RESPONSIBLE AUTHORITY FOR DATA PROTECTION

Prillinger Gesellschaft m.b.H
Prillingerstraße 1
4600 Wels, Austria
+43 7242 230-200
partner@prillinger.at

Status: 01.07.2018

GENERAL

Data protection is a major concern of PRILLINGER. PRILLINGER has taken technical and organizational measures to process personal data securely and responsibly. All security measures correspond to the current status of data protection (Austrian Data Protection Act - DSG, EU-DSGVO, TKG 2003).

PERSONAL DATA INCL. PURPOSE

PRILLINGER processes the following personal customer data:

  • Contact persons including telephone number, fax, e-mail, department and function for processing current business cases.
  • Job title of the contact person to intensify the business relationship - but only if this information is provided by the customer.
  • Personal comments, if the customer provides such for orders, inquiries, returns or the like in the web shop, on the phone or in writing for printing on various documents (e.g. order confirmations, delivery note,...).
  • Brief note about the joint discussion after each customer visit so that important information is not lost and agreements are documented.
  • Name, user name and password when using the PRILLINGER web shop.
  • Name, e-mail address, IP address and function when registering for the PRILLINGER newsletter.
  • Name and date of birth when registering for a PRILLINGER Academy seminar so that the certificates of participation can be issued correctly.

Application documents are accepted electronically via e-mail, but also in printed form and entered into an applicant database. The data remains available throughout the entire application process. These are then archived for three years in order to be able to process any replacements quickly and effectively. After this period has expired, all printed documents will be destroyed and all electronic data will be deleted. The entries in the applicant database will be deleted after 7 years.

DATA STORAGE

The business data, and thus also part of the personal data, remain stored at PRILLINGER during the ongoing business relationship. As a result, customer contacts can be handled accurately and well-founded even after years. After a possible end of a business relationship, the statutory retention requirements apply.

DATA TRANSFER

Personal customer data is only used internally at PRILLINGER and is generally not passed on or made available to third parties. Should this be necessary in exceptional cases (e.g. transport service providers, printers or IT companies), then the data will only be passed on to selected partner companies with whom there are contracts for order processing in accordance with the General Data Protection Regulation.

SUBJECT RIGHTS

If a customer believes that his data is stored at Prillinger Gesellschaft m.b.H. processed unlawfully, the situation will be clarified by personal contact. Every customer has the right to request information, correction, deletion or restriction of data processing within the framework of the legal framework. Furthermore, every customer has the right to lodge a complaint with the data protection authority.

The individual rights of those affected are listed below.


Right to information (Article 15 GDPR)

Every person concerned has the right to know whether their personal data is being stored or what data processing is being carried out with it.

The request for information can be made either verbally or in writing. If there are doubts about the identity, PRILLINGER reserves the right to check the identity of the person concerned and to request proof of identity (copy of ID). You will be answered within one month. Every request for information is documented.

Right to rectification (Art 16 GDPR)

The person concerned can request that personal data be corrected or completed. The change requests are documented. The request for correction can be made either verbally or in writing. If there are doubts about the identity, PRILLINGER reserves the right to check the identity of the person concerned and to request proof of identity (copy of ID). You will be answered within one month. Each correction request is documented.

Right to erasure (Article 17 GDPR)

Every data subject has the right to request the deletion of their personal data. This is especially the case if the purpose of the processing is missing or no longer valid (e.g. if the active business relationship has been terminated) and there are no longer any legal storage obligations.

However, the data can also be deleted if the person concerned withdraws their consent or the contract is terminated. Are made by the Prillinger Gesellschaft m.b.H. personal data is processed unlawfully, the person concerned can also insist on deletion.

With every request for data deletion, it must be checked whether the deletion can be carried out legally or whether, for example, legal provisions make the processing of the data necessary. For example, defined data must also remain after the end of the business relationship.

The request for deletion can be made either verbally or in writing. If there are doubts about the identity, PRILLINGER reserves the right to check the identity of the person concerned and to request proof of identity (copy of ID). You will be answered within one month. Each deletion request is documented.

Right to restriction of processing (Article 18 GDPR)

The processing of the data is restricted if the purpose of the processing no longer applies, but the data must remain due to legal claims.

The data subject has the right to have the processing of their personal data restricted (note: there are personal data that may not be restricted because there is a legal basis for this).

The request for restriction can be made either verbally or in writing. If there are doubts about the identity, PRILLINGER reserves the right to check the identity of the person concerned and to request proof of identity (copy of ID). You will be answered within one month. Each restriction request is documented.

Notification obligation in connection with the correction, deletion or restriction of personal data (Article 19 GDPR)

The controller shall notify all recipients to whom personal data has been disclosed of any rectification or erasure of personal data or restriction of processing, unless this proves impossible or involves disproportionate effort. The controller shall inform the data subject about these recipients if the data subject requests it.

Right to data portability (Article 20 GDPR)

The person concerned has the right to transmit the personal data stored by PRILLINGER to another person responsible (as far as this is technically and legally possible). This right to data portability enables data subjects to obtain their data and reuse it for their own purposes and across different services. This right is not tied to the termination of a contract. It can also be asserted in an upright contractual relationship.

Right to object (Article 21 GDPR)

The data subject can object to and withdraw consent. For example, the customer can object to receiving the newsletter by unsubscribing.

COOKIES

The Internet pages use so-called cookies in several places. They serve to make the offer more user-friendly, effective and secure. Cookies are small text files that are stored on the computer and saved by the browser. Most of the cookies used by PRILLINGER are so-called "session cookies". They are automatically deleted after your visit. Cookies do not damage the computer and do not contain viruses.

If the user would like to prevent cookies from being stored on his computer, he is asked to deactivate the corresponding option in the system settings of the browser. Saved cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions on our website.

In addition, the use of cookies, which serve to measure range and for advertising purposes, can be deactivated via the deactivation page of the network advertising initiative (https://optout.networkadvertising.org/) or via the US website (https://www.aboutads.info/choices) or the European website (https://www.youronlinechoices.com/uk/your-ad-choices/) are contradicted.

Adjust cookie settings

ACCESS AND LOG FILES

PRILLINGER processes records of all server access, so-called server log files, on the basis of our legitimate interests within the meaning of Article 6 Paragraph 1 lit. These log files contain the name of the accessed website, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, operating system, previously visited site, IP address and the requesting provider. Log files are deleted after seven days of storage for security reasons (e.g. to investigate misuse or fraud).

GOOGLE-ANALYTICS

This website uses the "Google Analytics" service provided by Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA) to analyze website usage by users. The service uses "cookies" - text files that are stored on your device. The information collected by the cookies is usually sent to a Google server in the USA and stored there.

IP anonymization takes effect on this website. The IP address of the user is shortened within the member states of the EU and the European Economic Area. This shortening eliminates the personal reference of the IP address. As part of the agreement on the order data agreement, which the website operators have concluded with Google Inc., Google Inc. uses the information collected to evaluate website usage and website activity and provides services related to internet usage.

Every user has the option of preventing the storage of cookies on their device by making the appropriate settings in their browser. There is no guarantee that all functions of this website can then be accessed without restrictions.

You can find more information about data use by Google, setting and objection options on the Google website: https://www.google.com/intl/de/policies/privacy/partners (“Data use by Google when you use websites or apps our partners”), https://www.google.com/policies/technologies/ads (“Use of data for advertising purposes”), http://www.google.de/settings/ads (“Manage information that Google uses, to show you advertising”).

NEWSLETTER

PRILLINGER sends newsletters, e-mails and other electronic notifications with advertising information only with the consent of the recipient or legal permission. The newsletters contain information about our products, offers, promotions and our company.

Double-Opt-In-Verfahren

The newsletter registration takes place in a so-called double opt-in procedure. This means that after registration, customers receive an e-mail asking them to confirm their registration. This confirmation is necessary to prevent third parties from registering with your email address. All registrations are logged in order to be able to prove the registration process in accordance with legal requirements. This also applies to the time of registration and confirmation as well as the IP address. In addition, changes to your data stored by the shipping service provider are logged.

Service provider

The newsletter is sent using the “CleverReach” newsletter software from CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede, Germany. You can view the data protection regulations of the shipping service provider here: https://www.cleverreach.com/de/datenschutz/.

Furthermore, the shipping service provider can, according to its own information, use the data pseudonymously, i.e. without assignment to a user, to optimize or improve its own services, e.g. for technical shipping optimization, display optimization or for statistical purposes to determine from which countries the recipients come. Data from our newsletter recipients are never used to write to them ourselves or to pass them on to third parties.

Reporting

Our newsletters contain a so-called "tracking pixel", i.e. a pixel-sized image that is retrieved from the server of the shipping service provider when the newsletter is opened. Technical information, such as information about the browser and system as well as the IP address and time of retrieval, is first collected here. The statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. Neither PRILLINGER nor the shipping service provider observes individual users. The reporting evaluations should help us to determine reading behavior and to optimize the content on this basis.

The newsletter is sent and reported on the basis of the consent of the recipient in accordance with Article 6 Paragraph 1 lit 3 TKG, the registration process is logged on the basis of our legitimate interests in accordance with Article 6 (1) (f) GDPR and serves as proof of consent to receive the newsletter.

Termination/Revocation​​​​​​​

The recipients of our newsletter can cancel the receipt and consent to the performance measurement/reporting at any time by clicking on the unsubscribe link at the bottom of each mailing, i.e. revoke their consent.

At the time of unsubscribing from the newsletter, the personal data will be deleted unless their retention is legally required or justified.

WEBSHOP

Upon request, the customer receives access to our web shop. User administration takes place internally using a database.

In connection with your access to our shop and each time a page or file is called up, data about this process is stored in a log file during the usage process. In detail, the following data record is saved for each call:

  • Browser type/version
  • Operating system
  • Host name of the accessing computer (IP address)
  • Time of server request
  • Entered Searches

This data is for the Prillinger Gesellschaft m.b.H. cannot be assigned to a specific person. A combination of this data with other data sources is not carried out, the data is also deleted after a statistical evaluation.

The personal data is encrypted during the ordering process and transmitted over the Internet. We secure our website and other systems through technical and organizational measures against loss, destruction, access, modification or distribution of your data by unauthorized persons. Access to your customer account is only possible after entering your personal password. You should always keep your access information confidential and close the browser window when you have finished communicating with us, especially if you share the computer with other people.

WEBSITE

We collect and use personal data from you to the extent necessary to enable or process the use of our website. This includes, in particular, characteristics for your identification (name, address) and the scope of use of our offer. The usage data also includes the contact data you have provided. We may use your usage data for the purposes of our own advertising, market research and to optimize our website. You have the right to object to this use of your data. The data will not be passed on to third parties. We may only provide information about this data in individual cases if this is ordered by the responsible authorities, insofar as this is necessary for the purposes of criminal prosecution, to avert danger, to fulfill the statutory tasks of the authorities or to enforce intellectual property rights.

New customer form​​​​​​​

By filling out the new customer form on the PRILLINGER website, a request to be included in the customer base can be made. The following information is absolutely necessary for this:

  • Firmenname
  • Adresse, PLZ, Ort und Land
  • ATU/UID/Mwst.-Nr.
  • Ansprechperson, Funktion
  • Telefonnummer, E-Mail-Adresse

This data is passed on to Prillinger Gesellschaft m.b.H. transmitted. The inclusion in the customer base is then checked.

Contact form

A contact form is installed on our website, which our customers can use to contact us. The following fields must be filled out in the input mask:

  • Anrede, Vorname und Nachname
  • Adresse, PLZ und Ort
  • Telefonnummer, E-Mail-Adresse
  • Ihre Nachricht

This data is passed on to Prillinger Gesellschaft m.b.H. transmitted and are available to answer the request.

Online application

You can apply online for advertised positions. The following data is necessary for the processing of applications and is therefore collected:

  • Anrede, Vorname, Nachname
  • Geburtsdatum
  • Adresse, PLZ und Ort
  • Telefonnummer, E-Mail-Adresse
  • Ihre Nachricht

It is also possible to upload application documents such as a letter of motivation, CV and certificates digitally. This data is sent in encrypted form to HR management in the form of an e-mail and is available to PRILLINGER to answer the enquiry.

The data remains available throughout the entire application process. These are then archived for three years in order to be able to process any replacements quickly and effectively. After this period has expired, all printed documents will be destroyed and all electronic data will be deleted. The entries in the applicant database will be deleted after 7 years.

SOCIAL MEDIA

Prillinger Gesellschaft m.b.H. no social media channels.

SAFETY AND TECHNICAL NOTES

The Prillinger Gesellschaft m.b.H. must ensure that personal data is protected technically and organizationally. Above all, the topics of entry, access and access control are particularly important. Data security can be increased by encrypting personal data, protecting our business premises and the entire IT against external interference and regularly evaluating and checking the agreed measures.

Every employee of Prillinger Gesellschaft m.b.H. undertakes to comply with the IT security agreement, the confidentiality obligation and other applicable data protection documents.

Access control – object protection

Unauthorized persons are not allowed access to systems, facilities and data of the Prillinger Gesellschaft m.b.H. denied. Non-employees receive a safety briefing before entering. Visitors are registered and receive a visitor pass.

Access Control - Hardware Protection

It is not possible for unauthorized persons to access the systems, facilities and data of Prillinger Gesellschaft m.b.H. to use.

Access control – software and data protection

Authorized persons can only access defined areas. There are authorization systems and general information for this, which are made available to every employee in the IT security agreement.

Destruction and loss

The entire IT protects all data from destruction, loss and theft. The measures are continuously evaluated and, if necessary, adapted.

Privacy-friendly presets

Measures are taken to ensure data security at Prillinger Gesellschaft m.b.H. to keep constantly high. For this purpose, some default settings are made in the system to make the processing of the data safe. This applies not only to devices and data on the factory premises, but also to mobile devices.