Wellpappe_10

Adatvédelmi szabályzat

We protect your privacy and your personal data. We only collect, process, and use your personal data (hereinafter shortened to “data”) in accordance with the provisions of the General Data Protection Regulation (GDPR) as well as all other applicable data protection regulations.

This privacy policy applies to the processing of your data by us both for the fulfilment of our services as well as, in particular, with view to our websites https://www.rondo-ganahl.com/de and https://lehre.rondo-ganahl.com/de  and online presence within external websites e.g. our social media channels (hereinafter jointly referred to as “online offer”).

Below we inform you on the type, scope, and purpose of our data collection as well as its use in accordance with the stipulations of the GDPR.

1. CONTACT DETAILS

If you have any questions or issues concerning the processing of your data, please contact us:

Ganahl Aktiengesellschaft
Rotfarbweg 5
A-6820 Frastanz
E-mail: datenschutz@rondo-ganahl.com
Telephone: +43 5522 51841 - 0
Website: https://www.rondo-ganahl.com

2. GENERAL

2.1. Data types and data categories

We collect and use your data only in so far as this is required for the provision of a functioning website as well as our content and services. We therefore only process the data which you, as the user of the website and/or as customer / potential customer, provide us with, for example in an enquiry, request or application or for the completion of an agreement.

The below data types may be processed by us or one of our services:

  • Master data (e.g., name and address)
  • Content data (e.g., text entries, photographs and videos)
  • Contact data (e.g., e-mail, telephone numbers)
  • Data associated with an enquiry or request
  • Meta/communication data (e.g., device information, IP address)
  • Usage data (e.g., viewed websites, content interest, viewing times)
  • Contract data (e.g., object of agreement, duration, customer category)
  • Application data (e.g., curriculum vitae, covering letter, references, contact details etc.)
     

Furthermore, we process the above-named data types of the below-named person categories:

  • Customers
  • Potential customers
  • Users (e.g., website visitors, online service users)
  • Business and contract partners
  • Communication partners
  • Suppliers
  • Applicants, prospective trainees
  • Contest and competition participants   

     

2.2. Purpose of processing

We process your data for the following purposes:

  • The provision of our website
  • The continuous optimisation and development of our website
  • The fulfilment of contractual services (contract agreement) and customer service
  • Replying to / processing of customer queries
  • The identification, prevention and investigation of attacks on our website
  • The compilation of user profiles (profiles with user-related information)
  • Reach measurement (e.g., viewing statistics, identification of returning visitors)
  • The completion of the electronic application process
     

There is no obligation to provide the requested data. However, failure to do so will mean that certain processes e.g., application processes, will be delayed or not possible. If data is required by law, this will be indicated separately.
 

2.3. Legal basis

The legal basis of data processing is:

  • Your consent: if we request your consent for processing, Article 6 Para. 1 lit a GDPR serves as the legal basis.
  • Contract fulfilment and or replying to pre-contractual enquiries (in accordance with Article 6 Para. 1 lit b GDPR). We require your data so that we can fulfil your enquiry as best as possible or contact you.
  • The fulfilment of a legal obligation of our company (in accordance with Article 6 Para. 1 lit c GDPR) whereby we forward your data to the authorities for example the tax office, health insurance companies or other public bodies.
  • The protection of a legitimate interest of our company (in accordance with Article 6 Para. 1 lit f GDPR). This includes marketing and advertising measures in general. As a customer of our services, we would like to keep you informed with news and offers involving our services and activities which is tailored to your needs. These activities are subject to a weighing up of interests and your basic rights and freedoms will not be affected.
     

2.4. Data deletion and storage duration

Your data is stored only for as long as is required to fulfil the above-named purposes.

Your data is, in all cases, stored for as long as is legally required or if legal claims exist which have not expired yet which require the data for their assertion or refusal.

3. FORWARDING OF DATA / DATA PROCESSING IN THIRD COUNTRIES

Your data is only forwarded by us to third parties if this is necessary for contract completion or for billing purposes or if you, as the website user and/or customer, have given your permission for this in accordance with Article 6 Para. 1 lit a GDPR.

Recipients of this data could include e.g., service providers assigned with IT-related tasks or providers of services and content included in a website. In such cases we ensure compliance with all legal stipulations and have agreements in place which serve the protection of your data with the recipients of your data.      

Data transfer to third countries (USA):

Some of the above recipients may be located or process your data outside your home country. The level of data protection in other countries may, in certain circumstances, not correspond to that of your home country. However, we only transfer your data to countries which are deemed by the EU Commission as having appropriate data protection levels or we ensure measures to guarantee that the recipients have an appropriate level. For this we agree, for example, standard contract clauses (EU 2021/914). These are available upon request (see contact details under section 1). You can find further information on third party providers used by us in sections 4., 5., 6. and 7.

4. PROVISION OF WEBSITE, LOG FILES AND PLUG-INS

4.1. Purpose of processing

We process your data for the provision of our website and for this purpose we process your IP address, which is necessary for transmitting the content and functions of our website to your browser or end device.

For the secure and efficient hosting of our website we employ the services of a web hosting company whose servers (servers managed by them) may be used to access our online offer. For these purposes we may also use infrastructure and platform services, computing capacity, storage space and data base services as well as security services and technical maintenance services.

Log files

Every time our website is viewed our system automatically collects data and information of the computer system of the viewer’s computer (server log files). Server log files may be used for security purposes e.g., to prevent a server being overloaded (in the case of improper attacks, so-called DDoS attacks) and to ensure server utilization and stability.

Hereby the following data is collected:

  • Information on browser type and the version used
  • Your operating system
  • Your internet service provider
  • Your IP address
  • Date and time website was viewed
  • Websites from which your system accessed our website
  • Websites viewed by your system via our website         
     

Plug-ins

Our online offer incorporates functions and content elements obtained from the servers of the respective providers (hereinafter referred to as “third party providers”). This may include e.g., graphics, videos, data transmission or city maps (hereinafter jointly referred to as “content”).

This incorporation requires the third parties of this content to process your IP address as they are otherwise unable to send the content to your browser without the IP address. Your IP address is therefore required for the depiction of this content or functions. We strive to use only such content if the providers of this only use the IP address for the provision of their content. Third party providers may also use so-called pixel tags (invisible graphics also known as “web beacons”) for statistical or marketing purposes. The pixel tags enable the evaluation of information such as visitor traffic on the pages of this website. The anonymised information may also be stored in cookies on your device and include technical information on the browser and operating system, linked websites, time the website was viewed as well as further details on the use of our online offer and be associated with such information from other sources.

We use the following services, among others:

•    Leaflet/OpenStreetMap (OpenStreetMap Foundation (OSMF) https://www.openstreetmap.de). We incorporate the “Leaflet” map of the “OpenStreetMap“ service, which is provided on the basis of the Open Data Commons Open Database License (ODbL) by the OpenStreetMap Foundation (OSMF). OpenStreetMap only uses your data for the depiction of the map functions and for the caching of the chosen settings. This data may include your IP addresses and location data although this will not be collected without their permission (usually within the settings of your mobile end devices). The privacy policy is available on: https://www.fossgis.de/datenschutzerkl%C3%A4rung/.

•    YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (https://www.youtube.com)). The website includes videos available on YouTube. The privacy policy is available on: https://policies.google.com/privacy.

4.2. Legal basis

The use of the above-named services as well as the plug-ins is based on Article 6 Para. 1 lit f GDPR. We have a legitimate interest in our website and online offer being presented as reliably as possible. If a corresponding permission has been requested, processing is based on Article 6 Para. 1 lit a GDPR.         

4.3. Duration of storage / refusal and removal option

Data is deleted as soon as it is no longer required for the purpose for which it was collected. In the case of data collection for the provision of the website this is no longer necessary once the session has ended. If data is stored in log-in files this is deleted after 30 days. Data is not stored beyond this purpose. In this case, your IP address is deleted.

The collection of data for the provision of the website and the storage of the data in the log files is essential for the operation of the website. In this case you, as user, are therefore unable to object to this.

5. COOKIES – CONSENT MANAGEMENT

5.1. Purpose of processing

To offer you the best possible online experience, our website uses cookies. Cookies are text files/storage elements which store information on end devices and read information from end devices. Cookies may also be used for various other purposes e.g. for function ability, security and the convenience of online offers as well as the compilation of analyses on visitor flow.

We use cookies in accordance with all legal requirements and therefore request your consent unless this is not required by law. Consent is also not required if the storage and reading of the information, also of cookies, is required to provide you with the requested online offer. The consent may be withdrawn at any time and is communicated clearly to you and incorporates information on the relevant use of cookies.          
 

With view to functions we use the following types of cookies:

  • Technical (also: essential or required) cookies
  • Marketing and analysis (also: non-essential) cookies


With view to the duration of their storage we use the following types of cookies:

  • Temporary cookies (also: session cookies): Temporary cookies are deleted at the latest after you have exited the online offer and your browser has closed.
  • Permanent cookies: Permanent cookies remain stored on your computer even after you have closed your browser. In this way the log-in status may be stored or your preferred content directly displayed if you visit a website again. Your interests, which are also used for reach measuring or marketing purposes, may also be stored in such a cookie.          
     

Cookie consent management

We use a process for cookie consent management for the collection of your consent concerning the use of cookies / processing which occurs within the framework of cookie consent management whereby you may also manage and cancel your consent. Hereby the consent declaration is saved so that this does not need to be requested again and to provide evidence of consent in accordance with legal obligations. This storage may occur in a server and/or in a cookie (so called opt-in cookies / with the aid of similar technologies) to be able to ascribe the consent of a user and their device. Subject to the individual details of the providers of cookie management services the following applies: consent may be saved for up to two years. Hereby an anonymised user identifier is created and stored with the time the consent was given, details on the reach of consent (e.g., which categories of cookies and/or service providers) as well as the browser, system and end device.

For cookie consent management we use a service of CookieHub, CookieHub ehf, Hafnargata 55, 230 Reykjanesbær, Iceland (https://www.cookiehub.com/). Their privacy policy is available here: https://www.cookiehub.com/privacy-policy.

A detailed list of all cookies used can be taken from the enclosed "Cookies overview". On the homepage, the cookies can be taken from the settings at the bottom left of the screen.

5.2. Legal basis

The legal basis for the processing of your data with the use of cookies which are technically necessary is Article 6 Para. 1 lit f GDPR. If permission for this has been requested e.g., as is the case for the use of analysis cookies, processing occurs solely based on Article 6 Para. 1 lit a GDPR.

5.3. Duration of storage / refusal and removal option

Cookies are stored on your computer which transmits them to our website. You, as user, therefore have full control on how the cookies are used.

Irrespective of whether processing occurs based on your permission or legal authorisation, you may withdraw your consent at any time or object to the processing of your data through cookie technologies (jointly referred to as “opt out”). You may initially refuse the use of cookies by means of your browser settings e.g., deactivate the use of cookies. You may also object to the use of cookies for online marketing purposes using a variety of services particularly in the case of tracking, such as websites http://optout.aboutads.info and http://www.youronlinechoices.com/. You may also receive further information on refusing the use of cookies in the details of the service providers and cookies used.

If cookies are deactivated for our website this may mean that it will no longer be possible to fully use all website functions. 

6. WEB ANALYSIS

6.1. Purpose of processing

Web analysis (also described as “reach measurement”) evaluates website visitor flow and can include information relating to user behaviour and interests and demographics e.g., age or gender which is recorded as anonymised values. With the aid of reach analysis, we can e.g., identify at what time our website or its functions and content are most frequently used or re-used. We can also identify areas in need of optimisation. This helps us to continuously improve our website and its user-friendliness.

Alongside web analysis we may also use test procedures e.g., for the testing and optimisation of various versions of our website or its components.

Unless stated otherwise below, profiles, summarised data on a usage procedure, may be created for this purpose and information stored in a browser or end device and read out from this. The information collected may, for example, include visited websites and elements used here as well as technical details such as the browser and computer system used and details of usage times. If you have given us, or a service provider used by us, permission for the collection of your location data, your location data will also be processed.

Your IP address will be saved whereby we use an IP masking procedure (anonymisation by shortening the IP address) to protect your privacy. In general, web analysis, A/B testing and optimisation does not store any of your person-related data (e.g., e-mail address or name) but, instead, pseudonyms. This means that we as well as the providers of the software used do not know your actual identity, only details stored in profiles for the purposes of the respective procedures.

We use the following analysis tool:

Matomo (InnoCraft, 7 Waterloo Quay PO625, 6140 Wellington, New Zealand (https://matomo.org/)). Matomo involves open-source software. The use of Matomo creates cookies which are stored on your end device. The data collected using Matomo is only processed by us and not shared with third parties. The Matomo privacy policy is available here: https://matomo.org/privacy-policy/?footer. Hereby the software only operates on our website’s servers and your data is only stored here. The data is not forwarded to third parties (Matomo).

6.2. Legal basis

The legal basis for the processing of your data is your permission in accordance with Article 6 Para. 1 lit a GDPR.

6.3. Duration of storage

The data is deleted as soon as it is no longer required for our documentation. The refusal options for the respective services are stated above.  

Matomo’s cookies are stored for a maximum of 13 months (https://matomo.org/faq/general/faq_146/).

7. SOCIAL MEDIA

7.1. Purpose of processing

We also maintain  online presences within social networks in order to communicate with our customers, who use these or to inform users here about us and our offers.

Our website includes links to the following social media platforms:

  • Instagram of Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (https://www.instagram.com);
  • Facebook of Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (https://www.facebook.com);
  • LinkedIn of LinkedIn Irland Unlimited Company, Wilton Plaza Wilton Place, Dublin 2, Ireland (https://www.linkedin.com/); as well as
  • YouTube of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (www.youtube.com)
     

We can view and process the following data which you enter on the platforms:

  • Master data (e.g., name and address)
  • Contact details (e.g., e-mail and telephone numbers)
  • Content data (e.g., text entries, photographs, and videos)
  • Usage data (websites visited, interest in content, viewing times)
  • Meta/communication data (e.g., device information, IP addresses)

Furthermore, your data within social networks is also used for marketing and advertising purposes. In this way, usage profiles may, for example, be created using your usage patterns and interests which can be derived from this. The usage profiles may, in turn, be used e.g., for the display of advertisements which correspond to your interests within and outside the networks.

For this purpose, cookies are stored on your computer. Data may also be stored in the usage profiles irrespective of your used devices (if you are a member of the platforms and are logged in here).

7.2. Legal basis

The legal basis for the processing of your data is our legitimate interest in accordance with Article 6 Para. 1 lit f GDPR.

7.3. Duration of storage / refusal and deletion option

For detailed information concerning the respective forms of processing, duration of storage and ways to object (opt out) please see the privacy policies and details of the network operators:

8. ONLINE APPLICATIONS / TRAINEE POSITIONS

8.1. Purpose of processing

Our website (https://www.rondo-ganahl.com/de) includes an online application form which can be used for the application process. You may also use our trainee website (https://lehre.rondo-ganahl.com/de) to apply for a traineeship with our company. For this purpose, if you apply you will send us your data and documents using the designated forms. The following data is collected:

  • Work-related details (preferred location, area of work and working hours)
  • (Choice of trainee position)
  • Personal details (e.g., name, address, e-mail, telephone number, date of birth, place of birth, nationality, gender, marital status, whether you are on military or community service, whether you have children or not etc)
  • Driving license details
  • Form for sending us a message (optional)
  • Application documents (CV, covering letter, references)
     

By sending your application, the following data is also stored:

  • Your IP address
  • Date and time the page was viewed
  • Identification of mobile device
  • Web browser data (name, version, settings)
  • Operating system of your PC or notebook

The processing of the application data serves the application process, the use of the received applications also in the future in the case of potential employment and HR planning and HR management purposes including finding suitable employees for vacancies as well as the planning and management of abilities of potential employees.

8.2. Legal basis

By sending your application your permission is requested in advance in accordance with Article 6 Para. 1 lit a GDPR with reference to this privacy policy. Your permission for the processing of your data for the keeping of records/evidence is requested in a separate process (Article 6 Para. 1 lit a GDPR).

We also process the above-named data based on our legitimate interest in accordance with Article 6 Para. 1 lit f GDPR which involves being able to guarantee an efficient application process and optimum recruitment for vacancies.

8.3. Duration of storage

The data is deleted as soon as it is no longer required for the purpose for which it was collected, in this case as soon as the application process is completed and at the latest after 7 months unless you have given us permission to keep your data for longer (for future reference).

9. YOUR RIGHTS

If your data is processed you are an affected person in accordance with the GDPR and have the following rights with us as the responsible party:

Right to information

You have the right to request confirmation on whether your data has been processed and information about the data as well as further information on and a copy of the data in accordance with legal provisions.

Right to rectification

In accordance with legal provisions, you have the right to request completion or rectification of your data.

Right to erasure and restriction of processing

In accordance with legal provisions, you have the right to request the erasure of your personal data and/or the restricted processing of your data in accordance with the statutory provisions.

Right to data portability

You have the right in accordance with legal provisions to receive your personal data in a structured, commonly used, and machine-readable format or request the transmission of this to another controller.

Right to object

You have the right for reasons relating to your own personal situation, to object to the processing of your data at any time in accordance with Article 6 Para. 1 lit e or f GDPR. This also applies to a profiling based on these terms. If your personal data is being processed for direct marketing you have the right to object to this processing at any time. This also applies to the profiling in so far as this is associated with such direct marketing.

Right of withdrawal of consent

You have the right to withdraw your consent at any time (with effect for the future). The withdrawal of your consent does not affect the legitimacy of the processing based on your consent which has occurred up until the time of withdrawal of this consent.

Right to complain to the regulating authority

Irrespective of a further judicial remedy, you have the right to complain to the regulating authority if you think that the processing of your data is not compliant with the GDPR. The relevant regulating authority is the Data Protection Authority, Barichgasse 40 - 42, 1030 Vienna, Tel: +43/1-52 152-0, E-Mail: dsb@dsb.gv.at.

The data protection authority will inform you on the status and outcome of your complaint including the possibility of judicial remedy.

10. AMENDS AND UPDATES

Please check the contents of our privacy policy regularly. Our privacy policy is updated as soon as there are any changes to our data processing. We will inform you as soon as any changes require your assistance (e.g., permission) or a further individual notification.

Frastanz, May 2023

Updated on 23.05.2023

Summary of Cookies (appendix 5.1.)

Summary of Cookies

Summary of Cookies

Aktualizálva, dátum: 14. 08. 2023

Kapcsolat

Az adatvédelmi tisztviselői feladatokat a
Madarassy Ügyvédi Iroda látja el.

Rondo Hullámakartongyártó Kft. T +36 1 289 2300
Vegye fel velünk a kapcsolatot
Madarassy Ügyvédi Iroda T +36 1 786 2003
Vegye fel velünk a kapcsolatot