Privacy Policy

Last updated: 1st January 2026

This Privacy Policy describes how MysticHarbor GmbH ("we", "us", or "our") collects, uses, and protects your personal information when you visit our website or use our services. We are committed to protecting your privacy and ensuring the security of your personal data in accordance with the General Data Protection Regulation (GDPR) and Austrian data protection laws.

Data Controller Information

The data controller for your personal information is:

MysticHarbor GmbH
Landstraßer Hauptstraße 62
9589 Villach, Carinthia
Austria
Registration Number: FN521984k
VAT Number: ATU73910285
Email: privacy@mysticharbor.world
Phone: +43 4242220440

Data Collection

We collect and process the following types of personal data when you interact with our website and services:

Information You Provide Directly

The data we collect includes information you voluntarily provide when you:

  • Contact us through our contact form or email
  • Subscribe to our services or newsletters
  • Create an account or register for our services
  • Participate in surveys or provide feedback

This may include your name, email address, phone number, company information, job title, and any other information you choose to provide in your communications with us.

Automatically Collected Information

When you visit our website, we may automatically collect certain technical information, including:

  • IP address and browser type
  • Operating system and device information
  • Pages visited and time spent on our website
  • Referring website and search terms used
  • Cookie and tracking technology data

How We Use Your Information

We use of your data is based on legitimate legal grounds under GDPR. We process your personal information for the following purposes:

Service Provision

How we use your information includes providing our market data services, responding to your enquiries, and managing your account. The legal basis for this processing is the performance of a contract or taking steps at your request before entering into a contract.

Communication

We use your contact information to respond to your enquiries, provide customer support, and send you important updates about our services. This is based on our legitimate interests in providing customer service and fulfilling contractual obligations.

Legal Compliance

We may process your data to comply with legal obligations, including tax requirements, regulatory compliance, and responding to legal requests from authorities.

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner. For detailed information about our use of cookies, please refer to our Cookie Policy.

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

  • Service Providers: We may share data with trusted third-party service providers who assist us in operating our website and providing services
  • Legal Requirements: We may disclose information when required by law or to protect our rights and interests
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction
  • Consent: We may share information with your explicit consent for specific purposes

Data Security

We implement appropriate technical and organisational security measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, secure servers, access controls, and regular security assessments. However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. Specifically, we retain contact form submissions for up to 3 years, account information for the duration of your relationship with us plus 7 years for legal compliance, and website analytics data for up to 26 months. When data is no longer needed, we securely delete or anonymise it.

Your Rights

Under GDPR and Austrian data protection law, you have the following rights regarding your personal data:

  • Right of Access: You can request information about the personal data we hold about you
  • Right of Rectification: You can request correction of inaccurate or incomplete data
  • Right of Erasure: You can request deletion of your personal data in certain circumstances
  • Right to Restrict Processing: You can request limitation of how we process your data
  • Right to Data Portability: You can request transfer of your data to another service provider
  • Right to Object: You can object to processing based on legitimate interests or for marketing purposes
  • Right to Withdraw Consent: You can withdraw consent for processing based on consent at any time

International Data Transfers

As we operate within the European Union, your personal data is primarily processed within the EU. If we transfer data outside the EU, we ensure appropriate safeguards are in place, such as adequacy decisions by the European Commission or standard contractual clauses approved by the European Commission.

Children's Privacy

Our services are not directed to children under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this policy periodically.

Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding your personal data, please reach out to us:

Privacy Officer
MysticHarbor GmbH
Email: privacy@mysticharbor.world
Phone: +43 4242220440
Address: Landstraßer Hauptstraße 62, 9589 Villach, Carinthia, Austria

You also have the right to lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde) if you believe we have not complied with applicable data protection laws.

Governing Law

This Privacy Policy is governed by Austrian law and the General Data Protection Regulation (GDPR). Any disputes arising from this policy shall be subject to the exclusive jurisdiction of Austrian courts.