legitimate interestuntil revoked
b. In the case of a continuing business relationship, usage data can be stored after the permission to send marketing is revoked. This data will be deleted upon request, or after the business relationship ends. - What types of recipients are there?
Thedata is passed on to third parties within the scope of our activities, insofaras this is necessary for business activities. Thisincludes
a. Website and customer managementsoftware provider
b. Email provider
c. IT service providers (such as software providersor external support)
We send existing customers and participants of our events emails with information about our products and upcoming events several times a year. These mailings are based on our legitimate interest in advertising or on their voluntary consent.
In both cases, you can object to the use of your contact data for advertising purposes at any time at hellovienna@learnchamp.com or via the corresponding link in the marketing email.
7. Social Media
When using social media platforms, the data protection declarations of the respective providers always apply.
We process the following data in connection with our social media presence in order to communicate with the users or to offer information about us. We also analyse the reach of our posts by tracking the click rate of the attached links and, after consent, also the user behaviour with the help of cookies.
- What data is processed?
a. Contact details (profile name)
b. Communication data
c. IP adress
d. Usage data (use of links, reading behaviour onwebsite)
e. Device data
f. Metadata (date, time)
- For what purpose is the data processed?
a. Marketing within the framework ofour legitimate interest
b. Communication within the frameworkof our legitimate interest
c. Reach analysis within the frameworkof voluntary consent and our legitimate interest
- How long will the data be stored?
a. If a user contacts us on social media platforms,the data remains on the platform until the user deletes it. For further information please refer to the data policies of the respective platform.
b. For the purpose of reach analysis no personaldata is stored, as all data is anonymized. - What types of recipients are there?
Thedata is passed on to third parties within the scope of our activities, insofaras this is necessary for businessactivities. This includes
a. Website and customer managementsoftware provider
b. IT service providers (such as software providersor external support)
We would like to point out that user data mayalso be processed on social media platforms outside the European Union. This may result in risks for the users, because it could, for example, make it more difficult to enforce the rights of the users. For a detailed presentation of the respective forms of processing and the options to object (opt-out), werefer to the data protection declarations and information provided by the operators of the respective networks.
8. Surveys
The survey sand questionnaires we conduct (hereinafter "surveys") are evaluated anonymously. Personal data is only processed insofar as this is necessary for the provision and technical implementation of the surveys (e.g. processing of the IP address in order to display the survey in the user's browser or to enable the survey to be resumed with the aid of a temporary cookie (sessioncookie)).
9. Job Applications
- What data is processed?
a. First and last name
b. Contact details
c. Data related to the demonstration of qualifications
d. Any other data provided by the data subject during the application process
- For what purpose is the data processed?
a. Selection of suitable applicants asa precontractual measure
- How long will the data be stored?
a. Up to 7 months after filling the position, if no employment relationship is established within the scope of legitimate interest due to any obligations to provide evidence
b. Transfer of the relevant data to the employee file when an employment relationship is established in accordance with the legal obligations - What types of recipients are there?
The data is passed on to third parties within the scope of our activities, insofar as this is necessary for business activities. This includes
a. Software provider for HR management software
If provided, applicants can submit their applications to us using an online form. The data is transmitted to us using state of the art encryption.
Applicants can also send us their applications by email. Please note, however, that emails sent via the Internet are generally not encrypted. As a rule, emails are encrypted in transit, but not on the servers from which they are sent and received. We can therefore not assume any responsibility for the transmission path of the application between the sender and the reception on our server.
When applying via a recruiting platform, the respective privacy policy of the platform must be observed.