top of page
www.supportive.at

Privacy policy

With this privacy policy, we would like to inform you about the scope, nature and purpose of the processing of personal data (hereinafter referred to as "data") on this website and the associated content of us and third parties. For a precise definition of terms such as "personal data" or "processing", please refer to Article 4 of the General Data Protection Regulation (DSGVO).

 

Person responsible:
Company: Gernot Gaitzenauer
Contact person: Gernot Gaitzenauer
Address: Margeritengasse 8/2/14, 2700 Wiener Neustadt, Austria.

Email: info@supportive.at

 

Types of data processed: 

Inventory data (e.g., names, addresses)

Contract data (e.g., subject of contract, term, customer category)

Payment data (e.g., bank details, payment history)

Contact data (e.g., e-mail, telephone numbers)

Usage data (e.g., websites visited, access times)

Meta/communication data (e.g., device information, IP addresses)


Processing of special categories of data (Art. 9 para. 1 DSGVO):

In principle, no special categories of data are processed, unless they are supplied to the processing by the users, e.g. entered in online forms or emails.

 

Categories of data subjects:

Customers, interested parties and suppliers

Visitors and users of the online offer

 

Status: 12.06.2020

 

 

  1. legal basis according to Art. 13 DSGVO
    If the legal basis for data processing is not stated in this privacy policy, the following applies: The legal basis for processing for the performance of our services and implementation of contractual measures as well as answering inquiries is Art. 6 (1) lit. b DSGVO, the legal basis for obtaining consent is Art. 6 (1) lit. a and Art. 7 DSGVO, the legal basis for processing to protect our legitimate interests is Art. 6 (1) lit. f DSGVO and the legal basis for processing to comply with our legal obligations is Art. 6 (1) lit. c DSGVO. If vital interests of a data subject or another natural person make processing of personal data necessary, the legal basis is Art. 6 (1) lit. d DSGVO.
     

  2. changes and updates to the privacy policy
    Please inform yourself regularly about the content of our privacy policy. This will be adapted as soon as changes to the data processing carried out by us make this necessary. If a change requires your cooperation (e.g. consent), we will inform you proactively.
     

  3. security measures according to Art. 32 DGGVO

    1.  In order to ensure an adequate level of protection, we take appropriate technical and organizational measures, taking into account the costs of implementation, the state of the art and the nature, scope, circumstances and purposes of the processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons. These include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical access to the data, as well as access to, entry into, disclosure of, assurance of availability of and segregation of the data. We have established procedures to ensure the exercise of data subjects' rights, deletion of data and response to data compromise. We also take the protection of personal data into account when selecting hardware, software and processes, as well as through data protection-friendly default settings (Art. 25 GDPR).

    2. These security measures include the encrypted transmission of data between your browser and our server (https/SSL encryption).
       

  4. Cooperation with processors and third parties

    1. If we grant third parties access to data, this will only be done on the basis of a legal permission, for example if you have consented, a legal obligation exists or on the basis of our legitimate interest.

    2. If we commission third parties with the processing of data on the basis of a "contract processing agreement", Art. 28 DSGVO is the basis for this.
       

  5. Transmission to third countries
    Subject to legal or contractual permissions, we only allow data to be processed in a third country outside the European Union (EU) or the European Economic Area (EEA) if special conditions exist in accordance with Art. 44 et seq. DSGVO, e.g. on the basis of officially recognized guarantees that a level of data protection similar to that in the EU is maintained. 
    Furthermore, processing or disclosure or transfer to third parties will only take place if it is necessary for the fulfillment of our (pre)contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interest.
     

  6. Rights of the data subjects

    1. Pursuant to Art. 15 DSGVO, you have the right to request information as to whether data relating to you is being processed, to be informed about this data and to receive a copy of the data.

    2. Pursuant to Art. 16 DSGVO, you also have the right to request that the data concerning you be completed or that incorrect data concerning you be corrected.

    3. In accordance with Art. 17 of the GDPR, you also have the right to demand that your data be deleted immediately or, alternatively, that processing be restricted in accordance with Art. 18 of the GDPR.

    4. Pursuant to Art. 20 of the GDPR, you may also request that data which you have provided to us be received in a structured, commonly used and machine-readable format, and you have the right to transfer this data to another controller without hindrance from us, provided that the processing is based on consent or on a contract and is carried out with the aid of automated processes.In exercising the right to data portability, you may obtain that the personal data be transferred directly from us to another controller, where this is technically feasible. The exercise of the right to data portability does not affect the right to erasure ("right to be forgotten"). This right does not apply to processing which is necessary for the performance of a task assigned to us, which is in the public interest or which is carried out in the exercise of official authority.
      You also have the right, pursuant to Art. 77 DSGVO, to lodge a complaint with the competent supervisory authority.
       

  7. ​Right of revocation
    You have the right to revoke given consents pursuant to Art. 7 (3) DSGVO with effect for the future.
     

  8. Right of objection
    ​In accordance with Art. 21 DSGVO, you may object to the future processing of data relating to you at any time. This objection can be made in particular against processing for purposes of direct advertising.
     

  9. cookies, range measurement and right to object to direct advertising
    a) Cookies are pieces of information that are transmitted from our web server or third-party web servers to the users' web browsers and stored there for later retrieval. Cookies may be small files or other types of information storage.

    b) On the one hand, we or the content integrated by third-party providers use "session cookies", which are only stored for the duration of the current visit to our online presence (e.g. in order to be able to store your login status or the shopping cart function and thus enable the use of our online offer at all). A session cookie stores a random unique identification number, the so-called session ID. A cookie also contains information about its origin and storage period. Session cookies cannot store any other data. They are deleted when you stop using our online offer (e.g. by logging out) or close your browser.

    c) We or those integrated by third-party providers also use permanent cookies. In part, the cookies serve security purposes or are necessary for the operation of our online offer (for example, for the smooth display of our website). We will inform you in more detail about the use of cookies for range measurement or marketing purposes in this privacy policy.

    d) If you do not want cookies to be stored on your computer, you can deactivate the corresponding option in the settings of your browser. Cookies that have already been stored can be deleted there. The exclusion of cookies can lead to functional restrictions of this and other pages.

    e) You can object to the use of cookies for reach measurement and advertising purposes via the deactivation page of the network advertising initiative http://optout.networkadvertising.org/ and additionally via the US website http://www.aboutads.info/choices or the European website http://www.youronlinechoices.com/uk/your-ad-choices/.
     

  10. deletion of data
    a) Unless expressly stated otherwise within the scope of this data protection declaration, data processed by us will be deleted or restricted in its processing in accordance with Art. 17 and 18 DSGVO as soon as the data is no longer required for its intended purpose and the deletion is not contradicted by any statutory retention obligations. Data restricted in processing will be blocked and not processed for other purposes. This concerns data that must be retained for tax or commercial law reasons.

    b) In accordance with legal requirements, data is retained for 6 years pursuant to Section 257 (1) of the German Commercial Code (commercial books, inventories, opening balances, annual financial statements, commercial letters, accounting vouchers, etc.) and for 10 years pursuant to Section 147 (1) of the German Fiscal Code (AO) (books, records, management reports, accounting vouchers, commercial and business letters, documents relevant for taxation, etc.).
     

  11. provision of contractual services
    a) We process inventory data (for example, names and addresses as well as contact data of visitors), contractual data (for example, services used, names of contact persons, payment information) for the purpose of fulfilling our contractual obligations and services pursuant to Art. 6 para. 1 lit b. DSGVO. The entries marked as mandatory in online forms are required for the conclusion of the contract.
     

  12. contacting
    a) When contacting us (e.g. by email or contact form), the information provided by the user will be processed for the purpose of processing the request pursuant to Art. 6 para. 1 lit. b) DSGVO.
    b) The information provided may be stored in a customer relationship management system (CRM system) or comparable organizational tools.
    c) We delete the requests when they are no longer necessary. We regularly review the necessity every two years. If customers have a customer account, we store the conversation permanently until the customer account is deleted. In the case of legal archiving obligations, for example when a contract is concluded in the course of the conversation, the deletion takes place after its expiry.
     

  13. collection of access data and log files
    a) We collect on the basis of our legitimate interest pursuant to Art. 6 para. 1 lit. f. DSGVO, we collect data about accesses to the server on which this website is located. The following data is stored: Name of the page accessed, file, date and time of access, amount of data transferred, notification of successful access, browser used and version, the user's operating system, if applicable the page that led to the visit, IP address and the provider to which the data was sent back.

    b) Log file information is stored primarily for security reasons (e.g. for the clarification of abuse or fraud) for a maximum of seven days. Excluded from this is data whose further storage is necessary for evidentiary purposes.

    c) Our Internet presence is hosted by the hosting service provider Wix which provides us with platform services, computing capacity, storage space and database services, security services and technical maintenance services. We have concluded an order processing agreement with this provider. For the proper presentation of our Internet presence, connections are established from the user to the provider's web servers, which also transmit your IP address. The data processing is carried out for the purpose of ensuring the operational readiness of our Internet presence, in which we have a legitimate interest pursuant to Art. 6 para. 1 lit. f DSGVO.
     

  14. online presences in social media
    a) We maintain online presences in social networks in order to communicate with customers, interested parties and users active there and to inform them about our services. When calling up the respective networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply.

    b) Unless otherwise stated below, we only process the data of users when they communicate with us within the social networks and platforms, e.g. write posts on our online presences or send messages to us.
     

  15. Google Analytics
    a) We use Google Analytics, a web analytics service provided by Google LLC ("Google"), on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offering within the meaning of Art. 6 para. 1 lit. f. DSGVO) Google Analytics, a web analytics service provided by Google LLC ("Google"). Google uses cookies for the function of the service. The information about use of the online offer is usually transferred to a Google server in the USA and stored there.

    b) Google is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

    c) Google uses this information on our behalf to evaluate the use of our online offer, to compile reports on the activities of users and to provide us with other services related to the use of this online offer. Pseudonymous usage profiles of visitors can be created from the processed data.

    d) We use Google Analytics to display ads within Google's advertising services only to those users who show an interest in our online offer or who have certain characteristics (i.e. interests in certain topics or products). We transmit the desired target group to Google (so-called "remarketing", or "Google Analytics Audiences"). In this way, we can also ensure that ads correspond to the interest of users and do not annoy users.

    e) We use Google Analytics exclusively with activated IP anonymization. Thus, the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

    f) The transmitted IP address is not merged with other data from Google. Users can prevent the storage of cookies by setting their browser accordingly. In addition, the transmission and processing of data can be prevented by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

    g) Further information on data usage by Google, as well as setting and objection options, can be found on Google's websites: https://www.google.com/intl/de/policies/privacy/partners ("Data usage by Google when you use websites or apps of our partners"), https://policies.google.com/technologies/ads ("Data usage for advertising purposes"), https://adssettings.google.com/authenticated ("Manage information Google uses to show you ads“).
     

  16. integration of third-party services and content
    a) Within our online offer, we use content or service offers of third parties on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. DSGVO) to use content or services offered by third-party providers in order to offer their content and services, such as videos or fonts on our website (hereinafter uniformly referred to as "content"). This requires that the providers of this content become aware of the IP address of the user, as without the IP address they would not be able to send the content to their browser. This is necessary for the presentation of the content. We endeavor to use only such content whose respective provider uses the IP address only for the delivery of the content and does not store it for other purposes. Content from these providers may use so-called pixel tags (invisible graphics known as "web beacons") for statistical or marketing purposes. This allows information such as the volume of visitors to this website to be evaluated. This pseudonymous information may be stored in cookies on the user's device and may contain, among other things, technical information about the browser used, the user's operating system, referring websites, time of visit and other information about the use of our online offer. It is also possible for the provider to combine the data with information from other sources.

    b) The following list provides an overview of third-party providers and their content, as well as links to their privacy statements, which may contain further information on the processing of data and opt-out options:

  • - If our customers use third-party payment services (e.g. PayPal or Sofortüberweisung), the terms and conditions and privacy notices of the respective third-party provider apply. These can be accessed via the respective website, or transaction applications.

  • - External fonts from Google, LLC., https://www.google.com/fonts ("Google Fonts"). The integration of Google Fonts is done by a server call at Google (mainly in the USA). Privacy policy: https://policies.google.com/privacy, Opt-Out: https://adssettings.google.com/authenticated.

  • - External code of the JavaScript framework "jQuery", provided by the third-party provider jQuery Foundation, https://jquery.org.

bottom of page