Legal

Privacy Policy

As of: May 2025

2. Controller

This privacy policy informs you about the processing of personal data on the Iftar.at platform (hereinafter "Platform").

We take the protection of your personal data very seriously and process your data exclusively on the basis of legal provisions, in particular the GDPR, the Austrian Data Protection Act (DSG) and the Telecommunications Act (TKG).

Dino Osmanagić

Linz, Österreich

Email:

selamiftar.at

Legal notice:

/impressum

For security reasons no postal address is published. Please send inquiries by email.

3. Overview of processing activities

The following overview summarises the types of data processed and the purposes of their processing.

Types of data processed

Master data (e.g. names, addresses)
Contact data (e.g. email addresses)
Content data (e.g. form inputs)
Usage data (e.g. pages visited, access times)
Meta, communication and process data (e.g. IP addresses, browser information)
Location data (only when using optional map-based features)

Categories of data subjects

Visitors and users of the platform
Submitters of events, restaurants and menus
Communication partners

Purposes of processing

Provision and operation of the platform
Responding to contact requests
Managing and responding to inquiries
Security measures
Reach measurement
Tracking (e.g. interest and behaviour profiling)
Direct marketing (e.g. by email)
Feedback (e.g. collecting feedback via online form)
Provision of our online offering and user experience

4. Legal bases

Below we inform you about the GDPR legal bases on which we process personal data:

Consent (Art. 6(1)(a) GDPR): The data subject has given consent to the processing of their personal data for one or more specific purposes.
Performance of a contract (Art. 6(1)(b) GDPR): Processing is necessary for the performance of a contract to which the data subject is party, or in order to take steps prior to entering into a contract.
Legitimate interests (Art. 6(1)(f) GDPR): Processing is necessary for the purposes of the legitimate interests pursued by the controller or a third party, unless overridden by the interests or rights of the data subject.

In addition to the GDPR, supplementary provisions of the Austrian Data Protection Act (DSG) apply.

5. Supervisory authority

The competent supervisory authority for data protection matters is the Austrian Data Protection Authority (Datenschutzbehörde – DSB).

Website: www.dsb.gv.at

6. Security of processing

We implement appropriate technical and organisational measures in accordance with legal requirements, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing.

Measures include in particular securing the confidentiality, integrity and availability of data by controlling physical and electronic access to data.

7. Transfer of data

In the course of our data processing, data may be transferred to or disclosed to other parties, companies, legally independent organisational units or persons, such as IT service providers.

8. Processing in third countries

If we process data in a third country (i.e. outside the EU/EEA), or if this occurs in the context of using third-party services, it will only take place in compliance with applicable legal requirements.

10. Hosting and infrastructure

The Iftar.at platform is operated via Lovable (Lovable Technology AB) and Supabase (Supabase Inc.). Server log files may be generated in the process.

Server log files:

The hosting provider automatically collects and stores information in server log files that your browser transmits automatically. This data cannot be assigned to specific persons.

Legal basis: Art. 6(1)(f) GDPR (legitimate interests – secure and efficient operation of the platform).

9. Cookies

We use a single technically necessary cookie: iftar_locale – it stores your preferred language and is not used for any other purpose.

This cookie is technically required for the operation of the platform and therefore does not require consent.

We do not use tracking, analytics or advertising cookies.

12. Social media

We maintain profiles on social networks. When visiting our profiles, user data may be processed in the US or other countries.

Instagram (Meta): Privacy policy: instagram.com/about/legal/privacy
Facebook (Meta): Privacy policy: facebook.com/about/privacy

13. Plugins and embedded features

We embed features and content from third parties that are retrieved from their servers. IP addresses of users may be processed in this context.

Google Fonts: Fonts are loaded locally; no connection to Google servers is made. Google privacy policy: policies.google.com/privacy
Google Maps: Map service by Google LLC. Privacy policy: policies.google.com/privacy
YouTube (Google LLC): Video platform. Privacy policy: policies.google.com/privacy

14. Deletion of data

Data we process will be deleted in accordance with legal requirements once the consent permitting processing has been revoked or other permissions cease to apply.

If data is not deleted because it is required for other legally permissible purposes, its processing will be restricted to those purposes.

15. Changes to this privacy policy

We reserve the right to update this privacy policy so that it always complies with current legal requirements or to reflect changes to our services.

16. Your rights as a data subject

You have the following rights with respect to your personal data:

Right to object: You may object to the processing of your personal data at any time.
Right to withdraw consent: You may withdraw any consent you have given at any time.
Right of access: You have the right to request confirmation as to whether relevant data is being processed.
Right to rectification: You may request correction of inaccurate or completion of incomplete data.
Right to erasure: You may request the deletion of your data.
Right to data portability: You may request to receive your data in a structured, commonly used and machine-readable format.
Right to lodge a complaint: You have the right to lodge a complaint with the data protection authority.

17. Definitions

This section provides an overview of the terms used in this privacy policy.

Personal data: Any information relating to an identified or identifiable natural person.
Reach measurement: Reach measurement (also referred to as web analytics) is used to evaluate visitor flows to an online offering.
Remarketing: "Remarketing" or "retargeting" refers to when users are made aware of advertisements for an online offering on other websites.
Location data: Location data is generated when a mobile device (or another device with geolocation capability) connects to a cell, Wi-Fi or similar technical means.
Tracking: "Tracking" refers to the ability to trace user behaviour across multiple online offerings.
Controller: "Controller" means the natural or legal person, authority, agency or other body which alone or jointly determines the purposes and means of the processing of personal data.
Processing: "Processing" means any operation or set of operations performed on personal data, whether or not by automated means.

Generated with the Privacy Policy Generator by Dr. Thomas Schwenke and adapted for Iftar.at.

← Back to home