IMPRINT

Information pursuant to § 5 ECG (E-Commerce Act) and § 25 MedienG (Media Act)

COMPANY INFORMATION

───────────────────

Company:       C5H GmbH, Stockreit 5, 83324 Ruhpolding

Legal form:      Gesellschaft mit beschränkter Haftung (GmbH)

Managing Director:  Curt Simon Harlinghausen

Commercial Register: Amtsgericht Traunstein HRB 29685

Website:       www.c5h.at

DISPUTE RESOLUTION

──────────────────

The European Commission provides an online platform for out-of-court dispute

resolution (OS platform): https://ec.europa.eu/consumers/odr

C5H GmbH does not participate in consumer arbitration proceedings pursuant to

the Alternative Dispute Resolution Act (AStG) and is not obligated to do so.

We are neither willing nor obliged to participate in such proceedings.

CONTENT RESPONSIBILITY

──────────────────────

All content on this website has been created with the utmost care.

Nevertheless, C5H GmbH assumes no liability for the accuracy, completeness,

or timeliness of the information provided. This website may contain links to

external third-party websites. C5H GmbH has no influence over the content of

linked external sites and cannot be held responsible for them. At the time of

linking, these sites were checked for potential legal violations and no such

violations were evident.

COPYRIGHT

─────────

All content published on this website — including texts, graphics, logos,

images, and software — is the intellectual property of C5H GmbH or its

respective rights holders and is protected under Austrian and international

copyright law. Any reproduction, distribution, or public communication of

content without the express written consent of C5H GmbH is prohibited.

DISCLOSURE PURSUANT TO § 25 MEDIA ACT (MedienG)

─────────────────────────────────────────────────

Media owner:  C5H GmbH (address as above)

Purpose:    Company website for the presentation of services in the field

        of Human & AI Enablement, digital strategy, consulting, and

        training.

Basic tendency: Informational and commercial — presentation of C5H GmbH

        services, thought leadership, and client engagement.

PART 2 — PRIVACY POLICY

Pursuant to GDPR (EU) 2016/679 and the Austrian Data Protection Act (DSG 2018)

1. DATA CONTROLLER

──────────────────

The controller responsible for processing personal data on this website within

the meaning of Art. 4 No. 7 GDPR is the C5H GmbH

2. DATA PROTECTION OFFICER

───────────────────────────

C5H GmbH is not currently required to appoint a Data Protection Officer.

3. WHAT DATA WE COLLECT AND WHY

────────────────────────────────

3.1 Server Log Files

When you visit our website, our web server automatically records the following

data:

- IP address (anonymised after 7 days)

- Date and time of the request

- Page accessed / URL

- HTTP status code and data volume transferred

- Referring URL (if applicable)

- Browser type, version, and operating system

Legal basis: Art. 6(1)(f) GDPR — legitimate interest in ensuring the secure

       and error-free operation of our website.

Retention:  30 days, then automatically deleted.

3.2 Contact Form & Email Inquiries

When you contact us via our contact form or by email, we process the data

you provide (name, email address, message content, and any other information

you choose to share) for the sole purpose of responding to your inquiry.

Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures) or

       Art. 6(1)(f) GDPR (legitimate interest in responding to

       communications).

Retention:  Deleted after 3 years unless a contractual relationship is

       established, in which case statutory retention periods apply

       (7 years under Austrian UGB).

3.3 Cookies

Our website uses cookies. We distinguish between:

- Technically necessary cookies: Required for the basic functioning of the

 website (session management, security). No consent required —

 Art. 6(1)(f) GDPR.

- Analytics cookies: [If used, e.g. Google Analytics / Matomo — describe here,

 or remove if not applicable.] Legal basis: Art. 6(1)(a) GDPR (consent via

 cookie banner).

3.6 External Fonts & Embedded Content

This website may load fonts and other resources from external servers. When

your browser retrieves these resources, your IP address may be transmitted to

the respective provider. We use local hosting of fonts where possible to

minimise external data transfers.

Legal basis: Art. 6(1)(f) GDPR.

4. DATA SHARING & THIRD PARTIES

────────────────────────────────

We do not sell personal data. We share data only where necessary:

- Hosting / IT service providers acting as data processors under Art. 28 GDPR

 data processing agreements: DF.eu

- Legal obligation: if required by law or court order.

- Business partners: only with your prior explicit consent.

If data is transferred outside the European Economic Area (EEA), we ensure

adequate protection through Standard Contractual Clauses (SCCs) pursuant to

Art. 46 GDPR or equivalent safeguards.

5. YOUR RIGHTS UNDER THE GDPR

──────────────────────────────

As a data subject, you have the following rights under the GDPR and the

Austrian Data Protection Act (DSG 2018):

- Right of access (Art. 15 GDPR): obtain a copy of your personal data.

- Right to rectification (Art. 16 GDPR): correct inaccurate or incomplete data.

- Right to erasure (Art. 17 GDPR): request deletion ("right to be forgotten").

- Right to restriction (Art. 18 GDPR): restrict the processing of your data.

- Right to data portability (Art. 20 GDPR): receive your data in a

 machine-readable format.

- Right to object (Art. 21 GDPR): object to processing based on legitimate

 interest.

- Right to withdraw consent (Art. 7(3) GDPR): withdraw any consent at any

 time without affecting the lawfulness of prior processing.

- Right to lodge a complaint (Art. 77 GDPR): file a complaint with the

 supervisory authority (see Section 6).

To exercise any of these rights, please contact: privacy@c5h.at

We will respond within one month (extendable by two further months for complex

requests, with prior notice).

6. SUPERVISORY AUTHORITY

─────────────────────────

You have the right to lodge a complaint with the Austrian Data Protection

Authority at any time:

Österreichische Datenschutzbehörde (DSB)

Barichgasse 40–42

1030 Vienna, Austria

Phone:  +43 1 52 152-0

Email:  dsb@dsb.gv.at

Website: www.dsb.gv.at

7. DATA SECURITY

────────────────

C5H GmbH implements appropriate technical and organisational security measures

in accordance with Art. 32 GDPR to protect your personal data against

accidental or unlawful destruction, loss, alteration, unauthorised disclosure,

or access. These include:

- TLS/SSL encryption for all data transmitted via this website

- Access controls and authentication mechanisms

- Regular security reviews and staff awareness training

- Data minimisation and pseudonymisation where applicable

In the event of a personal data breach, we will notify the competent

supervisory authority within 72 hours and affected individuals where required

under Art. 33–34 GDPR.

8. AUTOMATED DECISION-MAKING & PROFILING

──────────────────────────────────────────

C5H GmbH does not engage in automated decision-making or profiling within the

meaning of Art. 22 GDPR that produces legal or similarly significant effects

on individuals.

9. CHILDREN'S PRIVACY

──────────────────────

Our services are not directed at individuals under the age of 16. We do not

knowingly collect personal data from minors. If we become aware that a minor

has submitted personal data without appropriate parental consent, we will

delete such data promptly.

10. CHANGES TO THIS PRIVACY POLICY

────────────────────────────────────

We reserve the right to update this Privacy Policy to reflect changes in legal

requirements, our services, or our data processing practices. The current

version is always available at www.c5h.at/privacy. We recommend reviewing

this page periodically.

Last updated: 26th of March 2026

© 2026 C5H GmbH · All rights reserved · www.c5h.at