Last updated: May 2026
This notice gives you a plain-language overview of what happens to your personal data when you visit this website. "Personal data" means any information relating to an identified or identifiable natural person.
Data processing on this website is carried out by:
versa Training GmbH
Steinberg 204, 8151 Hitzendorf, Austria
Email: mail@versa.training
We collect and process personal data for the following purposes:
All processing of personal data (contact forms, analytics) takes place exclusively within the EU. Website content is distributed through a global CDN, but static files do not contain personal data.
The controller responsible for the processing of personal data on this website is:
versa Training GmbH
Steinberg 204
8151 Hitzendorf
Austria
Commercial register number: 669696
Email: mail@versa.training
Data protection contact:
Email: mail@versa.training
For any privacy-related enquiries, please write directly to this email address.
When you submit our contact form, we collect and process the following data:
Data we collect: name, email address, message content, optional phone number
Purpose: to respond to your enquiry and provide customer service
Legal basis: performance of a contract (Art. 6(1)(b) GDPR) or legitimate interest in responding to enquiries (Art. 6(1)(f) GDPR)
Retention period: 3 years after the last communication (stored as email correspondence)
Reason for retention: customer service and follow-up
Data flow: Form submissions are processed by Vercel Functions (EU regions only) and immediately forwarded as email to Infomaniak (Switzerland). The functions do not persist your form data.
When you communicate with us by email, we process:
Data we collect: email address, name, message content
Purpose: email communication and customer support
Legal basis: performance of a contract (Art. 6(1)(b) GDPR) or legitimate interest (Art. 6(1)(f) GDPR)
Processing location: Switzerland (European Commission adequacy decision applies)
Processor: Infomaniak Network SA, Avenue de la Praille 26, 1227 Carouge (Geneva), Switzerland
Data processing agreement: Yes, DPA in accordance with Art. 28 GDPR
Privacy policy:
Infomaniak privacy policy
Retention period: duration of the business relationship + 3 years
Reason for retention: communication records and potential claims
We use PostHog, a privacy-friendly analytics platform, to understand how visitors use our site and to improve the user experience.
Data we collect:
Purpose: to analyse website usage and improve services and user experience
Legal basis: your consent (Art. 6(1)(a) GDPR)
Processing location: European Union (Frankfurt, Germany)
Processor: PostHog Inc.
IP anonymisation: yes - IP addresses are anonymised and not stored
GDPR compliance: fully GDPR-compliant, EU-only processing
Privacy policy: https://posthog.com/privacy
Retention period: 12 months, then automatically deleted
How to opt out: click "Cookie settings" in the website footer or disable analytics cookies in your browser settings
Note: PostHog does not collect directly identifying information. All analytics data is processed on EU servers (Frankfurt, Germany).
To deliver this website reliably and securely, we rely on hosting infrastructure provided by Vercel Inc.
Data processed: IP addresses, browser information, access times
Purpose: content delivery, security and error diagnostics
Legal basis: legitimate interest (Art. 6(1)(f) GDPR)
Processor: Vercel Inc., USA
Privacy policy: https://vercel.com/legal/privacy-policy
We run advertising on Google Ads and LinkedIn, measure the effectiveness of those campaigns (conversion measurement) and use retargeting to re-engage people who have visited our website.
For the collection and transmission of your data to these advertising platforms we are joint controllers with the respective platform pursuant to Art. 26 GDPR (see CJEU judgment of 29 July 2019, Fashion ID, C-40/17).
Joint controllers:
Essence of the arrangement (Art. 26(2) GDPR): we and the respective platform are jointly responsible for the collection and transmission of your data from our website to the platform. The platform is solely responsible for its subsequent processing (ad personalisation, model training, platform-internal reporting).
Data transmitted:
Purpose: measuring the effectiveness of our advertising campaigns
(conversions), retargeting and ad optimisation.
Legal basis – browser pixels: your consent (Art. 6(1)(a) GDPR) in
conjunction with section 165(3) of the Austrian Telecommunications Act 2021 (implementing
Art. 5(3) of the ePrivacy Directive). Pixels are loaded only after you have agreed to
"Marketing" in the cookie banner.
Legal basis – server-side conversion uploads: legitimate interest in
measuring the success of our advertising (Art. 6(1)(f) GDPR). No data is read from your
device; the data originates from URL parameters and form input. You may object at any time
by emailing mail@versa.training.
International transfers: both platforms may transfer data to the United
States. Safeguards in place include the EU Standard Contractual Clauses (SCCs) and
certification of both parent groups under the EU-US Data Privacy Framework (DPF).
Retention periods: Google Ads: click and conversion data for up to
540 days. LinkedIn: Insight Tag data for up to 90 days, conversion data for up to 180 days.
Your rights under Art. 26(3) GDPR: you may exercise your data subject rights (access, erasure, objection, withdrawal of consent, etc.) against either us or the respective platform directly.
Platform privacy policies:
Withdrawal of consent / objection:
We have structured our processing to minimise international transfers. All processing of personal data takes place within the European Economic Area:
Although static content is served globally and our infrastructure provider (Vercel) is based in the United States, we have implemented appropriate safeguards:
For the transmission of advertising and conversion data to Google and LinkedIn (see section 3.5) the following safeguards apply:
You may request a copy of the Standard Contractual Clauses by contacting us at mail@versa.training.
You have the following rights in respect of your personal data:
You have the right to obtain confirmation as to whether we process your personal data and, if so, to access that data and information about the processing.
You have the right to request the correction of inaccurate personal data or the completion of incomplete personal data.
You have the right to request the deletion of your personal data where:
Exception: we may retain data where a statutory retention obligation applies (e.g. tax records for 7 years) or for the establishment, exercise or defence of legal claims.
You have the right to request the restriction of processing of your data where:
You have the right to receive your personal data in a structured, commonly used and machine-readable format (JSON or CSV). This applies to data you have provided to us that is processed by automated means on the basis of consent or contract performance.
You have the right to object at any time to the processing of your personal data that is based on legitimate interests. We will stop processing unless we can demonstrate compelling legitimate grounds that override your interests, rights and freedoms.
Where processing is based on your consent (for example, analytics cookies), you have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.
How to withdraw your consent:
To exercise any of these rights, please contact us:
We will respond to your request within one month of receipt. In complex cases, we may extend that period by a further two months and will let you know if we do.
If you believe that the processing of your personal data infringes data protection law, you have the right to lodge a complaint with a supervisory authority.
Austrian Data Protection Authority:
Barichgasse 40-42, 1030 Vienna, Austria
Phone: +43 1 52 152-0
Email: dsb@dsb.gv.at
Website: www.dsb.gv.at
Our website uses cookies to improve functionality and analyse usage. Cookies are small text files stored on your device.
| Cookie type | Purpose | Legal basis | Duration |
|---|---|---|---|
| Essential cookies | Website functionality, session management, security | Legitimate interest (Art. 6(1)(f) GDPR) | Session |
| Analytics cookies (PostHog) | Page views, clicks, usage patterns (anonymised) | Consent (Art. 6(1)(a) GDPR) | 12 months |
| Marketing cookies (Google Ads, LinkedIn Insight Tag) | Conversion measurement and retargeting for our online advertising | Consent (Art. 6(1)(a) GDPR) | Up to 13 months |
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction or alteration.
| Data category | Retention period | Reason |
|---|---|---|
| Contact form requests | 3 years after last communication | Customer service and follow-up |
| Analytics data (PostHog) | 12 months, then anonymised | Service improvement |
| Email correspondence | Duration of business relationship + 3 years | Communication records |
| Advertising and conversion data (Google Ads) | Up to 540 days | Advertising effectiveness measurement |
| Advertising and conversion data (LinkedIn) | Insight Tag up to 90 days, conversions up to 180 days | Advertising effectiveness measurement |
We do not use automated decision-making or profiling that produces legal effects concerning you or similarly significantly affects you.
Our services are aimed at organisations and adult professionals. We do not knowingly collect personal data from children under 16. If you believe we have collected such data, please contact us at mail@versa.training without delay.
We may update this privacy policy from time to time. The "Last updated" date at the top of this policy will be revised accordingly. We will notify you by email of material changes where we have your email address.
versa Training GmbH
Steinberg 204, 8151 Hitzendorf, Austria
Commercial register number: 669696
Email: mail@versa.training
Last updated: May 2026 · © 2026 versa Training GmbH. All rights reserved.
