Privacy Policy

Introduction

boldimpact GmbH ("we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you visit our website boldimpact.top or use our corporate training services. We are the data controller for the purposes of the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Data Collection

The data we collect includes personal information you provide directly to us and information collected automatically through your use of our services. We collect the following types of personal data:

• Contact Information: Name, email address, phone number, company name, and postal address when you contact us or request our services
• Communication Data: Messages, enquiries, and correspondence you send to us through our contact forms, email, or phone
• Website Usage Data: IP address, browser type, device information, pages visited, time spent on our website, and referring websites
• Training Data: Information related to training programmes, assessments, and feedback when you participate in our services
• Marketing Data: Your preferences for receiving marketing communications and your engagement with our promotional content

How We Use Your Information

We use your personal data for various purposes based on legitimate business interests, contractual necessity, and your consent. Here's how we use your information:

• Service Delivery: To provide corporate training services, respond to enquiries, and manage our business relationship with you
• Communication: To contact you regarding our services, send important updates, and respond to your questions or requests
• Marketing: To send you promotional materials, newsletters, and information about our training programmes (with your consent)
• Website Improvement: To analyse website usage, improve user experience, and optimise our online services
• Legal Compliance: To comply with legal obligations, resolve disputes, and enforce our agreements
• Business Operations: To manage our business, conduct research, and develop new training programmes

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner. For detailed information about the cookies we use, please refer to our Cookie Policy.

Data Sharing and Disclosure

We do not sell your personal data to third parties. We may share your information in the following circumstances:

• Service Providers: With trusted third-party vendors who assist us in delivering our services, such as email marketing platforms, analytics providers, and IT support
• Legal Requirements: When required by law, court order, or government regulation, or to protect our rights and safety
• Business Transfers: In connection with mergers, acquisitions, or sale of business assets, subject to confidentiality agreements
• Consent: With your explicit consent for specific purposes not covered in this policy

Data Retention

We retain your personal data only as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations, and resolve disputes. Generally, we retain contact information and communication records for up to 7 years after our last interaction, training records for up to 5 years, and website analytics data for up to 2 years. You may request deletion of your data at any time, subject to our legal obligations.

Your Rights

Under GDPR and applicable data protection laws, you have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you
• Rectification: Request correction of inaccurate or incomplete personal data
• Erasure: Request deletion of your personal data in certain circumstances
• Restriction: Request limitation of processing of your personal data
• Portability: Request transfer of your data to another organisation
• Objection: Object to processing of your personal data for direct marketing or legitimate interests
• Withdraw Consent: Withdraw consent for processing where consent is the legal basis

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include encryption, secure servers, access controls, regular security assessments, and staff training on data protection. However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

International Data Transfers

As we operate within the European Union, your personal data is primarily processed within the EU/EEA. If we transfer data outside the EU/EEA, we ensure appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses, or binding corporate rules, to protect your personal data in accordance with GDPR requirements.

Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding data protection matters, please reach out to us:

Data Controller Information

boldimpact GmbH is the data controller responsible for your personal data. Our company is registered in Austria with registration number FN758736k and VAT number ATU93625140. We are committed to processing your personal data in accordance with GDPR and Austrian data protection laws.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this policy periodically to stay informed about how we protect your privacy.

Supervisory Authority

If you believe we have not addressed your concerns adequately, you have the right to lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde) or your local supervisory authority if you are located in another EU member state.