How we handle your data — transparently and in compliance with GDPR.
We process personal data in compliance with the General Data Protection Regulation (GDPR) and the Austrian Data Protection Act (DSG). Personal data is only collected and processed to the extent necessary for the provision of our services.
The legal basis for data processing is outlined per service below, in accordance with Art. 6(1) GDPR.
This website is hosted on a shared webspace provided by United Domains / 1&1. The web server may automatically log the following data when you visit this website:
Legal basis: Art. 6(1)(f) GDPR — legitimate interest in ensuring the security and stability of the website.
Server log data is not combined with other data sources and is automatically deleted after a short retention period.
This website uses Google Fonts loaded from external Google servers. When you visit a page, your browser downloads the required font files, which transmits your IP address to Google.
Legal basis: Art. 6(1)(f) GDPR — legitimate interest in a uniform and visually appealing presentation.
For more information, see Google's Privacy Policy.
This website loads icon assets from unpkg.com, a public CDN. When you visit a page, your browser connects to unpkg.com servers, which transmits your IP address.
Legal basis: Art. 6(1)(f) GDPR — legitimate interest in efficient delivery of website assets.
When you request a free Channel Resource (the printable one-pagers under /resources/), we process the following data:
v09-api-key-anatomy)We send a Double-Opt-In (DOI) confirmation email through Brevo (sendinblue SAS, France), our transactional email provider acting as a data processor under Art. 28 GDPR. Only after you click the confirmation link is your contact stored in our Brevo list and the resource made available.
Legal basis: Art. 6(1)(a) GDPR — explicit consent. You can withdraw consent at any time by unsubscribing from the list or emailing mro@mrocon.at.
Data location: Brevo processes data within the EU. See Brevo's Privacy Policy.
No tracking pixels are embedded in our transactional emails. No autoresponder funnel is triggered.
The resource request form is protected against automated abuse by Cloudflare Turnstile, a privacy-focused CAPTCHA alternative. Turnstile transmits limited technical signals (IP address, browser headers, interaction telemetry) to Cloudflare to determine whether the request is human.
Legal basis: Art. 6(1)(f) GDPR — legitimate interest in protecting the service from abuse and resource exhaustion. Turnstile is explicitly designed to not track users across sites and is documented as a Google reCAPTCHA-compatible privacy-friendly alternative.
This website uses one strictly functional cookie. No tracking cookies, no advertising cookies, and no analytics cookies are set.
| Cookie | Purpose | Lifetime | Type |
|---|---|---|---|
fytahq_verified |
Recognizes a browser whose owner has already completed the Double-Opt-In for a Channel Resource, so we can skip the confirmation email on subsequent requests. Contains the email address and an HMAC signature; HttpOnly, Secure, SameSite=Lax. | 90 days | Strictly functional |
Legal basis: Art. 6(1)(f) GDPR — legitimate interest in providing a frictionless return-visit experience for users who have already verified their email. No consent banner is required for strictly functional cookies (cf. § 165 (3) TKG 2021 and EDPB Guidelines 05/2020).
You can delete this cookie at any time through your browser settings. Doing so will simply restore the normal Double-Opt-In flow for your next resource request.
This website contains links to external product websites (Niche Revealer, Video Release Mixer, Talk to me, TrackID Builder). Each of these products has its own privacy policy. We are not responsible for the data processing practices of these external sites.
We embed YouTube videos via the no-cookie domain (youtube-nocookie.com). Until you click play, we show a static thumbnail only — the YouTube player loads on your click. No tracking cookies are set unless you actively play a video. Refer to YouTube's privacy policy for video-playback data handling.
We do not share personal data with third parties for advertising, profiling, or any purpose beyond the technical operation described above. No analytics or tracking services are used on this website.
Server log data is retained only as long as technically necessary (typically a few days to weeks, depending on the hosting provider's configuration). No personal data is stored beyond this.
As a data subject, you have the following rights:
To exercise any of these rights, contact us at mro@mrocon.at.
If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with the supervisory authority:
Austrian Data Protection Authority (Datenschutzbehörde)
Barichgasse 40-42, 1030 Vienna, Austria
Website: www.dsb.gv.at
All data transmitted between your browser and our servers is encrypted using HTTPS/TLS. We take appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, or misuse.