Privacy Policy

The controller responsible for data processing within the meaning of the GDPR is:

Earthfly Holding GmbH
Innsbrucker Straße 51
A-6060 Hall in Tirol, Austria

Email: office@ecome.at
Phone: Show phone number

Our website is hosted by a service provider (processor) on servers located in Austria/the EU. When you access the website, the server automatically stores information in so-called server log files: IP address, date and time of access, the page/file requested, the volume of data transferred, the browser and operating system used, and the previously visited page (referrer).

This data is used to provide the website technically and to ensure its security and stability. The legal basis is our legitimate interest in a secure and error-free operation (Art. 6(1)(f) GDPR). Log files are stored only for as long as necessary to achieve these purposes and are then deleted.

This website uses only technically necessary cookies and storage mechanisms. This includes a session cookie (PHP session) required to protect the contact form against misuse (CSRF protection), as well as the local storage of your language selection and your cookie decision in your browser (localStorage).

These functions are necessary for operating the website and the services you request; under Section 165(3) TKG 2021 they do not require consent. We do not use any analytics, tracking or marketing cookies.

On your first visit, a notice banner is displayed allowing you to accept or reject services that are not strictly necessary (e.g. loading Google reCAPTCHA in the contact form). Your choice is stored locally in your browser and can be revoked at any time by clearing the website data. The legal basis for consent-based services is Art. 6(1)(a) GDPR.

If you contact us via the contact form or by email, we process the data you provide (name/contact person, email address, optionally phone number and company, subject and your message) in order to handle your inquiry and any follow-up questions.

The legal basis is the initiation or performance of a (pre-)contractual relationship (Art. 6(1)(b) GDPR) and our legitimate interest in responding to inquiries (Art. 6(1)(f) GDPR). Providing your email address and message is required to process the inquiry; further details are voluntary.

Your inquiry is delivered to our internal mailboxes (including sales@ecome.at, anfrage@ecome.at) and stored for administration in a protected, internally accessible database (CRM) on our server. You also receive an automatic confirmation by email. We retain the data for as long as necessary to process it and as required by statutory retention obligations, and delete it thereafter.

To protect the contact form against automated misuse (spam), we use Google reCAPTCHA v2. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. reCAPTCHA analyses user behaviour based on various characteristics (including IP address, dwell time, mouse/keyboard input) and may set cookies for this purpose.

reCAPTCHA is only loaded once you open the contact form. In doing so, data may be transferred to Google servers, including in the USA. Google is certified under the EU-US Data Privacy Framework. The legal basis is our legitimate interest in preventing spam and misuse (Art. 6(1)(f) GDPR) or your consent (Art. 6(1)(a) GDPR).

Further information: Google's Privacy Policy and Terms of Service.

Fonts are served exclusively from web font files stored locally on our own server. No connection to third-party servers (e.g. Google Fonts) is established and no personal data is transferred to third parties.

With regard to the personal data we process, you generally have the following rights: access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction of processing (Art. 18), data portability (Art. 20) and objection to processing (Art. 21 GDPR). You can withdraw any consent given at any time with effect for the future.

To exercise your rights, an informal message to office@ecome.at is sufficient.

If you believe that the processing of your data infringes data protection law, you have the right to lodge a complaint with the supervisory authority. In Austria this is the Data Protection Authority (Datenschutzbehörde), Barichgasse 40-42, 1030 Vienna, www.dsb.gv.at.

This website uses SSL/TLS encryption (HTTPS) to protect the transmission of your data. In addition, we take appropriate technical and organisational measures to protect your data against unauthorised access, loss or manipulation.

We reserve the right to amend this privacy policy so that it always complies with current legal requirements or to reflect changes to our services. The current version applies to your next visit.