Privacy Policy

Last updated: March 2026

GDPR & NISG 2026 Aligned

1. Data Controller

SintelLogic – Alen Ovčarić
Owner: Alen Ovčarić
Registered office: Pichlarnerstraße 34, 8952 Irdning-Donnersbachtal, Austria
Mobile: +43 677 63893025
Email: office@sintellogic.at

For all data protection inquiries, contact: office@sintellogic.at

2. GDPR Compliance

SintelLogic processes personal data in strict accordance with Regulation (EU) 2016/679 (General Data Protection Regulation — GDPR) and the applicable Austrian data protection legislation (Datenschutzgesetz — DSG).

3. Hosting Provider

Our website is hosted by Vercel Inc. (USA). When you visit the website, technical data (e.g. IP address, browser type, access time) is automatically collected via server logs. This data is used exclusively to ensure the stability, security and proper functioning of the website.

Data processing may occur on servers within the European Union as well as outside the EU. In the event of data transfers outside the EEA, Vercel applies appropriate safeguards in accordance with the GDPR, including Standard Contractual Clauses (SCC).

4. Data Collected

  • Contact form data (name, email address, project type, budget, message) — when you submit an inquiry via the contact form on our website. Data submitted through the contact form is used exclusively to process and respond to your inquiry.
  • Chatbot data — messages you enter in the chatbot may be forwarded to an AI service provider (Groq / OpenAI) to generate responses. We do not permanently store chatbot conversation history.
  • Contact data (name, email address, phone number) — when you contact us directly via phone or email.
  • Technical / server log data (IP address, browser type, access timestamps) — automatically collected by the hosting server for security purposes.
  • Google Fonts — loaded only after your explicit consent. When loaded, Google LLC servers in the USA may process your IP address.
  • Consent preference (nd_cookie_consent) — stored exclusively in your browser's localStorage. This is not transmitted to any server.

5. Legal Basis for Processing (Art. 6 GDPR)

  • Art. 6(1)(a) — Consent: cookies, Google Fonts loading.
  • Art. 6(1)(b) — Contract: processing necessary for responding to business inquiries and performing contracted services.
  • Art. 6(1)(f) — Legitimate interests: server security logs, fraud prevention, protection of our IT systems.

6. Data Retention

  • Business contact inquiries: retained for up to 3 years or until the business purpose is fulfilled, whichever is earlier.
  • Server logs: maximum 30 days, unless a longer retention is required for security incident investigation.
  • Consent preference: stored locally in your browser until you manually clear your browser storage.

7. Your Rights (Art. 15–22 GDPR)

You have the right to:

  • Access your personal data (Art. 15)
  • Rectification of inaccurate data (Art. 16)
  • Erasure ("right to be forgotten") (Art. 17)
  • Restriction of processing (Art. 18)
  • Data portability (Art. 20)
  • Object to processing based on legitimate interests (Art. 21)
  • Withdraw consent at any time without affecting the lawfulness of prior processing

To exercise any of these rights, contact: office@sintellogic.at

8. Right to Lodge a Complaint

You have the right to lodge a complaint with the Austrian supervisory authority:
Datenschutzbehörde (DSB)
Barichgasse 40–42, 1030 Wien, Austria
www.dsb.gv.at

9. NISG 2026 — Network and Information Security

SintelLogic aligns its technical and organizational security operations with the requirements of the Austrian Netz- und Informationssystemsicherheitsgesetz (NISG 2026), which implements the EU NIS2 Directive (Directive 2022/2555) into Austrian national law. The following security measures are applied:

  • Confidentiality, integrity and availability of all business information systems
  • Access control and authentication measures for all system entry points
  • Incident identification and response procedures aligned with Art. 23 NIS2 reporting requirements
  • Vulnerability management and regular security assessments
  • Supply chain security awareness for third-party service providers
  • Business continuity and disaster recovery planning
  • Security awareness training and internal policy enforcement

To report a security incident, suspected vulnerability, or cybersecurity concern related to SintelLogic systems, contact:
office@sintellogic.at

10. Cookies and Local Storage

This website stores a single consent preference key (nd_cookie_consent) in your browser's localStorage. This is not a tracking cookie and is not transmitted to any external server. No advertising, analytics, or profiling cookies are used. You can clear this preference at any time through your browser settings (Clear site data / localStorage).

11. Third-Party Services

Google Fonts (Google LLC) — This service is only activated after you explicitly accept cookies. By accepting, you acknowledge that Google LLC (Mountain View, CA, USA) may process your IP address for font file delivery. Data transfers to the USA are covered by Google's Standard Contractual Clauses.
Google Privacy Policy: policies.google.com/privacy

12. Changes to This Policy

We may update this Privacy Policy to reflect changes in legislation or our data practices. The "last updated" date at the top of this page will reflect any revisions. Continued use of the website after changes constitutes acceptance of the updated policy.