Contact us
+43 2734 322 40

Privacy policy
of Steininger GmbH

The protection of your personal data is of particular concern to Steininger GmbH. This privacy policy informs you about the type, scope and purpose of the collection and use of personal data of (a) customers, (b) website users and (c) newsletter subscribers by our company and about your rights. Your data will be processed exclusively in accordance with the applicable legal regulations, in particular the General Data Protection Regulation (GDPR), the Data Protection Act (DSG) and the Telecommunications Act 2021 (TKG).

1. controller of the processing and contact details

is responsible for the processing of your personal data:

Steininger GmbH Walterstrasse 2 AT-3550 Langenlois Phone: +43 2734 2372 E-Mail: office@weingut-steininger.at

If you have any questions about data protection or how to exercise your rights, please contact our data protection coordinators at office@weingut-steininger.at.

2. which data we process and where we obtain this data from

a) If you are our customer

As part of the business relationship, we collect, generate and store personal data that is required for contract initiation, processing and customer support. This includes

  • Master data: Surname, first name, address, e-mail address, telephone number, date of birth, customer number, language
  • Payment data: Data on payment methods, EC/credit card or bank card data
  • Order data: Information on products purchased (e.g. wines, tastings), delivery preferences, personal preferences that you share with us

b) If you are a website user

Each time our website is accessed, our system automatically collects data from the user’s computer system. This includes

  • Information about browser type and version
  • Operating system of the user
  • Internet service provider
  • IP address
  • Date and time of access
  • Referrer URL
  • Host name of the accessing computer

This data is stored in server log files, but does not contain any IP addresses or other data that can be directly attributed to you. When you use our contact form, we process

  • Content of the request and contact details contained therein
  • IP address

Further details on cookies and web analysis can be found under point 6.

c) If you are a newsletter subscriber

When you register for our newsletter, we process:

  • Title, first name, last name, e-mail address
  • Time of access, IP address, browser type, operating system

3. how and for what purpose we process your personal data

a) If you are our customer

We process your data:

  • To fulfill the contract (Art. 6 para. 1 lit. b GDPR): e.g. for order processing, delivery, invoicing, customer creation, customer account login
  • To fulfill legal obligations (Art. 6 para. 1 lit. c GDPR): e.g. retention obligations under tax law, obligations to provide information to authorities
  • On the basis of legitimate interests (Art. 6 para. 1 lit. f GDPR): e.g. for efficient customer communication, legal prosecution, unless your interests prevail

You can object to processing on the basis of legitimate interests at any time in accordance with Art. 21 GDPR.

b) If you are a website user

We process your data:

  • On the basis of your consent (Art. 6 para. 1 lit. a GDPR, § 165 para. 3 TKG): e.g. for cookies and web analysis (see point 6)
  • For the implementation of pre-contractual measures (Art. 6 para. 1 lit. b GDPR): e.g. for inquiries via contact forms, e-mail or telephone
  • To fulfill legal obligations (Art. 6 para. 1 lit. c GDPR): e.g. obligations to provide information to authorities
  • On the basis of legitimate interests (Art. 6 para. 1 lit. f GDPR): e.g. to ensure website security, prevent misuse, analyze user behavior to improve our offering

You can object to processing on the basis of legitimate interests at any time in accordance with Art. 21 GDPR.

c) If you are a newsletter subscriber

Your data will be processed on the basis of your consent (Art. 6 para. 1 lit. a GDPR) for sending our newsletter. We use a double opt-in procedure: After registering, you will receive an email to confirm your registration. You can unsubscribe from the newsletter at any time by sending an email to office@weingut-steininger.at. Your data will be deleted immediately after you unsubscribe.

d) No automated decision-making or profiling

We do not carry out automated decision-making or profiling.

4. to whom we pass on your data

We store and process your data and only pass it on to third parties if necessary.

a) If you are our customer

  • Cooperation partners: e.g. shipping service providers, payment service providers (e.g. banks for credit card or debit card payments), voucher providers
  • IT service provider: e.g. for hosting or booking tools
  • Authorities, courts, lawyers: in case of legal obligation or prosecution
  • Tax consultants, auditors: for the fulfillment of legal obligations
  • Debt collection agency: for debt collection
  • Insurance: in the event of insured events

b) If you are a website user

  • IT service provider: e.g. for website hosting and security
  • Authorities, courts, lawyers: in case of legal obligation or prosecution

c) If you are a newsletter subscriber

  • IT service provider: e.g. for sending newsletters
  • Authorities, courts, lawyers: in case of legal obligation or prosecution

If data is transferred to recipients outside the EEA for which no adequate level of data protection has been established by the EU Commission, we ensure that the transfer takes place on the basis of standard contractual clauses (2021/914/EC) or in accordance with Art. 46, 47 or 49 GDPR. Processors are contractually obliged to process your data confidentially and in accordance with our specifications.

5. how long we store your data

We only store your data for as long as is necessary for the processing purpose or for as long as there are statutory retention obligations.

a) If you are our customer

Data is stored until the end of the business relationship. We store data and business correspondence relevant to tax law for at least seven years in accordance with § 132 BAO and § 212 UGB. In the event of legal disputes or suspected misuse, data may be stored for longer until the matter has been resolved.

b) If you are a website user

  • Cookies: Storage period between 6 and 24 months, depending on the cookie. Consent can be revoked via “Cookie settings”.
  • Contact inquiries: We store data from contact forms, chats, emails or telephone calls for at least seven years in accordance with Section 132 BAO and Section 212 UGB, and for a maximum of three years if there is no business relationship.

c) If you are a newsletter subscriber

Data will be deleted after you withdraw your consent.

If you have any questions about the storage period, please contact us at office@weingut-steininger.at.

6. cookies and web analysis

a) Cookies

Our website uses cookies, small text files that are stored on your end device to make it more user-friendly. Session cookies are deleted after closing the browser, persistent cookies remain stored in order to recognize your browser. We automatically collect your IP address and language setting on the basis of your consent (Art. 6 para. 1 lit. a GDPR, § 165 para. 3 TKG). You can deactivate cookies via the cookie banner or browser settings, except for technically necessary cookies.

Technically necessary cookies:

  • borlabs-cookie: Saves cookie consents, lifetime: 11 months
  • wp-wpml_current_language: Saves language settings, is deleted at the end of the session

Third-party cookies: Third-party providers such as Google Maps or YouTube receive your IP address. Details can be found in their privacy policies.

b) Google Analytics

We use Google Analytics (Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) to analyze website usage. Cookies are used that transmit anonymized data (e.g. shortened IP address) to Google servers, usually in the USA. IP masking ensures anonymization. Google compiles reports on website activity without linking your IP address to other data. Processing is based on your consent (Art. 6 para. 1 lit. a GDPR, § 165 para. 3 TKG).

Cookies:

  • _ga: Distinguishes visitors, storage period: 14 months
  • _gcl_au: Tracks Google Ads, storage duration: 3 months

You can revoke your consent via “Cookie settings” or deactivate Google Analytics using a browser add-on. Details: https://policies.google.com/privacy.

c) Google Tag Manager

We use Google Tag Manager to manage website tags. The tool does not access data and processes it on the basis of your consent (Art. 6 para. 1 lit. a GDPR, § 165 para. 3 TKG).

d) Google Ads and remarketing

Google Ads sets cookies (e.g. conversion tracking cookie, valid for 30 days) to recognize users who reach our website via ads. Google Remarketing shows interest-based ads based on previous visits. Processing based on your consent (Art. 6 para. 1 lit. a GDPR, § 165 para. 3 TKG). Deactivation: Browser settings or https://adssettings.google.com.

e) Facebook (Meta) Remarketing / Pixel

We use Facebook’s “Custom Audiences” for interest-based advertising. When you visit the website, a connection to Facebook servers is established, which assigns your visit to your Facebook account. Processing based on your consent (Art. 6 para. 1 lit. a GDPR, § 165 para. 3 TKG). Deactivation: https://www.facebook.com/settings/?tab=ads. Details: https://www.facebook.com/about/privacy.

Cookie:

  • _fbp: Shows personalized advertising, storage period: 90 days

Shared responsibility with Meta Platforms Ireland Limited (4 Grand Canal Square, Dublin 2, Ireland) for the collection and transfer of data. Agreement: https://www.facebook.com/legal/controller_addendum.

7. rights of data subjects

You have the following rights:

a) Right to rectification and restriction

You can request the correction of incorrect or incomplete data and the restriction of processing.

b) Right to data portability

You may request a copy of your data in a structured, commonly used and machine-readable format.

c) Right to erasure

You can request the deletion of your data, e.g. in the event of unlawful processing.

d) Right to object

You can object to the processing on the basis of legitimate interests (Art. 21 GDPR).

e) Right of revocation

You can revoke your consent at any time without affecting the legality of the previous processing.

f) Complaint

In the event of violations, you can contact the Austrian Data Protection Authority (Barichgasse 40-42, 1030 Vienna) or file a complaint with the competent regional court.

Contact for rights: Steininger GmbH Walterstrasse 2, AT-3550 Langenlois E-Mail: office@weingut-steininger.at

8. adaptation of the privacy policy

We reserve the right to adapt this privacy policy in compliance with data protection regulations. Please inform yourself regularly about changes.

Status: September 2025

Data protection information in the application process For further information, please contact us at office@weingut-steininger.at.