2. Responsible Organization
Below you can find the contact information regarding the controllor of processing as well as the data protection manager.
Johann Steinböck-Straße 5
2344 Maria Enzersdorf
3. Safety Precautions
We take organizational, contractual and technical safety precautions according to the state of the art to make sure to comply with formalities of the data protection laws as well as protection of the data used by us against incindental or deliberate manipulation, loss, destruction or unauthorized access. The safety measures notably include the encrypted transmission of all data between your browser and our server.
4. Information Disclosure involving third parties
Personal data will only be transferred to third parties if it is necessary – for instance if required for contractual purposes in accordance to DSGVO Art. 6 para1 lit. b, or on the basis of legitimate interests of economic and efficient operations for our business in accordance to DSGVO Art. 6 para. 1 lit. f. While commissioning subcontractors to provide our services, we take legal precautions as well as technical and organizational measurements to ensure the safety of personal data in accordance with the data protection law.
When contacting us (via mail) the users information regarding the processing of your contact request will be used in accordance to DSGVO Art. 6 para. 1lit.b.
6. Survey of Access Data and Logfiles
We collect data on the basis of legitimate interests in accordance to DSGVO Art. 6 para. 1 lit. f. about every access to the server in service (so-called server log files). The access data include the name of the requested website, data file, date and time of access, transferred amount of data, message about successfull call, browser type version, the users` operating system, referrer URL (previously visited page), IP-adress as well as the requesting provider. For safety reasons (f.e. for the purpose of clearing up misuse or fraud in connection with the access) log file informations are stored for a maximum of seven days and deleted afterwards. Data, for which a storage for evidence is neccessary, is excluded from erasure until clarification of the incident.
7. Cookies & Range-Measurement
8. Facebook Plugins
9. Google Analytics
10. Third Party Services and Content
Based on our legitimate interest (interest of analysis, economic and efficient operations for our online services in accordance to DSGVO Art. 6 para. 1 lit. f.) we use third party content offerings and services to corporate their content offerings and services, for instance corporating videos and fonts (throughout consistently used as content). This assumes that third parties of this content use the user’s IP-adress because the content can’t be sent to the browser without an IP-adress. Therefore an IP-adress is needed for displaying content. We endeavour to only use content, where the provider merely uses an IP-adress for delivering content. Third parties can use so called Pixel-Tags (invisible graphics or code, also known as „Web Beacons“) as well for stastical or marketing purposes. With the help of „Pixel-Tags“ information like traffic of visitors can be analyzed on subsites of the website. The pseudonymous data can be stored in cookies on the user’s device and include technical information about the browser and operating system, referring websites, time of access, as well as further information about usage of our online services. This information is used to be connected with other information from different sources. The following description gives an overview over third parties and their respective content, including a link to their respective privacy policies, which contains further information on data processing and, as partly mentioned above, contradictory possibilites (so called Opt-Out):
11. User Rights
Upon request users have the right to receive information on the stored personalised data free of charge. Further users have the right on rectification of incorrect data, limitations of processing and deletion of personalised data if they assert their rights to data portability and lodge a complaint with the competent regulatory authority in the event of unlawful processing. Likewise, users can revoke consent generally with implications for the future.
12. Deletion of Data
The deletion of data secured by us takes place, when it is no longer required for its intended purpose and provided that there are no statutory storage obligations objecting to the erasure. If a user’s data is not deleted, because it is needed for other legal purposes, the processing will be limited. This means that the data will be locked and not be used for other purposes, which applies to user data which has to be stored on the basis of comercial or fiscal reasons. In principle, the storage of the data takes place for up to 10 years.
13. Right of Objection
Users have the right to object future processing of their personalised data at any time according to legal guidelines. Especially an objection to processing data for direct advertising can be made.