Legal

Privacy Policy

We take the protection of your personal data seriously. This privacy policy explains what data we collect, how we use it, and what rights you have under the EU General Data Protection Regulation (GDPR) and applicable national laws.

1. Controller

AP IT Solutions GmbH
Simmeringer Hauptstraße 24/10, 1110 Vienna, Austria
Email: office@ap-it.at
Phone: +43 664 265 9378
Managing Director: Aleksandar Prvulovic
Imprint: mindvesto.com/imprint

2. Scope

This privacy policy applies to all personal data processed in connection with the website mindvesto.com, including email communication and the sale of digital products.

3. Legal bases

We process your data only where at least one of the following conditions applies:

Consent (Art. 6(1)(a) GDPR): You have given us your consent, e.g. when entering your email address for the free guide.
Contract (Art. 6(1)(b) GDPR): Processing is necessary for the performance of a contract, e.g. processing a product purchase.
Legal obligation (Art. 6(1)(c) GDPR): We are subject to a legal obligation, e.g. retention of invoices.
Legitimate interests (Art. 6(1)(f) GDPR): For the secure and efficient operation of this website.

In addition to the GDPR, the Austrian Data Protection Act (DSG) applies.

4. Retention periods

We store personal data only for as long as necessary to provide our services. Data is deleted as soon as the purpose for processing no longer applies — unless statutory retention obligations exist (e.g. 7 years for accounting records under Austrian law).

5. Communication

👥 Affected: Anyone who contacts us by email · 📓 Data: name, email address, message content · 📅 Retention: duration of the business transaction · ⚖️ Legal basis: Art. 6(1)(a)(b)(f) GDPR

When you contact us by email, the data transmitted is stored to process your enquiry and is deleted once the transaction is complete, unless statutory retention obligations apply.

6. Cookies

👥 Affected: Website visitors · 🤝 Purpose: functionality and analytics · ⚖️ Legal basis: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (legitimate interests)

Our website uses cookies. Technically necessary cookies are set on the basis of legitimate interests (Art. 6(1)(f) GDPR). All other cookies — in particular for Google Analytics — are only set after your explicit consent via the cookie banner.

You can delete or disable cookies at any time in your browser settings. Instructions for Chrome, Firefox and Safari.

7. Web hosting (Hostinger)

👥 Affected: Website visitors · 📓 Data: IP address, browser, OS, access timestamp · 📅 Retention: approx. 2 weeks · ⚖️ Legal basis: Art. 6(1)(f) GDPR

This website is hosted by Hostinger International Ltd. (61 Lordou Vironos Street, 6023 Larnaca, Cyprus). Server log files containing IP address, browser type, OS, referrer URL, and timestamp are created automatically and deleted after approximately 2 weeks.

8. Google Analytics

👥 Affected: Website visitors (consent only) · 📓 Data: anonymised IP address, page views, session duration · 📅 Retention: 14 months · ⚖️ Legal basis: Art. 6(1)(a) GDPR

We use Google Analytics 4 for anonymised analysis of website usage. Google Analytics is only activated after your explicit consent via the cookie banner. IP addresses are anonymised before transmission. Data is transferred to Google servers in the USA on the basis of standard contractual clauses pursuant to Art. 46 GDPR.

Provider: Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland.
Privacy policy: policies.google.com/privacy
Opt-out: Google Analytics Opt-out Browser Add-on

9. Email marketing (Brevo)

👥 Affected: People who sign up for the starter guide · 📓 Data: email address · 📅 Retention: until withdrawal · ⚖️ Legal basis: Art. 6(1)(a) GDPR

When you sign up for our free TIMEBACK Starter Guide, your email address is transmitted to Brevo and stored there. The guide is delivered once by email. You will only receive further emails with your explicit consent. You can withdraw your consent at any time by clicking the unsubscribe link in the email.

Provider: Sendinblue SAS, 7 rue de Madrid, 75008 Paris, France.
Privacy policy: brevo.com/legal/privacypolicy

10. Payment processing (Copecart)

👥 Affected: Buyers of digital products · 📓 Data: name, email, payment data (processed directly by Copecart) · ⚖️ Legal basis: Art. 6(1)(b) GDPR

Purchases on this website are processed via Copecart. Payment data is processed directly by Copecart — we receive only a purchase confirmation. Copecart's own privacy policy applies.

Provider: CopeCart GmbH, Lindenstraße 2, 14467 Potsdam, Germany.
Privacy policy: copecart.com/datenschutz

11. Your rights

Under the GDPR you have the following rights:

Access (Art. 15 GDPR): Right to know what data we hold about you.
Rectification (Art. 16 GDPR): Right to correction of inaccurate data.
Erasure (Art. 17 GDPR): Right to deletion of your data ("right to be forgotten").
Restriction (Art. 18 GDPR): Right to restrict processing.
Data portability (Art. 20 GDPR): Right to receive your data in a common format.
Objection (Art. 21 GDPR): Right to object to processing based on legitimate interests.
Withdrawal: Consent can be withdrawn at any time without giving reasons.

To exercise your rights, contact: office@ap-it.at

You also have the right to lodge a complaint with the Austrian Data Protection Authority: www.dsb.gv.at

12. Data security

This website uses SSL/TLS encryption for all data transfers. We implement technical and organisational measures pursuant to Art. 25 GDPR ("data protection by design") to protect your data.

13. Updates to this policy

This privacy policy was last updated in March 2026. We reserve the right to update it in response to changes in our services or new legal requirements.