Privacy Policy

At AlpenMaut Systems, we are committed to protecting your privacy and handling your data in an open and transparent manner. This policy explains how we collect, use, disclose, and protect your personal information when you interact with our services, including our online platform, GO-Box management, digital vignette sales, and consulting services related to Austrian toll regulations.

We are AlpenMaut Systems, located at 25 Innsbrucker Bundesstraße, Salzburg, Salzburg, 5020, Austria. We are the data controller responsible for the processing of your personal information in connection with our services.

Information We Collect

We collect various types of information depending on your interaction with our services. This may include:

Information you provide directly to us:

• Contact details (such as name, address) when you create an account, purchase a digital vignette, register a GO-Box, or contact us.
• Account login credentials and profile information.
• Vehicle information (such as license plate number, vehicle category) necessary for toll collection and vignette purchases.
• Payment and transaction details when you use our services.
• Information provided through surveys, feedback forms, or communication with our customer support.

Information collected automatically when you use our online platform or services:

• Technical information, including the internet protocol (IP) address used to connect your computer to the internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.
• Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); services you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
• Location data related to vehicle movements as necessary for the operation of toll collection systems and associated services.

Information we receive from other sources:

• Information from partners, authorities, or third parties involved in the toll system operations or payment processing, to the extent permitted by law and necessary for providing our services.

How We Use Your Information

We use your personal information for the following purposes based on various legal grounds:

To perform our contract with you or take steps at your request before entering into a contract:

• To provide and manage our services, including electronic toll collection, GO-Box management, and digital vignette sales.
• To process your transactions and manage your account.
• To provide customer support and respond to your inquiries.
• To manage billing, invoicing, and debt recovery.

Based on our legitimate interests (provided these are not overridden by your data protection rights):

• To improve and optimize our services and online platform.
• To analyze usage trends and troubleshoot issues.
• To prevent fraud and unauthorized access to our services.
• To ensure the security of our systems and data.
• For internal administration and operational purposes.

To comply with a legal obligation:

• To comply with applicable laws, regulations, and legal processes (e.g., tax laws, traffic regulations).
• To respond to lawful requests from public and government authorities.

With your consent:

• For specific purposes where we request your consent, such as sending you promotional communications about our services (if legally required). You have the right to withdraw consent at any time.

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. The retention periods vary depending on the type of data and the purpose of processing. When determining the appropriate retention period, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, as well as applicable legal requirements.

Data Security

We have implemented appropriate technical and organizational security measures designed to protect your personal information from accidental loss and unauthorized access, use, alteration, and disclosure. We continuously review and update our security practices to adapt to new threats and technologies.

Sharing Your Information

We may share your personal information with third parties in the following circumstances:

• Service providers: We may share your data with trusted third-party service providers who perform services on our behalf, such as payment processors, IT service providers, or customer support providers. These service providers are contractually bound to protect your data and use it only for the purposes specified by us.
• Public authorities: We may share your information with public authorities, including law enforcement and transportation authorities, if required by law or if necessary to comply with legal obligations, protect our rights, or ensure public safety related to toll regulations and enforcement.
• Business partners: We may share data with partners involved in the operation of the toll system ecosystem, as necessary for providing interconnected services.
• Legal requirements: We may disclose your information if we are required to do so by law or in response to a legal process or request from government authorities.

We do not sell your personal information to third parties.

International Data Transfers

In limited circumstances, your information may be transferred to and stored at a destination outside the European Economic Area ("EEA") where data protection laws may be different. Where this occurs, we ensure that the transfer is subject to appropriate safeguards as required by GDPR, such as standard contractual clauses approved by the European Commission.

Your Data Protection Rights

Under GDPR, you have certain rights regarding your personal information:

• Right of Access: You have the right to request a copy of the personal information we hold about you.
• Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal information we hold about you.
• Right to Erasure ('Right to be Forgotten'): In certain circumstances, you have the right to request the deletion of your personal information.
• Right to Restriction of Processing: You have the right to request that we restrict the processing of your personal information in certain situations.
• Right to Data Portability: Where processing is based on consent or contract and carried out by automated means, you have the right to receive your personal information in a structured, commonly used, machine-readable format and have the right to transmit this data to another controller.
• Right to Object: You have the right to object to the processing of your personal information in certain circumstances, particularly where processing is based on legitimate interests.
• Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw your consent at any time.
• Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work, or where an alleged infringement of GDPR occurred.

To exercise any of these rights, please submit your request in writing to the following address:

AlpenMaut Systems
25 Innsbrucker Bundesstraße
Salzburg, Salzburg, 5020
Austria

Please note that we may need to verify your identity before processing your request.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Any changes will be posted on our online platform. We encourage you to review this policy periodically.