top of page

We, GROPYUS AG (hereinafter "Gropyus"), process your personal data in accordance with the applicable legal data protection provisions of the European Union, in particular the General Data Protection Regulation ("GDPR") and, in addition, the Austrian Data Protection Act and, to the extent applicable, other national data protection laws of the EU and Liechtenstein.

In the following, we inform you about the type, scope and purpose of the collection and use of personal data in the context of the use of our website as well as your rights as a data subject in the context of the processing of your personal data by us. You can find the full version of the Privacy Policy here.

The terminology used here corresponds to that of the GDPR.

Data Controller and Data Protection Officer:

GROPYUS AG, Barichgasse 40, 1030 Vienna, Austria


You can find our imprint here.


Our data protection officer is Nikolaus Bertermann, daspro GmbH, Neues Kranzler Eck, Kurfürstendamm 21, 10719 Berlin, Germany Please direct any inquiries regarding data protection to

Data processing when visiting our website

The use of our website is possible without registration and login. However, personal data is also collected from you to a certain extent during a mere informational visit to our website. For example, when you access our website, your Internet browser automatically transmits data to our web server for technical reasons. This data includes the date and time of access, the URL of the referring website, the file accessed, the amount of data sent, the browser type and version, the operating system and your IP address. This data is stored separately from other data that you enter in the context of requests on our website and is not merged. It is not possible for us to assign this data to a specific person; the data is evaluated exclusively for statistical purposes and, if necessary, for IT security reasons and then deleted.

We process this data on the basis of our legitimate interests within the meaning of Art. 6 (1) (f) GDPR, for the provision and display of the website, to ensure and maintain technical operation, for the purpose of identifying and eliminating faults, and for IT security reasons (e.g. to clarify cases of misuse or security incidents).

There is no automated decision making (i.e. no profiling).

Contact requests

If you send us an inquiry via e-mail, we will process your personal data from and about this inquiry for the purpose of responding to your inquiry. As a legal basis, we rely on our legitimate interest pursuant to Art. 6 (1) lit f DSGVO.

Data subject rights

As a data subject, you are entitled to various data subject rights in accordance with and under the respective conditions of the GDPR. These are in detail:

  • Right to information: You have the right to request information from us about the data stored about you and about its origin. This also includes the possibility to receive a copy of your data. At your request, the information can also be provided electronically.

  • Right to rectification, erasure and restriction of processing: You have the right to request the rectification as well as the erasure or restriction of the processing of your personal data.

  • Right to data portability: Insofar as you have provided us with data on the basis of a contract or consent, you can demand that you receive the data you have provided in a structured, common and machine-readable format or that we transfer it to another data controller.

  • Right of objection: Insofar as we process your data on the basis of a balance of interests in accordance with Art. 6 (1) (f) GDPR, you have the right to object to this data processing. We will then refrain from processing your data from the time of your objection. Unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves the assertion, exercise or defense of legal claims.

  • Revocation of consents: Consents given by you, e.g. to the sending of newsletters, can be revoked at any time.

You have the right to lodge a complaint with the competent supervisory authority if you believe that the processing of your data violates applicable law. To do so, you can contact the data protection authority responsible for your place of residence or country, or the data protection authority responsible for us:

Austrian Data Protection Authority Barichgasse 40-42, 1030 Vienna

Storage duration

We store your personal data only as long as this is necessary for the fulfillment of the relevant purposes. After the end of the purpose, we delete your personal data in compliance with legal retention rights and obligations and insofar as other legal regulations do not conflict with this. For the data of website visitors this means that IP addresses are saved for 30 days and then deleted. Data on inquiries will be deleted after ten calendar years at the latest.

Data security

Gropyus uses appropriate technical and organizational security measures in order to protect the data you have provided against manipulation, loss, destruction or unauthorized access. We continuously revise our security measures in line with technological developments.


We only transfer your personal data to external third parties if this is necessary for the processing or handling of your request, if another legal permission exists or if we have your consent for this. External recipients of the data of our website visitors can be in particular service providers that we use for the provision of services, for example in the areas of technical infrastructure and maintenance of our website. Such service providers as processors are carefully selected and regularly reviewed by us. They may only use the data for the purposes specified by us and in accordance with our instructions.


We reserve the right to adjust the privacy policy from time to time. The amended version will be published at this same place. The current Privacy Policy at the time of your visit to our website applies.

Status May 07, 2021

Data privacy

bottom of page