top of page

Your digital key to online success.

Privacy Policy

Privacy policy  

We appreciate your visit to our website at The Chameleon Agency (hereinafter "we" or "Chameleon") takes data protection very seriously. The protection of your data is especially important to us. Therefore, we would like to show you how your data is processed when you use this website and our services. Our data protection declaration refers exclusively to the use of

General information on data processing 

Personal data means all information that allows a conclusion to be drawn about your identity (e.g.: name, address, e-mail address, telephone number). When using our digital services, the processing of your personal data takes place exclusively on the basis of the statutory provisions.

In this privacy policy, you will find more detailed information about the processing of your data in connection with


  • visiting our website (point II.),  

  • contractual and business relations (point III.),  

  • correspondence with us (point IV.),  

  • and your rights in this regard (point V.).

I. Name and address of the controller 

The data controller within the meaning of the EU General Data Protection Regulation 2016/679 (hereinafter: "GDPR") is: 

Chameleon-Agency e.U. 

Zukunftsweg 20 

A-1210 Vienna 


II. Data processing in connection with the visit to our website

A. Provision of the website and creation of log files 

1. Description and scope of data processing 

Each time our website is called up, our system automatically collects data and information from the computer system of the calling computer. The following data is collected:

  • Information about the type of browser and the version used 

  • Language and version of the browser software 

  • The user's operating system and its interface 

  • The user's Internet service provider 

  • The IP address of the user 

  • Date and time of access and time zone difference to Greenwich Mean Time (GMT) 

  • The amount of data transferred 

  • Websites from which the user's system accesses our website  

  • Websites that are accessed by the user's system via our website 

  • Access status/HTTP status code

The data is also stored in the log files of our system.

2. Purpose of data processing 

The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session. The storage in log files is done to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems.

3. Legal basis for the data processing  

The legal basis for the temporary storage of the data and the log files is our legitimate interest pursuant to Art. 6 Para. 1 lit. f DSGVO, which lies in the pursuit of the aforementioned purposes of data processing (point II.A.2.), in particular ensuring the functionality of the website and security of our information technology systems.

4. Duration of storage 

The data is deleted or anonymized after the end of the respective session. If the data is stored in log files, these are deleted after [30 days]. Any further storage of the data in a form that enables the identification of the persons concerned does not take place.

B. Use of cookies and other tracking technologies

5. Definition of cookies 

In order to make the use of our website as user-friendly and secure as possible for you, as well as to enable certain functions in the first place, we use so-called cookies. 

Cookies are small text files that are stored in your browser. These are downloaded from your browser when you first visit our website. When you call up this website again with the same terminal device or browser, the cookie and the information stored in it is either sent back to the respective website that generated it (first-party cookie) or sent to another website to which it belongs (third-party cookie).

6. Functional cookies 

For the purpose of carrying out the transmission of messages and providing the services you requested, we use the cookies listed below. The data processing activities carried out through the use of cookies are based on our legitimate interests in providing a fully functional website and the services you have requested (Art. 6 para. 1 lit. f DSGVO, § 96 para. 3 TKG).

7. Further cookies 

In addition, we use the following cookies on the basis of any consent you may have given (Art. 6 para. 1 lit. a DSGVO, § 96 para. 3 TKG). These are not absolutely necessary to use the website, but nevertheless fulfill important tasks. Without these cookies, functions that enable comfortable surfing on our website are no longer available. Settings made by you cannot be saved and must therefore be requested again on every page. Furthermore, we no longer have the possibility to respond to you with customized offers.

The responsible Chameleon uses This is a company that provides various tools for arranging online meetings. The data controller points out that uses various cookies on its website.

8. Google Analytics 

We use Google Analytics to analyze website usage. The data obtained from this is used to optimize our website and advertising measures.  

Google Analytics is provided to us by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google processes website usage data on our behalf and is contractually committed to measures to ensure the security and confidentiality of the processed data. 

During your website visit, the following data, among others, is recorded:

Pages accessed 

  • The achievement of "website goals" (e.g., contact requests and newsletter sign-ups) 

  • Your behavior on the pages (for example, dwell time, clicks, scrolling behavior) 

  • Your approximate location (country and city) 

  • Your IP address (in shortened form, so that no clear assignment is possible) 

  • Technical information such as browser, Internet provider, terminal device and screen resolution 

  • Source of origin of your visit (i.e. via which website or advertising medium you came to us)

This data is transferred to Google servers in the USA. We would like to point out that the same level of data protection cannot be guaranteed in the USA as within the EU.  

Google Analytics stores cookies in your web browser for a period of two years since your last visit. These cookies contain a randomly generated user ID with which you can be recognized during future website visits. 

The recorded data is stored together with the randomly generated user ID, which enables the evaluation of pseudonymous user profiles. Other data remains stored in aggregated form indefinitely. 


If you do not agree with the collection, you can prevent it with the one-time installation of the browser add-on to disable Google Analytics or by rejecting cookies via our cookie settings dialog.

9. Pixels 

A pixel is a tiny image embedded on websites and in emails that requires a call (which provides device and visit information) to our servers in order for the pixel to be served on those websites and emails. We use pixels to learn more about your interactions with email content or web content, such as whether you have responded to ads or posts. Pixels may allow us and third parties to place cookies in your browser.

10. Your cookie settings on this website 

If you wish to block or restrict cookies altogether, you can make the changes in the settings of your Internet browser. However, cookies that have already been saved can be deleted at any time. If cookies are deactivated for our website, it may no longer be possible to use all of the website's functions to their full extent.  

The procedures for managing and deleting cookies can be found in the help function integrated in the respective browser.

III. Data processing in connection with contractual and business relationships

NOTE: Contractual and business partners are requested, insofar as they are companies, to bring this data protection declaration to the attention of the persons concerned (in particular employees and bodies).

11. Description and scope of data processing 

In the context of contractual and business relationships, we process the personal data of contractual partners or of their employees and/or their bodies.

In particular, the following data is processed:

  • Title, name, function, contact details 

  • Contract and business data  

  • Correspondence, e-mail 

  • Address and billing address  

  • Payment data  

  • Purpose of data processing

We process this data for the purpose of carrying out pre-contractual measures, preparing offers, concluding, fulfilling and processing contracts, conducting our business and complying with legal requirements and industry standards. 


If the data is not provided or not provided in full, we may not be able to fully perform our contractual obligations or conclude the contract in the first place.

12. Legal basis for data processing 

The legal basis for processing activities that are necessary for the implementation of pre-contractual measures, for the conclusion, fulfillment and execution of the contract is the fulfillment of the contract (Art. 6 para. 1 lit. b DSGVO).  

The legal basis for processing activities that is necessary for the fulfillment of legal obligations is Art. 6 para. 1 lit. c DSGVO.  

The legal basis for processing activities that take place in connection with the management of our business and compliance with industry standards is our legitimate interest pursuant to Art. 6 (1) (f) DSGVO, which lies in the proper and efficient management and in the management and optimization of the selection of our contractual partners (suppliers, cooperation partners, etc.).

13. Recipients 

Your data will only be passed on by us if this is necessary for the fulfillment of the contract or if we are obliged to do so by law. If necessary, we also transfer your data on the basis of a legitimate interest. In any case, we will only pass on your data to the extent that it is necessary for the respective purpose, required by the respective legal provision or covered by the legitimate interest. 

If necessary, your data may be passed on to the following recipients in particular:​

  • Tax consultants, auditors, lawyers and notaries public 

  • Banks and insurance companies 

  • Management consultants 

  • Courts and authorities 

  • In addition, your data will be passed on to the following recipients: 

  •, headquartered in Tel Aviv, Israel. Other locations are located in the USA, among other places. Therefore, it cannot be ruled out that data will also be processed at these locations.

14. Duration of storage 

In principle, we retain your data until the contract has been fulfilled or the business relationship has ended. In addition, we are subject to various retention obligations, according to which the storage of data is necessary even after the termination of the contract or business relationship. Furthermore, we may retain your data as long as legal claims can be asserted in connection with the respective contract. In the event of pending official or legal proceedings, your data will be retained until the end of the respective proceedings.

IV. Data processing related to correspondence

15. Description and scope of data processing

If you contact us by e-mail, letter, WhatsApp, Zoom, Microsoft Teams or telephone, we collect and process your name, your contact details, the request you have communicated and, if applicable, the data you provide by attaching documents. The purpose of the data processing is the handling and answering of your request. 

In particular, the following data will be processed:

  • Name 

  • Contact details 

  • Company 

  • Correspondence content

16. Purpose of data processing 

The personal data you provide when contacting us will be processed by us for the purpose of handling and responding to your inquiry or request.

17. Legal basis for data processing 

Depending on the context in which you contact us, the data processing is carried out for the implementation of (pre-)contractual measures (Art. 6 para. 1 lit. b DSGVO) or due to our legitimate interest in communicating with interested parties (Art. 6 para. 1 lit. f DSGVO).

18. Recipients 

As a matter of principle, your data will not be passed on to third parties unless this is necessary due to the content of your inquiry or request.

19. Duration of storage 

In principle, your data will be stored until the customer inquiry has been processed, insofar as statutory retention obligations do not prevent deletion and we do not require the data in individual cases for the defense or enforcement of legal claims.

V. Your rights in relation to data processing

The GDPR grants you, as the data subject, certain rights, which we would like to point out to you below. Please note that these complement each other so that you can only request either the correction or completion of your data or its deletion.

20. Revocation of consent (Art. 7 para. 3 DSGVO) 

If Chameleon collects and processes your personal data based on your consent, you are entitled to revoke your consent at any time. However, this does not affect the lawfulness of the processing carried out up to the time of the revocation.

21. Right to information (Art. 15 DSGVO) 

You can request information about the origin, categories, storage period, recipients, the purpose of the data processed about you by Chameleon and the nature of its processing.

22. Right to rectification (Art. 16 DSGVO) 

If Chameleon processes data about you that is inaccurate or incomplete, you may request that it be corrected or completed.

23. Right to erasure (Art. 17 DSGVO) 

You may, under certain conditions, request the controller to delete the personal data concerning you without undue delay. If the legal requirements are met, the controller is obliged to delete this data without delay. This may be the case in particular in the following situations:

(1) The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed. 

(2) You withdraw your consent on which the processing was based and there is no other legal basis for the processing. 

(3) You object to the processing and there are no overriding legitimate grounds for the processing. 

(4) The personal data concerning you have been processed unlawfully.

24. Right to restriction of processing (Art. 18 DSGVO) 

If it is unclear whether the data processed about you is inaccurate, incomplete or processed unlawfully, you may request the restriction of the processing of your data until this issue is finally clarified.

25. Right of objection (Art. 21 DSGVO) 

Even if your personal data is correct and complete and is processed by Chameleon, you can object to the processing of this data. However, this only applies if Chameleon processes your data on the basis of a legitimate interest pursuant to Art. 6 (1) lit. f DSGVO and only in special situations to be justified by you.

26. Right to data portability 

You may receive the personal data processed by Chameleon that Chameleon itself has received from you in a machine-readable format determined by Chameleon or instruct Chameleon to transfer this data directly to a third party chosen by you, provided that this recipient enables Chameleon to do so from a technical point of view and that the data transfer is not prevented by unreasonable effort or by legal or other confidentiality obligations or confidentiality considerations on the part of Chameleon or third parties.

27. Right of Complaint 

Finally, you have the right to lodge a complaint with the Austrian data protection authority ( if you believe that the processing of personal data concerning you violates data protection regulations.

28. Whom can you contact to assert your rights? 

To assert the aforementioned rights, please contact us in writing (by letter or e-mail) to the contact mentioned under point I or directly to the following e-mail address:

bottom of page