MediSea Robotics e.U. ("we," "us," "our") is committed to protecting your privacy and complying with Austrian and EU data-protection laws, including the GDPR and the Austrian Data Protection Act (DSG). This policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website or engage with our services.
1. Controller and contact details
Controller:
MediSea Robotics e.U. (FN 652960k)
Heiligengeistgasse 35 / TOP 38, 5270 Mauerkirchen, Austria
Landesgericht Ried im Innkreis
Inhaber: Dr. rer. nat. Joseph Ambrose Pagaran
GLN: 9110021959780
Data protection contact:
2. Legal basis and purposes of processing
We process personal data only where we have a lawful basis under Art. 6 GDPR. Typical grounds include:
- Contractual necessity (e.g., to respond to inquiries or perform pilots).
- Legitimate interests (e.g., improving our website and analytics).
- Consent (e.g., marketing newsletters).
We use your data to:
- Provide and support our services.
- Personalise your experience (form pre-fill, content recommendations).
- Communicate updates, whitepapers, and events (with opt-in consent).
- Analyse usage patterns for service improvement.
- Fulfil legal obligations under Austrian and EU law.
3. Categories of data collected
| Category | Examples |
|---|---|
| Identity and contact | Name, title, email, phone, company and role, postal address |
| Technical and usage | IP address, device type, browser, pages visited, cookies |
| Profile and preference | Industry, use-case interests, marketing consents |
| Third-party sources | Data from LinkedIn or Google OAuth, CRM enrichment (with consent) |
4. Cookies and tracking technologies
We employ:
- Essential cookies: session management (strictly necessary).
- Performance cookies: anonymised analytics (Google Analytics, Matomo).
- Functional cookies: language and region preferences (with opt-out).
You may control cookie settings via your browser. Disabling non-essential cookies may limit functionality. See our Cookie Policy for details.
5. Data recipients and international transfers
We share data only with:
- Sub-processors (hosting, email, CRM under EU-standard contracts).
- Legal authorities (if required by Austrian law or court order).
- Business successors (in merger or sale scenarios, with notice).
Transfers outside the EEA occur only when:
- Adequate safeguards exist (Standard Contractual Clauses).
- The recipient is in a country with an EU adequacy decision.
6. Data retention
- Enquiries and pilots: kept for up to 5 years after last contact.
- Marketing consents: until withdrawn.
- Legal records: as required by the Austrian Commercial Code (UGB) and tax law (up to 7 years).
- Anonymised data: indefinitely for analytics.
7. Your rights under GDPR and Austrian law
You have the right to:
- Access your data (Art. 15 GDPR).
- Rectify inaccuracies (Art. 16).
- Erase your data (right to be forgotten, Art. 17).
- Restrict processing (Art. 18).
- Data portability (Art. 20).
- Object to processing (Art. 21).
- Withdraw consent at any time.
To exercise your rights, email hello@medisearobotics.com or write to the controller address above. We respond within one month.
8. Security measures
We implement appropriate technical and organisational measures, such as:
- TLS encryption on all web traffic.
- Role-based access controls.
- Regular vulnerability assessments and penetration tests.
- Data minimisation and pseudonymisation where feasible.
9. Children's privacy
Our services are not directed at children under 16. We do not knowingly collect personal data from minors. If you believe we have, please contact us for prompt deletion.
10. Complaints and supervisory authority
If you believe your data is mishandled, you may lodge a complaint with:
11. Updates to this policy
We may revise this policy to reflect legal updates or operational changes. We will publish changes here with a new "Last updated" date and, where required, obtain your renewed consent.