Data protection declaration
1) Legal information according to GDPR
a) Information according to Article 13 of the GDPR (General Data Protection Regulation)
By means of this data protection declaration, the responsible person would like to inform the readers and users of the websites about the type, scope and purpose of the personal data processed. Furthermore, data subjects/users are informed of their rights by means of this data protection declaration.
b) Controller as described in Article 24 of the GDPR
Eisenbeiss GmbH (hereinafter EISENBEISS, we or controller)
c) Data protection declaration
Our data protection declaration explains the following;
- what information we collect and for what reason;
- how we use this information;
- what choices we offer, including how information can be accessed and updated;
We have tried to make this declaration as straightforward as possible.
d) Legal grounds for processing
The controller processes personal data exclusively on one of the following legal grounds:
- Your consent
- On a contract basis
- In a legitimate interest
On the website, data is processed exclusively based of the legal provisions (DSGVO, TKG 2003).
In the case of the use of analysis tools, the use of data is based on Art. 6 para. 1 lit f) (legitimate interest) DSGVO. The legitimate interest in the use of data is the improvement of the website and the measurement of the success of online advertising.
The use of IT data security measures is also based on Art 6 (1) (f) (legitimate interest) DSGVO. The legitimate interest in the use of data is the safeguarding of our own IT systems.
e) How do we protect your personal data?
In order to guarantee the security of your personal data, we have introduced a number of technical and organisational measures in accordance with Article 32 of the GDPR. Your personal information is stored on secure networks that can only be accessed by a limited number of people who have special access rights and are committed to respecting and maintaining the confidentiality of that information. Despite these measures, each time you provide personal information via the Internet, there is a risk that it may be intercepted and used by third parties outside our control. Although we do everything in our power to protect your personal information and privacy, we are not in a position to guarantee the security of the information you provide via the Internet.
Data security measures:
- We encrypt many of our services using SSL
- User authentication controls
- Secure network infrastructures
- Restricting access to personal data
- Employee Code of Conduct
- Obligation to ensure data secrecy
f) Who has access to your personal data and how far does this access reach?
EISENBEISS can have the personal data processed by contract processors. The processing of personal data takes place exclusively on our instructions and for the purposes that are defined in advance.
Apart from your personal data and the use of your personal data for the purposes described above, we do not sell or trade your personal data or disclose it to third parties without informing you in advance and in accordance with current data protection legislation.
2) Retention of personal data
In accordance with applicable law, we are obliged pursuant to Art. 5 para. 1 lit. of the GDPR to delete your data if the purpose no longer exists and there is no legal basis for retaining the data.
Data will be stored and kept by us in person-related form until the termination of the business relationship or until the expiry of applicable warranty, guarantee or limitation periods; moreover, until the termination of any legal disputes in which the data is required as evidence; or until the expiry of the third year after the last contact with a business partner.
3) Affected rights
You are entitled to the following rights as a data subject within the scope of the GDPR.
- RIGHT OF ACCESS (Art. 15 GDPR)
- RIGHT TO VERIFICATION (ARTICLE 16 GDPR)
- RIGHT TO ERASURE (RIGHT TO BE FORGOTTEN) (ARTICLE 17 GDPR)
- RIGHT TO RESTRICTION OF PROCESSING (ARTICLE 18 GDPR)
- RIGHT TO DATA PORTABILITY (ARTICLE 20 GDPR)
- RIGHT TO OBJECT (ARTICLE 21 GDPR)
- RIGHT TO WITHDRAW CONSENT (ARTICLE 7 PARAGRAPH 3 GDPR)
- RIGHT TO LODGE A COMPLAINT (ARTICLE 77 GDPR)
If you have any questions regarding data protection or the exercise of the rights described above, please contact us as follows:
- by email: dsgvo@EISENBEISS.at*
- by mail: Eisenbeiss GmbH, Lauriacumstrasse 2, 4470 Enns, department data protection *
*Please include a copy of your official ID or passport.
Without prior successful identity verification, we will not be able to process the inquiry. For this reason, we ask you to support the identity verification process accordingly.
If you come to the conclusion that the processing of your data violates data protection regulations or your data protection claims have otherwise been violated in any way, you can complain to the supervisory authority. In Austria, this is the data protection authority, Wickenburggasse 8, 1080 Vienna.
4) Data transfer / Data transmission
a) Data transfer to third parties
Your personal data will not be transferred to third parties for purposes other than those listed below.
We will only pass on your personal data to third parties if:
- You have given your express consent in accordance with article 6 paragraph 1 sub-paragraph (a) of the GDPR,
- the transfer in accordance with article 6 paragraph 1 sub-paragraph (f) of the GDPR is necessary to safeguard operational interests and to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding interest worthy of protection in your data not being transferred,
- tn the event that there is a legal obligation to transfer data pursuant to article 6 paragraph 1 sub-paragraph (c) of the GDPR, and
- this is legally permissible and necessary for the execution of contractual relationships with you pursuant to article 6 paragraph 1 sub-paragraph (b) of the GDPR.
The controller may share your personal data with suppliers who provide services on our behalf in accordance with our instructions.
The controller may also share your personal data with our affiliate companies and partners.
In addition, the controller may disclose your personal information if we are required to do so by law, regulation or governmental authority, or if we believe that disclosure is necessary or appropriate to prevent physical damage or financial loss.
The controller reserves the right to transfer personal data we have about you when we sell or transfer all or part of our business or assets (including in the event of restructuring, dissolution or liquidation).
b) Data transmission
EISENBEISS may also transfer your personal data to countries outside the country where the information was originally collected. These countries may not have the same data protection laws as the country in which you originally provided the personal data. When we transfer your information to other countries, we protect that information as described in this data protection declaration, and these transfers are governed by the relevant applicable law.
The countries to which we share personal data are located
- within the European Union or
• outside the European Union
If we transfer personal data from the European Union to countries or international organisations outside the European Union, the transfer takes place on the following basis:
- An adequacy decision by the European Commission;
- In the absence of such a requirement for other legally permissible reasons, such as the existence of a legally binding and enforceable document between authorities or public bodies, binding internal company rules, standard data protection clauses and approved or certified codes of conduct.
In exceptional cases, data may also be transmitted on the basis of article 49 of the GDPR:
- Article 49 paragraph 1 sub-paragraph (a) of the GDPR
the data subject has given his or her explicit consent to the proposed data transfer after having been informed of the potential risks to him or her of such data transfers without an adequacy decision and without appropriate safeguards,
- Article 49 paragraph 1 sub-paragraph (b) of the GDPR
the transfer is necessary for the fulfilment of a contract between the data subject and the controller or for the implementation of pre-contractual measures at the request of the data subject,
- Article 49 paragraph 1 sub-paragraph (c) of the GDPR
the transfer is necessary for the conclusion or fulfilment – in the interest of the data subject – of a contract concluded by the person responsible with another natural or legal person,
5) Data collection and processing
Server log files
When you visit this website, the browser used on your terminal device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. The following information will be collected without your intervention and stored until it is erased automatically:
- IP address of the computer sending the request,
- date and time of access,
- name and URL of the file called,
- website from which access is made (referrer URL),
- the browser used and, if applicable, the operating system of your computer as well as the name of your access provider.
The possibility of using this data on the legal basis pursuant to article 6 paragraph 1 sub-paragraph (f) of the GDPR for purposes such as
- ensuring smooth connection to the website,
- ensuring convenient use of our website,
- the evaluation of system safety and stability as well as
- for other administrative purposes
is currently being implemented by us. The collected data will under no circumstances be used to draw conclusions about your person.
We collect certain information when you visit our websites. This information is referred to as a „cookie“. Together with the information you have provided us with, we can optimise your visits to our website even better to even better match your needs.
Cookies are small files that allow specific information related to you, the user, to be stored on your PC or digital device while you are visiting the websites. The website uses or sets cookies in accordance with legislation under EU law and Austrian law (article 5 paragraph 3 of the E-Privacy Directive and article 96 paragraph 3 of TKG 2003). Cookies help to determine the frequency of use and the number of users of the internet pages, as well as to configure the offering as conveniently and efficiently as possible for you. The content of the cookies used is usually limited to an identification number and usage data that does not permit any personal reference being made to the user.
The use of our website is also possible without cookies, but may restrict the usage of the website.
When using or setting cookies that contain personal data or affect privacy, we obtain your consent in advance through your active behaviour by navigating through and over our cookie banner on our website after being informed about the purposes of the cookies used, thereby giving your consent to the setting of cookies.
For us, data protection is an essential contribution to customer satisfaction. You can therefore deactivate the storage of cookies in your browser, restrict it to certain websites or set your browser to notify you when a cookie is sent. You can also delete cookies from your PC’s hard drive at any time. Please note, however, that this will result in a restricted display of the page and you can expect limited user guidance.
By law, we may store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies, we need your permission.
7) Google Tools
a) Google maps
Detailed instructions on how to manage your own data related to Google products can be found here.
b) Google Script libraries (Google Webfonts)
In order to present our content correctly and in a graphically appealing way across all browsers, we use script libraries and font libraries such as Google Web Fonts(https://www.google.com/webfonts/) on this website. Google Web Fonts are transferred to your browser’s cache to avoid multiple loading. If your browser does not support Google Web Fonts or does not allow access, content will be displayed in a default font.
Calling script libraries or font libraries automatically triggers a connection to the library operator. It is theoretically possible – but currently also unclear whether and, if so, for what purposes – for the operators of such libraries to collect data.
8) SSL encryption
In order to protect the security of your data during transmission, we use state-of-the-art encryption procedures (e.g. SSL) via HTTPS. You can recognize an encrypted connection by the character string „https://“ at the start of the internet address and the lock symbol in your browser address line
9) changes or additions
We reserve the right to make changes or additions to the information content at any time and without prior notice. If sections or individual terms of this statement are not legal or correct, the content or validity of the other parts remain uninfluenced by this fact.