Privacy Policy

Safe handling of your personal data
is of highest priority for us.

Privacy Policy

of sternpunkt.internetideen OG

Table of Contents

01 | General remarks concerning data processing

The protection of your personal data is of particularly high priority for us. We only process your data on the basis of the statutory regulations (GDPR). With this privacy policy, we inform you about important aspects of data processing during your visit of our website.

This privacy policy informs you about the type, scope and purpose of the processing of your personal data within our online offer and the associated websites, functionality and contents (hereinafter also called "online offer" or "website"). This privacy policy shall be valid irrespective of the utilized domain, system, platform and device (e.g. desktop or mobile) on which this website is executed.

02 | Collecting, processing & utilizing personal data

Concerning terms (e.g. "personal data" or "processing"), we refer to the definitions according Article 4 GDPR.

Within the course of this website, user data (e.g. visited pages of our website) and content data (e.g. submissions through our contact form) are counted among personal data which is processed.

The term "user" refers to all categories of persons, which are affected by data processing (e.g. business partners, clients, prospects and other visitors of our website).

We only process personal data in accordance to respective data protection regulations. This means, your data is only processed in case legal allowances are present, especially when data processing is required for the provision of contractual services or prescribed by law, or on grounds of legitimate interests (interest of analysis, optimization, economic operation and security of our online services; Article 6, paragraph 1 lit. f GDPR), especially concerning reach measurement, creating profiles for advertising and marketing measures as well as collecting access data and utilizing services of third-party providers.

Legal basis:
We refer to the following legal basis:

  • Legal basis of consent: Art. 6 p. 1 lit. a. and Art. 7 GDPR
  • Legal basis for the provision of contractual services: Art. 6 p. 1 lit. b. GDPR,
  • Legal basis for the processing and fulfillment of our legal obligations: Art. 6 p. 1 lit. c. GDPR
  • Legal basis for the processing on grounds of our legitimate interest: Art. 6 p. 1 lit. f. GDPR

03 | Security measures

We implement organizational, contractual and technical state-of-the-art security measures to ensure that we comply with data protection laws, and to secure that data processed by us is protected against deliberate manipulation, loss, destruction and against unauthorized access.

These security measures include especially the encrypted transmission of data between your web browser and our server.

04 | Data transfer to third-party providers

Your data is only transferred to third-party providers within the scope of legal requirements. We only transmit your data to third parties if, e.g.,  required for contract purposes (Art. 6, p. 1 lit.b GDPR) or on grounds of our legitimate interests of the economic and effective  operation of our business (Art. 6 p. 1 lit. f. GDPR).

In case subcontractors are appointed by us to provide services, we will take appropriate legal action as well as technical and organizational measures to guarantee the protection of your personal data according to relevant legal regulations.

As far as within the scope of this privacy policy, contents, tools or other means of third-party providers are utilized, and those providers are based in third countries, it has to be assumed that data is transferred into the country in which the third-party provider is located. Third countries are countries in which the GDPR is no directly applicable law. This includes all countries outside of the EU resp. the European Economic Area. Data is transferred to third countries in case an adequate level of data privacy is provided, or the user obtains consent, or any form of legal consent exists.

05 | Supply of contractual services

We process inventory data (e.g. your name and address, your contact details), contract data (e.g. services, contact person, payment information) in order to fulfill our contractual obligations and services (Art. 6 p. 1 lit b. GDPR).

Furthermore, we process usage data (e.g. visited pages of our website, interest in our products) to improve our offer continuously, as well as content data (e.g. submissions to our contact form) in order to process your inquiries.

06 | Establishment of contact

If you contact us via our contact form or by email, we process your details to and handle your inquiry (Art. 6 p. 1 lit. b) GDPR).

Your data may be stored in our Customer Relationship Management System ("CRM System") or with the help of comparable software or tools.

We utilize the service desk software "Jira Service Desk", provided by Atlassian Pty Ltd (1098 Harrison Street, San Francisco, CA 93103, USA) on the basis of our legitimate interest (efficient and quick processing of your inquiry). For this purpose, we have entered into a contract with Atlassian to guarantee that your data is processed according to our instructions and that the data-protection level of the EU is met. Atlassian is certified by the EU-US Privacy Shield and additionally guarantees, that Atlassian complies by the European data protection law (https://www.privacyshield.gov/participant?id=a2zt00000004FK0AAM&status=Active).

07 | Collection of access data and log files

On the basis of our legitimate interest (Art. 6, p. 1 lit. f. GDPR), we collect data ("log files") about every access to the server on which this website is hosted. This data includes the name of the visited page, file, date and time of access, amount of transferred data, report of successful retrieval, browser type & version, your operating system, referrer URL (the page you visited before visiting our website, in case you clicked on a link to our website) and your IP Address.

Due to security measures (e.g. informing about misuse and defraudation), log files are stored for the duration of a maximum of three months and subsequently deleted. Data, which is required for evidence purposes, is not deleted until the incident has been clarified.

08 | Cookies & reach measurement

Cookies are snippets of information that is transferred from our web server, or the web server of third parties, to your web browser and stored for later call. Cookies can be small files or other forms of information storage. 

We utilize "session cookies" which are only valid for the duration of your visit of our website. A session cookie contains a unique identification number, a so-called session ID. Furthermore, these cookies contain information about their origin and storage period. Session cookies are deleted by leaving our website, e.g. by closing your web browser.

We educate you about the use of cookies for pseudonymous reach measurement in the course of this privacy policy.

Objection ("opt-out"):
In case you do not wish cookies to be saved on your computer, we kindly ask you to deactivate the corresponding preferences in the system settings of your web browser. Cookies that have already been saved can be deleted in the system settings of your browser. The exclusion of cookies may cause functional limitations while visiting our website.

It is possible to object the utilization of cookies that are used for reach measurement and interest-based advertising by visiting the website of the Network Advertising Initiative (http://optout.networkadvertising.org/) and additionally on the US-American website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).

09 | Google Analytics

Due to our legitimate interest (interest in analysis, optimization and economic operation; Art. 6, p. 1 lit. f. GDPR), we use Google Analytics, a web analysis service by Google Inc. ("Google"). Google utilizes cookies. The data about your usage of our website generated by this cookie is normally transmitted to and stored on servers of Google in the USA.

 

Compliance with the European data protection law:
Google is certified by the EU-US Privacy Shield and therefore guarantees, that Google complies with the European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

 

Functionality of Google Analytics:
Google will process your data on our account to analyze how you use our website, to generate reports about the activities on our website and to provide us with further services connected to the use of our website and the Internet. Therefore, it is possible that pseudonymous user profiles of your data are created.

 

Anonymization of your data:
We only use Google Analytics with active IP anonymization. This means, Google shortens the IP addresses of users from countries within the European Union and contracting partners by the Agreement on the European Economic Area. Exceptionally, IP addresses are transferred to servers by Google in the USA and shortened afterwards. The IP address transmitted by your browser is not joined with other data collected by Google.

 

Objection ("opt-out"):
You can prevent your web browser from saving cookies by configuring your browser settings accordingly. Furthermore, you can prevent the collection of personal data provided by cookies while visiting our website by downloading and installing the following browser plug-in: http://tools.google.com/dlpage/gaoptout?hl=de.

 

Further information:
Further information about the use of your personal data by Google, settings and opt-out possibilities is provided on the following web pages: https://www.google.com/intl/en/policies/privacy/partners/ („How Google uses data when you use our partners' sites or apps“), http://www.google.com/policies/technologies/ads („Privacy & Terms for Advertising“), http://www.google.de/settings/ads („Control the information Google uses to show you ads“).

10 | Google-Re-/Marketing-Services

We use the marketing and re-marketing services ("Google Marketing Services") of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, („Google“), according to our legitimate interest (interest in analysis, optimization and economic operation; Art. 6, p. 1 lit. f. GDPR).

 

Compliance with the European data protection law:
Google is certified by the EU-US Privacy Shield and therefore guarantees, that Google complies with the European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

 

Used Google Marketing Service "Google Tag Manager"
We use the "Google Tag Manager" to implement and manage the service Google Analytics by Google for our website. No additional Google Marketing Services are used. Also, we do not utlize interest-based advertising.

 

Further information concerning data protection:
Further information about the use of your data for marketing purposes by Google can be found at https://www.google.com/policies/technologies/ads

Googles privacy policy can be viewed at https://www.google.com/policies/privacy

11 | Newsletter

With the following information, we educate you about the contents of our newsletter as well as subscription, delivery, statistical analysis and your right to terminate your subscription / withdraw from our newsletter. By signing up for our newsletter, you agree to receiving our newsletter and to the procedures described below.

 

Contents of the newsletter:
We send our newsletter, emails and other electronic notifications with editorial content and ads (in the following referred to as "newsletter") only with your consent or with legal allowance. Provided the content of the newsletter is described upon registration, this information is relevant for your consent. Apart from that, our newsletter contains information about our products, offers, sales promotions and our company.

 

Double opt in and logging:
Subscription for our newsletter is made through a so-called double opt in process: After registration, you will receive an email asking you to confirm your registration. This confirmation is required to make sure that no third party registers with your email address. The registration is logged according to legal requirements and to prove that the registration has taken place. For this purpose, the time of your registration, the date of confirmation and your IP address is saved. This information is furthermore logged and saved by the transmission provider.

 

Transmission provider:
Transmission of our newsletter is provided with the help of "MailChimp", a newsletter transmission platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, US. The privacy policy of the transmission platform can be requested at: https://mailchimp.com/legal/privacy/. The Rocket Science Group LLC d/b/a MailChimp is certified by the EU-US Privacy Shield and therefore guarantees compliance with the European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active).

In addition, according to their own information, the transmission provider may use your data pseudonymously (meaning it is not possible to connect the data with an individual user) for the purpose of service optimization and improvement, e.g. to technically improve shipment and display of the newsletter or for statistical purposes, to collect data about the country of the newsletter recipients etc. However, the transmission provider does not use your data to contact you personally or to pass on your data to third parties.

 

Subscription details:
To subscribe to our newsletter, we only require your email address. Optionally, we kindly ask you to provider your name so we can address you personally.

 

Statistical analysis:
Our newsletter contains so called "web beacons". These are pixel-sized files that are called from the server of our transmission provider when opening our newsletter. Through these web beacons, technical information about your browser and operating system, your IP address and the date and time when opening our newsletter is collected. This data is used for technical service improvements based on the technical information provided, the target group and its reading behavior, the location of retrieval (based on your IP address) and the time of access. Furthermore, it is statistically surveyed if and when you opened the newsletter and on which links you have clicked. It is possible to link this information to you due to technical reasons. Never the less, it is not our effort or the effort of the transmission provider to observe you. The evaluation allows us to get to know the reading behavior of our users and to adjust the content of our newsletter according to your interests.

The utilization of the transmission provider, provision of statistical analysis and logging of subscriptions is based on our legitimate interest (Art. 6p. 1 lit. f GDPR). We are interested in using a user friendly and save newsletter system that meets with our business interest and your expectations.

 

Termination of subscription / withdrawal:
You can, at any time, terminate your subscription to our newsletter and / or withdraw your consent. Simultaneously, by doing so, your consent to utilize the transmission provider and for statistical analysis expires. Unfortunately, it is not possible to withdraw your consent of transmission or statistic evaluation separately. A link to end the subscription is provided at the bottom of each newsletter. In case you signed up for our newsletter and terminate your subscription, your personal data is deleted. 

12 | Integration of third party services & contents

It is possible that our website integrates services and contents of third parties (e.g. maps, font faces…). For this purpose, third-party providers have to receive your IP address. Without IP address, it is not possible to send information to your browser. Thus, your IP address is required to display such content.

We try to only integrate contents of providers that need your IP address only for the purpose of data delivery.

Third-party providers may utilize so called "pixel tags" (invisible graphics, also referred to as "web beacons") for statistical and marketing purposes. With the help of "pixel tags", information about the traffic on this website may be analyzed. This pseudonymous data can be stored in a cookie that is saved on your device. This cookie may contain technical information about your browser, operating system, referring websites, visiting time as well as information about the usage of our website. This data may be linked with other sources.

Subsequently, you find an overview of third-party providers, their contents, a link to their privacy policy (containing further information about the processing of your data), and, partly already provided at this point, opt out possibilities:

13 | Your rights

Right of information:
Upon request, you are entitled to obtain information about your personal data stored by us, free of charge.

 

Right of correction, deletion, transfer and limitation of processing:
Of course, you have the right to correct inaccurate data, limit its processing and request deletion of your personal data. If applicable, you may assert your right of data portability.

 

Right to appeal:
In case you assume that we process your data unlawfully, you are entitled to file a complaint with the relevant regulatory authority. In Austria, this is the data protection authority ("Datenschutzbehörde").

 

Right to object:
You can opt out from the future processing of your personal data anytime in accordance with legal requirements. Your objection can especially be made against the processing of your data for direct advertising purposes.

14 | Data deletion

We delete your personal data stored by us as soon as it is no longer needed for the intended purpose and in case no legal obligation to retain such data has to be obeyed.

15 | Updates to our privacy policy

We reserve the right to update this privacy policy to comply with regulatory changes or when switching services and types of data processing.

This applies only to modifications concerning data processing. In case your consent is necessary, or parts of the privacy policy contain regulations concerning the contractual relationship with you, changes only apply with your consent.

We kindly ask you to inform yourself regularly about the contents of this privacy policy.

16 | Responsibility & contact details

Responsible authority for data protection:

sternpunkt.internetideen OG
Technoparkstr. 4,
A–5310 Mondsee

Phone: +43 (0) 6232 / 367 81
Email: office@sternpunkt.at

Date: 01.03.2018
Notice: This privacy policy applies in its respective current German version.