We’re glad you’re visiting our website! Privacy is a matter of trust, and your trust is important to us.
Protecting personal data is therefore a particularly important concern for us. We would like to inform you here about which of your personal data we collect when you visit our websites, for what purposes it is used, and to whom we may possibly disclose it.
We comply with the legal provisions concerning data protection and data security. In particular, data is used solely for the purposes listed below, and measures are taken to ensure data security by guaranteeing that data is used properly and is not accessible to unauthorized persons. Our clients, service providers, and their employees are bound to confidentiality regarding the data we disclose to them, unless there is a legally permissible reason for transmission or disclosure of the entrusted or made-available data.
This privacy statement applies to the online offering of the responsible party, which is reachable under the domain https://www.today-experts.com/ and its various sub-domains (hereafter referred to as “our websites”). We reserve the right to adapt the privacy statement for future effect, especially in case of website development, the use of new technologies, or changes to legal foundations or related case law.
You can print or save this privacy statement using the usual functionality of your browser. We recommend attaching a printed copy of the privacy statement to your records.
Gender-Disclaimer
For better readability, masculine forms are used for personal references and nouns on this website. Corresponding terms are understood, in the sense of equal treatment, to apply to all genders. This shortened linguistic form serves solely readability and carries no valuation.
1. Name and Address of the Responsible Party
The responsible party according to Art. 4 No. 7 of the EU General Data Protection Regulation (GDPR) is:
TODAY Experts GmbH
Favoritenstraße 34/Top 11
1040 Vienna, Austria
Phone: +43 1 504 80 90-0
E-mail: office@today-experts.com
2. Contact for Data-Protection Inquiries
TODAY Experts GmbH
Favoritenstraße 34/Top 11
1040 Vienna, Austria
Phone: +43 1 504 80 90-0
E-mail: dataprotection@today-experts.com
3. General Information on Data Processing
3.1 Scope of processing personal data
Personal data are any information relating to an identified or identifiable natural person. We collect and use personal data of our users only insofar as it is necessary to provide a functional website and to present our content and services. The collection and use of personal data of our users occurs only after the user’s consent. An exception applies where prior consent is not possible and the processing is permitted by law.
3.2 Legal bases for collecting and processing your personal data
When we obtain consent from the data subject, Art. 6 (1) (a) GDPR is the legal basis.
When processing is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) (b) GDPR applies (also for pre-contractual measures).
When processing is required to fulfil a legal obligation to which the controller is subject, Art. 6 (1) (c) GDPR applies.
When vital interests of the data subject or another natural person require processing, Art. 6 (1) (d) GDPR applies.
When processing is necessary for the legitimate interests of the controller or a third party, provided those interests are not overridden by the data subject’s rights, Art. 6 (1) (f) GDPR applies.
3.3 Data deletion and retention period
Personal data are deleted or blocked as soon as the purpose of storage ceases. Retention may also occur when required by European or national legislation. Deletion or blocking also takes place when a statutory retention period expires, unless further storage is necessary for contract conclusion or performance.
4. Provision of the Website and Creation of Log Files
When our website is accessed and used, we collect the personal data that your browser automatically transmits to our server. This information is temporarily stored in a log file. To display our website and ensure stability and security, we collect the following technically required data:
These data are also stored in our system’s log files. They do not include IP addresses or other data that could identify a specific user. No combination of these logs with other personal data occurs.
4.1 Legal basis for processing personal data
Art. 6 (1) (f) GDPR serves as the legal basis. The processing is required for providing a website and thus protects the legitimate interest of our company.
4.2 Retention period
Temporary storage of the IP address is necessary to deliver the website to the user’s device. Therefore, the IP address must remain stored for the duration of the session.
5. Use of Cookies
Our website uses cookies—small text files stored locally in the browser’s cache. When a user visits the site, a cookie may be saved on the user’s operating system. This cookie contains a characteristic string that uniquely identifies the browser on subsequent visits. Cookies are not part of the PC system, cannot execute programs, and contain no viruses.
We employ cookies to make our website more user-friendly. Some elements require the browser to be identified across page changes. Cookie use can be technically necessary or serve other purposes.
Various cookies are employed on our sites, differing in type and function.
5.1 Session-cookies and persistent-cookies
A session cookie is deleted once the user closes the browser after the current session. Persistent cookies are stored on the device to retain login information, settings, or preferences for the next visit, facilitating a more convenient and faster experience. Their storage period is limited and they are automatically deleted thereafter. The exact duration varies per cookie. Users can delete these cookies early via their browser’s standard functionality.
5.2 Technically necessary cookies
We use exclusively technically necessary cookies to ensure website functionality—basic navigation and access. Without these cookies the site would not work correctly. The legal basis for using technically necessary cookies is Art. 6 (1) (f) GDPR.
5.3 Retention period
When the data transmitted via cookies are no longer required for the described purposes, they are deleted, especially upon cookie deactivation. Extended storage may occur if legally mandated.
5.4 Legal basis for processing personal data
The legitimate interest of our company under Art. 6 (1) (f) GDPR justifies processing technically necessary cookies. For non-necessary (third-party) cookies we require your consent. If you give consent via the cookie banner, the processing additionally rests on Art. 6 (1) (a) GDPR. Consent can be withdrawn anytime by disabling cookies in your browser settings.
5.5 Configuring browser settings
Cookie management is possible via the configuration options of your browser (see the browser’s help menu). Most browsers accept cookies by default. Changing settings can completely block or limit cookie transmission. Already stored cookies can be deleted at any time, manually or automatically. Disabling cookies may affect full functionality of our website. Browsers also allow you to receive notifications before a cookie is stored; the exact method varies per browser.
5.6 Overview of the cookies used
Cookie name |
Provider |
Purpose |
Expiration |
Type |
|---|---|---|---|---|
cookieyes-consent |
CookieYes |
Stores the user’s consent settings |
1 year |
Technically required (HTTP) |
cookieyesID |
CookieYes |
Internal ID for managing consent status |
1 year |
Technically required (HTTP) |
pll_language |
Polylang |
Saves the language selected by the user to remember the setting on return |
1 year |
Technically required |
6. Contact Form
6.1 Scope of processing personal data
Our websites contain contact forms for electronic communication. When a user utilizes them, the entered data are transmitted to us and stored. The following data may be collected:
Providing this information is voluntary and initiated by the user. The data are used to respond to the inquiry. Consent is obtained during submission, and this privacy statement is referenced.
6.2 Purpose of processing
To enable contact via the form.
6.3 Retention period
Data are deleted once the processing purpose is fulfilled, unless a statutory retention period applies. The conversation ends when the matter is conclusively resolved. No third-party sharing occurs without your consent.
6.4 Legal basis
With user consent – Art. 6 (1) (a) GDPR.
For e-mail transmission – Art. 6 (1) (f) GDPR.
If the e-mail contact aims at concluding a contract – Art. 6 (1) (b) GDPR.
7. E-mail Contact
7.1 Scope of processing personal data
You may also contact us via the provided e-mail address. Personal data contained in the e-mail are stored and used solely for handling your request.
7.2 Purpose of processing
To provide the possibility of contacting us via e-mail or the contact form.
7.3 Retention period
Data are deleted once the purpose is achieved, unless a legal retention requirement applies. The conversation ends when the issue is conclusively resolved. No third-party sharing occurs without your consent.
7.4 Legal basis
For e-mail transmission – Art. 6 (1) (f) GDPR.
If the e-mail contact targets a contract – Art. 6 (1) (b) GDPR.
8. Use of Google reCAPTCHA
We use the service Google reCAPTCHA provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. reCAPTCHA checks whether data entry on our website (e.g., in a contact form) is performed by a human or an automated program, enhancing website security and preventing abuse.
8.1 Scope of processing personal data
Google reCAPTCHA analyses visitor behaviour based on various characteristics. Collected data include, among others:
These data are transferred to Google and processed there. Further information is available at https://policies.google.com/privacy.
8.2 Purpose of processing
Security of our website and protection against automated inputs (spam, bots).
8.3 Retention period
Data are retained only as long as necessary to achieve the purpose.
8.4 Legal basis
Processing is based on Art. 6 (1) (a) GDPR (consent), because reCAPTCHA is not strictly required for website operation. You may withdraw your consent at any time, though certain site functions may become limited without reCAPTCHA.
8.5 Transfer of data to third countries
Data may be transferred to the United States. Google is certified under the EU-US Data Privacy Framework.
9. Rights of the Data Subject
If your personal data are processed, you are a data subject under the GDPR and have the following rights towards the controller:
If you receive our newsletter, you may revoke consent to its receipt at any time without affecting the legality of processing carried out before revocation.
9.1 Right to lodge a complaint with a supervisory authority
Besides other administrative or judicial remedies, you have the right to complain to a supervisory authority, especially in the Member State of your residence, workplace, or where the alleged violation occurred, if you believe the processing of your data breaches the GDPR.
The supervisory authority handling the complaint will inform you about the status and outcome, including the possibility of judicial recourse under Art. 78 GDPR.
If you believe the processing of your data violates data-protection law or your data-protection rights have been infringed, you may file a complaint with the competent supervisory authority.
In Austria, this is the Data Protection Authority, Barichgasse 40-42, 1030 Vienna, Phone: +43 1 52 152-0, E-mail: dsb@dsb.gv.at, website: https://www.dsb.gv.at/.
10. Hyperlinks to External Websites
Our websites contain hyperlinks to third-party sites. Clicking such links redirects you from our site to the external provider’s site. We cannot assume responsibility for the confidential handling of your data on third-party sites, as we have no influence over their privacy practices. Please consult the respective privacy statements of those companies directly.
11. Data Security
We are committed to protecting your privacy and treating your personal data confidentially. To prevent manipulation, loss, or misuse of the data we store, we implement extensive technical and organizational security measures that are regularly reviewed and adapted to technological progress.
Nevertheless, due to the nature of the internet, we point out that data-protection rules and the aforementioned safeguards may not be observed by parties outside our control. For example, unencrypted data—such as data sent via e-mail—can be read by third parties. We have no technical means to influence this. It remains the user’s responsibility to protect the data they provide, for instance by encrypting e-mail communications.
12. Changes to this Privacy Statement
Through the evolution of our apps, services, websites, newsletters, and the content we offer, it may become necessary to amend this privacy statement. TODAY Experts GmbH reserves the right to modify the statement at any time with future effect. The current version is available at https://www.today-experts.com/datenschutzerklaerung/. We recommend reviewing the privacy statement periodically.
Date: 27.01.2026
