WENEXUSCONSULTING GMBH

Privacy Policy (Datenschutzerklärung)

Protecting your personal data is particularly important to us. We process your data exclusively on the basis of Austrian and European Union legislation (DSGVO, DSG, TKG 2021).

Controller for the processing of personal data

The controller within the meaning of Art. 4 (7) DSGVO is:

Company

Wenexus Consulting GmbH

Fleischmarkt 14, office 5a

1010 Vienna, Austria

Contact information

Registration data

  • Firmenbuchnummer: FN 635890h
  • Firmenbuchgericht: Handelsgericht Wien
  • UID number: ATU 81175014

Business information

Gewerbewortlaut

Unternehmensberatung einschließlich der Unternehmensorganisation

Gewerberechtliche Geschäftsführung

Liliana Valishevska

GISA-Zahl

37528447

WKO company profile

Berufszweig

Unternehmensberatung

Authority pursuant to ECG

Magistratisches Bezirksamt des I. Bezirkes

Business information (Versicherungsmakler)

Gewerbewortlaut

Versicherungsvermittlung in der Form Versicherungsmakler und Beratung in Versicherungsangelegenheiten

Gewerberechtliche Geschäftsführung

Johann Lehner

GISA-Zahl

39387608

Berufszweig

Versicherungsmakler

Liability insurance

Generali Versicherung AG

Core principles of data processing

Your personal data is processed by us in accordance with the following principles:

Lawfulness, fairness and transparency

Data processing is carried out only on a lawful basis and in a manner transparent to you

Purpose limitation

Data is collected only for specified, explicit and legitimate purposes

Data minimisation

We process only the data necessary to achieve the purpose of processing

Accuracy

We ensure that your data is accurate and up to date

Storage limitation

Data is stored only for as long as is necessary

Integrity and confidentiality

We ensure appropriate protection of your data

Data processing in the context of insurance mediation

As part of our activity as Versicherungsmakler (GISA-Zahl: 39387608) we process additional categories of personal data to select optimal insurance products for you.

Purpose of processing

  • Analysis of the client's insurance needs
  • Selection and comparison of insurance products from different insurers
  • Preparation and conclusion of insurance contracts
  • Management and renewal of existing policies
  • Claims handling (Schadensabwicklung)

Legal basis

  • Art. 6 (1) (b) DSGVO — performance of a contract or pre-contractual measures at the request of the data subject
  • Art. 6 (1) (c) DSGVO — compliance with legal obligations (in particular Standesregeln für Versicherungsvermittlung)
  • Art. 6 (1) (f) DSGVO — legitimate interest (ensuring high-quality service)

Categories of data

  • Contact details (name, address, telephone, email)
  • Date of birth and family status
  • Financial situation and income (to determine insurance needs)
  • Existing insurance contracts
  • Information on assets (for property insurance)
  • Professional activity (for liability insurance)

Special categories of data (Art. 9 DSGVO)

For certain types of insurance (in particular health and life insurance) the processing of health-related data may be required. Such data is processed exclusively with your separate written consent (Art. 9 (2) (a) DSGVO) and only to the extent necessary for the insurer's risk assessment.

You have the right to withdraw this consent at any time without giving reasons. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.

Data transfer

Within the framework of insurance mediation, your data may be transferred to insurance companies for risk assessment and the conclusion of contracts. The transfer is carried out exclusively to the extent necessary for the performance of the contract and on the basis of Art. 6 (1) (b) DSGVO.

Retention periods

  • 7 years — in accordance with the Bundesabgabenordnung (BAO) for tax and financial records
  • 3 years — general statute of limitations for civil-law claims
  • 30 years — for liability insurance contracts (Haftpflichtversicherung) in line with the statute of limitations for personal injury claims

Automatic collection of technical data

Webhost / Provider

The web hosting provider stores data for every access to the website (in so-called server log files). This data includes: name of the website, request message, browser type, operating system, referrer URL (previously visited website), IP address and the requesting provider. This data is recorded only for statistical purposes and serves to optimise the security of the hosting system.

Technical data and IP address

When visiting our website, the following technical data is automatically collected:

  • IP address of your device
  • Date and time of access
  • Browser type and version
  • Operating system
  • URL of the page you came from (referrer URL)
  • URLs of the pages you visited on our site
  • Amount of data transferred

Purpose of processing

This data is necessary to ensure the stable operation of the website, optimise its functionality and ensure the security of our IT systems.

Legal basis

The processing is based on our legitimate interest (Art. 6 (1) (f) DSGVO) in ensuring the functionality and security of our website.

Retention period

Server log data is stored for a maximum of 7 days and then automatically deleted. Exceptions apply where the data is required to investigate unlawful acts.

Cookies

Our website uses cookies. Cookies are small text files stored on your device via the browser. They do not damage your computer and do not contain viruses. We use cookies to make our offer more user-friendly. Some cookies remain stored on your device until you delete them. They allow us to recognise your browser on your next visit. If this is not desired, you can configure your browser to inform you about the setting of cookies and to allow them only on a case-by-case basis. Deactivating cookies may limit the functionality of our website.

Technically necessary cookies

We use technically necessary cookies to ensure the correct operation of our website and the provision of our services.

Session cookie

Stored only for the duration of your visit and automatically deleted after the browser is closed

Functional cookies

Store your settings (e.g. language selection) and remain on your device for up to 12 months

Legal basis: Art. 6 (1) (f) DSGVO and § 165 (3) TKG 2021

Analytics and marketing cookies

To analyse website usage and improve our service we may use analytics cookies. These cookies are only set with your active consent.

On your first visit to our website a cookie banner appears in which you can give or withhold consent for the use of optional cookies.

Third-party integrations

Google Maps

This website uses Google Maps to display cartographic information. When using Google Maps, Google also collects, processes and uses data on the use of Maps features by website visitors. You can find detailed information on data processing by Google in Google's privacy policy at https://www.google.at/intl/de/policies/privacy/. There, in the Data Protection Center, you can also change your settings to manage and protect your data.

Google Analytics

This service uses Google Analytics, a web analytics service of Google Inc. ("Google"). Google Analytics uses so-called "cookies", text files that are stored on the users' computers and allow analysis of their use of the website. Information about users' use of this website generated by the cookie is usually transferred to a Google server in the USA and stored there.

If IP anonymisation is activated on this website, users' IP addresses will be shortened in advance by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. IP anonymisation is active on this website.

On behalf of the operator of this website, Google will use this information to evaluate users' use of the website, to compile reports on website activity and to provide other services related to website usage and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics is not combined with other data held by Google.

Disabling Google Analytics

Users can prevent the storage of cookies by configuring their browser software accordingly; however, this service points out that in this case users may not be able to use all functions of this website to their full extent.

In addition, users can prevent the collection of data generated by the cookie and relating to their use of the website (including their IP address) by Google, as well as the processing of this data by Google, by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

As an alternative to the browser add-on, or within browsers on mobile devices, please click this link to prevent the collection of data by Google Analytics within this website in the future. An opt-out cookie will then be placed on your device. If you delete your cookies, you will have to click this link again.

Facebook Social Feed

To promote our services we operate a corporate page on the Facebook platform. This service is provided by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. On our website we display posts from our Facebook page. To display current posts and images, a connection to Facebook servers is required. The connection is only established if you have consented to the use of cookies and external services on our website and therefore only occurs with your express consent.

If a connection is established, data such as IP address, websites visited, date, time and other browser information may be transferred to Facebook. If you are logged into your Facebook account at the time of visiting our website, Facebook may also link the data to your user account.

How to prevent the data transfer

To prevent or reduce this data transfer, you can disable the use of cookies in your browser settings, adjust your privacy settings on Facebook and ensure that you are logged out of Facebook when visiting our website.

Legal basis

Data processing is based on Art. 6 (1) (a) DSGVO (consent) and Art. 6 (1) (f) DSGVO (legitimate interest), as we have a legitimate interest in promoting and communicating our services.

Joint responsibility

We and Meta Platforms Ireland Limited are jointly responsible for the transfer of data from our website to Facebook (Art. 26 DSGVO). Further processing by Facebook is not part of the joint responsibility. How your data is used by Facebook can be found in the company's privacy policy at https://www.facebook.com/about/privacy/update.

Data transfer to the USA

It cannot be ruled out that data processing takes place not only via Meta Platforms Ireland Ltd. but also via Meta Platforms Inc., 1601 Willow Road, Menlo Park, California 94025 in the USA. The transfer of data to the USA is based on the standard contractual clauses of the European Commission. Further information can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum.

Use of YouTube

Features of the YouTube service are embedded on our website. These features are provided by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. Embedded videos set cookies on users' computers when the website is opened. Those who have disabled the setting of cookies for the Google advertising programme will also not have to expect cookies when opening a YouTube video. However, YouTube also sets other cookies with non-personalised usage information. If you wish to prevent this, you must block it in your browser.

Use of Instagram

Features of the Instagram service are embedded on our website. These features are provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged into your Instagram account, you can link the content of our pages with your Instagram profile by clicking the Instagram button. In this way, Instagram can associate visits to our pages with your user account.

We point out that we, as the provider of the pages, do not receive any information about the content of the transmitted data or its use by Instagram.

Contact form and email

If you contact us in writing, by phone, via the contact form on our website or by email, the data you provide is stored by us for the processing of your request and in case of follow-up questions for the duration of the statutory retention period. We do not pass this data on to third parties without your consent.

Categories of processed data

  • First and last name
  • Email address
  • Phone number (if provided)
  • Content of the message
  • Date and time of contact

Purpose of processing

Processing your request, supporting communication, providing consulting services.

Retention period

6 months after the completion of the request, if no contract is concluded. In the event of a contract being concluded — 7 years.

Data collection upon newsletter subscription

You have the option to subscribe to our newsletter via our website. With it we send you tax-related professional information, information about our events and about our products and services, as well as general information about our consulting activities (e.g. availability, Christmas opening hours, relocations, holidays, personnel changes etc.).

Data required for subscription

  • First and last name
  • Email address
  • Your declaration of consent to receive the newsletter

Subscription and confirmation process

As soon as you subscribe to the newsletter, we will send you a confirmation email with a link to confirm the registration.

Unsubscribing from the newsletter

You can withdraw your consent to receive the newsletter at any time without giving reasons by emailing us at the address listed above, by post, or via the unsubscribe link provided at the end of every newsletter.

Newsletter data processor

The newsletter is sent via the services of HubSpot, Inc., a provider of marketing automation and email delivery services. HubSpot processes personal data in accordance with its privacy policy and is responsible for the security of the transmitted data. All data processors operate exclusively on the basis of data processing agreements pursuant to Art. 28 DSGVO. For inquiries regarding data processing by HubSpot, you can contact their data protection portal or use the contact details specified in HubSpot's privacy policy.

Consulting services and contract performance

In the course of providing our consulting services we process the following categories of personal data:

Categories of data

  • Basic contact details (name, address, phone, email)
  • Company data (company name, registration data, UID number)
  • Contract data (subject matter, duration, fees)
  • Communication data (correspondence, meeting minutes, consultation records)
  • Bank data (for payment processing)
  • Data required for the provision of specific consulting services

Legal basis

  • Art. 6 (1) (b) (contract)
  • Art. 6 (1) (c) (legal obligation)
  • Art. 6 (1) (f) (legitimate interests)

Data recipients

  • Tax advisors
  • Banking institutions
  • Austrian authorities
  • IT providers

Data storage

  • During the contract
  • 7 years after (§ 132 BAO)
  • Up to 30 years for claims

Transfer of data to third parties

Data processors (Auftragsverarbeiter)

We use the services of external IT service providers for the technical support of our website and business processes. All data processors operate exclusively on the basis of data processing agreements pursuant to Art. 28 DSGVO.

Hosting providers

Email providers

Software providers

Transfer of data to third countries

We do not transfer personal data to countries outside the European Union without an adequate level of data protection (EU-U.S. Data Privacy Framework, EU Standard Contractual Clauses or other guarantees pursuant to Art. 46 DSGVO).

Detailed information on specific guarantees is available via our contact details.

Your rights as a data subject

Under DSGVO and the Austrian Data Protection Act (DSG) you have the following rights:

1

Right of access (Article 15 DSGVO)

Obtain information about the processing of your data and access to it

2

Right to rectification (Article 16 DSGVO)

Demand prompt correction of inaccurate personal data

3

Right to erasure (Article 17 DSGVO)

Demand the erasure of your personal data in certain cases

4

Right to restriction of processing (Article 18 DSGVO)

Demand restriction of the processing of your data

5

Right to data portability (Article 20 DSGVO)

Receive data in a structured format and transmit it to another controller

6

Right to object (Article 21 DSGVO)

Object to the processing of your personal data

7

Right to withdraw consent (Article 7 (3) DSGVO)

Withdraw your consent to data processing at any time

8

Right to lodge a complaint (Article 77 DSGVO)

Lodge a complaint with the data protection authority

Exercising your rights

To exercise your rights, contact us via the contact details listed at the start of this policy. We will respond within one month of receiving your request.

If you believe that the processing of your data violates data protection law or that your data protection rights have been infringed in any other way, we ask you to contact us so that any matters can be clarified.

Exercising your rights is free of charge unless your requests are manifestly unfounded or excessive.

Austrian Data Protection Authority

Österreichische Datenschutzbehörde

Barichgasse 40-42, 1030 Vienna, Austria

Phone: +43 1 52 152-0

E-Mail: dsb@dsb.gv.at

Website: https://www.dsb.gv.at

Data security

We take appropriate technical and organisational security measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access.

SSL/TLS encryption

Protected data transmission (https://)

Backups

Regular backups of the data

Access control

Authorisation and access management

Protected systems

Regular software updates

Note on email communication

Data transmission by email may be insecure due to the technical structure of the internet. Third parties could potentially gain access to the messages. You are solely responsible for choosing this means of communication.

Other

No automated decision-making

Under Article 22 DSGVO you have the right not to be subject to a decision based solely on automated processing — including profiling — which produces legal effects concerning you or similarly significantly affects you.

In general we do not use automated decision-making — including profiling — which may produce legal effects for you or significantly affect you.

Exceptions under Article 22 DSGVO

Automated decision-making may be permissible if:

  • the decision is necessary for the conclusion or performance of a contract between you and us
  • the decision is authorised by EU or Member State law to which we are subject and which provides appropriate measures to safeguard your rights and freedoms
  • the decision is based on your explicit consent

In cases where automated decision-making would be permissible, we take appropriate measures to safeguard your rights and freedoms, in particular ensuring your right to obtain human intervention on our part, your right to express your point of view and your right to contest the decision.

Changes to the Privacy Policy

We reserve the right to amend these provisions at any time in line with operational requirements.

Current version: March 2026

Copyright Wenexus Consulting GmbH 2026

Privacy Policy | Wenexus Consulting GmbH | Wenexus