PRIVACY POLICY

Last updated: February 2026

1. Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) is:

IR-WORLD.com Finanzkommunikation GmbH
Wickepointgasse 13
A-4611 Buchkirchen
Austria
Email: office@ir-world.com
Phone: +43 7242 211930

This Privacy Policy applies to the following websites:

  • irw-press.com
  • smallcap-investor.com
  • investor-sms.com
  • and all other online services that refer to this Privacy Policy.

2. Nature of Our Services

We operate a digital news and information platform focused on:

  • the distribution of corporate announcements of publicly listed companies
  • the publication of editorial content (articles, interviews, analyses, etc.)

Responsibility for Third-Party Content

Some of the content published on our platforms originates from issuers or cooperation partners.

The respective publishing company is solely responsible for ensuring the legality of any personal data contained in such content.

Journalistic Processing

Where personal data is processed for journalistic purposes, this is carried out in accordance with Article 85 GDPR in conjunction with applicable national media and data protection laws.

3. Processing of Personal Data

We process personal data only in compliance with applicable legal provisions.

3.1 Accessing the Website (Server Log Files)

When accessing our website, the following data is automatically collected:

  • IP address
  • date and time of access
  • accessed page/file
  • referrer URL
  • browser type and version
  • operating system

Processing is carried out for:

  • providing the website
  • ensuring IT security
  • preventing misuse and fraud

Legal basis: Article 6(1)(f) GDPR (legitimate interests).

3.2 Contacting Us

When you contact us (e.g., via email or contact form), we process:

  • name
  • email address
  • phone number
  • message content

Purpose: handling your request.

Legal basis: Article 6(1)(b) or (f) GDPR.

3.3 Registration and Contractual Services

When registering or using paid services, we process:

  • contact details
  • contract data
  • billing data

Legal basis: Article 6(1)(b) GDPR.

4. Cookies and Consent Management

We use cookies and similar technologies.

Necessary Cookies

These are required for:

  • secure operation
  • session management
  • storing cookie preferences

Legal basis: Article 6(1)(f) GDPR.

Consent-Based Cookies

Statistical, marketing, and external media cookies are only set with your explicit consent.

We use the consent management tool:

Borlabs Cookie

This tool stores and documents your consent in compliance with data protection regulations.

Legal basis: Article 6(1)(a) GDPR.

Language Management (Polylang)

We use the “Polylang” plugin to provide multilingual content.

Polylang sets a cookie (“pll_language”) to store your selected language preference.

This cookie does not collect personal data and no data is transmitted to external servers.

Storage duration: typically up to 1 year.

Legal basis: Article 6(1)(f) GDPR (necessary functionality).

5. Google Analytics (GA4)

We use Google Analytics 4, a web analytics service provided by:

Google Ireland Limited
Gordon House, Barrow Street
Dublin 4, Ireland

Google Analytics uses cookies to analyze website usage.

We use Google Analytics with IP anonymization enabled.

Collected data may include:

  • page views
  • time spent on pages
  • user interactions
  • device information
  • approximate location

We have entered into a data processing agreement with Google.

Legal basis: your consent pursuant to Article 6(1)(a) GDPR.

Data may be transferred to the United States. Google is certified under the EU-U.S. Data Privacy Framework.

You can withdraw your consent at any time via the consent tool.

6. Google Fonts

We use Google Fonts hosted locally on our servers.

No connection to Google servers is established.

No personal data is transmitted to Google.

7. Newsletter and Alerts

Our newsletters are sent through an internal system based on WordPress.

No data is transferred to external newsletter service providers.

Registration is carried out using a double opt-in procedure.

Processed data includes:

  • email address
  • optionally name
  • IP address
  • time of registration

Newsletter Tracking

Our newsletters contain tracking pixels that allow us to analyze:

  • opening rates
  • click behavior
  • user interactions

The analysis is carried out in a pseudonymized form and serves to optimize our services.

Legal basis: Article 6(1)(a) GDPR (consent).

You can unsubscribe at any time via the unsubscribe link.

Forms (Fluent Forms)

We use the “Fluent Forms” plugin to process contact requests and newsletter subscriptions.

Data processing is carried out exclusively on our own servers.

No data is transmitted to third parties.

8. Embedded External Content and Social Media

Our websites may include content from the following platforms:

  • YouTube
  • X (formerly Twitter)
  • Facebook
  • Instagram

Content is only loaded after you have given your consent via the consent tool.

Once activated, a connection to the respective platform’s servers is established.

The following data may be transmitted:

  • IP address
  • browser information
  • existing login credentials

If you are logged into one of these platforms, your visit to our website may be associated with your user account.

Data may be transferred to the United States. Where applicable, this is based on the EU-U.S. Data Privacy Framework.

Legal basis: Article 6(1)(a) GDPR.

9. External Links

Our websites may contain links to external websites.

We have no control over the processing of personal data on those websites. The respective provider is solely responsible.

We recommend reviewing the privacy policies of those websites.

10. Content Delivery Network (CDN)

We currently do not use an external Content Delivery Network (CDN).

Should we use a CDN in the future, processing will be based on Article 6(1)(f) GDPR.

11. Hosting

Our websites are hosted by a provider located within the European Union.

We have concluded a data processing agreement pursuant to Article 28 GDPR.

12. Recipients and Data Processors

We use external service providers, in particular:

  • hosting providers
  • IT service providers
  • analytics providers
  • payment providers

These providers are contractually obligated to comply with data protection regulations.

A list of specific service providers can be provided upon request.

13. International Data Transfers

Where we use service providers outside the European Economic Area (particularly in the United States), data transfers are carried out only on the basis of:

  • an adequacy decision (e.g., EU-U.S. Data Privacy Framework)
  • or standard contractual clauses pursuant to Article 46 GDPR

We ensure an adequate level of data protection.

14. Data Retention

Personal data is stored only for as long as:

  • necessary for the respective purposes
  • required by legal retention obligations

15. Your Rights

You have the right to:

  • access (Art. 15 GDPR)
  • rectification (Art. 16 GDPR)
  • erasure (Art. 17 GDPR)
  • restriction of processing (Art. 18 GDPR)
  • data portability (Art. 20 GDPR)
  • object (Art. 21 GDPR)

You may withdraw your consent at any time with future effect.

Contact: office@ir-world.com

16. Right to Lodge a Complaint

Austrian Data Protection Authority (DSB)
Barichgasse 40–42
1030 Vienna
www.dsb.gv.at

17. Data Security

We implement appropriate technical and organizational measures to protect personal data against loss, manipulation, and unauthorized access.

18. Changes to this Privacy Policy

We reserve the right to amend this Privacy Policy at any time.

The current version is available on our websites.