PROSI’s Transparency


1. Information regarding the collection of personal data and contact data of the controller
  • Below, we will inform you of how we handle your personal data when you use our website. “Personal data” means all data that can personally identify you.
  • Under the General Data Protection Regulation (GDPR), Prosi Exotic Supermarket, Wimbergergasse 5, (U6 Burggasse - Stadthalle - Lift - Neubaugürtel 44), 1070 Vienna, AUSTRIA, e-mail:, is responsible for the data processing for this website. The controller for personal data is the natural person or legal entity that decides on the purposes and means of processing personal data – either alone or jointly with others.
  • This website uses SSL or TLS encryption for security reasons and to protect the transfer of personal data and other confidential content (such as orders or inquiries to controllers). In general, you can recognise encrypted connections by the character string https:// at the beginning of the URL and the lock symbol in your browser line.
2. Data collection when you visit our website

When you use our website for purely informational purposes, without registration or transmission of other information, we only collect so-called “server logfiles”, i.e. the data that your browser sends to our server. In general, this is only the data that is technically required to display the content of the website: date and time of the access, reference to how you reached our website, browser used, operating system and IP address.
Processing is done in accordance with Article 6(1)(f) GDPR based on our legitimate interests in improving the functionality and stability of our website. There is no further use or transfer of data. We only reserve the right to subsequently check the server logfiles if there is specific evidence of possible unlawful use.

3. Cookies

Please see our detailed Guidelines on Cookies for an explanation of data collection through the use of cookie.

4. Making contact

Personal data is collected when you contact us (e.g. by contact form or e-mail). The respective contact form indicates which personal data is collected via the contact form. The sole purpose of this data is to process your request or make contact, and it is only stored and used for these purposes and the related technical administration, based on Article 6(1)(f) GDPR. If you contact us with the intention of concluding a contract, your data is processed as a pre-contractual measure under Article 6(1)(b) GDPR. After your inquiry has been fully processed, your data is erased, if it is clear that the relevant matter has been fully clarified and no statutory retention obligation prevents erasure.

5. Data processing to open a customer account and implement a contract

When we are provided with personal data to implement a contract or open a customer account, it will continue to be collected and processed in accordance with Article 6(1)(b) GDPR. The respective form indicates which data is collected. The customer account can be deleted at any time if you send notice to the aforementioned address of the controller. The data you provide is stored and used for contract implementation. After deletion of the customer account or full implementation of the contract, your data will be blocked for the retention periods required by tax and commercial law and then erased after the expiration of the aforementioned periods, unless you expressly consent to further use of the data or we have retained the right to use the data as permitted by law. We provide you with details relating to the latter case below.

6. Comments function

Under the comments function of this website, the comments, information about the times the comments were created, and the given names of the commentators are stored and published on this website. Your IP address is also logged and stored in the course of this. The latter is only done as a precautionary measure in case the rights of third parties are violated by a comment or unlawful content is published. For this reason, we need your e-mail address if you use the comments function in case a third party complains that your published content is unlawful. The legal basis for this is Article 6(1)(b) GDPR. We reserve the right to delete comments alleged to be unlawful.

7. Transfer of data to service providers (processors)

The complexity of today’s data processing processes is the reason we utilise service providers to process your data. Many of these service providers are located outside the territory of the European Union or the European Economic Area. However, in all cases when service providers are used, we ensure that the European level of data protection is provided, and the European data security standard is followed. Please contact the person referred to above if you wish additional information, such as how and to what extent we process your data or transfer your data to service providers in your specific business case and what protection guaranties we have obtained.

8. Transfer of data to supervisory authorities and courts and other third parties

Our company is subject to numerous provisions of law. We may have to disclose the personal data of our customers to government authorities or courts in response to their inquiries. We only comply with such inquiries if we are required to do so by law. In all these cases, we always ensure that the law is followed and therefore your data is protected.

PROSI Pallikunnel KG
Wimbergergasse 5
1070 Vienna
UID-Nr.: ATU 47646301
Head office: Vienna
Company reg. no.: FN184677i