Privacy Policy
This Privacy Policy explains how TAOVOSF processes personal data in connection with this website and TAOVOSF services, including hosted profile pages, vCard generation, and QR redirect management.
1. Controller
TAOVOSF / Andriy Tkachenko (sole proprietor)
Postal address: available in the legal notice (Impressum).
Email: taovosf@gmail.com
Phone: +43 676 7343488
No data protection officer has been appointed (where not legally required).
2. Scope of this Policy
This Policy applies to:
- visits to the TAOVOSF website,
- communication by email/phone,
- setup and maintenance of TAOVOSF hosted profile pages,
- vCard creation and delivery,
- QR redirect management (including private management access via unique URL + PIN/passcode),
- customer support and requested changes.
3. What data we process
Depending on how you use TAOVOSF, we may process the following categories of data.
3.1 Website access data (technical/server logs)
When you visit the website, technical access data may be processed automatically, such as:
- IP address
- date/time of request
- requested URL
- referrer URL
- browser/device information
- operating system
- status codes / technical diagnostics data
3.2 Communication and onboarding data
If you contact TAOVOSF by email or phone (or otherwise send setup details), we may process:
- name
- email address
- phone number
- message content
- attached files (e.g., photo, logo)
- links and contact details submitted for setup
- communication metadata (e.g., timestamps)
3.3 Hosted profile page / vCard data
If you order or use a TAOVOSF hosted page / vCard service, we may process data you provide for setup and publication, such as:
- name
- title / role
- company / brand
- location/address
- about/description text
- contact details (phone, email, website)
- social/profile links
- photo and/or logo (optional)
- vCard content selections
3.4 Redirect management data
If redirect management is enabled, we may process:
- redirect destination URLs you submit
- current active redirect selection
- private management access URL (unique link)
- access PIN/passcode (customer-chosen or generated)
- requested redirect changes (including support requests handled by email)
4. Sources of data
We receive personal data:
- directly from you (e.g., when you contact us or send setup details),
- automatically from your browser/device when visiting the website (server logs),
- from your instructions for hosted page / vCard / redirect setup.
5. Purposes and legal bases of processing
We process personal data for the following purposes.
5.1 Website operation, security and stability
To provide the website, maintain availability, monitor errors, and protect against abuse/attacks.
Legal basis: Art. 6(1)(f) GDPR (legitimate interests in secure and reliable website operation).
5.2 Communication and pre-contract / contract handling
To answer inquiries, discuss service options, process orders, deliver setup information, and provide support.
Legal basis: Art. 6(1)(b) GDPR (pre-contractual steps / performance of a contract) and, where applicable, Art. 6(1)(f) GDPR (legitimate interests in communication and support).
5.3 Hosted page / vCard setup and maintenance
To create, configure, publish, and maintain your hosted profile page and/or vCard, based on the information and files you provide.
Legal basis: Art. 6(1)(b) GDPR (performance of a contract). Where optional publication choices are involved, processing may also rely on your instructions/authorization and, where applicable, consent under Art. 6(1)(a) GDPR.
5.4 Redirect management
To set up and maintain QR redirect destinations, provide private management access, and process redirect change requests.
Legal basis: Art. 6(1)(b) GDPR (performance of a contract), and where relevant Art. 6(1)(f) GDPR (service integrity and support).
5.5 Legal compliance and enforcement
To comply with legal obligations and, where necessary, establish, exercise, or defend legal claims.
Legal basis: Art. 6(1)(c) GDPR (legal obligation) and/or Art. 6(1)(f) GDPR (legitimate interests).
6. Public vs. non-public data (important)
TAOVOSF can publish customer information on:
- a public TAOVOSF hosted profile page, and/or
- a vCard file (if configured for sharing/download).
Please send only the information and files that you want to be included in your hosted page / vCard.
Data submitted only for private administration, support, or billing purposes is not intended for public display unless you explicitly request otherwise.
7. Recipients / service providers
TAOVOSF does not sell your personal data.
We may share or make data available only as necessary to:
- technical service providers (e.g., hosting, email providers) who support operation of the service,
- authorities or other parties where disclosure is required by law,
- professional advisers (if legally necessary and subject to confidentiality obligations).
Service providers process data only to the extent necessary to provide their services to TAOVOSF.
8. International data transfers
TAOVOSF aims to operate services within the EU/EEA where possible.
If personal data is transferred to a country outside the EU/EEA, TAOVOSF will do so only where permitted by law and with appropriate safeguards (where required).
9. Retention periods
TAOVOSF stores personal data only as long as necessary for the purposes described in this Policy, including support, legal, and operational requirements.
Typical examples:
- Server log data: retained for a limited period for security/technical purposes (subject to hosting configuration).
- Communication data: retained as needed to handle your request and provide support, and for a reasonable follow-up/documentation period.
- Hosted page / vCard / redirect setup data: retained while the service is active, and as needed to process updates, support requests, or legal obligations.
- Public hosted page data: removed when requested (see Section 12), subject to backup/log retention cycles.
10. Cookies / tracking
TAOVOSF does not use external marketing analytics/tracking tools (such as Google Analytics) unless explicitly stated otherwise.
If technically necessary cookies are used (for security or session-related functions), they are used only as required for operation of the service.
Analytics and Advertising Tracking (currently not active)
TAOVOSF may add website analytics and advertising conversion tracking tools in the future, including tools such as Google Analytics (GA4) and Google Ads conversion tracking.
If such tools are enabled, this Privacy Policy will be updated to describe:
- which tools are used,
- what data is processed,
- the purposes of processing,
- the applicable legal basis,
- cookie/consent requirements and user choices,
- recipients of data, and
- international data transfers (if applicable).
Where required by applicable law, non-essential cookies and advertising/analytics tracking technologies will only be activated after the user has provided valid consent.
11. Automated decision-making / profiling
TAOVOSF does not use automated decision-making (including profiling) within the meaning of the GDPR.
12. Your rights (GDPR)
Subject to applicable law, you may have the right to:
- access your personal data (Art. 15 GDPR),
- rectify inaccurate data (Art. 16 GDPR),
- erase data (“right to be forgotten”) (Art. 17 GDPR),
- restrict processing (Art. 18 GDPR),
- data portability (Art. 20 GDPR),
- object to processing based on legitimate interests (Art. 21 GDPR),
- withdraw consent at any time (where processing is based on consent; withdrawal does not affect prior lawful processing).
To exercise your rights, contact: taovosf@gmail.com
When contacting TAOVOSF, please include enough information to identify your record (for example: your hosted page URL, QR ID, or the email used for setup).
Deletion requests (service commitment)
You may request correction or deletion of your contact data at any time. TAOVOSF will normally remove public-facing hosted page/vCard data within 24 hours of a valid request (often sooner), while some backup/log data may remain for a limited period due to technical retention cycles.
13. Complaint to a supervisory authority
If you believe your personal data is being processed unlawfully, you have the right to lodge a complaint with a supervisory authority.
For Austria, the competent authority is the Austrian Data Protection Authority (Datenschutzbehörde, DSB).
14. Changes to this Privacy Policy
TAOVOSF may update this Privacy Policy from time to time (for example, if the website, service features, or providers change).
The current version published on this page applies.
15. Contact for privacy requests
For privacy-related questions or requests (access, correction, deletion), please contact: