Data protection declaration in accordance with Art. 13, 14 GDPR – fulfilment of information obligations

Thank you for visiting our website. We attach great importance to the protection of your data and inform you here in detail about the extent to which we process your data.

This policy applies to data processing within Saubermacher Dienstleistungs AG as well as to the use of our website. The legal basis for this data processing is the General Data Protection Regulation (GDPR) and the Austrian Data Protection Act (DSG).

All personal designations always refer to all genders. The use of the masculine form is intended solely to simplify readability.

1 Person responsible for data processing

The controller pursuant to Art. 4 (7) of the EU General Data Protection Regulation (GDPR) is

Saubermacher Dienstleistungs AG
Hans-Roth-Strasse 1
8073 Feldkirchen near Graz
Tel.: +43 59 800
E-mail: office@saubermacher.at
Website: saubermacher.at

The company has appointed a data protection officer. Birgit von Maurnböck, VMCON OG, Opernring 2, 8010 Graz can be contacted at: datenschutz@saubermacher.at

2 Data processing of persons in the business environment

2.1 Data processing in accordance with Art. 13 GDPR

We process the data that various people provide to us through their own information, for example as part of an enquiry by email, to initiate and conclude a contract or a business relationship.

2.2 Data processing in accordance with Art. 14 GDPR

In addition, we process data of persons who may be part of a contractual relationship, which we have legitimately received in the context of information from third parties (e.g. managing directors provide us with the data of their employees).

2.3 Persons concerned

We process the following data from interested parties: Company, name of contact person and professional contact and address data.

We process the following data from customers: Company, title and names of contact persons, professional address data and contact details, bank details, contract data. For customers who have their business premises certified as part of the ISCC certification process, geocoordinates are also processed.

We process the following data from suppliers and business partners: Company, title and names of contact persons, professional address data and contact details, bank details, contract data.

We process the following data from contact persons and representatives of authorities, associations, political parties and the press: Company/authority, title and name of the contact person, professional address data and contact details.

We process the following data from newsletter recipients: E-mail address.

2.4 Transfer of data

Data is transferred exclusively for the purpose of fulfilling the contract in accordance with Art. 6 para. 1 lit. b GDPR in order to provide you with our services.

• Transfer within the group: The personal data collected in connection with your enquiry or use of our services will be transferred within the group to subsidiaries or affiliated companies if necessary. This is particularly necessary if certain services or IT services are provided by other companies within the group. In such cases, it may be necessary to forward your data to the relevant group company for further processing. The transfer is based on internally concluded contracts.
• Transfer to processors: We work with processors to whom personal data is transferred in order to provide services efficiently. These include companies that perform tasks such as contract fulfilment, payment processing, account management, newsletter distribution and IT services.
• Other transfers: In certain cases, such as legal obligations or in the context of a legal dispute, personal data may be disclosed to authorities or lawyers.

2.5 Storage/deletion of data

• Contractual retention obligations: After termination of a contractual relationship or after the end of contractually agreed periods, personal data will be deleted or anonymised as soon as there are no legal retention obligations to the contrary.
• Withdrawal of consent: If consent to the processing of personal data is withdrawn, the data will be deleted or anonymised unless there is another legal basis for processing.
• Statutory retention obligations: The controller is subject to various statutory retention obligations. Personal data will be deleted after expiry of these statutory retention obligations. It may happen that personal data must be retained for legal reasons despite the revocation of consent or the expiry of contractually agreed periods and will only be deleted at a later date (after the expiry of the respective legal periods). The EU regulations and laws to be observed by the controller are listed below (without any claim to completeness):
  • Federal Tax Code (BAO)
  • Commercial Code (UGB)
  • Trade Regulation Act (GewO)
  • General Civil Code (ABGB)
  • Value Added Tax Act (UStG)
  • Whistleblower Protection Act (HSchG)
  • Data Protection Act (DSG)
  • General Data Protection Regulation (GDPR)

2.6 Contact by e-mail

When you contact us by e-mail, the data you provide will be stored by us in order to answer your questions. We delete the data arising in this context after processing is no longer necessary, or restrict processing if there are statutory retention obligations.

Legal basis: Art. 6 para. 1 lit. f GDPR

2.7 Publication of the names of authors

We are legally obliged to disclose the names of the authors of image data (photos or videos) each time image data is published. We automatically delete this personal data as soon as we stop using the image data.

2.8 Legal basis

The legal basis for data processing is:

• Consent (e.g. when processing your email address for advertising purposes) in accordance with Art. 6 para. 1 lit. a GDPR
• Contract initiation and fulfilment in accordance with Art. 6 para. 1 lit. b GDPR
• Legal obligations (e.g. statutory storage and documentation obligations, publication obligations under copyright law) pursuant to Art. 6 para. 1 lit. c GDPR
• Legitimate interests of our company (e.g. use of software) in accordance with Art. 6 para. 1 lit. f GDPR

We will inform you separately about the legal basis and purpose of the processing for each of the data processing operations described below.

3 Data processing when contacting us via our website, callback service, registration for the newsletter, customer portal, application

3.1 Contact and callback service

If you have asked us to contact you via our web form or if you have sent us a message, we will store the data required to contact you. This is your name, your e-mail address, your postcode if applicable and, on a voluntary basis, your additional details if they are personal. The data will be deleted by us as soon as storage is no longer necessary or you object to the processing.

If you make use of our callback service, we store your name, your telephone number and, on a voluntary basis, your additional personal details.

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest)

3.2 Subscribe to newsletter

You can subscribe to our newsletter by providing us with your e-mail address. You can unsubscribe at any time. After you unsubscribe, we will no longer use your data to send you the newsletter. If we have no business relationship with you and are not subject to any statutory retention obligations, your data will be deleted after you unsubscribe from the newsletter.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent)

3.3 Customer portal

As an SME, industrial customer or municipality, you have the option of registering on our website with your login details in our customer self-service portal in order to use additional functions (https://kundenportal.saubermacher.at/). To log in, you will be asked for your user name and the password you have chosen.

We require the following data to create a new account: First name, surname, e-mail address, telephone number, RONA customer number and, if applicable, the respective destinations.

In the event of important changes, for example to the scope of the offer or technically necessary changes, we will use the e-mail address provided during registration to inform you in this way.

The data will be stored by us for as long as you have an account with us and will be deleted if it is not subject to any statutory retention obligations.

Legal basis: Art. 6 para. 1 lit. b GDPR (contract initiation and fulfilment)

3.4 Applicant management

General: When you send us your application documents, we process the personal data contained therein for the purpose of personnel selection and job placement.

Legal basis: Art. 6 para. 1 lit. b GDPR (contract initiation and fulfilment)

Deletion: In the event of rejection, we will delete your documents 7 months after sending you the rejection.

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest)

Record keeping: If we wish to keep you on file for future contact, we will send you a separate request for your consent. If you explicitly give us your consent, we will store your application documents. If there is no further opportunity for you to fill a position with us within one year of receiving your consent, we will delete all your application documents.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent)

Applicant portal: All applications are processed via our application portal. People who are interested in working for our company can apply directly on our website via the applicant portal. The application process is handled by BITE, a service provided by BITE GmbH, Magirus-Deutz-Straße 12, 89077 Ulm, Germany. You will be informed of this in a separate privacy policy for applicants: https://saubermacher.at/datenschutz-jobportal/.

During the application process, you will have the opportunity to upload your application documents (e.g. CV). Alternatively, applications can also be submitted in paper form. These will also be entered into the BITE applicant management system by the HR department, so that the entire application process – regardless of the submission method – is handled centrally via the tool.

For individuals who submit their application in paper form directly to one of our locations, there is the option of accessing the privacy policy digitally via a QR code provided. Alternatively, the privacy policy can also be provided in printed form upon request.

Further information is available at https://saubermacher.at/karriere/offene-stellen/.

3.5 Participation in competitions

We occasionally organise competitions. In order to participate in these competitions, we require certain information from you: first name and surname, address and email address. This data will be used exclusively for the purpose of the competition. If we have no business relationship with you and are not subject to any legal storage obligations, the data collected will be deleted or anonymised after the competition has ended and the prizes have been sent out.

Legal basis: Art. 6 para. 1 lit. b GDPR (contract initiation and fulfilment)

3.6 Event management

We use the event tool “Invitario” from Invitario GmbH, Lerchenfelder Straße 74/1/6, 1080 Vienna, Austria, to organise and run events. The tool is used in particular for sending invitations, monitoring RSVPs and sending event summaries to event participants. In the context of event organisation, we process the following personal data via “Invitario”: name, email address, telephone number, company affiliation and, depending on the event, voluntary information on food preferences.

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest)

4 Data processing when visiting our website

4.1 Informational use of the website

When using the website for information purposes only, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect at most the data that is technically necessary for us to display our website to you and to ensure stability and security:

• IP address
• Date and time of the enquiry
• Time zone difference to Coordinated Universal Time (UTC)
• Content of the request (specific page)
• Access status/HTTP status code
• Website from which the request comes
• Browser
• Operating system and its interface
• Language and version of the browser software.

This data is not merged with personal data sources. We reserve the right to check this data retrospectively if we become aware of specific indications of unlawful use and – if there has been a hacking attack – to pass the data on to the law enforcement authorities. The data will not be passed on to third parties beyond this.

Legal basis: Art. 6 para. 1 lit. f GDPR

4.2 Cookies

Cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive assigned to the browser you are using and through which certain information flows to the place that sets the cookie (here by us or third-party providers). Cookies cannot execute programmes or transmit viruses to your computer.

The cookie allows you to be recognised when you visit the website without having to re-enter data that you have already entered.

The information contained in the cookies is used, for example, to determine whether you are logged in or what data you have already entered, or to recognise you as a user when a connection is established between our web server and your browser.

We distinguish between technical cookies that are used exclusively to ensure the operation of a website and other cookies that are set by us or third-party providers for the purpose of statistical analyses, tracking or advertising/marketing.

Legal basis: Art. 6 para. 1 lit. f GDPR (for technical cookies), Art. 6 para. 1 lit. a GDPR (for all other cookies)

 

4.3 Data processing in the USA

It cannot be ruled out that personal data will be transmitted to the USA when you visit our website. If this is the case, we will point this out separately in this privacy policy.

The European Commission has adopted an adequacy decision for the exchange of data between European and US companies. This decision stipulates that American companies that have submitted to the EU-US Privacy Framework guarantee an adequate level of protection for personal data. Personal data may be exchanged with these companies without additional guarantees.

In the case of data processing by US data recipients who have not submitted to the regulations of the EU-US Data Privacy Framework , , the following risks in particular cannot currently be ruled out for you as a data subject:

• Your personal data could possibly be passed on to other third parties (e.g. US authorities) by the respective service provider beyond the actual purpose of order fulfilment.
• You may not be able to assert or enforce your rights to information against the respective service provider in the long term.
• There may be a higher probability that incorrect data processing may occur because the technical organisational measures for the protection of personal data do not fully meet the requirements of the GDPR in terms of quantity and quality.

By consenting to the processing of (advertising and marketing) cookies, you explicitly consent to the transfer of data to the USA. You can remove cookies stored on your PC yourself at any time by deleting the temporary internet files.

Legal basis: Art. 6 para. 1 lit. a GDPR

5 Social media presence

We operate social media pages on LinkedIn, Xing, Facebook, Instagram and Flickr, as well as a YouTube channel. When you visit our social media presence or our YouTube channel, personal data, including the IP address of the respective provider, is processed and cookies are used for data collection. Please refer to the privacy policy of the respective service for details on exactly what information is transmitted. There you will also find information on how to contact us and how to restrict the processing of this data.

Furthermore, we would like to point out that you use the respective services and their functions at your own risk. This applies in particular to the use of interactive functions (e.g. sharing, commenting or rating).

The providers of social media services have provided us with corresponding agreements – in most cases, these are agreements on joint responsibility for data processing. The use of social media platforms is based on our legitimate business interest.

If we are obliged to fulfil the rights of data subjects (see16 ), you can contact both us and the provider of the respective social media platform.

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest)

6 Video surveillance

As part of our security measures, we use video surveillance technology at various locations to ensure the safety of persons and the protection of property. These locations are: Saubermacher headquarters (Ecoport), Krems, Lannach, Premstätten, Trofaiach and Vienna Oberlaa. All entrances and exits as well as the entrance and exit to the Ecoport underground car park are monitored by video. At the other locations, video surveillance is mainly carried out in the entrance areas, car parks and sorting and storage areas of the operating sites.

The purpose of surveillance is to enforce house rules and to investigate criminal offences and security-related incidents. Areas under surveillance are marked with appropriate signs. The recordings are stored for a period of 72 hours and then deleted, unless they are required to clarify incidents or to initiate legal proceedings.

Access to the recordings is restricted to authorised persons. The data will only be passed on to law enforcement authorities in the event of a criminal offence.

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest)

7 Whistleblowing system – online portal

We have set up a whistleblowing system (Saubermacher Group online whistleblowing portal) on our website. The whistleblowing system enables you to contact us and report compliance and legal violations without fear of reprisals. Further information is available at https://saubermacher.at/hinweisgeber/.

Legal basis: Art. 6 para. 1 lit. c GDPR (legal obligation).

8 AWS

Our website uses a cloud web hosting solution provided by Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, L-1855 Luxembourg. AWS provides the infrastructure and resources necessary for the operation and provision of the website. As AWS acts as a cloud provider, data is stored and processed on AWS servers.

When using AWS, certain data such as IP addresses and access times may be logged to ensure the security and operation of the website.

Further information can be found in the Amazon Web Services privacy policy at https://aws.amazon.com/privacy/?nc1=f_pr.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent)

9 Data processing when using Hotjar

We use Hotjar, an analytics software from Hotjar Ltd. (“Hotjar”) (http://www.hotjar.com, Malta, Europe), to better understand the needs of our users and to optimize the offerings on this website. Hotjar’s technology helps us to better understand our users’ experiences (e.g., how much time users spend on which pages, which links they click on, what they like and dislike, etc.), which helps us to tailor our offerings to our users’ feedback. Hotjar uses cookies and other technologies to collect information about our users’ behavior and their devices (in particular, the device’s IP address (which is only collected and stored in anonymized form), screen size, device type (unique device identifiers), information about the browser used, location (country only), and preferred language for viewing our website). Hotjar stores this information in a pseudonymized user profile. The information is not used by Hotjar or us to identify individual users or merged with other data about individual users. You can prevent Hotjar from collecting data by clicking on the following link and following the instructions there: https://www.hotjar.com/opt-out.

For more information, please refer to Hotjar’s privacy policy: https://www.hotjar.com/legal/policies/privacy

Legal basis: Art. 6 (1) (a) GDPR

10 Flickr

We use the photo service Flickr provided by SmugMug Inc., 67 E. Evelyn Ave, Mountain View, 94041 California, USA, on our website.

We have integrated Flickr content into our website. We have also integrated the Flickr badge, which displays an automatic preview of Flickr images.

Cookies are set by Flickr each time you access or click on a Flickr component. Cookies are small text files that are stored on your computer and enable an analysis of your use of Flickr’s services. We have no knowledge of exactly which user information and user behaviour is collected and transmitted to the web servers of Flickr and its affiliated companies in America for further processing.

If you as a user do not agree to this processing of your data, you can deactivate the Flickr service and thus prevent the transfer of data to the servers of Flickr and its affiliated companies. To do this, you must deactivate JavaScript in your browser. However, we would like to point out that in this case you will not be able to use Flickr or only to a limited extent.

For further information, please refer to Flickr’s data policy at https://www.flickr.com/help/privacy.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent)

11 Data use for Google services

We use services provided by Google Ireland Limited (“Google”), a company registered and operating under Irish law with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland, on our website.

For more information, please refer to Google’s privacy policy at https://policies.google.com/privacy?hl=de.

11.1 Google Analytics & IPmeta

We use Google Analytics on our website, a tool that allows us to analyse how our website is used. With Google Analytics, we can see how many people visit our website and how long they stay.

This website uses the “Activate IP anonymisation” function (i.e. Google Analytics has been extended by the code “gat._anonymizeIp();” to ensure anonymous collection of IP addresses (so-called IP masking)). This means that your IP address will be truncated by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and truncated there.

Google uses the information collected to analyse your use of the website, to compile reports on website activity and to provide other services related to website usage.

Your IP address transmitted by your browser to Google Analytics will not be merged with other data from Google. However, Google may transfer this information to third parties if required by law or if third parties process this data on behalf of Google.

You can prevent cookies from being stored on your computer by selecting the appropriate settings in your browser. However, please note that if you do so, you may not be able to use all the features of our website to their full extent.

Further information on terms of use and data protection can be found at https://www.google.com/analytics/terms/de.html or at https://support.google.com/analytics/answer/6004245?hl=de.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent)

We also use the service ipmeta.io, which is a freely available plugin from Google Analytics. We use the plugin to analyse and implement “service provider”, “network domain” and “network type” in Google Analytics to see who has visited our websites and to obtain statistics about this. The retrieval of data for network-related dimensions is based on your IP address. The plugin is only used to convert it into network data. The data collected for this purpose is then deleted immediately.

Further information can be found at: https://ipmeta.io/#how-network-type-works

Legal basis: Art. 6 para. 1 lit. a GDPR (consent)

11.2 Google Fonts

We use Google Fonts on our website. To ensure that fonts and icons are displayed consistently and attractively, your browser loads the necessary fonts into your browser cache. To do this, the browser you are using must contact the Google Fonts servers, which means that Google Fonts will be aware that our website has been accessed via your IP address.

You can find out what data is collected by Google and what this data is used for at https://www.google.com/intl/de/policies/privacy/.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent)

11.3 Google Maps

We use Google Maps on this website. This allows us to display interactive maps directly on the website and enables you to use the map function conveniently. When you visit the website, Google receives information that you have accessed the corresponding subpage of our website. In addition, the data already mentioned under “Informative use of the website” is transmitted. This occurs regardless of whether Google provides a user account that you are logged in to or whether no user account exists. If you are logged in to Google, your data will be directly associated with your account. If you do not want your data to be associated with your Google profile, you must log out before activating the button. Google stores your data as usage profiles and uses them for advertising, market research and/or the needs-based design of its website. Such evaluation is carried out in particular (even for users who are not logged in) to provide with advertising tailored to your needs and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.

Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the provider’s privacy policy. There you will also find further information on your rights in this regard and settings options for protecting your privacy: http://www.google.de/intl/de/policies/privacy.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent)

11.4 Google Photos

For a user-friendly experience, we use the cloud-based storage service Google Photos. When you access images on our website, your browser establishes a connection to Google’s servers. Your IP address is transmitted to Google for this purpose. In order to display the images correctly, the necessary pages are loaded into your browser cache.

You can find more detailed information here: https://www.google.com/photos/

Legal basis: Art. 6 para. 1 lit. a GDPR (consent)

11.5 Google Tag Manager

We use Google Tag Manager on our website, which enables us to integrate and manage website tags such as tracking codes or conversion pixels. This collects data on the website and forwards it to associated analysis tools, which store and evaluate this data. Although Google Tag Manager collects data (e.g. IP address), it does not store this data and has no access to it. It merely acts as an interface between the website and the analysis software.

For more detailed information, please visit: https://www.google.com/intl/de/tagmanager/faq.html.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent)

11.6 YouTube

We operate a YouTube channel and have integrated YouTube videos into our website, which are stored at http://www.YouTube.com. YouTube is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, 94066 California, USA. YouTube, LLC is a subsidiary of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube videos in extended data protection mode. With this setting, YouTube does not store any cookies when you visit our website. A connection to YouTube servers is only established when you start playing the embedded videos. YouTube uses cookies for data collection and statistical data analysis. This tells YouTube which pages you visit. If you are logged in to YouTube, your data will be assigned directly to your account. YouTube uses your data for advertising and market research purposes.

By using this service, personal data is transferred to the USA or cannot be ruled out. Google has certified itself in accordance with the adequacy decision for the transfer of personal data to the USA. The European Commission has concluded that an adequate level of protection exists for personal data transferred from the EU to a company in the USA that is certified under the EU-US Privacy Shield, which is why data transfer is permitted in accordance with Art. 45 GDPR.

The integration of YouTube leads to the reloading of YouTube images.

Further information on data protection at YouTube can be found in the provider’s privacy policy at: https://www.google.de/intl/de/policies/privacy/

Legal basis: Art. 6 para. 1 lit. a GDPR (consent)

12 Data processing when using Matomo

We have integrated the web analytics service Matomo from the provider InnoCraft Limited, 7 Waterloo Quay, PO625, 6140 Wellington, New Zealand, into our website for statistical analysis of user behaviour and for optimisation and marketing purposes. By installing and integrating Matomo on our own server, we guarantee that no data will be passed on to third parties. In addition, we operate Matomo with settings that ensure that no cookies are set.

The following data is processed: browser type, browser version, operating system, country of origin, date and time of the server request, number of visits, length of stay on the website and the external links you have clicked on. Before the IP address is stored, it is anonymised. Pseudonymised usage profiles can be created and evaluated from this data. The data collected is processed on our servers and is not passed on to third parties.

The information generated in the pseudonymous user profile is not used to personally identify the website visitor and is not merged with personal data about the bearer of the pseudonym.

For further information, please refer to Matomo’s privacy policy at https://matomo.org/privacy-policy.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent)

13 Data processing for Meta services

We use services provided by Meta Platforms Ireland Ltd. (“Meta”), a company registered and operating under Irish law with its registered office at Merrion Road, Dublin 4, Ireland, on our website.

For more information, please refer to Meta’s privacy policy at https://www.facebook.com/about/privacy/.

13.1 Facebook social plugins

We have integrated social plugins from Meta on our website. We are jointly responsible with Meta for the data processing that takes place within the scope of the integration of the plugin in accordance with Art. 26 GDPR.

The use of social plugins enables users to share or like content from our website on Facebook.

No data is transferred to Meta when you visit the website. Your data (IP address) is transferred to Meta as soon as you interact with a post by sharing or liking it.

If you are logged in to Facebook as a user, Meta can directly associate your profile with your visit to our website. If you interact on our website, this information will also be displayed on your Facebook profile. Meta may use this information to analyse your behaviour on our website in connection with the advertisements displayed on Facebook, to inform other Facebook users about your activities, and to provide other services.

For more information, please refer to Meta’s privacy policy at https://www.facebook.com/about/privacy/.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent)

13.2 Meta Pixel

Our website uses the so-called Meta Pixel to analyse and optimise advertisements on our online offering.

Meta can use the pixels to identify website visitors as a target group for the display of advertisements (so-called Meta Ads). Accordingly, we use them to display the ads we place on Meta platforms (Facebook and Instagram) only to those Meta users who have also shown an interest in our online offering or who have certain characteristics (e.g. interests in certain artists or events, which are determined based on the websites visited) that we transmit to Meta (so-called “custom audiences”). This is to ensure that our ads are relevant to the user’s interests and are not annoying. With the help of pixels, we can also track the effectiveness of Meta ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Meta ad (so-called “conversion”).

Your actions are stored in one or more cookies. These cookies enable Meta to match your user data (such as your IP address and user ID) with the data in your Meta account. The data collected is anonymous to us and cannot be viewed by us and is only used for advertising purposes. If you wish to prevent the link to your Meta account, you can log out before taking any action.

For more information, please refer to Facebook/Meta’s data policy at https://de-de.facebook.com/policy.php.

Specific information about Facebook pixels can be found at https://de-de.facebook.com/business/help/651294705016616.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent)

14 Data processing for Microsoft services

We use services provided by Microsoft Ireland Operations Limited (“Microsoft”), a company registered and operating under Irish law with its registered office at One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland, on our website.

We use Microsoft’s cloud services and its software-as-a-service offerings for various purposes. These include, for example, the publication of websites, forms and other content, as well as the storage and management of documents and the sending of emails.

For further information, please refer to Microsoft’s privacy policy at https://privacy.microsoft.com/de-de/privacystatement.

14.1 Microsoft Advertising (formerly Bing Ads)

Microsoft Advertising (formerly Bing Ads) enables us to place targeted ads in Bing search results and other Microsoft websites to reach potential customers. Microsoft Advertising uses various technologies, including cookies and web beacons, to collect data about user behaviour and measure the effectiveness of advertising campaigns.

When using Microsoft Advertising, personal data such as IP addresses, browser information, search queries, device types and click behaviour may be collected and processed. This data is used to deliver personalised ads to users who may be interested in our products or services. Microsoft Advertising does not allow us to collect directly identifiable information such as user names or addresses.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent)

14.2 Microsoft Clarity

We use the Microsoft Clarity analysis tool on our website.

This tool enables us to analyse user behaviour on our website in order to improve the user experience. Microsoft Clarity uses cookies and other tracking technologies to collect information such as user interactions, mouse movements, scrolling activities and keyboard entries.

This data is anonymised and aggregated to help us improve the performance and effectiveness of our website.

Legal basis: Art. 6 para. 1 lit. a GDPR (consent)

15 Onlim

To provide a chatbot on our website, we use the Onlim service provided by Onlim GmbH, Neutorgasse 13/5, 1010, Vienna, Austria, which acts as our processor.

Onlim enables us to provide automated chat functions to respond to user enquiries. When you contact us via the chatbot, the data you provide will be stored by us in order to answer your questions. We delete the data collected in this context after it is no longer necessary for processing or restrict processing if there are legal retention obligations.

When contacting us via the chatbot, Onlim may collect, process and store personal data such as IP addresses, chat histories and technical information at the time of use (e.g. browser type, operating system). When you use our chat functions, your data entries are transferred to Onlim’s servers. This data includes the information you enter and the date and time of the chat history.

Your data will be deleted or completely anonymised after 30 days at the latest. You also have the option of adjusting the storage period for your data directly in the chat. Your personal data will then be deleted within 24 hours.

Onlim’s privacy policy can be found at https://onlim.com/de/datenschutzerklaerung/.

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest)

16 Usercentrics (Cookiebot)

In order to obtain consent for the use of cookies and services requiring consent on our website in accordance with data protection regulations, we use the Consent Banner Cookiebot from Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark.

The consent banner records and stores the selection of cookies and consent-based services of the respective user of our website. With the express consent of the website visitor, it is ensured that statistical and marketing cookies and consent-based services are only set after consent has been given.

The consent tool collects, logs and stores the website visitor’s settings for the duration of a session. To ensure that the selected settings can be clearly assigned to the respective website visitor, Cookiebot collects, transmits and stores certain user information (including the IP address).

For more information, please refer to Cookiebot’s privacy policy
https://www.cookiebot.com/de/privacy-policy/

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest)

17 Your rights

You have the following rights with regard to your personal data:

• Right to information, correction and deletion
• Right to restriction of processing
• Right to object to processing
• Right to data portability
• Right to lodge a complaint with the Austrian Data Protection Authority
  Barichgasse 40 – 42, 1030 Vienna, telephone: +43 1 52 152-0
  Email: dsb@dsb.gv.at

If you believe that we have violated Austrian or European data protection law in the processing of your data and thereby infringed your rights, please contact us so that we can clarify any questions you may have.

Please send your enquiries and concerns by email to datenschutz@saubermacher.at or contact us using the contact details provided.

18 Changes to this privacy policy

We reserve the right to make changes to our privacy policy from time to time. All changes to the privacy policy will be published on this page. Please refer to the current version of our privacy policy for the latest information.