Privacy Policy | Data Protection | Lobster Development GmbH | GDPR Compliant

Comprehensive privacy policy for Lobster Development GmbH. Learn how we collect, process, and protect your personal data in compliance with GDPR and Austrian privacy laws.

Privacy Policy

Effective Date: January 15, 2024

This Privacy Policy describes how Lobster Development GmbH (“we,” “us,” “our,” or “Company”) collects, uses, processes, and protects your personal information when you visit our website or engage our services.

1. Controller Information

Data Controller: Lobster Development GmbH Bischofplatz 1, 8010 Graz, Austria Phone: +43 677 62301664 Email: office@lobster.ly VAT: ATU75277727

Data Protection Officer: For data protection inquiries, please contact us at office@lobster.ly

2. Information We Collect

2.1 Personal Information You Provide

We collect information you voluntarily provide when:

  • Contacting Us: Name, email address, phone number, company details, project requirements
  • Requesting Services: Business information, technical requirements, project specifications

2.2 Automatically Collected Information

When you visit our website, we automatically collect:

  • Technical Data: Browser type, operating system, device information
  • Usage Data: Pages visited, time spent, referral sources, user interactions
  • Performance Data: Website loading times, error reports, technical diagnostics

2.3 Business Information

For our professional services, we may process:

  • Company Information: Business name, industry, size, location
  • Project Data: Technical requirements, specifications, deliverables
  • Communication Records: Email exchanges, meeting notes, project documentation
  • Financial Data: Invoicing information, payment records (processed securely)

We process your personal data based on:

3.1 Contractual Necessity (Art. 6(1)(b) GDPR)

  • Providing software development services
  • Managing client relationships and projects
  • Processing payments and invoicing

3.2 Legitimate Interests (Art. 6(1)(f) GDPR)

  • Website functionality and security
  • Business communication and relationship management
  • Improving our services and website
  • Newsletter subscriptions
  • Marketing communications to prospects
  • Non-essential cookies
  • Tax and accounting records
  • Legal compliance requirements

4. How We Use Your Information

4.1 Service Delivery

  • Project Management: Coordinating software development projects
  • Communication: Responding to inquiries and providing updates
  • Technical Support: Resolving issues and providing assistance
  • Quality Assurance: Ensuring service standards and client satisfaction

4.2 Business Operations

  • Administration: Managing contracts, invoicing, and business records
  • Legal Compliance: Meeting regulatory and legal requirements
  • Risk Management: Protecting against fraud and security threats
  • Business Development: Understanding client needs and market trends

5. Information Sharing and Disclosure

5.1 We Do Not Sell Personal Data

We never sell, rent, or trade your personal information to third parties for marketing purposes.

5.2 Authorized Sharing

We may share information with:

Service Providers:

  • Cloud hosting providers (for website and email services)
  • Payment processors (for secure transaction processing)
  • Professional service providers (accounting, legal, consulting)

Legal Requirements:

  • Government authorities when required by law
  • Legal proceedings or investigations
  • Protecting our rights and interests

5.3 Data Transfer Safeguards

When transferring data outside the EU:

  • We ensure adequate protection levels
  • Use Standard Contractual Clauses where appropriate
  • Implement additional safeguards as required

6. Data Security Measures

6.1 Technical Safeguards

  • Encryption: Data encrypted in transit and at rest
  • Access Controls: Restricted access based on business need
  • Security Monitoring: Continuous monitoring for threats
  • Regular Updates: Security patches and system updates

6.2 Organizational Measures

  • Data Handling Procedures: Documented processes and protocols
  • Incident Response: Procedures for data breach management
  • Vendor Management: Due diligence on third-party providers

6.3 Physical Security

  • Secure office premises with controlled access
  • Protected storage of physical documents
  • Secure disposal of confidential materials

7. Data Retention

7.1 Retention Periods

  • Client Project Data: 7 years after project completion (legal requirement)

  • Financial Records: 7 years for tax and accounting purposes

  • Marketing Communications: Until consent is withdrawn

  • Contact Information: Until relationship ends or deletion requested

7.2 Deletion Procedures

We securely delete or anonymize data when:

  • Retention period expires
  • Legal basis for processing ends
  • You request deletion (subject to legal obligations)
  • Data is no longer necessary for original purpose

8. Your Privacy Rights

Under GDPR, you have the right to:

8.1 Access and Portability

  • Right to Access: Request a copy of your personal data
  • Data Portability: Receive data in a structured, machine-readable format

8.2 Correction and Deletion

  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data

8.3 Processing Rights

  • Right to Restrict: Limit how we process your data
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time

8.4 Supervisory Authority

You have the right to lodge a complaint with: Austrian Data Protection Authority (Datenschutzbehörde) Barichgasse 40-42, 1030 Wien, Austria Phone: +43 1 52 152-0 Email: dsb@dsb.gv.at

9. International Data Transfers

9.1 EU/EEA Processing

We primarily process data within the EU/EEA using reputable service providers.

9.2 Third Country Transfers

When necessary, we transfer data internationally with appropriate safeguards:

  • Adequacy Decisions: Countries with adequate protection levels
  • Standard Contractual Clauses: EU-approved transfer mechanisms
  • Additional Safeguards: Technical and organizational measures

10.1 Privacy Inquiries

For privacy-related questions or concerns:

Lobster Development GmbH Bischofplatz 1, 8010 Graz, Austria Phone: +43 677 62301664 Email: office@lobster.ly

10.2 Exercise Your Rights

To exercise your privacy rights, please contact us with:

  • Clear identification of your request
  • Verification of your identity
  • Specific information or data involved
  • Preferred method of response

10.3 Response Timeline

We will respond to your privacy requests within 30 days of receipt, or inform you if additional time is needed.

11. Additional Information

Our website may contain links to third-party sites. We are not responsible for the privacy practices of external websites.

11.2 Professional Confidentiality

As a professional services provider, we maintain strict confidentiality standards beyond legal requirements.

You can withdraw consent for marketing communications at any time using unsubscribe links or contacting us directly.

Last updated: August 13, 2025

This Privacy Policy demonstrates our commitment to protecting your personal information and maintaining transparent data practices in compliance with applicable privacy laws.