Back to Home

Privacy Policy

Last updated: October 2025

This Privacy Policy describes how BrandWorkshopAI, operated by David Moling ("we", "us", or "our"), collects, uses, and protects your personal information when you visit our website at https://brandworkshop-ai.com (the "Website").

We are committed to protecting your privacy and complying with the EU General Data Protection Regulation (GDPR) and the Austrian Data Protection Act (Datenschutzgesetz - DSG).

1. Data Controller

The data controller responsible for processing your personal data is:

David Moling

Innsbruck, Austria

Email: mail@software-moling.com

VAT ID: ATU75309738

2. Legal Basis for Processing

We process your personal data in accordance with the principles set forth in Article 5 GDPR and based on one or more of the following legal grounds under Article 6 GDPR:

  • Consent (Art. 6(1)(a) GDPR): You have given clear consent for us to process your personal data for a specific purpose (e.g., newsletter subscription, contact inquiries).
  • Contract (Art. 6(1)(b) GDPR): Processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
  • Legal Obligation (Art. 6(1)(c) GDPR): Processing is necessary for compliance with a legal obligation to which we are subject.
  • Legitimate Interests (Art. 6(1)(f) GDPR): Processing is necessary for our legitimate interests or those of a third party, except where such interests are overridden by your rights and freedoms.

3. Data We Collect and How We Use It

3.1 Information You Provide to Us

When you interact with our Website, you may voluntarily provide us with personal information, including:

  • Contact Information: Name, email address, company name, and other details you provide when contacting us or applying for our pilot program.
  • Communication Data: Messages, inquiries, and feedback you send to us.

Purpose: We use this information to respond to your inquiries, process partnership applications, and communicate with you about our services.

3.2 Automatically Collected Information

When you visit our Website, we may automatically collect certain technical information:

  • Technical Data: IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.
  • Usage Data: Information about how you use our Website, including pages visited, time spent on pages, and navigation paths.

Purpose: We use this information to maintain, improve, and secure our Website, analyze usage patterns, and optimize user experience.

3.3 Cookies and Similar Technologies

In accordance with § 96(3) of the Austrian Telecommunications Act (TKG) and Article 6(1)(a) GDPR, the storage of cookies and similar technologies requires your consent.

Our Website may use cookies and similar tracking technologies to enhance your browsing experience. You can control cookie settings through your browser preferences. Please note that disabling cookies may affect the functionality of our Website.

Types of Cookies We May Use:

  • Essential Cookies: Required for basic website functionality
  • Analytics Cookies: Help us understand how visitors use our Website
  • Functionality Cookies: Remember your preferences and choices

4. Third-Party Services and Data Sharing

We do not sell, trade, or rent your personal information to third parties. We may share your data with trusted service providers who assist us in operating our Website and conducting our business, subject to appropriate data processing agreements and safeguards.

These service providers may include:

  • Hosting Providers: For website hosting and infrastructure
  • Email Service Providers: For managing communications
  • Analytics Services: For understanding website usage and performance

All third-party service providers are required to implement appropriate technical and organizational measures to protect your personal data and process it only in accordance with our instructions and applicable data protection laws.

5. International Data Transfers

Some of our service providers may be located outside the European Economic Area (EEA). When we transfer your personal data outside the EEA, we ensure appropriate safeguards are in place, such as:

  • EU Standard Contractual Clauses (SCCs)
  • Adequacy decisions by the European Commission confirming that the destination country provides an adequate level of data protection
  • Other legally recognized transfer mechanisms under GDPR Chapter V

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

  • To satisfy any legal, accounting, or reporting requirements
  • To respond to inquiries and provide requested information or services
  • To maintain business records in accordance with Austrian commercial law requirements (typically 7 years for accounting records under the Austrian Commercial Code - UGB)

When personal data is no longer required, we will securely delete or anonymize it in accordance with our data retention policy and applicable legal requirements.

7. Your Rights Under GDPR and Austrian DSG

Under the GDPR and Austrian Data Protection Act, you have the following rights regarding your personal data:

Right of Access (Art. 15 GDPR)

You have the right to obtain confirmation as to whether we process your personal data and, if so, to access that data and receive information about how it is processed.

Right to Rectification (Art. 16 GDPR)

You have the right to have inaccurate personal data corrected and incomplete data completed.

Right to Erasure - "Right to be Forgotten" (Art. 17 GDPR)

You have the right to request deletion of your personal data under certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected.

Right to Restriction of Processing (Art. 18 GDPR)

You have the right to request restriction of processing of your personal data in certain situations.

Right to Data Portability (Art. 20 GDPR)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller.

Right to Object (Art. 21 GDPR)

You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.

Right to Withdraw Consent (Art. 7(3) GDPR)

Where processing is based on your consent, you have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing before the withdrawal.

How to Exercise Your Rights:

To exercise any of these rights, please contact us at mail@software-moling.com. We will respond to your request within one month, or within two months for complex requests, in accordance with Article 12 GDPR.

8. Right to Lodge a Complaint

You have the right to lodge a complaint with the competent data protection supervisory authority if you believe that the processing of your personal data violates applicable data protection laws.

In Austria, the competent supervisory authority is:

Austrian Data Protection Authority (Datenschutzbehörde)

Barichgasse 40-42

1030 Vienna, Austria

Phone: +43 1 52 152-0

Email: dsb@dsb.gv.at

Website: https://www.dsb.gv.at

Additionally, as of January 1, 2025, the Parliamentary Data Protection Committee (Parlamentarische Datenschutzkomitee) exercises supervisory powers in accordance with the revised Austrian Data Protection Act (DSG).

9. Children's Privacy

Our Website and services are directed at businesses and agencies, not at children. We do not knowingly collect personal data from children.

In accordance with the Austrian Data Protection Act, the age of consent for information society services in Austria is 14 years. If you are under 14 years of age, you may only use our Website with the consent and supervision of a parent or legal guardian.

10. Data Security

We implement appropriate technical and organizational security measures in accordance with Article 32 GDPR to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.

Security measures include:

  • Encryption of data in transit using HTTPS/TLS protocols
  • Access controls and authentication mechanisms
  • Regular security assessments and updates
  • Employee training on data protection and security
  • Incident response and breach notification procedures

While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security but commit to using industry-standard practices to safeguard your information.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on this page with a new "Last updated" date.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:

David Moling

Innsbruck, Austria

Email: mail@software-moling.com

Website: https://brandworkshop-ai.com

13. Applicable Law

This Privacy Policy and all matters relating to the processing of your personal data are governed by Austrian law and the General Data Protection Regulation (EU) 2016/679 (GDPR).

© 2025 David Moling. All rights reserved.

ImpressumPrivacy Policy