Data privacy statement

COMPLIANCE Rules on Data Protection

In Austria, the data protection authority (formerly the Data Protection Commission) is responsible for compliance with data protection in Austria. The legal basis is the Data Protection Directive and the Data Protection Basic Regulation of the European Union (EU-DSGVO).

Date of entry into force: 1 April 2017

This privacy policy governs and explains how PRISMA solutions manages and treats your personal information and data. We appreciate your trust and we are committed to presenting our privacy policy to you in clear, simple language, rather than in complicated legal language. The policy is structured so that you can quickly and easily find the answers to the questions that interest you most.

Unless otherwise stated, this Privacy Policy applies to all products, services and websites offered by PRISMA solutions and its affiliates. These products, services and websites are collectively referred to as "Services" in this Policy. Some services are covered by supplemental privacy statements that more fully explain our specific privacy practices in relation to such services. Unless otherwise stated, our services are provided in Austria and the cloud services are provided in other countries by their respective service providers.

What is the purpose of a public procedure directory? - Everyman Directory

A public procedure directory is a requirement of the data protection basic regulation of the European Union (EU-DSGVO). The purpose of the public procedure directory is to make the processing of personal data more transparent and thus to increase the protection of this data. It helps with audits or requests by business partners and/or the supervisory authorities, which usually present the document. Irrespective of this, every data subject has the right to inspect the directory of procedures. It is therefore often referred to as the "Everyman's Index".

PRISMA solutions attaches great importance to the protection of privacy and observes the statutory data protection regulations. In the following, we explain how we handle your personal data. Below you will find the PRISMA solutions public procedure directory.

Public Services Directory of PRISMA solutions

COMPLIANCE Notice according to EU-DSGVO - public procedure description for WWW services by PRISMA solutions

Procedure directory for "Private Services or On-Premises Services" of PRISMA solutions

These services are only accessible by invitation to a closed circle of users. Each user must give his consent to data processing.

COMPLIANCE notice according to EU-DSGVO - public procedure description for CRM services
COMPLIANCE notice according to EU-DSGVO - public procedure description for project-related services

1. who is responsible for data protection at PRISMA solutions?

The responsible body within the meaning of data protection law is PRISMA solutions EDV Dienstleistungen GmbH (Imprint).
Contact person for all data protection issues = datenschutzbeauftragter(at)

2. when and for what purpose does PRISMA solutions collect personal data?

PRISMA solutions collects, stores or processes data only for its own business purposes.

In principle, our websites are available to all users without personal data being collected. Personal data will only be requested, processed and used to the extent necessary to provide the services you have requested or to provide content.

3. collection of general information

When you access our websites, information of a general nature is automatically collected. This information includes, for example, the type of web browser used, the operating system used, the domain name of your Internet service provider and the like. This is only information that does not identify you personally. In addition, this data is also generated when you access any other website on the Internet. It is therefore not a special function of our website. The information collected in this way is evaluated statistically by us.

4. handling your personal data

We only handle personal data insofar as this is possible in accordance with data protection regulations. We also endeavour to take all necessary technical and organisational security measures to protect your personal data adequately against unauthorised access and misuse at all times.

Insofar as we store or process personal data, this takes place within a secure computer centre with access regulations.
In order to protect the security of your data during transmission, we use encryption procedures (e.g. SSL) via HTTPS.
Our servers are protected by firewalls and virus protection.
Backup and recovery procedures are implemented.
Role and authorization concepts are a matter of course for us.
When handling data, our service providers and partners are obliged to observe the regulations of the EU data protection regulation and national laws and regulations as well as the decisions of the data protection authority.

5. use of cookies on websites

Cookies" are sometimes used on our websites. Behind this standard technology there are small text files which are stored on the device you use and which make it possible, among other things, to make visiting a website more comfortable or safer. Cookies can also be used to better tailor the services offered on a website to the interests of visitors or to generally improve them on the basis of statistical evaluations.

You can decide for yourself whether the browser you are using allows cookies or not. Please note that the functionality of websites may be restricted or even disabled if cookies are not permitted.

Insofar as these cookies may (also) affect personal data, we will inform you of this in the following sections.

6. sharing features and social media plug-ins from Facebook, Twitter, Google+, LinkedIn and Xing

On our websites we offer you the possibility of using so-called "social plugins" of the companies:

Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA;
"Tweet" button from Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA;
"Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA;
"Recommended Button" by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA;
"Share Button" by XING AG, Gänsemarkt 43, 20354 Hamburg, Germany.
Other Social Media Plugins
In order to protect your data, our website implements this in such a way that the plugins on the website are merely displayed as a graphic that contains a link to the corresponding website of the plugin provider. By clicking on the graphic you will be redirected to the respective services of the provider. Only then will your data be sent to the respective services. If you do not click on the graphic, there will be no exchange between you and the social networks mentioned above.

Information about the collection and use of your data in the social networks can be found in the respective terms of use of the respective providers.

7. PRISMA solutions project portal

PRISMA solutions uses cloud services of various external providers / contract processors as well as internal services:

1. project tools for our project work

ProjectWorkspace (Office365 from Microsoft, OneDrive, Nextcloud, Confluence) to ensure efficient project documentation and sharing between project members.

2. voice and video services (Skype for Business from Microsoft, hangouts from Google, WebEx) for the purpose of efficient communication.

3. project messaging systems (Slack, Trello) to ensure an efficient flow of information between project members.

4. project management systems (Trello, JIRA, Bugzilla) with the purpose of joint project management and ticket tracking.

When registering for the PRISMA solutions project portal, the data entered by the website visitor is used exclusively for the purpose of using project services. Users may be informed by e-mail of circumstances relevant to the services or registration (e.g. changes in alerts or technical circumstances).

The data that are entered into the input mask during registration are collected. These are E-mail address, user name, contact data. Further data is not collected. The data will only be used for project work and will not be passed on to third parties.

You can revoke your consent to the storage of your personal data and their use for project cooperation by PRISMA solutions at any time by email. In addition, you can revoke your consent via the contact details provided on the website on or via the contact form.

Information about the collection and use of your data in the cloud services can be found in the respective terms of use of the respective providers.

8. contacting PRISMA solutions

If a website user contacts PRISMA solutions by e-mail or contact form, the data provided will be used for the purpose of processing the request as well as for possible follow-up.

9. how long will the data be stored?

We adhere to the principles of data avoidance and data economy. We will therefore only store your personal data for as long as is necessary to achieve the purposes stated herein or as the various storage periods provided for by law. After the respective purpose has ceased or these periods have expired, the corresponding data will be routinely blocked or deleted in accordance with the statutory provisions.

10. your rights to information, correction, blocking, deletion and objection

You have the right to receive information about your personal data stored by PRISMA solutions at any time. To do this, you must clearly identify yourself. You also have the right to have your personal data corrected, blocked or deleted, apart from the prescribed data storage for business transactions. Please contact the data protection officer.

In order that a block of data can be considered at any time, these data must be kept in a block file for control purposes. You can also request the deletion of the data, unless there is a legal archiving obligation. If such an obligation exists, we will block your data on request.

You can change or revoke your consent by notifying us accordingly with effect for the future.

11. change of our data protection regulations

We reserve the right to occasionally adapt this data protection declaration so that it always complies with the current legal requirements or in order to implement changes to our services in the data protection declaration, e.g. when introducing new services. Your renewed visit will then be subject to the new data protection declaration.

12. questions to the data protection officer

If you have any questions about data protection at PRISMA solutions, please send us an e-mail or contact our data protection officer directly.