Privacy Policy

Last updated: January 22, 2026

1. Controller

The controller responsible for data processing on this website is:

Martin Doleschel, Adelheid-Popp-Gasse 8, 1220 Vienna, Austria. Email: hallo@unfallbericht.at

2. Data Collection

We collect and process the following personal data to provide our service:

  • Login data: Email address and name for user authentication
  • Profile information: Name, address, date of birth, phone number, driver's license data (number, class, issuing authority, validity), vehicle data (make, license plate), insurance data (insurer, contract number, green card)
  • Accident report data: Accident location (incl. GPS coordinates), date and time, damage descriptions, accident sketch, photos of damage and accident scene
  • Digital signatures: Signatures of both accident parties
  • Technical data: IP address, browser type, device type, operating system, access times

3. Cookies and Analytics

We only use cookies and analytics tools with your explicit consent:

  • Essential cookies: For basic website functions (login, language settings). These are required for operation and cannot be disabled.
  • Google Analytics: For analyzing website usage. Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Data may be transferred to the USA (see section 9).
  • Microsoft Clarity: For analyzing user behavior through heatmaps and session recordings. Provider: Microsoft Corporation. Data may be transferred to the USA (see section 9).

You can revoke or change your consent at any time via the cookie banner.

4. Data Processors and Third Parties

We use the following service providers to deliver our service:

  • Supabase Inc. (USA, with EU data center): Database and file storage (photos, signatures, PDFs)
  • Vercel Inc. (USA): Website hosting and delivery
  • Unione (EU): Email delivery (login confirmations, notifications)
  • Google Ireland Limited: Google Analytics (only with consent)
  • Microsoft Corporation: Microsoft Clarity (only with consent)

Data processing agreements according to Art. 28 GDPR are in place with all processors.

5. Advertising Partners and Sponsors

On certain pages (e.g., after completing an accident report), we display regional advertising partners. We collect:

  • Page views: Which partners were displayed on a page
  • Clicks: Whether a partner was clicked
  • PDF inclusion: Whether a partner appears in the generated PDF report

This data is used anonymously for billing purposes with our advertising partners. No connection to your personal data is made.

6. Legal Basis

Your data is processed on the following legal bases:

  • Art. 6 para. 1 lit. a GDPR (Consent): For analytics cookies and marketing
  • Art. 6 para. 1 lit. b GDPR (Contract fulfillment): For providing the accident report service
  • Art. 6 para. 1 lit. f GDPR (Legitimate interest): For technically necessary data processing and fraud prevention

7. Data Sharing

Your data is not sold to third parties. Sharing only occurs:

  • With the data processors mentioned in section 4
  • With the other accident party as part of joint report creation
  • When you forward the accident report to your insurance company yourself
  • When legally required by authorities

8. Retention Period

We only store your data as long as necessary:

  • Draft accident reports: Automatic deletion after 14 days of inactivity
  • Completed accident reports: 7 years (legal retention period for insurance documents)
  • User accounts: Until deletion by you or upon request
  • Analytics data: According to the respective provider policies (Google: 14 months, Clarity: 13 months)

9. International Data Transfers

Some of our service providers are based in the USA. Data transfers are based on:

  • EU Standard Contractual Clauses (SCCs)
  • EU-US Data Privacy Framework (for certified companies)

We ensure an adequate level of data protection.

10. Data Security

We protect your data through:

  • Encrypted data transmission (TLS/SSL)
  • Encrypted storage of sensitive data
  • Regular security updates
  • Access restrictions and authentication

11. Your Rights

You have the following rights regarding your personal data:

  • Right to access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)
  • Right to withdraw consent (Art. 7 para. 3 GDPR)

To exercise your rights, contact us at hallo@unfallbericht.at.

12. Right to Complain

You have the right to lodge a complaint with the competent supervisory authority:

Austrian Data Protection Authority (Österreichische Datenschutzbehörde), Barichgasse 40-42, 1030 Vienna, Austria. Email: dsb@dsb.gv.at, Website: www.dsb.gv.at

13. Changes to this Privacy Policy

We may update this privacy policy as needed. The current version is always available on this page. For significant changes, we will notify you by email.

14. Contact

For questions about data protection, contact us:

E-Mail: hallo@unfallbericht.at