Privacy Policy

Protecting your personal data and privacy is of utmost importance to us at Maksu. This privacy policy informs you about how Maksu GmbH processes your personal data when you visit our website www.maksupay.com (the “Website”), use our services, or interact with us.

This policy is designed to maintain full transparency regarding the type, scope, and purpose of the personal data we process, in alignment with the EU General Data Protection Regulation (GDPR) and Austrian Data Protection Act (Datenschutzgesetz – DSG).

Controller and contact information

The data controller responsible for the processing of your data on this Website is:

Maksu GmbH

Millenium Tower 23rd and 24th Floor
Handelskai 94-96, 1200 Vienna, Austria

Email: policy@maksupay.com

Phone: +43 1 4120151

 

1.    General Data Processing on our website

A. Web server logs

When you access our Website, technical information about your visit is automatically stored as log files on our server. This data includes:

  • IP address of the requesting device
  • Data and time of the request
  • Name and URL of the retrieved file
  • Website from which access was made (referrer URL)
  • Browser type and version, as well as the operating system used

Legal Basis: Our legitimate interest pursuant to Art. 6(1)(f) GDPR (monitoring technical operations, optimizing website security, and preventing cyberattacks).

Storage duration: This data is processed exclusively for statistical and security purposes and is automatically deleted after 90 days, provided no legal obligations require its further retention.

B. Contact Form and Email Inquiries

If you contact us via a contact form on our Website or by email, the data you provide (e.g., name, company name, email address, phone number, company, industry, country, and content of your inquiry) will be processed by us.

Legal basis: Performance of a contract or pre-contractual measures pursuant to Art. 6(1)(b) GDPR, our legitimate interest in managing and responding to customer inquiries pursuant to Art. 6(1)(f) GDPR.

Storage duration: Your data will be deleted once your inquiry has been fully resolved, unless statutory retention periods apply.

 

2.    Cookie Management and Consent Framework

Our Website uses cookies and similar technologies (such as Local Storage and Session Storage) to ensure its secure, efficient operation and to analyse visitor behaviour.

  • Essential cookies: These cookies are strictly necessary for the technical functionality, security, and operation of our Website. They are processed based on our legitimate interest (Art. 6(1)(f) GDPR or 165 paragraph 3 of the Austrian Telecommunications Act (TKG 2021).
  • Analytical and tracking cookies: Cookies used for marketing, analytical tracking, and profiling purposes (including Google Analytics, LinkedIn Insight Tag, and Leadfeeder Lite) are only used if you have granted us your explicit, active consent.

Custom Consent Banner and Data Logging

We utilize a custom-built consent banner developed internally to collect and document your cookie preferences. When you interact with our cookie banner, the technical data required to prove your consent is securely processed and logged directly on our web servers. This data includes:

  • An anonymized or masked version of your IP address
  • The timestamp (date and time) of your interaction
  • Your specific selection (e.g., full consent, partial consent, or full rejection)
  • A randomly generated, unique consent ID key

This technical processing is strictly based on our legal obligation to demonstrate compliance with the GDPR (Art. 6(1)(c) GDPR in conjunction with Art. 7(1) GDPR). This data is kept strictly internal, is not shared with any third-party consent providers, and is automatically deleted after 12 months or as soon as you update your preference.

You can change or withdraw your consent settings at any time with future effect by clicking on Privacy Settings in the footer found at the bottom of our Website.

4. Third-Party Analytics and Tracking Services

If you grant your explicit consent via our cookie banner (Art. 6(1)(a) GDPR), we deploy the following third-party tracking services to evaluate user interactions and enhance our sales pipeline.

A. Google Analytics

This Website uses Google Analytics, a web analysis service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

Google Analytics utilizes cookies to analyze your use of our Website. The information generated by the cookie is generally transmitted to and stored by Google on servers in the United States. We use Google Analytics exclusively with IP anonymization activated. This means your IP address will be shortened by Google within member states of the European Union or other signatory states to the Agreement on the European Economic Area before transmission. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there.

Google uses this information on our behalf to evaluate website usage, compile activity reports, and provide related services.

  • Legal Basis: Your explicit consent pursuant to Art. 6(1)(a) GDPR.
  • Data Transfer out of the EU: As data may be processed on servers in the USA, Google relies on the EU-U.S. Data Privacy Framework.
  • Opt-Out: In addition to withdrawing your consent via our Cookie settings, you can prevent Google from collecting cookie-generated data by downloading and installing the browser plugin available here: https://tools.google.com/dlpage/gaoptout.

B. LinkedIn Insight Tag

We use the LinkedIn Insight Tag on our Website, a service operated by LinkedIn Ireland Supplemental Technologies Limited, Wilton Place, Wilton Place, Dublin 2, Ireland (“LinkedIn”).

The LinkedIn Insight Tag establishes a direct connection with the LinkedIn servers when you visit our Website. It enables us to collect data regarding your visit, including URL, referrer URL, IP address, device, browser characteristics, and timestamps. If you are a LinkedIn member, this data allows LinkedIn to track your professional demographic data (such as job title, company size, industry, and seniority) and display targeted advertisements to you on LinkedIn (retargeting).

LinkedIn does not share personal data with us; it only provides aggregated, anonymized reports about our website audience and ad performance.

  • Legal Basis: Your explicit consent pursuant to Art. 6(1)(a) GDPR.
  • Data Retention: The data is anonymized within 7 days by LinkedIn and automatically deleted within 90 days.
  • Opt-Out: LinkedIn members can control the use of their personal data for advertising purposes directly within their account settings via this link: https://www.linkedin.com/psettings/guest-controls/retargeting-cookies.

C. Leadfeeder Lite

To complement our web analytics and enhance our business-to-business (B2B) sales outreach, we use Leadfeeder Lite, a lead generation tool operated by Dealfront Group GmbH, Durlacher Allee 73, 76131 Karlsruhe, Germany (formerly operated via Liidio Oy / Leadfeeder, Finland).

Leadfeeder Lite accesses the data collected via our deployment of Google Analytics and matches the shortened IP addresses against a global database of publicly available company information. Leadfeeder Lite helps us identify corporate visitors (the names of businesses, corporate domains, and the specific pages viewed) so we can see which companies are interacting with our Website.

Important Note: Leadfeeder Lite is configured to filter out residential or individual IP addresses. It does not identify individual web visitors or collect personally identifiable information (PII) of specific persons; it only processes business-level and company-related data.

  • Legal Basis: Your explicit consent to tracking and analytics cookies pursuant to Art. 6(1)(a) GDPR.
  • Opt-Out: You can object to the collection of data by Leadfeeder at any time by following the opt-out mechanism provided directly by the vendor: https://www.dealfront.com/privacy-policy/ (or specific opt-out links provided in their documentation).

5. Your Rights as a Data Subject

Under the GDPR and the Austrian Data Protection Act (DSG), you possess the following comprehensive rights regarding your personal data:

  • Right of Access (Art. 15 GDPR): You have the right to obtain confirmation as to whether or not your personal data is being processed, and to receive a copy of that data.
  • Right to Rectification (Art. 16 GDPR): You have the right to request the immediate correction of inaccurate or incomplete personal data.
  • Right to Erasure / “Right to be Forgotten” (Art. 17 GDPR): You have the right to request the deletion of your personal data under certain conditions (e.g., if the data is no longer required for its original purpose).
  • Right to Restriction of Processing (Art. 18 GDPR): You can request that we restrict the processing of your data in specific scenarios.
  • Right to Data Portability (Art. 20 GDPR): You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
  • Right to Object (Art. 21 GDPR): You have the right to object at any time to data processing carried out based on our legitimate interests (Art. 6(1)(f) GDPR).
  • Right to Withdraw Consent (Art. 7(3) GDPR): If a processing activity is based on your consent, you can withdraw this consent at any time with future effect.

To exercise any of these rights, please contact us using the information provided in Section 1.

Right to Lodge a Complaint

If you believe that the processing of your personal data violates data protection regulations, you have the right to lodge a complaint with a supervisory authority. In Austria, the competent authority is:

Österreichische Datenschutzbehörde (DSB) Barichgasse 40-42

1030 Vienna, Austria

Email: dsb@dsb.gv.at

Website: https://www.dsb.gv.at

6. Updates to this Privacy Policy

We reserve the right to modify this Privacy Policy from time to time to reflect technical modifications, updates to our analytics suite, or amendments to European and Austrian legislation. The current version will always be accessible directly on this page.

Last update: 21 May 2026