Privacy Policy

Statement on our informational requirements

1 Controller


The Controller pursuant to Art. 4 (7) of the General Data Protection Regulation (GDPR) is


Ithuba Capital AG

Stallburggasse 4, A-1010 Vienna 

Tel.: +43 1 512 38 83 - 0

Fax : +43 1 512 38 83 – 300



2 Processing of personal data of interested parties, customers, suppliers and business associates


We store data provided to us by interested parties, customers, suppliers or business associates when they furnish their details to us, for example in the context of an enquiry by e-mail or in order to conclude a contract or initiate business relations. This includes, for example, first and last name, address and e-mail address, telephone number, bank details, contract data.                  


Personal data will only be passed on by us to third parties where this is necessary for performing the contract or to comply with statutory requirements or – beyond the foregoing – only on the basis of the consent of the Data Subject. Where necessary, we will have concluded legally compliant contract data processing agreements with all third parties.                                        


The data will be erased by us as soon as storage is no longer required or the legal retention periods, such as, for example, the record-keeping duties under VAT law, have expired. If the basis for processing is the consent of the Data Subject, we shall erase the data upon receiving notice of withdrawal of consent, except where statutory rules militate against doing so.     


The basis for our data processing is                     

  • initiation and performance of contracts in accordance with Art. 6 (1) (b) GDPR in order to be able to process your enquiries to your complete satisfaction.
  • statutory obligations under Art. 6 (1) (c) GDPR which we must perform, such as statutory storage and documentation duties.
  • legitimate interests of our company within the meaning of Art. 6 (1) (f) GDPR,        
  • Art 6 (1) (a) GDPR when obtaining consent.             


3 Collection of personal data when you visit our website  


3.1    Informational use of the website                    


If you use our website for informational purposes only, we will only collect the personal data that your browser sends to our server. If you wish to view our website, we will, at most, collect those data that we technically require in order to display our website and ensure its stability and security:

  • IP address
  • Date and time of the request
  • Time zone difference relative to Greenwich Mean Time (GMT)
  • Contents of the request (specific web page)                     
  • Access status/HTTP status code
  • Website from which the request came           
  • Browser
  • Operating system and its interface          
  • Language and version of browser software

Legal basis: Art. 6 (1) (f) GDPR            


4 Cookies


In addition to the data referred to above, cookies will be stored on your computer when you visit our website. Cookies are small text files that are stored on your hard drive, and assigned to the browser which you are using and by which certain information flows to the site that sets the cookie (in this case: us). Cookies cannot execute programs or transfer viruses to your computer.


The cookie enables you to be recognised when you visit the website without having to re-enter data you have already entered previously.            


The information contained in these cookies is used, for example to determine whether you are logged in or what data you have already entered or to recognise you as a user when a connection is established between our web server and your browser. Most web browsers automatically accept cookies.


By using our website, you agree to the use of these cookies, to the extent that your browser settings are set to accept cookies.  


4.1    Transient cookies

Transient cookies are automatically deleted when you close the browser. These include, in particular, session cookies. These store a so-called session ID, by which various requests from your browser can be assigned to the shared session. This allows your computer to be recognised when you return to our website. Session cookies are deleted when you log out or close the browser.  


4.2    Persistent cookies          

Persistent cookies are automatically deleted after a specified period of time, which may vary depending on the cookie. You may delete the cookies in the security settings of your browser at any time.        


4.3    Third-party cookies           

These originate from providers other than the operator of the website. For example, they may be used to collect information for advertising, customised content and web statistics.


4.4    Browsers

Most browsers are set by default to accept all cookies. You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, or exclude acceptance of cookies in certain cases or in general, and activate automatic deletion of cookies when you close your browser. If you deactivate cookies, the functionality of our website may be limited.


You may remove cookies stored on your PC at any time yourself by deleting the temporary Internet files.      


Legal basis: Art. 6 (1) (f) GDPR (for technical cookies), Art. 6 (1) (a) (for all other cookies).  


5 Server log files


In order to optimise this website in terms of system performance, user-friendliness and the provision of useful information about our services, the provider of the website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. This includes the Internet protocol address (IP address) of the requesting computer (including mobile devices), browser and language setting, operating system, referring URL, your Internet service provider and the date/time.              


This data is not merged with sources of personal data. We reserve the right to check this data retrospectively if we become aware of concrete indications of illegal use and to pass the data on to law enforcement authorities if there has been a hacking attempt. No further forwarding to third parties will take place.


Legal basis: Art. 6 (1) (f) GDPR     


6 Use of data for Google services      


Google Ireland Limited (“Google“), a company incorporated and operated under Irish law (Registration Number 368047), with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland, is committed to complying with the EU-US Privacy Data Shield Agreement published by the US Department of Commerce regarding collection, use and storage of personal data from EU Member States. Google, including its wholly-owned subsidiaries in the United States, has confirmed by its certification that it complies with the relevant Privacy Shield principles. You may view Google’s Privacy Shield certification here. This applies to all Google services listed below.


6.1    Google Analytics

This website uses the functionality “Activation of IP anonymisation” (i.e. Google Analytics has been extended by the code “gat._anonymizeIp();“ to ensure anonymous collection of IP addresses (so-called IP masking). As a result, your IP address is truncated beforehand by Google within European Union Member States or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will your full IP address be transferred to a Google server in the United States and truncated there.


According to information from Google, Google will use the information obtained to evaluate your use of the website, to compile reports on website activities and to provide us with further services associated with the website and Internet use. The IP address transmitted by your browser in conjunction with Google Analytics is not merged with other Google data. Google may, however, transfer this information to third parties if this is legally required or if third parties process this data on behalf of Google. You may prevent the storage of cookies by adjusting your browser software accordingly. However, we would like to point out that, in this case, you may not be able to use all of the functionalities of this website to their full extent. You may also prevent Google from collecting data generated by cookies and related to your use of the website (including your anonymised IP address) and from processing that data by downloading and installing the browser plug-in available at the following link (

You can find more information about the terms of use and data protection at and at


6.2    Google Tag Managers

We use the so-called Google Tag Manager to detect your user behaviour. The Google Tag Manager is a solution that allows marketers to manage website tags via a single interface. The tool itself (which implements the tags) is a cookie-free domain and does not collect any personal data. The tool triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. If disabled at the level of the domain or cookie, it will remain disabled for all tracking tags implemented by Google Tag Manager.

For more detailed information, please visit:


Legal basis: Art. 6 (1) (a) GDPR   


7 Content Delivery Network of Cloudflare 


Our website uses a so-called “Content Delivery Network“ (CDN) from the company Cloudfare, Inc., 101 Townsend Street, San Francisco, CA 94107, USA. This is certified under the Privacy Shield Agreement which furnishes a guarantee that it complies with the GDPR ( The CDN service enables faster delivery of the content of our website.                    


Further information may be found in Cloudfare’s privacy policy:


Legal basis: Art. 6 (1) (a) GDPR      


8  Your rights


You have the following rights in relation to the personal data concerning you:

  • Right of access, right to rectification and right to erasure  
  • Right to restriction of processing                       
  • Right to object to processing                        
  • Right to data portability     

Please direct your enquiries and requests by e-mail to or by contacting us using the contact details provided.             


If you believe that we have violated Austrian or European data protection law in processing your data and have thereby infringed on your rights, we would request that you contact us in order to clarify any questions you may have.   


You also have the right to lodge a complaint with the supervisory authority, which is the Austrian Data Protection Authority:   


Austrian Data Protection Authority, Barichgasse 40 – 42, 1030 Vienna, Telephone: +43 1 52 152-0




9 Changes to this privacy policy


We reserve the right to adapt our privacy policy from time to time. All changes to this policy will be published by us on this website. Please note the current version of our privacy policy.


10 Disclaimer of liability


Ithuba Capital AG accepts no responsibility for the content of external websites to which links are provided. The operators of those linked sites are solely responsible for their content.