ANTIHELDEN
de | en

Privacy Policy

Last updated: May 2026

We are pleased that you are visiting antihelden.ai. The protection of your personal data is important to us. This Privacy Policy informs you about how we handle your personal data when you use our website.

Personal data is any information relating to an identified or identifiable natural person (e.g. name, address, e-mail address, IP address).

1. Data Controller

The data controller within the meaning of the General Data Protection Regulation (GDPR) is:

ANTIHELDEN OG
Hütteldorferstraße 36/17
1150 Vienna, Austria
Managing Director: Andreas Gesierich
Company register: FN653837a
VAT ID: ATU82530478
E-mail: flaws@antihelden.ai
Phone: +43 699 126 50 939

2. Legal Bases for Processing

We process personal data exclusively on the basis of the GDPR and the Austrian Data Protection Act (DSG). Depending on the type of processing, we rely on the following legal bases:

  • Art. 6 (1) (a) GDPR – consent of the data subject
  • Art. 6 (1) (b) GDPR – processing necessary for the performance of a contract or pre-contractual measures
  • Art. 6 (1) (c) GDPR – compliance with a legal obligation
  • Art. 6 (1) (f) GDPR – legitimate interests, provided your fundamental rights and freedoms do not override them

3. Hosting and Server Log Files

Our website is hosted on the infrastructure of Cloudflare, Inc. (101 Townsend St, San Francisco, CA 94107, USA). Each time the website is accessed, the hosting provider automatically collects data in server log files:

  • IP address of the requesting device
  • Date and time of access
  • URL accessed
  • Browser type and version used
  • Operating system used
  • Referrer URL (previously visited page)

This data is processed for the technical provision of the website, ensuring IT security, and statistical analysis. The legal basis is Art. 6 (1) (f) GDPR (legitimate interest in a stable, secure web presence).

Cloudflare may also process data in the United States. Such transfers take place on the basis of EU Standard Contractual Clauses and Cloudflare's certification under the EU-US Data Privacy Framework. Cloudflare's privacy policy: https://www.cloudflare.com/privacypolicy/

4. Cookies

Our website does not set any first-party cookies and does not use tracking. Only technically necessary data for delivering the website is briefly processed, as described in section 3.

When embedded content is loaded (e.g. Vimeo videos), the respective third-party providers may set cookies. We have no influence on this.

5. Contact via E-mail

If you contact us by e-mail (flaws@antihelden.ai) or telephone, your details (name, e-mail address, content of your message) will be processed for the purpose of handling the request and any follow-up questions.

The legal basis is Art. 6 (1) (b) GDPR (pre-contractual measures) or Art. 6 (1) (f) GDPR (legitimate interest in answering your inquiry). We delete the data as soon as its storage is no longer required, or restrict processing if statutory retention obligations exist.

6. Embedded Vimeo Videos

On our portfolio pages, we embed videos hosted on Vimeo (Vimeo, Inc., 555 West 18th Street, New York, NY 10011, USA). Videos are loaded only when you click on a portfolio stripe and the video modal opens.

When the video loads, your IP address is transmitted to Vimeo. Vimeo also uses its own cookies and tracking mechanisms. We enable Vimeo's privacy mode (DNT flag) to reduce data collection.

The legal basis is Art. 6 (1) (f) GDPR (legitimate interest in an attractive presentation of our portfolio). Vimeo's privacy policy: https://vimeo.com/privacy

7. Social Media Links

On our website you will find links to our social media profiles on Instagram, LinkedIn, YouTube and Facebook. These links are designed as plain hyperlinks – no data is transferred to these providers when you simply load our website. Only when you actively click a link do you leave our website.

  • Instagram (Meta Platforms Ireland Ltd.): https://privacycenter.instagram.com/policy
  • Facebook (Meta Platforms Ireland Ltd.): https://www.facebook.com/policy.php
  • LinkedIn (LinkedIn Ireland Unlimited Company): https://www.linkedin.com/legal/privacy-policy
  • YouTube (Google Ireland Ltd.): https://policies.google.com/privacy

8. International Data Transfers

Some of the services we use (in particular Cloudflare and Vimeo) may process data in the United States or other countries outside the EU/EEA. Such transfers take place on the basis of:

  • EU Standard Contractual Clauses pursuant to Art. 46 GDPR
  • The providers' certification under the EU-US Data Privacy Framework (where applicable)

Please note that third countries – particularly the United States – may have a level of data protection that does not correspond to EU standards.

9. Storage Period

We store personal data only for as long as necessary to fulfil the respective purpose or as required by statutory retention periods. Server log files are usually deleted or anonymised after 30 days. Inquiry data is stored until the conclusive handling of your inquiry, and beyond that to the extent required for legal reasons.

10. Your Rights as a Data Subject

You have the following rights against us regarding your personal data:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object to processing (Art. 21 GDPR)
  • Right to withdraw any consent given, with effect for the future (Art. 7 (3) GDPR)

To exercise these rights, please contact: flaws@antihelden.ai

11. Right to Lodge a Complaint with the Supervisory Authority

You have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data violates the GDPR. The competent authority for Austria is:

Austrian Data Protection Authority
Barichgasse 40-42, 1030 Vienna
Phone: +43 1 52 152-0
E-mail: dsb@dsb.gv.at
https://www.dsb.gv.at/

12. Data Security

We use technical and organisational security measures to protect your data against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. The connection to our website is end-to-end encrypted with TLS/SSL.

13. Currency and Changes

This Privacy Policy is currently valid. Due to further development of our website or changes in legal requirements, it may become necessary to amend this Privacy Policy. The current version is always available at antihelden.ai/en/privacy.

← Back