PRIVACY POLICY

 

Nessus GmbH, Fernkorngasse 10/3/501, 1100 Vienna, Austria, phone: +43 1 3360006, email-address: datenschutz@nessus.at (“Nessus”, “we”, “us”) is committed to protecting your personal data. Your data is not our business model and we process your data exclusively on the basis of the applicable legal provisions, in particular the Data Protection Act as amended (“DSG”), the Telecommunications Act (“TKG “) and the General Data Protection Regulation (“GDPR”).

In this privacy policy we inform you about the processing of your personal data and your rights within the scope of our offers.

 

1.   SUBJECT MATTER AND PURPOSE OF THE DATA PROCESSING

 

1.1.   CONTACT WITH NESSUS

 

1.1.1.   Processing

When you contact us, we process your personal data (e.g. name, telephone number, email address and the content of your message) to process this enquiry. We process this data in order to be able to process your enquiry (and any follow-up questions) for the purpose of fulfilling the contract (including pre-contractual measures) in accordance with Art 6 para 1 lit b GDPR and, if no contractual relationship exists, in the context of our legitimate interests to answer your enquiry in accordance with Art 6 para 1 lit f GDPR.

 

1.1.2.   Storage period

We only store data for as long as is necessary for the respective purposes. Emails for mere contact requests are stored in our ticket system for a maximum of 6 months, otherwise 10 years. The long storage period is necessary to protect interests in liability cases of any kind. If you contact us by phone, your phone number is stored in the log files and deleted after 8 weeks. If you send us a letter or fax, these are scanned and stored in the ticket system. The deletion period of the digital copy and the original is the same as for e-mail enquiries. Likewise, by using the contact options offered on our website (e.g. on-call request, callback), internal tickets are created with the same storage period.

 

1.2.   BACKUP

 

1.2.1.   Processing

For security reasons, we create backups of all Nessus core systems as a precautionary measure.

We create backups based on our legitimate interests in accordance with Art 6 para 1 lit f GDPR. Our legitimate interests lie in offering a secure IT-infrastructure in which the availability, integrity and confidentiality of the processed data is guaranteed.

 

1.2.2.   Storage period

For technical reasons, the backups are deleted no later than 6 months after the deletion of the original data in accordance with § 4 para 2 DSG.

 

1.3.   OFFER – WHEN YOU RECEIVE AN OFFER FROM NESSUS

 

1.3.1.   Processing

In order to be able to provide you with an offer, we process the following data, among others: First and last name, organisation, address, contact information (e.g. email address, telephone number). We process this data within the framework of our pre-contractual relationship in accordance with Art 6 para 1 lit b GDPR.

 

1.3.2.   Disclosure

In order to be able to fulfil our pre-contractual obligations towards you, we use service providers who, according to our order and instructions, may also have access to personal data in order to be able to provide the commissioned IT-services.

We also transfer your personal data to the following recipients:

  • to external third parties to the extent necessary on the basis of our legitimate interests (e.g. auditors, insurance companies in the event of an insurance claim, legal representatives in the event of an incident, etc.);
  • to authorities and other public bodies to the extent required by law (e.g. tax authorities, courts, etc.).

 

1.3.3.   Storage period

We only store data for as long as it is required for the respective purposes. If deletion cannot be carried out because the data is required for permissible legal purposes, data processing is restricted. In this case, the data is blocked and not processed for other purposes.

 

1.4.   GENERAL DATA – WHEN YOU ENTER INTO A CONTRACT WITH NESSUS

 

1.4.1.   Processing

If you conclude a contract with us, we will process the following data: Surname and first name, if applicable, data of your organisation, address, means of contact (e.g. e-mail address, telephone number), IP address, information on the nature of our contractual relationship. In addition, the following personal data that you provide to us will be processed: Payment data (SEPA direct debit, …), contract commitment, contract term, notice period. The data you provide is necessary for the performance of the contract or for the implementation of pre-contractual measures. We therefore process your personal data for the fulfilment of the contract on the basis of Art 6 para 1 lit b GDPR. Without this data, we cannot conclude the contract with you.

 

1.4.2.   Disclosure

In order to be able to fulfil our contract with you, we use service providers who, according to our order and instructions, may also have access to personal data in order to be able to provide the commissioned IT services.

We also transfer your personal data to the following recipients:

  • to external third parties to the extent necessary on the basis of our legitimate interests (e.g. auditors, insurance companies in the event of an insurance claim, legal representatives in the event of an incident, etc.);
  • to authorities and other public bodies to the extent required by law (e.g. tax authorities, courts, etc.).

Your data will not be passed on to any other third parties for their own purposes without your consent.

 

1.4.3.   Storage period

Upon termination of the contract, all billing information from the contractual relationship will be stored until the expiry of the retention period under tax law (7 years). Your deposited means of payment (SEPA mandates, …) will be deleted after 13 months at the latest payment. Your master data, information about purchased products, e-mail correspondence and date of purchase are stored for 10 years for the purpose of safeguarding, asserting or defending legal claims.

In addition, we also store the data in case of cause beyond that, as long as legal claims from the relationship between us and you can be asserted or until the final clarification of a specific incident or legal dispute (maximum 30 years).

 

1.5.   SERVERHOUSING NESSUS – WHEN YOU PURCHASE RACKSPACE

 

1.5.1.   Processing

The customer has the option of ordering access authorisation for one or more persons to his rack space. The following data will be processed: First name, surname, signature, hash of a palm vein image (but not the palm vein image itself – reconstruction through the hash is not possible), portrait image for the access card and a copy of the ID card. The volume of data used is recorded for billing purposes. Several video cameras are installed in the data centre to monitor all premises and record movements. Every entry into our data centre is logged for security and documentation purposes. We process this personal data for the fulfilment of our contractual obligations pursuant to Art 6 para 1 lit b GDPR and, with regard to video surveillance, on the basis of our legitimate interests pursuant to Art 6 para 1 lit f GDPR to provide a secure server environment. With regard to the palm vein scan, we process the data on the basis of explicit consent pursuant to Art 9 para 2 lit a GDPR.

 

1.5.2.   Disclosure

As a matter of principle, no data is transferred to third parties. However, the customer may request his access logs and those of his employees if he has a justified interest. Video recordings of incidents relevant under criminal law are forwarded to the competent authorities, involved insurance companies and the responsible contractual partner.

 

1.5.3.   Storage period

First name, last name, used data volume, portrait picture, ID copy and other forms are deleted at the latest 3 months after the end of the contract , the signed Nessus house rules and declaration of consent after 3 years, the hash of the fingerprint or palm vein image immediately after the end of the contract. The video recordings are deleted after 8 days and the access logs after one year. In the case of incidents relevant under criminal law, the video recordings can be kept until the accusations have been legally clarified.

 

1.6.   SERVERHOUSING INTERXION – WHEN YOU PURCHASE INTERXION RACKSPACE

 

1.6.1.   Processing

The customer has the option of ordering access authorisation for one or more persons to his rack space. The following data will be processed: First name, last name and, if applicable, a portrait picture. The data volume used is recorded for billing purposes.

We process your personal data on the basis of our contractual relationship pursuant to Art 6 para 1 lit b GDPR. Several video cameras are installed in the Nessus Cage in the InterXion data centre, which monitor the premises and record movements. Video surveillance is carried out on the basis of our legitimate interests pursuant to Art 6 para 1 lit f GDPR. These interests consist of ensuring a secure server environment. The processing is done to provide you with physical access to the InterXion Österreich GmbH data centre and to ensure security during your visit.

 

1.6.2.   Disclosure

In order to provide our services, we regularly use IT service providers who have access to personal data on our behalf and according to our instructions in order to be able to provide the commissioned IT services.

We also transfer your personal data to the following recipients:

  • to external third parties to the extent necessary on the basis of our legitimate interests (e.g. auditors, insurance companies in the event of an insurance claim, legal representatives in the event of an incident, etc.);
  • to authorities and other public bodies to the extent required by law (e.g. tax authorities, courts, etc.). Your data will not be passed on to any other third parties for their own purposes without your consent.

 

1.6.3.   Storage period

We only store data for as long as is necessary for the respective purposes. Nessus deletes first name, surname, used data volume and the portrait image at the latest 3 months after the end of the contract, the video recordings after 8 days. Longer storage only takes place insofar as this is necessary to investigate detected attacks on our technical infrastructure and beyond this only until the end of relevant limitation periods, statutory retention periods or any legal disputes.

 

1.7.   INTERNET PRODUCTS – WHEN YOU PURCHASE AN INTERNET CONNECTION

 

1.7.1.   Processing

The following data is processed so that the requested internet connection can be established at the specified location: First and last name, organisation, address, contact information (e.g. e-mail address, telephone number). The volume of data used is recorded for billing purposes. We process this personal data on the basis of our contractual relationship pursuant to Art 6 para 1 lit b GDPR.

Since a contractual relationship is entered into with the purchase of a product, “General Data” are also processed, see above.

 

1.7.2.   Disclosure

For the operation and administration of our internet products, we regularly use IT-service providers who, according to our order and instructions, may also have access to personal data in order to be able to provide the commissioned IT-services.

We also transfer your personal data to the following recipients:

  • to external third parties to the extent necessary on the basis of our legitimate interests (e.g. auditors, insurance companies in the event of an insurance claim, legal representatives in the event of an incident, etc.);
  • to authorities and other public bodies to the extent required by law (e.g. tax authorities, courts, etc.).

Your data will not be passed on to any other third parties for their own purposes without your consent. We do not transfer any data to a third country.

 

1.7.3.   Storage period

We only store data for as long as is necessary for the respective purposes. The data is deleted 3 months after the end of the contract. Data is only stored for a longer period if this is necessary to investigate any attacks on our network that have been detected and, beyond this, only until the end of any applicable limitation periods, statutory retention periods or any legal disputes.

 

1.8.   TRAFFIC – DATA TRANSMITTED VIA THE NESSUS NETWORK

 

1.8.1.   Processing

We process information on the data transmitted via our network on the basis of our legitimate interests pursuant to Art 6 para 1 lit f GDPR. Our legitimate interests are to provide effective technical support and to offer secure services to our customers. The processing serves the purpose of being able to offer support services to our customers and as a preventive protective measure e.g. against DDoS attacks. The contents of the data packets are not monitored.

 

1.8.2.   Storage period

We only store data for as long as is necessary for the respective purposes. The data is deleted after 6 hours. Longer storage only takes place if this is necessary to investigate detected attacks on our network and beyond that only until the end of relevant limitation periods, legal retention periods or any legal disputes.

 

1.9.   NEWSLETTER & TIS

To inform you about new Nessus products, Nessus sends newsletters to the e-mail address you have provided. You have the option of subscribing to this newsletter and of course unsubscribing from at any time.

With our additional mailing list TIS – Technical Information System we inform our subscribers about planned maintenance work as well as service interruptions. Of course, you can unsubscribe from this list at any time.

In addition, we send out important information that does not qualify as a newsletter, such as details about critical security vulnerabilities, information about necessary blocking of services, changes to the GTC or similar.

 

1.9.1.   Processing

In order to provide you with targeted information, the following data is processed: E-mail address. If you have subscribed to our newsletter or TIS, we process your data on the basis of your express consent in accordance with Art 6 Para 1 lit a GDPR in conjunction with Sec 174 TKG. Technical or contractually necessary mailings are made within the framework of our existing contractual relationship in accordance with Art 6 Para 1 lit b GDPR.

 

1.9.2.   Disclosure

For the dispatch of newsletters and TIS, we regularly use IT service providers who, according to our order and instructions, may also have access to personal data in order to be able to provide the commissioned IT services.

We also transfer your personal data to the following recipients:

  • to external third parties to the extent necessary on the basis of our legitimate interests (e.g. auditors, insurance companies in the event of an insurance claim, legal representatives in the event of an incident, etc.);
  • to authorities and other public bodies to the extent required by law (e.g. tax authorities, courts, etc.).

Your data will not be passed on to any other third parties for their own purposes without your consent.

 

1.9.3.   Storage period

Deletion from the newsletter or TIS takes place after unsubscription. If you have registered for a newsletter and the receipt of advertising information accordingly and are not a customer of ours, we will store your personal data until you cancel and for a maximum of three years from your last contact.

 

1.10.   SATISFACTION SURVEY

Satisfaction surveys are conducted at regular intervals. As a rule, people who have had contact with Nessus in the last few months are contacted by email, provided that you have given us your consent in advance in accordance with Art 6 Para 1 lit a GDPR in conjunction with § 174 TKG, which you can revoke at any time.

 

1.10.1.   Processing

E-mail address, rating on a scale of 0 – 10, comment (optional)

 

1.10.2.   Disclosure

In order to be able to conduct satisfaction surveys, the service of an operator within the EU is used.

 

1.10.3.   Storage period

The data will be deleted after 12 months at the latest.

 

1.11.   APPLICATIONS

When you send us an application, we process the following data:

 

1.11.1.   Processing

Depending on the information we receive from applicants, we process at least the full name, contact details (e.g. telephone number, e-mail address) the CV and the letter of motivation on the basis of pre-contractual measures pursuant to Art 6 para 1 lit b GDPR.

 

1.11.2.   Storage period

Data from application processes will be deleted after 7 months after the end of the application process if you are not employed by us. The data is kept for the purpose of defending potential claims under the Equal Treatment Act (“GlBG”).

 

1.12.   WEBSITE, COOKIES AND WEB ANALYSIS

 

1.12.1.   Data categories

In the course of your visit to our website, we will automatically collect the following personal data about you: Date and time of the call of a page on our website; data on your terminal device (device ID); IP address; name and version of your web browser; session ID.

The data is collected for support purposes and as a protective measure against possible attacks within the scope of our legitimate interests pursuant to Art 6 para 1 lit f GDPR, which is to make our website user-friendly and to be able to detect, prevent and investigate attacks on our website and online services.

Session cookies are created to ensure the best possible functionality of our website (e.g. customer area). On the basis of your express consent in accordance with Art 6 para 1 lit a GDPR, the user’s IP data is stored with the help of cookies for the purpose of better usability. After the session has ended, the data stored in the cookies is deleted. The data processing is carried out on the basis of the legal provision of Sec 165 para 3 TKG .

If cookies are not accepted, please change your browser settings accordingly. Please note that this may restrict the functionalities of the website. If you do not wish this, you can set your browser so that it informs you about the setting of cookies and you only allow this in individual cases. If cookies are deactivated, the functionality of our website may be limited.

 

1.12.2.   Purpose of the data processing

We process your data in connection with your visit to our website for the following purposes:

  • to provide you with our website, including its features, and to further improve and develop this website;
  • to be able to detect, prevent and investigate attacks on our website and online services.

 

1.12.3.   Disclosure

In order to provide our website, we use IT-service providers who, on our behalf and in accordance with our instructions, may also have access to personal data in order to be able to provide the commissioned IT-services.

We also transfer your personal data to the following recipients:

  • to external third parties to the extent necessary on the basis of our legitimate interests (e.g. auditors, insurance companies in the event of an insurance claim, legal representatives in the event of an incident, etc.);
  • to authorities and other public bodies to the extent required by law (e.g. tax authorities, courts, etc.).

 

1.12.4.   Storage period

The data will be deleted from after 8 weeks. Data is only stored for a longer period if this is necessary to investigate any attacks on our website that have been detected and, beyond this, only until the end of any applicable limitation periods, statutory retention periods or any legal disputes.

 

1.13.   GOOGLE ANALYTICS

This website uses the “Google Analytics” service provided by Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) to analyse website usage by users. The service uses “cookies” – text files that are stored on your terminal device. The information collected by the cookies is usually sent to a Google server in the USA and stored there.

IP anonymisation is used on this website. The IP address of the user is shortened within the member states of the EU and the European Economic Area. This shortening eliminates the personal reference of your IP address. Under the terms of the data sharing agreement between the website operators and Google Inc., Google Inc. uses the information collected to evaluate website usage and activity and to provide services relating to internet usage.

You have the option of preventing the cookie from being stored on your device by making the appropriate settings in your browser. It is not guaranteed that you will be able to access all functions of this website without restrictions if your browser does not allow cookies.

Furthermore, you can use a browser plug-in to prevent the information collected by cookies (including your IP address) from being sent to and used by Google Inc. The following link will take you to the corresponding plugin: https://tools.google.com/dlpage/gaoptout?hl=en.

Here you can find further information on the use of data by Google Inc.: https://support.google.com/analytics/answer/6004245?hl=en

 

1.14.   FORMER SERVER, DOMAIN AND HOSTING CUSTOMERS

This part of the privacy policy is relevant for those who sent an email to Nessus in the past and formerly received hosting services from Nessus (domain, web space, V/Root server, managed services), as the “hosting” part of the business was transferred to easyname by way of universal succession by way of spin-off for inclusion pursuant to Sec 1 para 2 no 2 in conjunction with Sec 17 of the Austrian Demerger Act (“SpaltG”).

 

1.14.1.   Processing

We process the following data that you have provided to us on the occasion of your business relationship with us and in connection with an enquiry in the ticket system: First and last name, name of the organisation/company, address, e-mail address, name of the contact person for processing the ticket, content of a ticket/inquiry, for the purpose described in the next but one paragraph.

In addition, we also process the customer number, the date of the ticket, the history of the processing of the ticket, comments and other information on the resolution of the request, other information on the ticket that we have collected or automatically generated in the ticket system on the occasion of your request.

We cite our legitimate interests and those of easyname GmbH pursuant to Art 6 para 1 lit f GDPR for the processing of the data, which consist in the fact that the spin-off of the “hosting” sub-operation requires the transfer of the customer data for the continuation of the sub-operation to easyname GmbH as universal successor, and this data to be allocated to the “hosting” sub-operation is necessary in order to be able to maintain and process the contractual relationships with the customers unchanged, including requests made via tickets.

We have transferred the “hosting” business to easyname by way of universal succession through a spin-off for absorption pursuant to Sec 1 para 2 no 2 in connection with 17 of the Austrian Demerger Act. In the course of this, all rights, legal relationships and assets belonging to the business operations and necessary for this, including the existing customer contracts and the customer database, were transferred. easyname GmbH therefore enters into the legal position with regard to the contracts and business relationships from the “Hosting” sub-operation. With the effectiveness of the demerger for inclusion in easyname GmbH, the entirety of the rights and obligations arising from the contractual relationships with customers as well as all activities in connection with the sub-operation were taken over by easyname GmbH by transferring this sub-operation in accordance with the demerger plan and takeover agreement of 27.04.2020 as of 27.5.2020.

The purpose of the processing and, in particular, the transfer of the data is thus the implementation of this demerger for inclusion, namely by transferring all data to be allocated to this partial business which are necessary for the continuation of the contractual relationships, however, in the ticket system of Nessus, which was not allocated to the demerged assets. For easyname GmbH, the data is therefore necessary for the continuation of the partial business transferred by way of universal succession and for the continued fulfilment of the associated contractual relationships as well as the maintenance of the business relationships.

 

1.14.2.   Disclosure

In the course of processing, the data shall only be transferred to easyname GmbH, FN 402196s, Canettistraße 5/10, 1100 Vienna, as universal successor in the “hosting” sub-operation. Information on the type and scope of data processing at the data recipient can be found in the data protection information of easyname GmbH, available at https://www.easyname.at/en/company/privacy-policy

 

1.14.3.   Storage period

The data will be deleted as soon as the transfer of the data to be assigned to the sub-operation has been completed in full and with legal effect, and will furthermore only be retained by us for as long as we need the data to enforce and defend against legal claims arising from the contractual relationship with the customer, and therefore 3 years in accordance with Sec 1486 and 1489 ABGB.

 

2.   DATA TRANSFERS TO THIRD COUNTRIES

If we process your data in a third country outside the European Union (EU) or the European Economic Area (EEA) or if we do so in the context of using third-party services, this will only be done if it is necessary for the fulfilment of our (pre-)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. We have implemented suitable and appropriate guarantees to ensure that the transfer of your data to the respective third country complies with data protection requirements (e.g. conclusion of so-called “Standard Contractual Clauses”). Upon your request, we will provide you with a copy of these appropriate safeguards if we process or have your data processed in third countries.

 

3.   DATA SECURITY

We take appropriate technical and organisational security measures to protect your personal data against accidental or unauthorised destruction, alteration or against loss, theft and unauthorised viewing, disclosure, reproduction, use, modification or access. Furthermore, we and our employees are obliged to observe data secrecy and confidentiality. Similarly, our agents and representatives who need to have access to your personal data in order to perform their professional duties will have access and be subject to the same obligations of data secrecy and confidentiality.

 

4.   YOUR RIGHTS AS A DATA SUBJECT

You have a right to information, correction, deletion, restriction, transferability of your personal data and can revoke your consent or object to the processing at any time.

Attention: If you request the deletion or restriction of data necessary for the contract, this may affect the function of your purchased products!

 

4.1.   RIGHT TO INFORMATION

You have the right to obtain confirmation as to whether we are processing personal data relating to you. If this is the case, you can also request the information contained in Art 15 GDPR. You have the right to request information on whether personal data concerning you is transferred to a third country or to an international organisation. In this context, you may request to be informed about the appropriate safeguards pursuant to Art 46 GDPR in connection with the transfer.

 

4.2.   RIGHT OF RECTIFICATION

If we process your personal data that is incomplete or incorrect, you can request that we correct or complete it without delay.

 

4.3.   RIGHT TO ERASURE

You can request that we delete your personal data if the data is no longer necessary for the purposes of processing, the processing is based on your consent and you withdraw it, you successfully object to the processing, or we process this data unlawfully. Please note that there may be reasons that prevent immediate deletion, e.g. in the case of legally regulated retention obligations.

If you have asserted the right to rectification, erasure or restriction of processing against us, we are obliged to notify all recipients to whom the personal data concerning you has been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.

 

4.4.   RIGHT TO RESTRICT PROCESSING

You can request us to restrict the processing of your data if

  • you dispute the accuracy of the data for a period of time that allows us to verify the accuracy of the data,
  • the processing of the data is unlawful, but you refuse erasure and instead request restriction of the use of the data,
  • we no longer need the data for the intended purpose, but you still need this data to assert or defend legal claims, or
  • you have objected to the processing of the data and it has not yet been determined whether your interests are overriding.

 

4.5.   RIGHT TO DATA PORTABILITY

You may request that we provide you with your data that you have entrusted to us for storage in a structured, common and machine-readable format, provided that

  • we process this data on the basis of your consent pursuant to Art 6 para 1 lit a GDPR or Art 9 para 2 lit a GDPR or on the basis of a contract pursuant to Art 6 para 1 lit b GDPR, and
  • this processing is carried out with the aid of automated procedures.

In exercising this right, you also have the right to have the personal data concerning you transferred directly from us to another controller, insofar as this is technically feasible. The freedoms and rights of other persons must not be affected by this.

 

4.6.      RIGHT OF OBJECTION

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Art 6 para 1 lit e or f GDPR.

In this case, we will no longer process the personal data relating to you unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

 

4.7.   RIGHT OF APPEAL

If you believe that we are processing your data in breach of data protection law, please contact us to clarify any issues. Notwithstanding any other legal remedies, you have the right to lodge a complaint with the national supervisory authority of your place of residence if unlawful processing of personal data is assumed. In Austria, the competent authority is the Data Protection Authority, Barichgasse 40-42, 1030 Vienna, email: dsb@dsb.gv.at, telephone: +43 1 52 152-0.

 

4.8.   ASSERTION OF RIGHTS

If you wish to exercise any of these rights against us, please use our contact options.

 

4.9.   CONFIRMATION OF IDENTITY

In order to protect your data, your rights, your privacy and as protection against misuse, we grant the right to complete deletion, data disclosure and data surrender only after prior notification, in person and prior verification of identity . This measure is intended to prevent, for example, persons who have improperly gained access to your account or your e-mail address from obtaining additional personal data from you.

In case of doubt, we may therefore request additional information to confirm your identity for all data protection-related requests.

 

4.10.   COSTS FOR REPEATED REQUESTS FOR INFORMATION

Nessus will provide a copy of the personal data in response to a request for information. For each additional copy, an appropriate fee will be charged based on the administrative costs.

 

4.11.   SCOPE OF CONSENT

Please inform other users of your Nessus accounts (e.g. employees or relatives) about the processing and transfer of your data to the extent of your consent. Do not give consent to us unless the other users of your account also agree.

 

4.12.   RIGHT TO REVOKE THE DECLARATION OF CONSENT UNDER DATA PROTECTION LAW

You have the right to revoke any declaration of consent granted under data protection law at any time. The revocation of the consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

 

5.   CONTACT POSSIBILITIES

Nessus GmbH
Fernkorngasse 10/3/501
1100 Vienna (Austria)
Phone: +43 1 3360006
Email: datenschutz@nessus.at

 

Status: February 2023