All Countries
Data Privacy
Customer Privacy Notice

Customer Privacy Notice Template for Austria

Create a bespoke document in minutes,  or upload and review your own.

4.6 / 5
4.8 / 5

Let's create your Customer Privacy Notice

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Get your first 2 documents free

Your data doesn't train Genie's AI

You keep IP ownership of your information

Key Requirements PROMPT example:

Customer Privacy Notice

"I need a Customer Privacy Notice for my new e-commerce startup based in Vienna, launching in March 2025, that will collect customer data and use AI-powered recommendation systems. The notice needs to be GDPR-compliant and specifically address automated decision-making and cookie usage."

Celebrated by
Collaborations with
Investors
Document background
The Customer Privacy Notice is a mandatory document required under both EU GDPR and Austrian data protection law for any organization processing personal data of customers in Austria. It must be provided to customers at the time their personal data is collected and serves as a primary transparency tool explaining how the organization handles personal information. The notice needs to comply with Articles 13 and 14 of GDPR, the Austrian Data Protection Act (DSG), and other relevant Austrian privacy regulations. It should be written in clear, plain language and must include specific information about data processing activities, data subject rights, and contact information for data protection queries. The document requires regular reviews and updates to reflect any changes in data processing practices or regulatory requirements.
Suggested Sections

1. Introduction: Overview of the privacy notice and its purpose

2. Data Controller Information: Identity and contact details of the data controller and, where applicable, their representative

3. Data Protection Officer: Contact details of the Data Protection Officer (if appointed)

4. Types of Personal Data Collected: Detailed description of the categories of personal data collected and processed

5. Purposes and Legal Bases: Explanation of how and why personal data is processed, including the legal bases for processing

6. Data Recipients: Information about who receives or has access to the personal data, including third-party processors

7. Data Retention: How long personal data is kept and criteria used to determine retention periods

8. Data Subject Rights: Explanation of individual rights under GDPR and how to exercise them

9. International Transfers: Information about any data transfers outside the EU/EEA and safeguards in place

10. Security Measures: Overview of measures taken to protect personal data

11. Updates to Privacy Notice: Information about how changes to the privacy notice will be communicated

Optional Sections

1. Cookies and Tracking: Detailed information about cookie usage and tracking technologies - required if the business operates websites or apps

2. Marketing Communications: Information about marketing communications and how to opt out - needed if the business conducts direct marketing

3. Automated Decision Making: Information about automated decision-making and profiling - required if such processing is performed

4. Children's Privacy: Specific provisions for processing children's data - required if services are offered to children

5. Special Categories of Data: Information about processing sensitive personal data - required if such data is processed

6. Joint Controller Information: Details about joint controllers if applicable - required in case of joint controllership arrangements

Suggested Schedules

1. Cookie List: Detailed list of cookies used, their purposes and duration

2. Third Party Processors: List of data processors and their locations

3. Technical and Organizational Measures: Detailed description of security measures implemented

4. Processing Activities Register: Detailed overview of specific processing activities and their purposes

Authors

Alex Denne

Head of Growth (Open Source Law) @ Genie AI | 3 x UCL-Certified in Contract Law & Drafting | 4+ Years Managing 1M+ Legal Documents | Serial Founder & Legal AI Author

Linkedin in social icon imageX social icon image
alex.den.21@genieai.co
Relevant legal definitions
Personal Data
Processing
Data Controller
Data Processor
Data Subject
Consent
Special Categories of Personal Data
Data Protection Officer (DPO)
Supervisory Authority
Austrian Data Protection Authority (DSB)
GDPR
Austrian Data Protection Act (DSG)
Data Recipient
Third Party
Profiling
Automated Decision-Making
Data Transfer
Privacy Notice
Cookie
Log Data
IP Address
Legitimate Interest
Data Minimization
Data Retention
Data Subject Rights
Technical and Organizational Measures
Data Breach
Joint Controller
Pseudonymization
Encryption
Clauses
Data Collection
Data Processing
Legal Basis
Purpose Limitation
Data Sharing
International Transfers
Data Security
Data Retention
Data Subject Rights
Consent Management
Cookie Usage
Marketing Communications
Children's Privacy
Automated Processing
Data Protection Officer
Complaints Procedure
Privacy Notice Updates
Contact Information
Third Party Processing
Special Categories Processing
Data Breach Notification
Record Keeping
Data Minimization
Transparency
Access Rights
Rectification Rights
Erasure Rights
Portability Rights
Objection Rights
Withdrawal of Consent
Relevant Industries

Retail

E-commerce

Financial Services

Healthcare

Technology

Telecommunications

Professional Services

Education

Hospitality

Manufacturing

Insurance

Real Estate

Entertainment

Transportation

Energy

Relevant Teams

Legal

Compliance

Data Protection

Information Security

IT

Marketing

Customer Service

Operations

Risk Management

Human Resources

Digital

Communications

Relevant Roles

Data Protection Officer

Privacy Manager

Legal Counsel

Compliance Officer

Chief Privacy Officer

Information Security Manager

Risk Manager

Chief Information Security Officer

General Counsel

Chief Legal Officer

Customer Relations Manager

IT Director

Chief Technology Officer

Marketing Director

Operations Manager

Industries
General Data Protection Regulation (GDPR): EU Regulation 2016/679 - The fundamental EU-wide law governing personal data protection and privacy, directly applicable in Austria
Austrian Data Protection Act (DSG): National law implementing GDPR in Austria and providing additional country-specific data protection requirements
Austrian Telecommunications Act (TKG): Regulates electronic communications and contains provisions about data protection in telecommunications services
E-Commerce Act (ECG): Austrian law governing electronic business and services, including requirements for online privacy notices
Consumer Protection Act (KSchG): Austrian law protecting consumer rights, including transparency requirements for privacy notices
Austrian Civil Code (ABGB): Provides general legal framework for contractual relationships and privacy rights in Austria
ePrivacy Directive (2002/58/EC): EU directive concerning privacy in electronic communications, implemented in Austrian law
Data Protection Authority Guidelines: Guidelines and decisions from the Austrian Data Protection Authority (DSB) that influence privacy notice requirements
Teams

Employer, Employee, Start Date, Job Title, Department, Location, Probationary Period, Notice Period, Salary, Overtime, Vacation Pay, Statutory Holidays, Benefits, Bonus, Expenses, Working Hours, Rest Breaks,  Leaves of Absence, Confidentiality, Intellectual Property, Non-Solicitation, Non-Competition, Code of Conduct, Termination,  Severance Pay, Governing Law, Entire Agreemen

Find the exact document you need

Notice Of Personal Data Processing

An Austrian law-compliant privacy notice detailing personal data processing activities and data subject rights under GDPR and local regulations.

find out more

Data Privacy Notice

An Austrian law-compliant privacy notice detailing personal data processing activities and individual rights under GDPR and DSG.

find out more

Customer Privacy Notice

Austrian law-compliant Customer Privacy Notice outlining personal data handling practices under GDPR and DSG requirements.

find out more

Data Processor Privacy Notice

An Austrian law-compliant privacy notice for data processors, outlining personal data handling practices and GDPR obligations.

find out more

Personal Data Notice

An Austrian law-compliant Personal Data Notice detailing how personal data is processed in accordance with GDPR and DSG requirements.

find out more

Applicant Privacy Notice

An Austrian-law governed Applicant Privacy Notice outlining how job applicants' personal data is handled during recruitment, compliant with GDPR and local data protection laws.

find out more

Company Privacy Notice

An Austrian law-compliant privacy notice detailing an organization's personal data processing practices under GDPR and DSG requirements.

find out more

Data Processing Notice

An Austrian law-compliant Data Processing Notice outlining how an organization handles personal data in accordance with GDPR and DSG requirements.

find out more

Download our whitepaper on the future of AI in Legal

By providing your email address you are consenting to our Privacy Notice.
Thank you for downloading our whitepaper. This should arrive in your inbox shortly. In the meantime, why not jump straight to a section that interests you here: https://www.genieai.co/our-research
Oops! Something went wrong while submitting the form.

Genie’s Security Promise

Genie is the safest place to draft. Here’s how we prioritise your privacy and security.

Your documents are private:

We do not train on your data; Genie’s AI improves independently

All data stored on Genie is private to your organisation

Your documents are protected:

Your documents are protected by ultra-secure 256-bit encryption

Our bank-grade security infrastructure undergoes regular external audits

We are ISO27001 certified, so your data is secure

Organizational security

You retain IP ownership of your documents

You have full control over your data and who gets to see it

Innovation in privacy:

Genie partnered with the Computational Privacy Department at Imperial College London

Together, we ran a £1 million research project on privacy and anonymity in legal contracts

Want to know more?

Visit our Trust Centre for more details and real-time security updates.

Read our Privacy Policy.