PRIVACY POLICY

Data Controller

MS2 GmbH

Murtalstraße 641

5582 St. Michael im Lungau, Austria

Email: mario@ms2group.at

 

At MS2 GmbH, we take the protection of your personal data seriously.

In compliance with Articles 13 and 14 of the EU GDPR and applicable Austrian data protection laws (DSG), we explain below how we process information you provide through our websites (e.g. innovatorcircle.at, ms2group.at, and related landing pages), Meta ads, and connected communication channels (e.g. WhatsApp Communities).

1. Collected Data

We collect and process the following categories of data:

(a) Technical and Usage Data

  • IP address, browser type, device information, operating system, date/time of access, referring URL, and interaction data collected automatically via cookies, tracking pixels, or analytics tools (e.g. Meta Pixel, Google Analytics).

(b) Contact and Lead Data

  • Name, email address, and/or phone number, if voluntarily provided through Meta lead forms, website contact forms, or landing pages.

(c) Community and Communication Data

  • WhatsApp user information (e.g. display name, phone number, message history) when you voluntarily join our WhatsApp Community or communicate with our team via WhatsApp or other messaging platforms.

  • Interaction data within our communities or communication channels to coordinate participation and follow-up.

(d) Marketing and Behavioral Data

  • Engagement data from our Meta ads (e.g. which ad you clicked), as provided by Meta Platforms Ireland Ltd. through aggregated or individual-level analytics.

  • Data from newsletter subscriptions, downloads, or registrations for webinars, programs, or events.

2. Purpose of Processing

We process your data for the following purposes:

  1. Lead generation and communication — To contact interested persons who engage with our ads, websites, or communities.

  2. Community management — To provide updates, invitations, and direct communication via WhatsApp or other channels.

  3. Marketing optimization — To measure and improve the performance of our advertising campaigns (e.g. Meta Ads, Google Ads).

  4. Contract initiation and fulfillment — When a user expresses interest in one of our offers or enters into a business relationship with us.

  5. Legal obligations and security — To comply with statutory requirements and maintain system integrity.

3. Legal Basis for Processing

Data is processed under the following legal bases:

  • Consent (Art. 6 (1)(a) GDPR): When you opt into cookies, submit lead forms, join our WhatsApp Community, or agree to marketing contact.

  • Legitimate Interest (Art. 6 (1)(f) GDPR): For ensuring functionality, analyzing user behavior to improve services, and communicating with existing or potential clients who have shown clear interest in our offers.

  • Contractual Necessity (Art. 6 (1)(b) GDPR): When processing is required to perform pre-contractual steps or deliver services requested by you.

You may withdraw your consent at any time, without affecting the lawfulness of prior processing.

4. Cookies, Tracking, and Meta Platforms

We use cookies, tracking pixels, and analytics tools from third parties to analyze behavior and display targeted advertising. This includes:

  • Meta Platforms Ireland Ltd. (Facebook, Instagram): Meta Pixel, Conversion API, and lead forms for campaign optimization and remarketing.

  • Google Ireland Ltd. (Google Analytics, Ads): To measure traffic and improve website performance.

Your consent to cookies or lead forms may involve transferring data to the USA or other non-EEA countries. We ensure appropriate safeguards (e.g. Standard Contractual Clauses – Art. 46 GDPR).

You can withdraw your consent at any time via our cookie banner or browser settings.

5. WhatsApp Communities and Direct Contact

When joining our WhatsApp Community, you do so voluntarily and acknowledge that:

  • Your phone number and WhatsApp profile data become visible to our team and potentially other members, depending on your personal privacy settings.

  • We may use the contact data to send information about MS2 Group offers, events, and updates.

  • Communication occurs through WhatsApp LLC, which may process your data outside the EEA (e.g. in the USA or UK). WhatsApp’s own privacy policy applies: https://www.whatsapp.com/legal/privacy-policy-eea.

We do not add anyone to a community without voluntary consent and you may leave at any time.

Messages sent to you individually by our team serve to provide support, information, or follow-up in connection with your expressed interest.

6. Data Retention

We retain your personal data only as long as necessary for the purpose it was collected:

  • Technical and analytical data: up to 2 years.

  • Contact or lead data: up to 3 years after the last contact, unless further consent is given.

  • WhatsApp and communication data: up to 1 year after the conversation ends, unless legal retention periods apply.

  • Newsletter and marketing data: until you withdraw your consent or unsubscribe.

7. Data Sharing and Processors

Data may be shared with or processed by:

  • IT and hosting providers, CRM systems, and analytics tools supporting our operations.

  • Meta Platforms Ireland Ltd., Google Ireland Ltd., and WhatsApp LLC as independent or joint controllers in certain cases.

  • Authorized partners (e.g. marketing or community management contractors) bound by strict confidentiality and data protection agreements.

  • Public authorities or legal advisors, where legally required.

All processors are contractually obligated to comply with GDPR standards.

8. International Data Transfers

If data is transferred to countries outside the EEA, we ensure appropriate safeguards such as EU Standard Contractual Clauses (SCCs) or adequacy decisions under Art. 45 GDPR to maintain an adequate level of protection.

9. Your Rights

You have the following rights under the GDPR:

  • Access to your personal data (Art. 15 GDPR)

  • Rectification of inaccurate data (Art. 16 GDPR)

  • Erasure (“Right to be forgotten”) (Art. 17 GDPR)

  • Restriction of processing (Art. 18 GDPR)

  • Data portability (Art. 20 GDPR)

  • Objection to processing (Art. 21 GDPR), particularly for direct marketing purposes

  • Withdrawal of consent (Art. 7 (3) GDPR) at any time

  • Lodging a complaint with the Austrian Data Protection Authority (Datenschutzbehörde)

Requests can be sent to mario@ms2group.at. We will respond without undue delay and in accordance with Art. 12 GDPR.

10. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements or our data processing activities. The latest version is always available on our website at Privacy Policy.