Privacy policy
Thank you for your interest in our website. The protection of personal data is important to us. Below we provide information about which personal data is processed when you visit and use this website.
1. responsible person
Responsible for this website is:
Zeman Beteiligungsgesellschaft mbH
Clemens-Holzmeister-Straße 6
1100 Vienna
Austria
Telephone: +43 (0)1 814 14 – 0
E-mail: info@zeco.at
Website: www.zeman-group.com
This website provides information about the company, services, projects, references and activities of the Zeman Group.
2. contact for data protection inquiries
If you have any questions about data protection or exercising your rights as a data subject, please contact the following contact point:
E-mail: info@zeco.at
Postal address: Zeman Beteiligungsgesellschaft mbH, Clemens-Holzmeister-Straße 6, 1100 Vienna, Austria
3. hosting and technical provision of the website
Our website is hosted by Hetzner Online GmbH, Germany. When the website is accessed, the web server processes technically necessary access data. This may include, in particular, IP address, date and time of access, URL accessed, referrer URL, browser type, operating system, HTTP status code and amount of data transferred.
The processing is carried out for the technical provision of the website, to ensure stability and security, for error analysis and to prevent abusive access. The legal basis is Art. 6 para. 1 lit. f GDPR, our legitimate interest in the secure and reliable operation of the website.
Server log files are only stored for as long as is necessary for the aforementioned purposes and then deleted or anonymized, unless longer storage is required for security reasons or to assert, exercise or defend legal claims.
4. technically necessary cookies and local storage
Our website only uses technically necessary or functionally required cookies and local storage insofar as these are necessary for the operation of the website, security, language selection, internal login functions or the display of approved external content.
For external content that is not technically necessary, in particular embedded YouTube videos or Google Maps, we obtain consent directly from the embedded content before loading the respective provider.
| Name / Technology | Provider / Area | Purpose | Duration |
|---|---|---|---|
wp-wpml_current_language | WPML | Saves the currently selected language for correct multilingual display of the website. | Session or according to plugin configuration |
zeman_external_embed_consent_v1 / Local Storage | Zeman Website | Saving the sharing of external content such as YouTube or Google Maps in this browser. | 365 days or until revoked |
amf_yt | Zeman Website / YouTube Gallery Compatibility | Compatibility with existing YouTube shares in project galleries. | 365 days or until revoked |
| WordPress login cookies | WordPress | Login and session management for authorized internal users. | Session or WordPress standard |
| Wordfence security cookies | Wordfence | Recognition of authorized logins and security-related firewall functions. | According to Wordfence configuration |
5. multilingualism / WPML
We use WPML to provide the multilingual website. A functionally required cookie can be stored in order to recognize the current language of the website and display it correctly.
The legal basis is Art. 6 para. 1 lit. f GDPR, our legitimate interest in a correctly functioning multilingual website.
6. internal login and user accounts
Internal WordPress user accounts can be created for authorized employees of the Zeman Group. These user accounts are used for internal website functions, in particular extended functions that are not publicly accessible.
In particular, the name, email address, user name, role/authorization, login times, IP address and technically necessary WordPress cookies may be processed.
The legal basis is Art. 6 para. 1 lit. f GDPR, our legitimate interest in the provision and administration of internal website functions. Insofar as the user account is required in connection with work or contract-related tasks, the processing may additionally be based on Art. 6 para. 1 lit. b GDPR can be supported.
7. website security / Wordfence
We use Wordfence to protect the website from attacks, abusive access and security-related incidents. Security-relevant access data, IP addresses, login attempts, blocked requests and technical information can be processed.
According to our current configuration, live traffic logging is limited to security-relevant traffic. No further visitor analysis for marketing or reach purposes takes place via Wordfence.
The processing is carried out to secure the website and to detect and defend against attacks. The legal basis is Art. 6 para. 1 lit. f GDPR.
8. internal search / Ajax Search Pro
Our website uses an internal search function. When using the search function, the search terms entered and technical access data are processed in order to display suitable content on the website.
According to our current configuration, the search statistics are deactivated. The search runs without external search providers and without marketing tracking. The legal basis is Art. 6 para. 1 lit. f GDPR, our legitimate interest in a user-friendly findability of our website content.
9. external content and embedded media
External content may be embedded on individual pages, in particular videos from YouTube, maps from Google Maps or similar external media. This content is not loaded automatically. Instead, a local placeholder is displayed first.
Only when you click on “Agree and load video”, “Agree and load map” or a similar button will the respective external provider be approved for this website and the external content loaded. Personal data, in particular your IP address, browser and device information as well as information about the page accessed, may be transmitted to the respective provider.
Your consent is valid for 365 days and is stored in this browser. You can revoke your consent at any time:
Here you can withdraw the consents for embedded external content stored in this browser.
If you revoke your consent, the saved approvals for external content in this browser will be deleted. External content will then be blocked again until you actively load it again.
10 YouTube
YouTube videos may be embedded on individual pages. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The videos are only loaded after your active approval.
When you load a YouTube video, data may be transferred to Google/YouTube and processed there. This may also include a transfer to third countries, in particular the USA. Further information can be found in Google’s privacy policy.
11. google maps
Maps from Google Maps may be embedded on the contact page. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The maps are only loaded after your active approval.
When you load a map, data may be transferred to Google and processed there. This may also include a transfer to third countries, in particular the USA. Further information can be found in Google’s privacy policy.
12. social media links
Our website contains links to our profiles on social networks, in particular LinkedIn and Facebook. These are simple links. When you simply visit our website, no data is transferred to these providers. Only when you click on such a link do you leave our website and the data protection provisions of the respective provider apply.
13. no web analytics and no marketing pixels
We do not currently use active web analytics such as Google Analytics or marketing pixels such as Meta Pixel or LinkedIn Insight Tag on this website. According to our current configuration, Google Analytics code is not displayed on the website.
Technical tools such as Google Search Console, Bing Webmaster Tools or PageSpeed Insights can be used for technical analysis and search engine optimization without including a tracking code for visitors on the website.
14. contact
If you contact us by e-mail, telephone or other means, we will process the data you provide to process your request and for any follow-up questions. This may include, in particular, your name, contact details, company, function and the content of your message.
The legal basis is Art. 6 para. 1 lit. b GDPR, insofar as the contact is in connection with pre-contractual or contractual measures, and Art. 6 para. 1 lit. f GDPR, our legitimate interest in the processing of inquiries.
15. backups
Backups are created to secure the website. This may also include personal data if it is stored on the website, in user accounts or in log data. Backups are used to restore the website in the event of technical problems, misconfigurations or security incidents.
According to the current configuration, backup archives can be stored locally in the hosting system. Storage is restricted to a limited number of backup archives. The legal basis is Art. 6 para. 1 lit. f GDPR, our legitimate interest in secure and recoverable website operation.
16. recipients and processors
Personal data may be transmitted to technical service providers, hosting providers, IT service providers or providers of embedded content within the scope of the aforementioned purposes, insofar as this is necessary for the operation, security or desired function of the website.
Where necessary, agreements are concluded with processors in accordance with Art. 28 GDPR.
17. storage period
We only store personal data for as long as this is necessary for the respective purposes, statutory retention obligations exist or there are legitimate interests in further storage, for example for the assertion, exercise or defense of legal claims.
18 Your rights
In accordance with the GDPR, you have the right to information, rectification, erasure, restriction of processing, data portability and objection to certain processing. If processing is based on your consent, you can revoke this consent at any time with effect for the future.
To exercise your rights, you can contact info@zeco.at.
19. right of appeal
If you believe that the processing of your personal data violates data protection law, you have the right to lodge a complaint with a data protection supervisory authority. In Austria, this is the Austrian Data Protection Authority.
20. timeliness of this privacy policy
This privacy policy may be adapted if technical, organizational or legal conditions change.
Status: May 19, 2026