Full TRANSPARENCY
What Happens to Your Data
Privacy Policy
Datenschutz-information
We care deeply about the respectful and responsible handling of data from our users, clients, and anyone interested in our services. That includes making sure you clearly understand what happens to your personal data.
You’ll find detailed information in our Privacy Policy about which personal data we process and why. This policy applies to all processing of personal data carried out by us — including when we deliver our services, operate our websites and mobile applications, and engage via external online platforms such as our social media profiles.
Effective as of: January 2023
Contents
Information on Data Processing
- Website Use
1.1 Cookies Used
1.2 Web Analytics, Monitoring & Optimization
1.3 Contact Forms on the Website
1.4 Live Chat Function - Prospective Clients, Customers, and Business Partners
- Online Events and Webinars
- Video Conferences, Online Meetings, Training & Screen Sharing
- Digital Learning Academy
- Email Marketing
- Social Media
- Surveys
- Recruitment and Job Applications
General Information
1. Data Controller
LearnChamp Consulting GmbH & Co KG
Währinger Straße 3/9
A-1090 Vienna, Austria
Authorized representative: Michael Repnik
Email: michael.repnik@learnchamp.com
Imprint
2. Transfer of Personal Data
In the course of processing personal data, we may transfer data to other entities, companies, legally independent units, or individuals — or otherwise disclose it to them. Recipients of such data may include software providers, IT service providers, or providers of services and content integrated into our website. In all such cases, we comply with legal requirements and, in particular, enter into appropriate agreements or contracts with recipients to ensure the protection of your data.
Where we use third-party providers or platforms to deliver our services, the terms and privacy policies of those providers apply to the relationship between users and those third parties.
3. Data Processing in Third Countries
If we process data in a third country or transfer it to recipients in third countries, we do so only in compliance with applicable legal requirements. Unless there is explicit consent, or the transfer is required by contract or law, such processing takes place only in third countries that have an officially recognized level of data protection, or where appropriate safeguards (e.g., standard contractual clauses issued by the EU Commission), certifications, or binding corporate rules are in place. More information: EU Commission – International Dimension of Data Protection.
4. Rights of Data Subjects
Data subjects have the following rights under Articles 15–21 of the GDPR:
- Right to object:
You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data based on Art. 6(1)(e) or (f) GDPR, including profiling based on those provisions. If your data is processed for direct marketing purposes, you may object at any time to that processing — including profiling related to such marketing. - Right to withdraw consent:
You have the right to withdraw any consent you’ve given at any time. - Right of access:
You have the right to obtain confirmation as to whether we are processing your data, as well as access to that data and additional information in accordance with legal requirements. - Right to rectification:
You have the right to request the correction or completion of your personal data as required by law. - Right to erasure and restriction of processing:
You may request the deletion of your personal data or, alternatively, the restriction of its processing, as permitted by law. - Right to data portability:
You have the right to receive your data — which you have provided to us — in a structured, commonly used, and machine-readable format, or to have it transmitted to another controller. - Right to lodge a complaint:
You have the right to file a complaint with a supervisory authority — particularly in the EU Member State where you reside or work, or where the alleged violation occurred — if you believe that the processing of your personal data violates the GDPR.
5. Changes and Updates to This Privacy Policy
We encourage you to review this Privacy Policy regularly. We will update it whenever necessary to reflect changes in our data processing activities. We will notify you if these changes require your involvement (e.g., renewed consent) or any individual communication. Please note that addresses and contact details of companies or organizations mentioned in this policy may change over time. We ask you to verify such information before reaching out.
Information on Data Processing
1. Visiting the Website
- What data is processed?
a. IP address
b. Usage data (e.g., pages visited, session duration)
c. Device and browser data - Why is the data processed?
a. To ensure user-friendly access to our website, based on our legitimate interest - How long is the data stored?
a. Server log files are stored for a maximum of 30 days - Types of recipients:
a. Web hosting providers
b. Cookie providers
c. Software vendors for website and customer management
1.1. Cookies Used
1. Technically necessary cookies:
Name
Provider
Storage Period
Purpose
__cfruid
learnchamp.com
Session
Identification of trusted web traffic
__cf_bm
learnchamp.com
30 min
Reading and filtering of automatically created requests. (Bot-Filter)
__cf_bm
hubspot.com
30 min
Reading and filtering of automatically created requests. (Bot-Filter)
__cf_bm
vimeo.com
30 min
Reading and filtering of automatically created requests. (Bot-Filter)
__hs_initial_
opt_in
learnchamp.com
Session
Prevents the cookie banner from being displayed continuously when the website is opened in incognito mode.
__hs_opt_out
learnchamp.com
6 months
Prevents the repeated display of the cookie banner.
__hs_do_not
_track
learnchamp.com
6 months
Prevents the forwarding of tracking information to Hubspot.
Vuid
Vimeo.com
2 years
We use Vimeo to embed videos on the website. This cookie is used by Vimeo to analyse user behaviour.
_GRECAPTCHA
google.com
6 months
Risk analysis for the Google reCAPTCHA.
hs-messages-is-open
learnchamp.com
30 min
This cookie is used to determine and store whether the chat widget is open on future visits.
2. Cookies after consent
Name
Provider
Storage Periode
Purpose
YSC
youtube.com
Session
This cookie is used by Youtube to analyse user behaviour.
messagesUtk
learnchamp.com
180 days
This cookie is used to recognise visitors who chat via the Chatflows tool.
AnalyticsSync
History
linkedin.com
29 days
This cookie is used to store when a synchronisation with the cookie "lms_analytics cookie" has taken place.
lang
linkedin.com
Session
This cookie stores a user's language setting and ensures that LinkedIn.com is displayed in the language the user has selected in their settings.
JSESSIONID
nr-data.net
Session
Is necessary to enable browsing of the website in incognito mode.
__hssc
learnchamp.com
29 min
Analyses the traffic on the website anonymously.
hubspotutk
learnchamp.com
179 days
Stores the identity of the user.
__hstc
learnchamp.com
179 days
Analyses the usage behaviour of users anonymously.
__hssrc
learnchamp.com
Session
Detects whether a session is a new session.
li_sugr
linkedin.com
89 days
This cookie is used to determine probabilistic matches of a user's identity outside of the designated countries.
lidc
linkedin.com
1 day
This cookie facilitates the selection of the data centre.
UserMatch
History
linkedin.com
29 days
This cookie is used to synchronise the IDs of LinkedIn Ads.
bscookie
linkedin.com
364 days
This cookie is a browser identifier. This uniquely identifies devices accessing LinkedIn in order to detect misuse of the platform.
bcookie
linkedin.com
365 days
This cookie remembers the two-factor authentication status of a logged-in user.
_fbp
learnchamp.com
89 days
Used by Facebook to display a range of advertising products, for example real-time bids from third party advertisers.
ln_or
learnchamp.com
1 day
Used to determine whether Oribi analyses can be performed for a particular domain
1.2. Web Analytics, Monitoring, and Optimization
- What data is processed?
a. IP address (pseudonymized)
b. Usage data (pages visited, session duration, access times)
c. Device and browser data - Purpose of data processing:
a. To ensure user-friendly access to our website (based on cookie consent) or, where applicable, based on our legitimate interest - How long is the data stored?
a. Until consent is withdrawn; maximum of 2 years - Types of recipients:
a. Web hosting providers
b. Cookie providers
c. Software vendors for website and customer management
We use IP masking techniques to protect our users. In general, we do not store clear personal identifiers (such as email addresses or names) during web analytics, A/B testing, or optimization — only pseudonyms.
Reach and usage analysis helps us understand when and how often our online content and features are used or revisited. It also helps identify areas for improvement. Unless otherwise stated, usage profiles may be stored in or read from a browser or device. The data collected may include pages visited, elements interacted with, technical device/browser information, and usage timing. If users have consented to share location data with us or the providers of the tools we use, such data may also be processed.
1.3. Contact Forms on the Website
- What data is processed?
a. First and last name and contact details as entered in the form
b. All data processed in connection with a visit to the website - Purpose of data processing:
a. To enable communication based on voluntary consent
b. For documentation based on our legitimate interest
c. For marketing purposes, based on explicit consent - How long is the data stored?
a. Until the request is successfully processed
b. If a business relationship is established, up to 4 years after its termination
c. If used for marketing purposes, until consent is withdrawn
d. Additionally, in compliance with legal retention obligations - Types of recipients:
We may share this data with third parties when necessary for our business operations. This may include:
a. Web hosting providers
b. Cookie providers
c. Software vendors for website and customer management
Marketing Consent Requirement: When registering for our events or requesting product sheets or other downloads, you are required to consent to receive marketing updates, as we cannot provide participation or download links without this consent. You may withdraw your consent at any time.
Double Opt-In Procedure: Subscriptions to our marketing updates follow a double opt-in procedure. This means you will receive an email after registering, asking you to confirm your subscription. We log these registrations to ensure legal compliance. This includes saving the time and date of registration and confirmation, your IP address, and any changes made to your data by the email service provider.
1.4. Chat Function on the Website
- What data is processed?
a. Communication data
b. Email address (if provided)
c. All data processed in connection with visiting the website - Purpose of data processing:
a. To enable communication via chat or follow-up by email, based on your consent - How long is the data stored?
a. Personal communication data is stored until the inquiry has been answered
b. Additionally, data may be retained in accordance with legal obligations - Types of recipients:
We may share this data with third parties where necessary for our business operations, including:
a. Web hosting providers
b. Cookie providers
c. Software vendors for website and customer management
2. Prospective Clients, Customers, and Business Partners
- What data is processed?
a. First and last name and contact details of relevant persons
b. Account, contract, and payment data
c. Communication data - Purpose of data processing:
a. To manage communication and documentation related to contractual and pre-contractual obligations
b. To comply with legal obligations
c. For marketing purposes based on legitimate interest
d. For documentation and analysis in account management, based on legitimate interest - How long is the data stored?
a. For the duration of the business relationship, plus any applicable warranty periods
b. For marketing purposes based on legitimate interest, until consent is withdrawn
c. Additionally, data may be retained in accordance with legal retention obligations - Types of recipients:
We may share this data with third parties where necessary for our business operations, including:
a. Subcontractors
b. IT service providers (e.g., software vendors or external support)
c. Software vendors for website and customer management
If LearnChamp acts as a data processor on behalf of another party, the details of the data processing will be regulated by a separate agreement. In such cases, the processing details may differ from the information provided here.
3. Online Events and Webinars
- What data is processed?
a. First and last name and contact information provided during registration
b. Username used during the online event - Purpose of data processing:
a. To manage communication related to the event, based on voluntary consent
b. For marketing purposes based on legitimate interest
c. For documentation and analysis in connection with event participation, based on legitimate interest - How long is the data stored?
a. For marketing purposes, until consent is withdrawn or, if applicable, until withdrawal of voluntary consent
b. Additionally, data may be retained in accordance with legal obligations - Types of recipients:
We may share this data with third parties where necessary for our business operations, including:
a. The respective streaming provider
b. Software vendors for website and customer management
c. IT service providers (e.g., software vendors or external support)
Note on recordings: Our events are recorded. Personal data of participants is not recorded. Any surveys conducted during the events are evaluated only in anonymized form.
4. Video Conferences, Online Meetings, Trainings, and Screen Sharing
- What data is processed?
a. User data (email address, username, profile picture)
b. Where applicable: video and audio recordings
c. Chat history (including features like polls)
d. Metadata (date, time) - Purpose of data processing:
a. Hosting online meetings as part of contractual or pre-contractual obligations
b. Recording meetings for documentation purposes based on contracts or voluntary consent - How long is the data stored?
a. For the duration of the respective meeting
b. Recordings are stored for the duration of the business relationship or until consent is withdrawn - Types of recipients:
We may share this data with third parties as required for business operations, including:
a. Microsoft Teams (or comparable meeting platforms)
b. IT service providers (e.g., software vendors or external support)
If participants are registered users of the meeting software provider, additional data may be processed according to the provider’s terms. Please review their privacy policies and adjust your privacy and security settings accordingly. During video calls, we recommend safeguarding your surroundings (e.g., informing others present, locking doors, or using background blur tools where available). Links and access credentials for video conferences must not be shared with unauthorized third parties.
If chat inputs, survey results, or video/audio recordings are documented, participants will be informed beforehand and — where necessary — asked for their consent.
5. Digital Learning Academy
- What data is processed?
a. Login credentials (email address)
b. Profile data (first and last name, location as provided, company data)
c. Communication and content data
d. User ID
e. Payment data
f. Metadata (IP address, device and browser information) - Purpose of data processing:
a. Provision of Digital Learning Academy services based on contractual obligations (e.g., user identification, tracking course completion, enabling community functions, managing subscription billing)
b. Protection against misuse based on legitimate interest
c. Analysis of usage and user data to optimize services based on legitimate interest
d. Marketing activities based on legitimate interest - How long is the data stored?
a. Account, course, and usage data are stored for the duration of the Digital Learning Academy subscription
b. Community posts and chat messages remain visible after account deletion; however, usernames are anonymized. Users may request deletion of their posts by exercising their right to object
c. For marketing purposes based on legitimate interest, data is stored until consent is withdrawn
d. Additionally, data may be stored in line with legal retention obligations - Types of recipients:
We may share data with third parties as necessary for our business operations, including:
a. Software providers for website and customer management
b. Hosting providers
c. IT service providers (e.g., software vendors or external support)
Due to the nature of our community, we ask that users participate under their real names. Pseudonymous use is not permitted.
Beyond that, users choose which personal data to disclose within the Digital Learning Academy — for example, by completing their profile, commenting, or engaging in conversations. We encourage users to protect their data and only share personal information thoughtfully and when truly necessary. In particular, we urge users to protect their login credentials and choose secure passwords (long, complex, and random combinations).
It is the responsibility of users to back up their data before a contract is terminated. We reserve the right to irreversibly delete all user data stored during the contract period after termination.
6. Email Marketing
- What data is processed?
a. Contact details
b. First and last name
c. IP address
d. Usage data (e.g., email tracking, link clicks, on-site reading behavior)
e. Device data
f. Metadata (date, time) - Purpose of data processing:
a. Marketing
b. Reach and engagement analysis (anonymized) - How long is the data stored?
a. Based on our legitimate interest: until consent is withdrawn
b. In the case of ongoing business relationships, data may be retained longer unless deletion is requested - Types of recipients:
We may share data with third parties as required for business operations, including:
a. Software providers for website and customer management
b. Email providers
c. IT service providers (e.g., software vendors or external support)
We send our existing customers and event participants several informational emails per year about our products and upcoming events. These emails are sent based on either your voluntary consent or our legitimate interest in promoting our services.
In both cases, you may object to the use of your data for marketing purposes at any time by emailing hellovienna@learnchamp.com or by clicking the unsubscribe link in any of our marketing emails.
Double Opt-In Procedure
Subscriptions to our marketing updates follow a double opt-in process. You’ll receive a confirmation email after registering, and only once you confirm will your subscription be activated. We log the subscription process to comply with legal requirements, including the storage of the subscription and confirmation time, your IP address, and any updates to your data by the email service provider.
7. Social Media
When using social media platforms, the respective provider's privacy policies apply.
We process the following data in connection with our social media presence in order to communicate with users or provide information about our company. We also analyze the reach of our posts, including click-through rates and — with user consent — behavioral tracking via cookies.
- What data is processed?
a. Contact data (profile name)
b. Communication data
c. IP address
d. Usage data (e.g., link clicks, on-site behavior)
e. Device data
f. Metadata (date, time) - Purpose of data processing:
a. Communication, based on our legitimate interest
b. Anonymized reach analysis, based on consent (via cookie settings) and legitimate interest - How long is the data stored?
a. If users interact with us via social media, data remains available until deleted by the user.
b. Anonymized data for analytics is retained as needed.
c. Please also refer to the privacy policies of the respective platforms for additional details. - Types of recipients:
a. Software providers for website and customer management
b. IT service providers (e.g., software vendors or external support)
Data processed by social media platforms may be stored outside the European Union. This could pose risks to users, such as difficulty exercising their data protection rights. For more information and opt-out options, please consult the privacy policies of the respective platform providers.
8. Surveys
Surveys we conduct are evaluated anonymously. Personal data is only processed to the extent technically necessary — for example, processing your IP address to display the survey in your browser or using a temporary session cookie to allow you to resume the survey later.
9. Recruitment Process
- What data is processed?
a. First and last name
b. Contact details
c. Qualifications and application materials
d. Any other data voluntarily submitted during the application process - Purpose of data processing?
a. To assess candidates during pre-contractual procedures - How long is the data stored?
a. If no employment relationship is established: up to 7 months after the position has been filled, based on legitimate interest and legal documentation obligations
b. If hired: relevant data is transferred to the employee record and stored as required by law - Types of recipients?
a. HR software providers
Applicants may submit their applications via online form, in which case data is encrypted using up-to-date standards. Applications may also be submitted by email. However, please note that email communication is generally not encrypted. While most email systems encrypt messages during transmission, messages are typically not encrypted on sending or receiving servers. Therefore, we cannot assume responsibility for data during email transmission.
If you apply through a recruiting platform, please refer to the platform’s own privacy policy.