Privacy Policy


Responsible party as per the EU GDPR:
Symptoma GmbH
Seitenstettengasse 5/37
1010 Vienna

The protection of your privacy as well as your personal rights and the associated protection of the data processed is a core component of the services provided by Symptoma GmbH. Our service is based exclusively on the processing of previously anonymized data and can never be assigned to a single person.

Privacy Policy

The use of the Symptoma GmbH website is possible without providing any personal data. If a data subject wishes to use our company's special services via our website, processing of personal data may be necessary. If the processing of personal data is necessary and there is no legal basis for such processing, the consent of the data subject is obtained.

The processing of personal data, for example the name, address or email address of a data subject, is always carried out in accordance with the General Data Protection Regulation (GDPR) and in accordance with the data protection regulations applicable to Symptoma GmbH. By means of this data protection declaration, our company would like to inform the public about the type, scope and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed about their rights by means of this data protection declaration.

Symptoma GmbH, as the controller, has implemented numerous technical and organizational measures to ensure the most complete protection possible for the data processed on this website. Nevertheless, internet-based data transmissions can generally have security gaps, so that absolute protection cannot be guaranteed.

1. Definitions

The data protection declaration of Symptoma GmbH is based on the terminology used by the European directive and regulation authority when the General Data Protection Regulation (GDPR) was issued. Our data protection declaration should be easy to read and understand for the public as well as for our customers and business partners.

To ensure this, we would like to explain the terms used in advance:

Personal data

Personal data means any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.


Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Restriction of processing

Restriction of processing means the marking of stored personal data with the aim of limiting their processing in the future.


Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.


Pseudonymization means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.


Anonymization is a procedure that changes personal data in such a way that individual details about personal or factual circumstances can no longer be assigned to a specific or identifiable natural person or only with a disproportionate amount of time, costs and labor.


Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.


Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.


Receiver means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

Third Party

Third Party means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.


Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

2. What information do we collect about you and how?

As part of the services we offer, all visits by our users are rendered completely unrecognizable through the use of state-of-the-art anonymization methods. The resulting processing results are analyzed and stored for statistical purposes. Your personal and personal rights remain untouched in this processing.

The use of the website is made possible with the help of cookies, which on the one hand represent a technical necessity, and on the other hand save the preferred settings of the user, such as the displayed language of the service or the rejection (opt-out) from our user behaviour analysis for the continuous improvement and further development of our website.

Categories of processed data:

CategoriesPurposeDeclarationRetention Time
Technical data: IP address (anonymized), browser, operating system, page viewsProviding our service according to
GDPR article 6, paragraph 1, lit a)
Your IP address is completely anonymized in advance and therefore before creating a log on our web servers.12 months
Non-personal data: age, genderProviding our service according to
GDPR article 6, paragraph 1, lit a)
The additional data you enter is optional and helps us to find possible causes more precisely.For the time of visiting our website
Sensitive data: health dataGDPR recital 26, sentence 5 and sentence 6
Article 9, paragraph 2, letter i)
Article 6, paragraph 1, letter f)
Data protection should therefore not apply to anonymous information, i.e. for information that does not relate to an identified or identifiable natural person or personal data that has been anonymized in such a way that the data subject cannot or can no longer be identified. This regulation does not affect the processing of such anonymous data, including for statistical or research purposes.For statistical purposes
For research purposes


3. Cookies

Our website uses so-called cookies. A cookie is a small file that can be saved on your computer when you visit a website. Basically, cookies are used to offer users additional functions on a website. On our site, we only use cookies that are absolutely necessary for the operation of the site, as well as functional cookies that save your settings regarding the language displayed on the website, as well as refusal to collect usage statistics to improve and further develop our website.

Our use of cookies

We use the following cookies:

CookieDeclarationRetention TimeType
__cfduidCloudflare is a service to identify trustworthy web traffic and necessary for the delivery of our content. Cloudflare complies with the data protection regulations of the “Privacy Shield” certification. Cloudflare does not process users' personal data and no conclusions can be drawn about the individual users.
Further information on data protection regulations and the obligation to Cloudflare's Privacy Shield Agreement can be found here:
4 weeksRequired cookie
JSESSIONIDUsed by sites written in Java Server pages. General platform session cookies that are used to keep the user status throughout and beyond pages of this website.5 monthsRequired cookie
languageThis cookie is used to save the user's language settings.3 monthsFunctional cookie
piwik_ignoreThis cookie is only saved in your browser if you do not want us to use your activities on our website for improvements and further development (Opt-Out).24 monthsFunctional cookie

4. Data protection officer contact

Email: [email protected]

Any data subject can contact our data protection officer at any time with questions and suggestions regarding data protection.

5. Access to your information, correction, portability and deletion of data

Right of access

You have the right to request a copy of the data stored about you. If you would like a copy of some or all of your personal information, please contact our data protection officer. We will respond to your request within 30 days of receiving your request.

We want to make sure that your personal information is correct and up to date. If it is necessary to correct or remove information that you believe is incorrect, please contact our data protection officer.

Data transmission

You also have the right to receive the personal information you provide in a structured standard format and in a machine-readable format, or to have it transferred to another service provider you have specified within a reasonable period of time.

Right to be forgotten

If you would like us to completely delete all information relating to you, please send us a request to delete your data to our data protection officer.

6. Opt-Out

You have the option of preventing the actions you have carried out on this website from being analyzed in order to improve usability by clicking on the following link and following the instructions: Opt-Out

7. Final provisions

If you believe that your personal data will be processed in a way that does not comply with the GDPR, you have the right to lodge a complaint with the responsible supervisory authority.

Austrian data protection authority,
Barichgasse 40-42
1030 Vienna

Telephone: +43 1 52 152-0
Email: [email protected]

We regularly check our data protection policy and publish all updates on this website.