Mavie Next GmbH, with its registered office at Rothschildplatz 4, 1020 Vienna, Austria, is the Controller within the meaning of Article 4(7) of the General Data Protection Regulation (“GDPR”). We operate this website.
Our Managing Directors are Lukas Mayrl and Ondrej Gandel. Email: contact@mavie.care
Our Data Protection Officer is lexetdata, Dr. Beata Mangelberger. If you have any questions regarding data protection or the processing of your personal data, please contact us at: datenschutz@mavie.care
This Privacy Policy explains how Mavie Next GmbH, as the Controller for data protection purposes, processes personal data when you visit the website mavie.care or contact us through this website.
mavie.care is a corporate and marketing website. It is primarily intended to provide information about Mavie Next GmbH, companies within the Mavie Group, services, offerings, and contact options.
No health data within the meaning of Article 9 GDPR is collected, processed, or stored on this website.
Certain digital services offered by Mavie, in particular login, service, and health portals, are operated on separate domains. Separate privacy policies apply to those services.
We process personal data exclusively in accordance with the General Data Protection Regulation (GDPR) and the applicable national data protection laws, in particular the Austrian Data Protection Act (Datenschutzgesetz – DSG) and the Austrian Telecommunications Act 2021 (Telekommunikationsgesetz 2021 – TKG 2021).
Depending on how you use our website, we may process the following categories of personal data:
Contact Data
For example, your name, email address, and any additional information you voluntarily provide.
Communication Data
The content of your messages and any other information you submit via contact forms or email.
Usage Data
Information regarding the use of our website, including pages visited, interactions, access times, and referrer information (information about the website from which a user accessed our website).
Technical Data
Information about your device and browser, such as browser type, operating system, screen resolution, language settings, and pseudonymous identifiers.
Server and Log Data
In particular, IP address, date and time of access, requested files, HTTP status codes, and data transfer volumes.
Consent Data
Information regarding whether and when you consented to the use of certain cookies and similar technologies or withdrew such consent.
Marketing and Conversion Data
Information about whether you performed certain actions on our website after interacting with an advertisement.
The provision of personal data is generally voluntary. However, certain information may be required in order to process contact requests or provide requested information, such as newsletters.
Without such information, we may not be able to process certain requests or provide certain services, or may only be able to do so to a limited extent.
We process personal data for the following purposes:
Providing, operating, and ensuring the technical functionality of our website
Ensuring IT security and detecting and preventing misuse
Processing and responding to contact requests
Managing newsletter subscriptions
Analyzing the use of our website and optimizing our content and services
Measuring the effectiveness of marketing activities (conversion tracking)
Creating and using audiences for personalized advertising and remarketing, provided that you have consented to such processing
Documenting and managing granted consents
We process personal data on the basis of the following legal grounds under the GDPR:
Consent (Article 6(1)(a) GDPR)
Where you provide us with your consent, in particular for the use of analytics and marketing technologies, for receiving newsletters, or for the processing of certain form data, we process your data on this basis. You may withdraw your consent at any time with effect for the future.
Performance of a Contract and Pre-Contractual Measures (Article 6(1)(b) GDPR)
Where processing is necessary to handle your requests or to carry out pre-contractual measures, processing is based on this legal ground.
Compliance with Legal Obligations (Article 6(1)(c) GDPR)
Where we are legally required to process or retain personal data, processing is carried out on this basis.
Legitimate Interests (Article 6(1)(f) GDPR)
We process personal data where necessary for the purposes of our legitimate interests, in particular to securely provide our website, ensure IT security, prevent misuse, and handle general inquiries.
Information on Cookies and Similar Technologies
Where consent is required for the storage of information on your device or access to information already stored on your device, such processing is carried out additionally on the basis of Section 165 TKG 2021.
Analytics, tracking, and marketing technologies such as Google Analytics 4, Meta Pixel, Google Ads Conversion Tracking, Enhanced Conversions, Customer Match, Fin (Intercom), Klaviyo, and comparable technologies are only used if you have provided your prior express consent.
We only disclose personal data where this is necessary to fulfil the purposes described above or where we are legally required to do so.
Recipients of personal data may include, in particular:
IT and hosting service providers
Providers of consent management solutions
Providers of web analytics and tracking technologies
Providers of marketing and advertising services
Providers of form and newsletter systems
Companies within our corporate group, where this is necessary for administrative purposes or internal reporting
The service providers we use include, in particular, Google (including Google Analytics 4, Google Ads, Google Tag Manager and BigQuery), Meta, Fin (Intercom), Klaviyo and Usercentrics.
Where we engage service providers as processors, processing is carried out on the basis of agreements pursuant to Article 28 GDPR. In certain cases, service providers may also process personal data as independent controllers.
Personal data may be transferred to countries outside the European Union or the European Economic Area, in particular where service providers engaged by us provide their services wholly or partially in such countries.
Where personal data is transferred to a third country, such transfers are carried out exclusively in compliance with the applicable legal requirements. In particular, transfers are based on:
an adequacy decision of the European Commission (e.g. the EU-U.S. Data Privacy Framework),
Standard Contractual Clauses adopted by the European Commission, or
other appropriate safeguards pursuant to Articles 44 et seq. GDPR.
Further information regarding the service providers used and the applicable safeguards can be found in the following sections of this Privacy Policy.
Our website uses cookies and similar technologies, such as local storage technologies, pixel tags, device identifiers and other technologies capable of storing, reading or recognising information on your device.
Technologies that are strictly necessary are used to ensure the basic functionality and security of our website. Analytics and marketing technologies are only activated on the basis of your prior express consent.
Cookies are small text files stored on your device that contain certain information. They are used to enable the use of our website, analyse its use and – where you have provided your consent – carry out marketing activities.
We distinguish between the following categories of technologies:
Strictly Necessary Technologies
These technologies are essential for the operation of the website. Disabling them may impair the functionality and security of the website.
Analytics Technologies
These technologies help us understand how our website is used and enable us to improve our services.
Marketing Technologies
These technologies allow us to measure the effectiveness of advertising activities, create audiences and display personalised advertising to you on other platforms.
We use Usercentrics to manage your consent preferences.
When you first visit our website, you may choose which categories of technologies you wish to allow.
Technologies that are not strictly necessary will only be activated after you have provided your express consent.
You may withdraw or adjust your consent at any time with effect for the future through our consent management tool.
The storage of information on your device and access to information already stored on your device are carried out on the basis of Section 165 TKG 2021.
Where personal data is processed in this context, such processing is carried out – where required – on the basis of your consent pursuant to Article 6(1)(a) GDPR.
The specific retention period for individual cookies and similar technologies is displayed in our consent management tool.
Where you have provided your consent, we use technologies to analyse the use of our website and to measure and optimise our marketing activities.
Processing is carried out exclusively on the basis of your consent pursuant to Article 6(1)(a) GDPR and Section 165 TKG 2021.
In particular, information regarding your usage behaviour, technical characteristics of your device, pseudonymous identifiers, consent information and, where provided by you and legally permissible, hashed contact information such as email addresses may be processed and transmitted to the respective providers.
The data collected may be used for the following purposes:
Analysis and optimisation of our website and content
Measurement of the effectiveness of marketing activities
Conversion tracking
Audience creation
Remarketing and personalised advertising
Improvement of advertising communications and campaign management
We use the following technologies and service providers in particular:
Google Tag Manager
For the central management and deployment of analytics and marketing tags.
Snowplow Analytics
For the collection and analysis of usage and interaction data. The data is stored in our data warehouse based on Google BigQuery and analysed in pseudonymised form.
Google Analytics 4
For the statistical analysis of the use of our website.
Google Ads Conversion Tracking, Enhanced Conversions and Customer Match
For measuring, optimising and delivering our advertising campaigns. Where legally permissible and provided by you, data such as email addresses may be transmitted to Google in hashed form.
Meta Pixel
For measuring the effectiveness of advertisements, creating audiences and remarketing.
Fin (Intercom)
For providing support functions and analysing user interactions and web sessions.
Klaviyo
For marketing automation activities and email marketing campaigns.
As part of the marketing technologies used, your usage behaviour may be analysed automatically in order to display interest-based advertising.
In particular, when using services provided by Google, Meta, Klaviyo and Fin (Intercom), personal data may be processed in the United States of America.
Where service providers process personal data in countries outside the European Union or the European Economic Area, this will only take place in compliance with the applicable legal requirements and subject to appropriate safeguards.
You may withdraw or adjust your consent at any time through our consent management tool.
The lawfulness of processing carried out prior to the withdrawal of consent remains unaffected.
To ensure the secure and efficient provision of our website, we use IT and hosting service providers.
Whenever you access our website, certain technical information is processed automatically, including in particular:
IP address
Date and time of access
Pages and files accessed
Browser type and browser version
Operating system
Referrer URL
HTTP status codes
Data transfer volumes
This data is processed in so-called server log files in order to:
ensure the technical provision of our website,
ensure the stability and security of our systems,
analyse errors,
detect and prevent misuse and attacks.
Processing is carried out on the basis of our legitimate interest in the secure and functional operation of our website pursuant to Article 6(1)(f) GDPR.
Server log files are generally stored for a limited period and subsequently deleted unless longer retention is required for the investigation of security incidents or the establishment, exercise or defence of legal claims.
The standard retention period is up to 30 days.
If you contact us via a contact form or by email, we process the data you provide in order to handle your request and communicate with you.
The following categories of data may be processed in particular:
Name
Email address
Telephone number
Company information
Content of your message
Any other information voluntarily provided by you
Our contact forms are technically integrated into our website. The data submitted through these forms is transmitted to Fin (Intercom), where it is processed for the handling and management of your request.
Processing is carried out:
for the performance of pre-contractual measures or the performance of a contract pursuant to Article 6(1)(b) GDPR, where your request relates thereto; or
on the basis of our legitimate interest in the efficient handling of inquiries pursuant to Article 6(1)(f) GDPR.
As a general rule, we retain your data for up to 12 months following the final processing of your request, unless longer retention is required due to statutory retention obligations or for the establishment, exercise or defence of legal claims.
If you subscribe to our newsletter, we process your email address and, where applicable, any additional information voluntarily provided by you in order to send you regular information about Mavie Next GmbH and other companies within the Mavie Group, in particular regarding their products, services, offers, events and other content.
The newsletter subscription form is technically integrated into our website. The data you enter is transmitted directly to Klaviyo. We use Klaviyo for the distribution and management of our newsletter.
Subscription to our newsletter is carried out using a double opt-in procedure. After registering, you will receive an email asking you to confirm your subscription. This enables us to verify that you are the owner of the specified email address and that you have consented to receive the newsletter.
We store information regarding your subscription, confirmation and, where applicable, unsubscription in order to demonstrate that consent has been granted.
The legal basis for sending the newsletter and the associated processing activities is your consent pursuant to Article 6(1)(a) GDPR.
You may withdraw your consent at any time with effect for the future by using the unsubscribe link included in every newsletter or by contacting us directly.
As a general rule, your data will be processed for as long as your newsletter subscription remains active. Following your unsubscription, we may retain information required to demonstrate your consent for an appropriate period where necessary to comply with legal obligations or to defend against legal claims.
Our website contains links to profiles and pages on social media platforms.
If you click on such a link, you will leave our website and be redirected directly to the website of the respective provider. From that point onwards, the respective provider processes personal data under its own responsibility.
Information regarding the processing of your personal data by the respective providers can be found in their privacy notices.
We maintain corporate profiles on social media platforms in order to communicate with prospective customers, customers and business partners and to provide information about our company.
If you interact with our profiles, for example by commenting on posts or sending us messages, we process the information you provide in order to communicate with you.
Processing is carried out on the basis of our legitimate interest in public relations and communication pursuant to Article 6(1)(f) GDPR or, where your request relates to the conclusion or performance of a contract, pursuant to Article 6(1)(b) GDPR.
Where operators of social media platforms provide usage statistics or similar analytics, joint controllership pursuant to Article 26 GDPR may apply.
Further information can be found in the privacy notices of the respective providers.
We process personal data only for as long as necessary for the respective purposes or as required by statutory retention obligations.
Unless otherwise specified in this Privacy Policy, the following retention periods apply in particular:
Server log files: generally up to 30 days
Contact requests and form data: generally up to 12 months following final processing
Newsletter data: until unsubscribing from the newsletter; evidence of consent and withdrawal may be retained for an appropriate period thereafter
Consent records: stored within the respective systems used for this purpose (e.g. our consent management tool or newsletter system) and generally retained for an appropriate period to demonstrate consent granted and any subsequent withdrawal
Tracking and analytics raw data in our data warehouse: generally up to 25 months
Longer retention may occur where necessary:
to comply with statutory retention obligations,
for the establishment, exercise or defence of legal claims, or
for the investigation of security incidents.
Once the respective processing purpose no longer applies and applicable retention periods have expired, the relevant data will be deleted or anonymised.
Subject to the applicable legal requirements, you have the following rights in particular:
Right of access to the personal data we process about you (Article 15 GDPR)
Right to rectification of inaccurate or incomplete data (Article 16 GDPR)
Right to erasure of your personal data (Article 17 GDPR)
Right to restriction of processing (Article 18 GDPR)
Right to data portability (Article 20 GDPR)
Right to object to processing based on legitimate interests (Article 21 GDPR)
Right to withdraw consent at any time with effect for the future (Article 7(3) GDPR)
If you believe that the processing of your personal data violates applicable data protection laws, you have the right to lodge a complaint with a supervisory authority.
We would appreciate the opportunity to address your concerns directly before you contact a supervisory authority and encourage you to contact us first so that we can resolve your concerns as quickly as possible. You may contact our Data Protection Officer at: datenschutz@mavie.care
or by post:
Data Protection Officer
Mavie Next GmbH
Rothschildplatz 4
1020 Vienna
Austria
We reserve the right to amend this Privacy Policy where changes to our website, our services, the technologies used or the applicable legal framework make such amendments necessary.
The current version published on our website shall apply.
Where changes require your involvement or materially affect your rights, we will inform you accordingly in an appropriate manner.
Last updated: June 2026
© 2026 Mavie Next GmbH, Rothschildplatz 4, 1020 Vienna, Austria