We take the protection of your personal data seriously. This privacy policy informs you, in accordance with the GDPR and the Austrian Data Protection Act (DSG), about what data we process, when, and for what purpose.

1. Controller

Brainwerk e.U. (commercial register entry pending), owner Stefan Kogelgruber
Weißdornweg 1/4/3, 2442 Unterwaltersdorf, Austria
Email: office@brainwerk.at

2. Server log files

When you visit our website, technical logs (anonymised IP address, date/time, requested URL, referrer, user agent) are automatically captured by our web server. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in secure operation). Storage period: max. 14 days.

3. Audience measurement with SEOForge (our own software)

This website uses our own WordPress plugin SEOForge to collect aggregated visit statistics. Measurement happens entirely server-side, without third parties and without persistent tracking cookies.

• Data collected: page views, timestamps, anonymised IP (last octet for IPv4, /64 prefix for IPv6), user agent, referrer.
• Visitor hash: a SHA-1 hash derived from IP + user agent + server salt + current date. The hash rotates daily, making cross-day re-identification technically impossible.
• Session cookie: seoforge_sid (32-char random, session-only, HttpOnly, SameSite=Lax) – deleted when the browser closes.
• Bot filter: crawlers are excluded based on user agent.
• Do-Not-Track: respected. Browsers sending the DNT header are not counted.
• Legal basis: Art. 6(1)(f) GDPR (legitimate interest in privacy-friendly audience analysis).
• Storage period: individual visits max. 90 days, after which they are aggregated to monthly totals.

4. Contact form

If you contact us via the contact form, your details (name, email address, message) are stored to process the request and for follow-up questions. Legal basis: Art. 6(1)(b) GDPR (pre-contractual steps) and (f) (legitimate interest in responding). We do not pass on these data without your consent. Storage period: until the conversation is closed, max. 2 years, unless statutory retention obligations apply.

5. Newsletter

If you subscribe to our newsletter, we process your email address to send periodic updates on the basis of your consent (Art. 6(1)(a) GDPR). Subscription uses a double opt-in procedure: after entering your address you receive a confirmation email with a link; only after confirmation are you added to the list. You can withdraw your consent at any time via the unsubscribe link in every newsletter email or by emailing office@brainwerk.at. We log opt-in and opt-out timestamps and IP address for proof of consent.

6. Hosting

This website is hosted on a server provided by domainfactory GmbH (Oskar-Messter-Straße 33, 85737 Ismaning, Germany). Processing is governed by a data processing agreement under Art. 28 GDPR. Servers are located exclusively within the EU.

7. Cookies

We only use technically necessary cookies (e.g. WordPress session cookie after login, SEOForge session cookie). No tracking or marketing cookies are set. Consent under § 165(3) TKG 2021 is therefore not required.

8. Your rights

You have the right, at any time, to information (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), data portability (Art. 20) and objection (Art. 21) regarding the processing of your data. Requests can be addressed to office@brainwerk.at.

If you believe the processing of your data infringes data protection law, you have the right to lodge a complaint with the Austrian Data Protection Authority (Barichgasse 40–42, 1030 Vienna, www.dsb.gv.at).

9. Changes

We reserve the right to amend this privacy policy to reflect changes in the law or in our services. The current version is always available at this URL.

Last updated: 2026-05-19