Protecting your privacy is very important to us.
Below, we provide you with information about the concrete measures we take to protect your personal data on our website.
Information about how your data is processed in compliance with Articles 13 and 14 of the General Data Protection Regulation (GDPR)
2. What data is processed and what are the sources of this data?
We process the personally identifiable data received from you for the purpose of establishing and conducting business relations with you. Furthermore, we process data we have received from publicly accessible sources (e.g. commercial registries, association registries, land registry, media) as well as other trustworthy businesses with whom we have a sustained business relationship.
Personally identifiable data includes:
- Master data/contact data such as: first and last names, title, address, contact information (email address, telephone number, fax), date of birth, data pertaining to identity documents which have been presented (copy of IDs), bank data, company name, commercial registry number, VAT number, corporate number, address, POC contact data (email address, telephone number, fax), bank data
- Furthermore, we utilize the following miscellaneous personally identifiable information: information pertaining to the nature and substance of our business relationship such as contractual data, order data, sales and invoicing data, customer and supplier history, consultation documents, supporting data (e.g. minutes of meetings), photo data, information pertaining to electronic correspondence with Stocker Ges.m.b.H (e.g. IP address, login data), as well as miscellaneous data we have received from you within the framework of our business relationship.
3. For what purposes and upon what legal foundation is your data processed?
We process your personally identifiable data in accordance with the provisions of the General Data Protection Regulation as well as the Austrian Data Privacy Act, each in their most current form:
- if required by statute (the code governing cooperatives, banking regulations, the commercial code or federal fiscal codes)
- to safeguard legitimate interests (Art 6 Par 1 lit. f GDPR):
In order to balance interests, data processing may continue beyond the actual fulfillment of the contract in order to safeguard the legitimate interests either of ourselves or third parties. Whatever the case, in the following circumstances data will be processed in order to safeguard legitimate interests:
- video surveillance of publicly accessible spaces in order to protect employees and visitors
- measures intended for the purposes of managing and promoting ongoing development of services
- maintenance of an officers- and information database as part of our membership service
- measures intended to protect Stocker Ges.m.b.H from behavior in breach of contract or the law, e.g. access controls
- within the scope of asserting, exercising or defending legal claims
- within the framework of your expressed permission (Art 6 Par 1 lit.a GDPR):
If you have granted us your permission to process your personally identifiable data, said data will only be processed in accordance with the purposes for which the permission was granted and to the stipulated extent. Such permission may be revoked at any time, also with future effect, e.g. pertaining to the sending of our newsletter or the sharing of data with third parties. In order to do so, please refer to the mailing address provided in Point 1.
4. Who receives my data?
Even when we hire a contractor, we remain responsible for the protection of your data. All contractors are contractually obligated to treat your data in the strictest confidence and only process it within the scope of providing services. The contractors we hire receive your data insofar as this data is necessary for the provision of their services. These are IT professionals whom we require for the operation and security of our IT system.
Pursuant to presentation of a legal order or within the scope of judicial measures, public authorities and courts as well as external auditors may be recipients of your personally identifiable data.
Furthermore, for the purpose of fulfilling contractual obligations, insurance companies, banks, lawyers and tax consultants as well as service providers may be recipients of your personally identifiable data.
5. How long is my data stored?
We process your personally identifiable data until termination of our business relationship or until expiration of applicable warranty periods, statutes of limitation as well as legal retention periods (as potentially required by the commercial code, fiscal code etc.); furthermore, until resolution of any and all legal disputes for which such data may be required as evidence.
6. What data protection rights do I have?
At any time, you have the right to receive information about the data we have stored, as well as to have such data corrected, deleted or the processing thereof restricted. Furthermore, you have a right to object to the processing of this data as well as a right to require this information be transferred, and the right to lodge a complaint in accordance with the provisions of applicable data privacy laws.
6.1 Right to information
You can require us to provide you with information as to whether, and to what extent we process your data.
6.2 Right to correction
If we process personally identifiable data about you that is either incomplete or inaccurate, you have the right at any time to demand that such data is corrected or completed.
6.3 Right to deletion
You can demand that we delete your personally identifiable data, insofar as we have collected such data unlawfully or the processing thereof intrudes excessively upon the privacy interests to which you are entitled. Please note that there may be reasons that hinder immediate deletion, e.g. in the case of legally stipulated retention obligations.
6.4 A right to restrict the processing of data
You may demand that we restrict the processing of your data, if
- you dispute the accuracy of such data, for such time as it takes us to determine the accuracy of this data,
- the processing of this data is unlawful, though you decline to have this data deleted and, instead, require us to restrict the use of said data,
- we no longer require the data for the intended purpose, whereas you require this data in order to assert or defend legal claims, or
- you have lodged an official objection to the processing of your data.
6.5 Right to data transferability
You may demand that we make available the data you have provided to us in a clearly structured, current and machine-readable format and that you be allowed to transmit this data to another responsible party without any impediment on our part, insofar as
- we are processing this data based upon the revocable permission you have granted us, or in order to fulfill a contract between us, and
- this processing is conducted with the aid of automated processes.
- If it is technically feasible, you may require us to transmit your data to another responsible party directly.
6.6 Right of refusal
If we process your data based upon legitimate interest, you have the right to object at any time to the processing of this data for reasons rooted in your special situation; this also applies to profiling within the scope of these provisions. In that case, we will no longer process your data, other than if we can demonstrate compelling, legitimate reasons for the continued processing thereof that outweigh your interests, rights and liberties, or if the processing thereof serves the assertion, exercise or defense of legal claims. You may object to the processing of your data for the purposes of direct advertising at any time and without any requirement to provide reasons.
6.7 Right to lodge a complaint
If you are of the opinion that our processing of your data violates Austrian or European data privacy laws, we urge you to get in touch with us in order to clarify any and all questions. Naturally, you also have the right to lodge a complaint with the Austrian Data Protection Office, Wickenburggasse 8, 1080 Wien, or with any oversight authority within the EU.
7. With whom may I assert these rights?
Insofar as you wish to assert one of the aforementioned rights, you may contact us using the address provided in Point 1. Should there be any doubt, we may request additional information to confirm your identity. This is intended to protect your rights as well as your privacy.
8. Am I required to provide information?
The processing of personally identifiable data is required in order for us to enter into and fulfill a contract. If you do not make this data available to us, in general we will have to refuse to enter into the contract or fulfill the contract or will be unable to fulfill an existing contract and will thus have to terminate it. However, you are not obligated, with respect to data which is not relevant to the fulfillment of the contract or not legally required, to grant us permission to process such data.
9. Do you conduct profiling?
“Profiling” is a kind of automated processing of person-specific data which involves using such data in order to evaluate personal aspects pertaining to natural persons, in particular in order to analyze or predict work performance, economic circumstances, health, personal preferences, interests, reliability, behavior, place of residence or relocation of said persons. No such form of automated decision-making, including profiling, takes place as defined by GDPR.
10. Is personally identifiable data transmitted to outside countries or is such transmission planned?
Fundamentally, we do not transfer any data to outside countries. Only in isolated cases may this occur pursuant to a determination of appropriateness from the European Commission, standard contractual clauses, guarantees to that effect or expressed permission.
11. Application data
If you send us your application, your application data will only made accessible to those authorized persons who are involved with the application process. Your application data will be stored for a maximum of nine months, also in order to be able to offer you alternate positions if appropriate.
12. Cookies and Tracking Tools
12.2 Tracking Tools and Traffic Analysis
On our website, we use analysis tools in order to collect general information about the usage behavior of our visitors. This includes pages that were visited, length of session, referring pages as well as general information about your computer system and operating system, screen resolution, type of browser etc. All data collected is anonymized and cannot be correlated with any specific person. If you do not agree with this anonymized collection of your usage behavior, you can prevent this from happening by deactivating cookies in your browser.
Without your expressed permission, we will not use tracking tools in order to surreptitiously
- collect your personal data,
- transfer such data to third parties or marketing platforms, or
- correlate such data with your personal information (name, address etc.).
Our website uses Matomo, an Open-Source-Software for analysing page views. Matomo uses “Cookies” (see above). All information gained through Cookies are saved on servers in France and are immediately anonymised. Users can block Cookies using Third-Party-Applications or changing their Browsers settings accordingly. We would like to remind you that in doing so, certain features requiring this information may not be available.