Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your personal data.

Last updated: January 2025

1. Introduction

Mehr Kraft Digital Riazi e.U. ("we", "our", or "us") is committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR) and Austrian data protection laws. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our services, including our websites, products (Moodwhisper, Lunterion), consulting services, and payment processing.

2. Data Controller

Mehr Kraft Digital Riazi e.U.

Am langen felde 50/10

1220 Wien, Austria

Email: dpo@mehrkraftdigital.com

Phone: +43 660 729 8774

3. Information We Collect

3.1 Information You Provide

Contact Information: Name, email address, phone number, company name
Account Information: Username, password (encrypted), profile details
Payment Information: Billing address, payment details (processed securely by Stripe)
Communication Data: Messages, inquiries, and feedback you send us
Service-Specific Data: Survey responses, employee feedback (Moodwhisper), CRM data (Lunterion), grant application details

3.2 Information Automatically Collected

Technical Data: IP address, browser type, device information, operating system
Usage Data: Pages visited, time spent, clicks, navigation patterns
Cookies: Session cookies, analytics cookies, preference cookies

4. How We Use Your Data

We process your personal data for the following purposes:

Service Delivery: To provide our consulting, software, and grant acquisition services
Payment Processing: To process payments through Stripe and issue invoices
Communication: To respond to inquiries, send confirmations, and provide customer support
Product Improvement: To analyze usage and improve our services
Legal Compliance: To comply with legal obligations and protect our rights
Marketing: To send relevant updates (only with your consent)

5. Legal Basis for Processing

We process your data based on:

Contractual Necessity: To fulfill our service agreements
Legitimate Interest: For business operations, security, and fraud prevention
Legal Obligation: To comply with tax, accounting, and regulatory requirements
Consent: For marketing communications (you can withdraw consent anytime)

6. Payment Processing and Stripe

We use Stripe to process payments securely. When you make a payment, Stripe collects and processes your payment information directly. We do not store your full credit card details on our servers. Stripe is PCI-DSS compliant and adheres to strict security standards.

For more information, please review Stripe's Privacy Policy at: https://stripe.com/privacy

We receive from Stripe: transaction confirmations, payment status, billing information, and basic payment metadata necessary for order fulfillment and accounting.

7. Data Sharing and Third Parties

We may share your data with:

Payment Processors: Stripe (for payment processing)
Cloud Service Providers: For hosting and infrastructure (with EU data centers where possible)
Analytics Services: To understand usage patterns (anonymized where possible)
Legal Authorities: When required by law or to protect our rights
Business Partners: Only with your explicit consent

We never sell your personal data to third parties.

8. Data Security

We implement industry-standard security measures to protect your data:

Encryption in transit (HTTPS/TLS) and at rest
Secure authentication and access controls
Regular security audits and updates
Employee training on data protection
Backup and disaster recovery procedures

9. Data Retention

We retain your personal data only as long as necessary:

Active Accounts: For the duration of your service agreement
Payment Records: 7 years (Austrian tax law requirement)
Marketing Data: Until you withdraw consent
Legal Claims: As required by applicable law

10. Your Rights Under GDPR

You have the following rights:

Right to Access: Request a copy of your personal data
Right to Rectification: Correct inaccurate or incomplete data
Right to Erasure: Request deletion of your data ("right to be forgotten")
Right to Restriction: Limit how we use your data
Right to Data Portability: Receive your data in a structured format
Right to Object: Object to certain types of processing
Right to Withdraw Consent: For consent-based processing

To exercise your rights, contact us at: dpo@mehrkraftdigital.com

11. Cookies and Tracking

We use cookies to improve your experience. You can control cookies through your browser settings. Types of cookies we use:

Essential Cookies: Required for site functionality
Analytics Cookies: To understand usage patterns
Preference Cookies: To remember your settings

12. International Data Transfers

Your data may be processed outside the EU/EEA. When this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

13. Children's Privacy

Our services are not intended for individuals under 16 years of age. We do not knowingly collect personal data from children.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through our website. Continued use of our services after changes constitutes acceptance.

15. Complaints

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde):

Österreichische Datenschutzbehörde

Barichgasse 40-42

1030 Wien, Austria

Website: www.dsb.gv.at

16. Contact Us

For privacy-related questions or to exercise your rights: