Privacy Policy | Data Protection | Lobster Development GmbH | GDPR Compliant
Comprehensive privacy policy for Lobster Development GmbH. Learn how we collect, process, and protect your personal data in compliance with GDPR and Austrian privacy laws.
Privacy Policy
Effective Date: January 15, 2024
This Privacy Policy describes how Lobster Development GmbH (“we,” “us,” “our,” or “Company”) collects, uses, processes, and protects your personal information when you visit our website or engage our services.
1. Controller Information
Data Controller: Lobster Development GmbH Bischofplatz 1, 8010 Graz, Austria Phone: +43 677 62301664 Email: office@lobster.ly VAT: ATU75277727
Data Protection Officer: For data protection inquiries, please contact us at office@lobster.ly
2. Information We Collect
2.1 Personal Information You Provide
We collect information you voluntarily provide when:
- Contacting Us: Name, email address, phone number, company details, project requirements
- Requesting Services: Business information, technical requirements, project specifications
2.2 Automatically Collected Information
When you visit our website, we automatically collect:
- Technical Data: Browser type, operating system, device information
- Usage Data: Pages visited, time spent, referral sources, user interactions
- Performance Data: Website loading times, error reports, technical diagnostics
2.3 Business Information
For our professional services, we may process:
- Company Information: Business name, industry, size, location
- Project Data: Technical requirements, specifications, deliverables
- Communication Records: Email exchanges, meeting notes, project documentation
- Financial Data: Invoicing information, payment records (processed securely)
3. Legal Basis for Processing
We process your personal data based on:
3.1 Contractual Necessity (Art. 6(1)(b) GDPR)
- Providing software development services
- Managing client relationships and projects
- Processing payments and invoicing
3.2 Legitimate Interests (Art. 6(1)(f) GDPR)
- Website functionality and security
- Business communication and relationship management
- Improving our services and website
3.3 Consent (Art. 6(1)(a) GDPR)
- Newsletter subscriptions
- Marketing communications to prospects
- Non-essential cookies
3.4 Legal Obligations (Art. 6(1)(c) GDPR)
- Tax and accounting records
- Legal compliance requirements
4. How We Use Your Information
4.1 Service Delivery
- Project Management: Coordinating software development projects
- Communication: Responding to inquiries and providing updates
- Technical Support: Resolving issues and providing assistance
- Quality Assurance: Ensuring service standards and client satisfaction
4.2 Business Operations
- Administration: Managing contracts, invoicing, and business records
- Legal Compliance: Meeting regulatory and legal requirements
- Risk Management: Protecting against fraud and security threats
- Business Development: Understanding client needs and market trends
5. Information Sharing and Disclosure
5.1 We Do Not Sell Personal Data
We never sell, rent, or trade your personal information to third parties for marketing purposes.
5.2 Authorized Sharing
We may share information with:
Service Providers:
- Cloud hosting providers (for website and email services)
- Payment processors (for secure transaction processing)
- Professional service providers (accounting, legal, consulting)
Legal Requirements:
- Government authorities when required by law
- Legal proceedings or investigations
- Protecting our rights and interests
5.3 Data Transfer Safeguards
When transferring data outside the EU:
- We ensure adequate protection levels
- Use Standard Contractual Clauses where appropriate
- Implement additional safeguards as required
6. Data Security Measures
6.1 Technical Safeguards
- Encryption: Data encrypted in transit and at rest
- Access Controls: Restricted access based on business need
- Security Monitoring: Continuous monitoring for threats
- Regular Updates: Security patches and system updates
6.2 Organizational Measures
- Data Handling Procedures: Documented processes and protocols
- Incident Response: Procedures for data breach management
- Vendor Management: Due diligence on third-party providers
6.3 Physical Security
- Secure office premises with controlled access
- Protected storage of physical documents
- Secure disposal of confidential materials
7. Data Retention
7.1 Retention Periods
Client Project Data: 7 years after project completion (legal requirement)
Financial Records: 7 years for tax and accounting purposes
Marketing Communications: Until consent is withdrawn
Contact Information: Until relationship ends or deletion requested
7.2 Deletion Procedures
We securely delete or anonymize data when:
- Retention period expires
- Legal basis for processing ends
- You request deletion (subject to legal obligations)
- Data is no longer necessary for original purpose
8. Your Privacy Rights
Under GDPR, you have the right to:
8.1 Access and Portability
- Right to Access: Request a copy of your personal data
- Data Portability: Receive data in a structured, machine-readable format
8.2 Correction and Deletion
- Right to Rectification: Correct inaccurate or incomplete data
- Right to Erasure: Request deletion of your personal data
8.3 Processing Rights
- Right to Restrict: Limit how we process your data
- Right to Object: Object to processing based on legitimate interests
- Right to Withdraw Consent: Withdraw consent at any time
8.4 Supervisory Authority
You have the right to lodge a complaint with: Austrian Data Protection Authority (Datenschutzbehörde) Barichgasse 40-42, 1030 Wien, Austria Phone: +43 1 52 152-0 Email: dsb@dsb.gv.at
9. International Data Transfers
9.1 EU/EEA Processing
We primarily process data within the EU/EEA using reputable service providers.
9.2 Third Country Transfers
When necessary, we transfer data internationally with appropriate safeguards:
- Adequacy Decisions: Countries with adequate protection levels
- Standard Contractual Clauses: EU-approved transfer mechanisms
- Additional Safeguards: Technical and organizational measures
10.1 Privacy Inquiries
For privacy-related questions or concerns:
Lobster Development GmbH Bischofplatz 1, 8010 Graz, Austria Phone: +43 677 62301664 Email: office@lobster.ly
10.2 Exercise Your Rights
To exercise your privacy rights, please contact us with:
- Clear identification of your request
- Verification of your identity
- Specific information or data involved
- Preferred method of response
10.3 Response Timeline
We will respond to your privacy requests within 30 days of receipt, or inform you if additional time is needed.
11. Additional Information
11.1 Third-Party Links
Our website may contain links to third-party sites. We are not responsible for the privacy practices of external websites.
11.2 Professional Confidentiality
As a professional services provider, we maintain strict confidentiality standards beyond legal requirements.
11.3 Consent Withdrawal
You can withdraw consent for marketing communications at any time using unsubscribe links or contacting us directly.
Last updated: August 13, 2025
This Privacy Policy demonstrates our commitment to protecting your personal information and maintaining transparent data practices in compliance with applicable privacy laws.