Privacy policy
General
With this privacy policy we would like to inform you about the types of personal data (hereinafter collectively referred to as “data”) we process, for what purposes and to what extent, and how we use this data.
We treat your personal data confidentially and according to the legal data protection regulations.
Personal data is data with which you can be personally identified. Data subjects shall hereinafter collectively be referred to as “users”.
The terms used are not gender-specific.
Status of this privacy policy: January 15, 2020
Data controller for this website:
The data processing on this website is carried out by
Ing. Michael Werner | Schusslinie 1B | A-1110 Vienna
The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).
Data collection on this website
Your data is collected when you transmit it to us, for example by using our contact form.
Other information is automatically collected when you visit the website.
This is mainly the following technical data:
- Address of the accessed website (URL)
- Browser and version of the user’s browser
- The user’s operating system
- The address of the previously visited page (referrer URL)
- Host name and the IP address of the device from which this website is accessed
- Date and time of the access
This data is stored in the web server log files for 2 weeks and then automatically deleted by the hoster. We do not combine this data with other data sources and do not evaluate it – therefore this data cannot be assigned to any particular person.
We reserve the right to subsequently check the server log files, in case of justified suspicion of illegal activities
We collect this data on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimisation of his website.
Hosting
This website is hosted by an external service provider (hoster) The use of the hoster is in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f GDPR). Our hoster will only process your data to the extent necessary to fulfil its performance obligations. In order to guarantee data protection compliant processing, we have concluded a contract for order processing with our host.
Types of data processed:
- Inventory data (e.g., names, addresses).
- Contact data (e.g., e-mail, telephone numbers)
- Content data (e.g., text entries, photographs, videos).
- Usage data (e.g., websites visited, interest in content
- access times). Meta/communication data (e.g., device information, IP addresses).
Categories of data subjects concerned by the processing:
- Customers, interested parties, business partners.
- Visitors and users of the online offer.
Purpose of the processing:
Making our online offer available
Responding to contact requests and communication with users
Security measures
Legal basis of the data processing
In the following we inform you about the legal basis of the General Data Protection Regulation (GDPR), on the basis of which we process personal data. Please note that in addition to the provisions of the GDPR, national data protection regulations may apply in your or our country of residence and domicile.
National data protection regulations in Austria: In addition to the data protection provisions of the General Data Protection Regulation, national regulations on data protection apply in Austria. This includes in particular the Austrian Federal Act on the Protection of Individuals with regard to the Processing of Personal Data (Data Protection Act – DSG). In particular, the Austrian Data Protection Act contains special provisions on the right of access, the right to rectification or erasure, the processing of special categories of personal data, processing for other purposes and communication and automated decision-making in individual cases.
Consent (Art. 6 para. 1 sentence 1 lit. a GDPR) – The data subject has given his/her consent to the processing of personal data concerning him/her for one or more specific purposes.
Fulfilment of a contract and pre-contractual requests (Art. 6 para. 1 sentence 1 lit. b. GDPR) – The processing is necessary for the performance of a contract to which the data subject is party or for carrying out pre-contractual measures taken at the request of the data subject.
Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR) – The processing is necessary to protect the legitimate interests of the controller or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data.
Data processing in third countries
If we process data in a third country (i.e. outside the European Union (EU), the European Economic Area (EEA)) or if the processing takes place in the context of the use of third-party services or the disclosure or transfer of data to other persons, bodies or companies, this shall only take place in accordance with the legal requirements.
Subject to express consent or contractually or legally required transfer, we process or allow the data to be processed only in third countries with a recognised level of data protection, including the US processors certified under the “Privacy Shield”, or on the basis of special guarantees, such as contractual obligations through what are known as standard protection clauses of the EU Commission, the existence of certifications or binding internal data protection regulations (Art. 44 to 49 GDPR, information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_en ).
Security measures/SSL encryption
This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as requests via our contact form that you send to us. An encrypted connection can be recognised by the fact that the address line of the browser changes from “http://” to “https://” and by the padlock symbol in your browser bar.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
In accordance with Art. 32 GDPR and taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing, as well as the varying probability of occurrence and severity of the risk to the rights and freedoms of natural persons, we take appropriate technical and organisational measures to ensure a level of protection commensurate with the risk; these measures include securing the confidentiality, integrity and availability of data by controlling the physical access to the data, as well as the access, input, disclosure, securing of availability and its separation. Furthermore, we apply procedures that ensure the exercise of data subject rights, erasure of data and reaction to data threats. We consider the protection of personal data as early as in the development or selection of hardware, software and processes, in accordance with the principle of data protection through technological design and through data protection-friendly default settings.
Use of cookies
Cookies are text files that contain data from visited websites or domains and are stored by a browser on the user’s computer. Cookies do not cause any damage to your end device, but primarily serve to store information about a user during or after his/her visit within an online offer. The stored information can include, for example, the language settings on a website, or the login status. The term cookies also includes other technologies that perform the same functions as cookies (e.g., user IDs – information about users stored using pseudonymous online identifiers)
The following cookie types and functions are distinguished:
- Temporary cookies, also known as session cookies: Temporary cookies are deleted at the latest after a user has left an online offer and closed his/her browser.
- Permanent cookies: Permanent cookies remain stored on your end device until you delete them yourself or an automatic solution is provided by your web browser. For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again.
- First party cookies: First party cookies are set by ourselves.
- Third party cookies: Third party cookies are mainly used by advertisers (so-called third parties) to process user information.
- Necessary, also known as essential or absolutely necessary cookies: Cookies can be absolutely imperative for the operation of a website, e.g. to store logins or other user entries, or for security reasons.
- Statistical, marketing and personalisation cookies: Furthermore, cookies are generally also used in the context of range measurement as well as when the interests of a user or his/her behaviour (e.g. viewing certain content, using functions, etc.) on individual websites are stored in a user profile. Such profiles are used to show users, for example, content that matches their potential interests. This process is also known as “tracking”, i.e. following the potential interests of users. These types of cookies are not set on our website – we do not use Google Analytics, Facebook pixels, or any other tracking cookies.
You can determine yourself which and whether you want to use cookies. You have the possibility to clear, disable or only partially allow cookies. For example, you can block only third party cookies, but allow all other cookies.
You can also set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic clearing of cookies when closing the browser.
If you want to find out which cookies have been stored in your browser when you change or delete cookie settings, you can find this in your browser settings:
Chrome: Clearing, enabling and managing cookies in Chrome
Safari: Managing cookies and website data with Safari
Firefox: Clearing cookies to remove data that websites have placed on your computer
Internet Explorer: Clearing and managing cookies
Microsoft Edge: Clearing and managing cookies
Use of personal data over the course of a contact:
Contact form
If you use our contact form, your details from the enquiry form, including the contact details provided by you there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We will not pass on this data without your consent.
By entering your data in the contact form you agree that your data (your name and email address) will be stored at Werner & Weber GmbH, Schusslinie 1B, A-1110 Vienna. This consent can be revoked at any time by e-mail to infoline@werner-weber.com. The processing of the data entered in the contact form is thus exclusively based on your consent (Art. 6 para. 1 lit. a GDPR). The legality of the data processing operations carried out up to revocation shall remain unaffected by the revocation. At the same time, when using the contact form, you confirm that you have reached the age of 14.
Purpose of data storage: Processing of your request, making an appointment, sending of information material.
Duration of data storage: The data entered by you in the contact form will remain with us until you request its erasure, revoke your consent to its storage or until the purpose for which the data is stored is no longer given (e.g. after your request has been processed).
Contact by e-mail, telephone or fax:
If you contact us by e-mail, telephone or fax and provide us with personal data, such as name, e-mail address, postal address or other personal details, these will only be used by us for the purpose stated in each case, stored securely and not passed on to third parties.
Purpose of data storage: Processing of your request, making an appointment, sending of information material.
Duration of data storage: Your data will remain with us until you request its erasure, revoke your consent to its storage or until the purpose for which the data is stored is no longer given (e.g. after your request has been processed). Mandatory statutory provisions – in particular retention periods – remain unaffected.
Plugins and tools
Google Web Fonts
We use web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache to display texts and fonts correctly.
For this purpose, your browser must connect to the servers of Google, whereby Google obtains knowledge that this website was accessed via your IP address. The use of Google WebFonts is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the uniform presentation of the typeface on his/her website. If appropriate consent has been requested (e.g. consent to the storage of cookies), the processing shall be carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR; consent may be revoked at any time.
If web fonts are not supported by your browser, a standard font is used by your computer.
More information regarding Google Web Fonts can be found at
https://developers.google.com/fonts/faq and in the Google privacy policy:
https://policies.google.com/privacy?hl=en
Use of Web Fonts / Adobe Typekit
the nature and purpose of the processing:
We use Adobe Typekit to visually design our website. Typekit is a service provided by Adobe Systems Software Ireland Companies (4-6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland; hereinafter “Adobe”) which gives us access to a font library.
The uniform presentation of the information on the site constitutes a legitimate interest of the provider within the meaning of Art. 6 para. 1 lit. f DSGVO.
To integrate the fonts we use, your browser must connect to an Adobe server in the USA and download the font required for our website. Adobe is thereby informed that our website was accessed from your IP address. For more information about Adobe Typekit, please refer to Adobe’s privacy policy, which can be found here: https://www.adobe.com/de/privacy/policy.html
Legal basis:
The legal basis for the integration of Adobe Typekit and the associated data transfer to Adobe is your consent (Art. 6 para. 1 lit. a DSGVO).
Recipient:
Calling up script libraries or font libraries automatically triggers a connection to the library operator. For information on the use of your data by Adobe Typekit Web Fonts, please refer to https://typekit.com/ and the Adobe Typekit privacy policy: https://www.adobe.com/de/privacy/policies/typekit.html.
Storage duration:
We do not collect any personal data by integrating Adobe Typekit Web Fonts.
Third country transfer:
Adobe is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt0000000TNo9AAG&status=Active).
Provision required or necessary:
The provision of personal information is not required by law or contract. However, it cannot be provided without the correct display of the contents of standard fonts.
Plugin for multiple languages
We use the Polylang plug-in on our website to offer the website in different languages. This plug-in stores a cookie with the language selection of the user
Your rights as a data subject
Right of appeal to the competent supervisory authority
In the event of infringements of GDPR, data subjects have a right of appeal to a supervisory authority, in particular in the Member State of their main residence, their place of work or the place where the alleged infringement was committed. The right of appeal is without prejudice to other administrative or judicial remedies.
Right to data portability
You have the right to have data, which we process on the basis of your consent, provided to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another data controller, this will only take place as far as it is technically feasible.
Access, erasure and rectification
Within the framework of the applicable legal provisions, you shall have the right at any time and free of charge to obtain information about your stored personal data, its origin and recipients and the purpose of data processing, as well as the right to have this data erased. You can contact us at any time regarding this and other questions on the subject of personal data.