Privacy Policy

1. Introduction

TrueMomentum AG ("we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, process, and protect your personal information when you visit our website or use our services.

As a company registered in Austria and operating within the European Union, we comply with the General Data Protection Regulation (GDPR) and Austrian data protection laws. This policy applies to all personal data we process about you.

2. Data Controller Information

The data controller responsible for your personal data is:

3. Data Collection

We collect different types of personal data depending on how you interact with our services. The data we collect includes information you provide directly to us, information collected automatically when you use our website, and information from third-party sources.

3.1 Information You Provide

When you contact us, request our services, or interact with our website, we may collect:

• Contact information (name, email address, phone number, postal address)
• Company or organisation details
• Service enquiries and preferences
• Communication content (messages, feedback, support requests)
• Professional information relevant to our services

3.2 Automatically Collected Information

When you visit our website, we automatically collect certain technical information:

• IP address and device information
• Browser type and version
• Operating system
• Pages visited and time spent on our website
• Referral source and exit pages
• Cookie and tracking technology data

4. How We Use Your Information

We process your personal data for various purposes based on different legal grounds under GDPR. How we use your data depends on the services you use and your relationship with us.

4.1 Service Provision

We use your personal data to provide our group training programme design services, including:

• Responding to your enquiries and service requests
• Developing customised training programmes
• Providing ongoing support and consultation
• Processing payments and maintaining billing records
• Communicating about project progress and deliverables

4.2 Website and Service Improvement

We analyse website usage and service performance to improve our offerings:

• Monitoring website performance and user experience
• Identifying areas for service enhancement
• Developing new services based on client needs
• Ensuring website security and functionality

5. Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

Our website uses different types of cookies and tracking technologies:

• Necessary cookies: Essential for website functionality and security
• Analytics cookies: Help us understand how visitors use our website
• Functional cookies: Remember your preferences and settings
• Marketing cookies: Used for advertising and remarketing purposes

For detailed information about our use of cookies, please see our Cookie Policy.

6. Data Sharing and Disclosure

We do not sell, trade, or rent your personal data to third parties. We may share your information only in the following circumstances:

• Service providers: Trusted third-party providers who assist with our operations (hosting, analytics, payment processing)
• Legal requirements: When required by law, court order, or government authority
• Business protection: To protect our rights, property, or safety, or that of our clients or others
• Business transfers: In connection with a merger, acquisition, or sale of business assets

All third-party service providers are contractually bound to protect your data and use it only for specified purposes.

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this Privacy Policy, comply with our legal obligations, resolve disputes, and enforce our agreements.

Our retention periods vary depending on the type of data and purpose:

• Contact enquiries: Up to 3 years from last contact
• Client project data: Up to 7 years after project completion
• Website analytics: Up to 26 months
• Marketing data: Until you withdraw consent or opt out
• Legal compliance: As required by applicable laws

8. Your Rights

Under GDPR and Austrian data protection law, you have several rights regarding your personal data:

• Right of access: Request information about the personal data we hold about you
• Right to rectification: Request correction of inaccurate or incomplete data
• Right to erasure: Request deletion of your personal data in certain circumstances
• Right to restrict processing: Request limitation of how we process your data
• Right to data portability: Request transfer of your data to another service provider
• Right to object: Object to processing based on legitimate interests or for direct marketing
• Right to withdraw consent: Withdraw consent for processing where consent is the legal basis

To exercise any of these rights, please contact us using the information provided in the contact section below. We will respond to your request within one month.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication measures
• Employee training on data protection
• Incident response procedures

However, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security but strive to use commercially acceptable means to protect your personal data.

10. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA) where our service providers are located. When we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as:

• European Commission adequacy decisions
• Standard contractual clauses approved by the European Commission
• Binding corporate rules or certification schemes

11. Children's Privacy

Our services are not directed to individuals under the age of 16, and we do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16 without appropriate consent, we will delete such information promptly.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and updating the "Last Updated" date.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

13. Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or have concerns about how we handle your personal data, please contact us:

You also have the right to lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde) if you believe we have not handled your personal data in accordance with applicable law.

14. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR:

• Contract performance: To provide our services and fulfil contractual obligations
• Legitimate interests: For business operations, fraud prevention, and service improvement
• Legal compliance: To comply with legal obligations and regulatory requirements
• Consent: Where you have given specific consent for certain processing activities