Privacy Policy
1. General information on data protection
1.1 Person responsible
ESBC — European Systemic Business Competences GmbH
Contact person: Ewald Wandas
Frankgasse 1/Top 3
1090 Vienna
Austria
Tel. +43/1/89 70 160
E‑mail: office@esbc.eu
1.2 Supervisory Authority as Complaints Authority
In the event of a complaint to be submitted by you via the esbc.eu website, the Data Protection Authority is the competent supervisory authority and can be contacted as follows:
Austrian Data Protection Authority
Barichgasse 40–42
1030 Vienna
Telephone: +43 1 52 152–0
E‑mail: dsb@dsb.gv.at
2. In general
What the terms used, such as “personal data” or their “processing” mean, can be found in Article 4 of the EU General Data Protection Regulation (GDPR).
3. types of data processed
- Inventory data (e.g., names, addresses).
- Contact data (e.g., email, phone numbers).
- Content data (e.g., text entries, photographs, videos).
- Usage data (e.g., web pages visited, interest in content, access times).
- Meta/communication data (e.g., device information, IP addresses).
4. Persons concerned
Visitors and users of the online offer (hereinafter we also refer to the data subjects collectively as “users”).
5. Purpose of processing
- Provision of the online offer, its functions and contents
- Answering contact requests and communication with users
- Security measures
- Reach measurement/marketing
6. Privacy Policy
We guarantee that your data will only be collected, processed, stored and used in connection with the handling of your inquiries and for internal purposes as well as to provide services requested by you or to make content available.
6.1 Basics of data processing
We process users’ personal data only in compliance with the relevant data protection regulations. The user’s data will only be processed if the following legal requirements are met:
- in order to provide contractual services (e.g. processing of orders) and online services
- processing is required by law
- with your consent
- on the basis of legitimate interests (i.e. interest in the analysis, optimization and economic operation and security of our online offer within the meaning of Art. 6 para. 1 lit. f. DSGVO, in particular in the case of coverage measurement, creation of profiles for advertising and marketing purposes, and collection of access data and use of third-party services).
We would like to show you where the above legal bases are regulated in the DSGVO:
Consent Art. 6 para. 1 lit. a. and Art. 7 DSGVO.
Processing for the fulfillment of our services and implementation of contractual measures: Art. 6 para. 1 lit. b. DSGVO
Processing for the fulfillment of our legal obligations: Art. 6 para. 1 lit. c. DSGVO
Processing for the protection of our legitimate interests: Art. 6 para. 1 lit. f. DSGVO
6.2 Data transfer to third parties
Data is only passed on to third parties within the framework of legal requirements. We only pass on users’ data to third parties if this is necessary, for example, for contractual purposes or on the basis of legitimate interests in the economic and effective operation of my business.
If we use subcontractors or other processors to provide services, we take appropriate legal precautions and technical and organizational measures to ensure the protection of personal data in accordance with the relevant legal provisions.
6.3 Data transfer to a third country or an international organization
Third countries are countries in which the GDPR is not directly applicable law. This basically includes all countries outside the EU or the European Economic Area.
A data transfer to a third country or international organization will only take place if it takes into account that appropriate/adequate safeguards are in place and that enforceable rights and effective remedies are available to you.
For a copy of the appropriate safeguards, please see the links below:
Privacy Shield: https://www.privacyshield.gov/list
Standard Contractual Clauses: http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2010:039:0005:0018:DE:PDF
6.4 Retention Period of Your Personal Data
We adhere to the principles of data minimization and data avoidance. This means that we only store the data you provide to us for as long as is necessary to fulfill the aforementioned purposes or as specified by the various storage periods provided for by law. If the respective purpose ceases to apply or after expiry of the corresponding periods, your data will be routinely blocked or deleted in accordance with the statutory provisions.
6.5 Rights of the data subjects
You have the right to request confirmation as to whether data in question is being processed and to information about this data, as well as further information and a copy of the data in accordance with Art. 15 DSGVO.
You have according to. Art. 16 DSGVO the right to request the completion of the data concerning you or the correction of incorrect data concerning you.
You have the right, in accordance with Art. 17 DSGVO, to demand that data concerning you be deleted without delay, or alternatively, in accordance with Art. 18 DSGVO, to demand restriction of the processing of the data.
You have the right to request that the data concerning you that you have provided to me be received in accordance with Art. 20 DSGVO and to request that it be transferred to other data controllers.
6.6 Right of revocation
You have the right to revoke given consents according to Art. 7 (3) DSGVO with effect for the future.
6.7 Right of objection
You may object to the future processing of data concerning you in accordance with Art. 21 DSGVO at any time. The objection can be made in particular against the processing for purposes of direct advertising.
6.8 Passing on data to e.g. courts and authorities
We take the rights of the injured parties very seriously in the event of misuse of our services. Upon court order, we will pass on data and information about users to the requesting authority. This also and especially applies if there is a reasonable suspicion of misuse of our services. Misuse is when applicable laws are violated. In such cases, the user expressly consents to the disclosure of his or her data to courts and authorities.
I would like to give you the legal basis for this:
Processing for compliance with a legal obligation: Art. 6 para. 1 lit. c. DSGVO
6.9 Protection of your personal data
We take contractual, organizational and technical security measures in accordance with the state of the art to ensure that the provisions of the Data Protection Act are complied with and thus to protect the data processed by me against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons.
The security measures include in particular the encrypted transmission of data between your browser and my server. For this purpose, a 256-bit SSL (AES 256) encryption technology is used. This includes your IP address.
In doing so, your personal data is protected within the scope of the following:
a) Maintaining the confidentiality of your personal data.
In order to maintain the confidentiality of your personal data stored with us, we have taken various measures to control access, access and access control.
b) Maintaining the integrity of your personal data
In order to maintain the integrity of your personal data stored with us, we have taken various measures to control disclosure and input.
c) Maintaining the availability of your personal data
In order to maintain the availability of your personal data stored with us, we have taken various measures for order and availability control.
The security measures in place are continuously improved in line with technological developments. Despite these precautions, due to the insecure nature of the Internet, we cannot guarantee the security of your data transmission to my online service. Due to this, any data transmission from you to my online offer is at your own risk.
6.10. Hosting and e‑mail dispatch
The hosting services we use serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, e‑mail dispatch, security services and technical maintenance services, which we use for the purpose of operating this online offer.
In doing so, we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta data and communication data of customers, interested parties and visitors of this online offer on the basis of our legitimate interests in an efficient and secure provision of this online offer pursuant to Art. 6 (1) lit. f DSGVO in conjunction with Art. 28 DSGVO. Art. 28 DSGVO (conclusion of order processing contract).
6.11. Contacting
If you contact us by e‑mail or via contact form, you agree to electronic communication. In the course of contacting us, personal data such as name and e‑mail address are collected. Your data will be transmitted SSL-encrypted. The information you provide will be stored exclusively for the purpose of processing the request and for possible follow-up questions.
We would like to inform you about the legal basis for this:
Processing for the fulfillment of our services and implementation of contractual measures: Art. 6 para. 1 lit. b. DSGVO
Processing for the protection of our legitimate interests: Art. 6 para. 1 lit. f. DSGVO
We would like to point out that e‑mails can be read or changed unauthorized and unnoticed on the transmission path. Furthermore, we would like to point out that we use software to filter unwanted e‑mails (spam filter). The spam filter can reject e‑mails if they have been falsely identified as spam by certain characteristics.
7. Cookies
Cookies” are small files that are stored on the user’s computer. Within the cookies, different information can be stored. A cookie is primarily used to store information about a user (or the device on which the cookie is stored) during or after his visit within an online offer. Temporary cookies, or “session cookies” or “transient cookies”, are cookies that are deleted after a user leaves an online offer and closes his or her browser. Such a cookie can store, for example, the contents of a shopping cart in an online store or a login status. Cookies that remain stored even after the browser is closed are referred to as “permanent” or “persistent”. For example, the login status can be stored if users visit them after several days. Likewise, the interests of users* can be stored in such a cookie, which is used for range measurement or marketing purposes. Third-party cookies” are cookies that are offered by providers other than the responsible party that operates the online offering (otherwise, if they are only its cookies, they are referred to as “first-party cookies”).
We use temporary and permanent cookies and explain this in the context of this privacy policy.
If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer.
7.1 Control of cookies by the user
A general objection to the use of cookies used for online marketing purposes can be declared for a large number of the services, especially in the case of tracking, via the U.S. site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/.
Browser cookies: You can set all browsers to accept cookies only on request. Also, only cookies whose pages are currently being visited can be accepted by setting. All browsers offer functions that allow the selective deletion of cookies. The acceptance of cookies can also be generally switched off, but then restrictions in the user-friendliness of this online offer may have to be accepted.
Flash cookies: Flash cookies are the (locally) stored settings of the Flash Player. However, these are not browser cookies, which are managed by the respective settings of the browser, but separately via the settings manager of the Flash Player. External link: www.macromedia.com/support/documentation/de/flashplayer/help/settings_manager03.html
7.1.1 Disabling or removing cookies (opt-out)
Every web browser offers options to restrict and delete cookies. For more information, visit the following websites:
Internet Explorer: http://windows.microsoft.com/en-GB/windows7/How-to-manage-cookies-in-Internet-Explorer‑9
Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer?redirectlocale=en-US&redirectslug=Cookies
Google Chrome: https://support.google.com/chrome/answer/95647?hl=en
Safari: https://support.apple.com/de-de/HT201265
7.2 Use of First-Party Cookies (Google Analytics)
We use Google Analytics, a web analysis service of Google LLC (“Google”), on the basis of our legitimate interest (i.e. interest in the analysis, optimization and economic operation of our online offer in terms of Art. 6 para. 1 lit. f. DSGVO) Google Analytics, a web analytics service provided by Google LLC (“Google”). Google uses cookies. The information generated by the cookie about the use of the online offer by the users is usually transmitted to a Google server in the USA and stored there.
Google is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Google will use this information on our behalf for the purpose of evaluating your use of our website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. In doing so, pseudonymous usage profiles of the users can be created from the processed data.
We only use Google Analytics with IP anonymization activated. This means that the IP address of users is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
The IP address transmitted by the user’s browser is not merged with other Google data. Users* can prevent the storage of cookies by setting their browser software accordingly; users can also prevent the collection of the data generated by the cookie and related to their use of the online offer to Google, as well as the processing of this data by Google, by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
For more information about Google’s use of data, settings and opt-out options, please refer to Google’s privacy policy (https://policies.google.com/technologies/ads) and the settings for the display of advertisements by Google (https://adssettings.google.com/authenticated).
The personal data of the users will be deleted after 14 months.