Coming Soon - The platform will be available shortly.

Legal

Privacy Policy

Information on processing personal data under GDPR and applicable Austrian law

Version: 1.0
As of: April 2026

We process personal data in accordance with applicable data protection law, in particular the GDPR, the Austrian Data Protection Act (DSG), and where applicable the Austrian Telecommunications Act (TKG 2021).

This policy explains how personal data is processed on our website, within our SaaS platform "IIA Analysis Suite", in AI-supported features, and in communication and contractual processes.

1. Data Controller

IIA Analysis Suite e.U.
Owner: Kristina Momirovic
Hildebrandgasse 39
1180 Vienna, Austria

Email: office@iia-analysis.at

2. Privacy Contact

For privacy-related questions or to exercise your rights, contact us at office@iia-analysis.at.

Read more from section 3

3. Definitions

Personal data means information relating to an identified or identifiable natural person. Processing means any operation performed on personal data.

4. Our Role

a) Controller

We act as controller for our own business purposes (website operation, contracts, support, invoicing, compliance, security, communication).

b) Processor

Where customers upload and process their own personal data in the platform, we generally act as processor under Art. 28 GDPR.

5. Categories of Data

  • Website access and log data
  • Contact and communication data
  • Contract and customer data
  • User account and authentication data
  • Platform usage and AI interaction data
  • Billing and payment data

6. Purposes

  • Provide and improve website and SaaS services
  • User administration and access control
  • Contract performance, invoicing, support
  • Security, abuse prevention, and system stability
  • Legal compliance and defense of legal claims
  • Marketing and newsletters (where permitted or consented)

7. Legal Bases

  • Art. 6(1)(b) GDPR - contract and pre-contractual measures
  • Art. 6(1)(c) GDPR - legal obligations
  • Art. 6(1)(f) GDPR - legitimate interests
  • Art. 6(1)(a) GDPR - consent
  • Art. 28 GDPR - processing on behalf of customers

8. AI Features

AI features are designed as assistance tools. They are not intended for solely automated decisions with legal or similarly significant effects on individuals.

Users must ensure lawful input and should minimize personal data in prompts where possible.

9. Cookies

Necessary cookies are used for secure operation. Optional analytics/marketing cookies are used only with consent.

10. Analytics and Tracking

Analytics tools are used only where legally permitted and, if required, with consent.

11. Hosting and Infrastructure

We use technical service providers for hosting and infrastructure under appropriate data-processing agreements.

12. Recipients

Data may be shared with hosting, IT, communication, accounting, legal, payment, analytics, and authority recipients where necessary and lawful.

13. International Transfers

Transfers outside the EEA occur only with safeguards under Art. 44 ff. GDPR (e.g., adequacy decision or SCCs).

14. Retention

Data is stored only as long as necessary or required by law (e.g., accounting retention periods).

15. Security

We implement appropriate technical and organizational measures, including access controls, encryption in transit, logging, and backups.

16-18. Your Rights

You have rights of access, rectification, deletion, restriction, portability, objection, and withdrawal of consent.

19. Supervisory Authority

In Austria: Austrian Data Protection Authority, Barichgasse 40-42, 1030 Vienna, www.dsb.gv.at.

20-27. Additional Provisions

Additional sections cover data provision obligations, automated decision-making, newsletter/direct marketing, contact requests, customer accounts, support processing, confidentiality obligations, and updates to this policy.