Sichere Automation seit 1982
+ 43 1 2782555 office@contra.at
Language
EN
  • Sign In
My Cart

Privacy Policy

As part of the operation of our website, we process, transfer and store personal data within the meaning of the GDPR (hereinafter simply referred to as data). In this privacy policy on our website, we explain in detail which data we process and store, how, to what extent and for how long, why and on what legal basis.

Responsible

contra Elektronische Bauelemente Vertriebsgesellschaft mbH
Autokaderstraße 104
A-1210 Wien
Telefon: +43 1 278 25 55-0
Telefax: +43 1 278 25 58
office@contra.at

Which personal data do we process?

  • Contact data such as names, addresses, e-mail, telephone numbers, etc., which you provide to us in connection with enquiries, interest in our services and products and in the context of business relationships with us.
  • Content data such as photos, text contributions, comments,
    sketches, drawings
  • Technical data relating to the website such as access numbers, duration and times, pages that visitors have visited on this website
  • So-called metadata such as information about the web browser, the end device (PC, smartphone, etc.) and also the IP address of the visitor

Why do we process data?

  • The operation and proper functioning of this website technically requires at least the processing of your IP address at the time of your visit. According to the GDPR, the IP address is considered personal data.
  • Communication with you (e.g. contacting, commenting, ordering) requires, for example, the processing of personal data such as e-mail address, name and postal address
  • In order to ensure the protection of the website, e.g. against misuse, attacks, hacking, etc., the processing of IP addresses as part of security measures is technically indispensable

Terms

Legal texts always require clarification of terms. That is why we will first list here what the GDPR understands by certain terms:

Personal data is data that can be used to identify a specific (natural) person or that can at least be used to draw clear conclusions about a person's identity. This may include not only name, address, date of birth or email address, but also photos, location data, devices used, data traces such as cookies (see below), purchases, appearance, behaviour, friends, gender and much more.

Data subjects within the meaning of the GDPR are therefore all visitors to our website whose personal data we may collect, transfer, store or process. In the following, we will simply refer to them as users.

The controller within the meaning of the GDPR is the person who is responsible for the processing of personal data either as an individual or as part of a company or an authority

Processing within the meaning of the GDPR includes practically everything that can be done with data: Collecting, transferring, storing, encrypting and decrypting, comparing, copying, editing, processing, networking, deleting. In this declaration, processing only refers to personal data.

For the purposes of the GDPR, a data processor is a company (usually a company such as a web hosting provider) that processes personal data on behalf of the controller.

Pseudonymisation within the meaning of the GDPR is the de-identification of data in relation to a specific person. This means that such personal data can still be used for certain purposes (e.g. statistics), but can no longer be easily assigned to a specific person. According to the GDPR, it must be ensured that this reference to a specific person cannot be re-established in a roundabout way and through technical measures.

On what legal basis do we process data?

Art. 13 of the GDPR requires us to explain what we do with personal data and why we have what right to do so. The bases for this are:

  • The consent of the data subject to the processing of their personal data (GDPR, Art. 6 para. 1 lit. a and Art. 7)
  • The fulfilment of a contract, pre-contractual measures or responses to enquiries (GDPR, Art. 6 para. 1 lit. b)
  • The fulfilment of legal obligations (GDPR, Art. 6 para. 1 lit. c)
  • Legitimate interests on our part according to GDPR Art. 6 para. 1 lit. f.

Rights of affected persons

Data subjects within the meaning of the GDPR mentioned above have a right to information as to whether and what personal data is being processed (GDPR, Art. 15). They also have the right to request the correction of incorrect data (GDPR, Art. 16). This also includes the right to erasure of personal data in accordance with Art. 17 GDPR. You can also request a restriction on the processing of your data (GDPR, Art. 18).

Furthermore, data subjects have the right to data portability in order to provide their data to other controllers
(GDPR, Art. 20).

Cancellation and objection

Once consent to the processing of personal data has been given in accordance with Art. 7 GDPR, it can be revoked in accordance with Art. 7 para. 3 GDPR. If there was no consent but other legal bases (e.g. according to GDPR Art. 6), the processing can be objected to according to Art. 21 GDPR.

Finally, data subjects have the right to lodge a complaint with the data protection authority in accordance with Art. 77 GDPR.

When do we delete data?

As soon as we no longer need data for our purposes or if this is necessary or requested in accordance with Art. 17 and 18 GDPR, we delete it. If statutory retention and storage regulations do not permit this, we do not erase the data, but only restrict its processing (blocking its use).

Order data processing

Because we, like most other website operators, do not operate the technical infrastructure (web server) ourselves, but use a service provider for this purpose, the processing of personal data affects not only us, but also third parties. The same also applies to payment service providers, for example. This is done on the basis of contract fulfilment (GDPR, Art. 6 para. 1 lit. b), the consent of the data subject or a legal obligation.

In the case of our website, we transmit data to third parties in the case of the web hosting service provider (provider) on whose infrastructure this website is technically operated. For this purpose, we have concluded a corresponding agreement for commissioned data processing with our service provider on the basis of Art. 28 GDPR, with which the service provider contractually assures us of compliance with all regulations under the GDPR.

Web server and e-Mail

We use various (security) technical and infrastructural services and services from our hosting service provider to ensure the secure and smooth operation of this website. This also concerns the sending and receiving of emails.

Together with the provider, we process the aforementioned data on the legal basis of our legitimate interest in the efficient and secure provision of this website (GDPR, Art. 6 para. 1 lit. F). This is also done on the legal basis of the above-mentioned contract for commissioned data processing that we have concluded with the provider (GDPR, Art. 28).

On the basis of our legitimate interests (GDPR, Art. 6 para. 1 lit. F), we send information e-mails to invite our customers and interested parties to trade fairs and seminars in the field of automation and security technology and to inform them about the latest solutions. We do not maintain an automated mailing system. If you no longer wish to receive these info mails, you can unsubscribe at any time by sending us a short, informal message. We will also inform you of this option in every info mail.

Access data and log files

Our provider collects data on the legal basis of our common legitimate interests within the meaning of Art. 6 para. 1 lit. f. GDPR. GDPR, our provider collects data about every access to the content stored on the server on which this website is operated. The access data recorded in the log files include the web address of the delivered page of this website, the file name, access time, date and size, status information on transmission and delivery of the file, the name and version of the browser used, the operating system platform and version of the visitor, the address of the referring page, the IP address of the user and their provider.

These log files are stored for a period of 14 days, e.g. to investigate cases of misuse, fraud or attacks such as DDoS attacks (or attempts or suspicion thereof), copyright infringements, etc., and then deleted. If it is necessary to store data for longer to secure evidence, it will not be deleted.

This is also done, among other things, on the legal basis of the above-mentioned contract for commissioned data processing that we have concluded with the provider (GDPR, Art. 28).

TLS encryption with https

We use the https protocol to securely transmit all data to and from our website. By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data. You can recognise this protection of data transmission by the small (usually green) lock symbol on the left in the address input bar of the browser and the beginning of our web address with the protocol designation https.

Cookies

Cookies are small files that are stored on users' computers. Different information can be stored within the cookies. A cookie is primarily used to store information about a user (or the device on which the cookie is stored) during or after their visit to an online service. Temporary cookies, or session cookies or transient cookies, are cookies that are deleted after a user leaves an online service and closes their browser. The content of a shopping basket in an online shop or a login status, for example, can be stored in such a cookie. Permanent or persistent cookies are cookies that remain stored even after the browser is closed. For example, the login status can be saved if the user visits the website after several days. The interests of users can also be stored in such a cookie and used for reach measurement or marketing purposes. Third-party cookies are cookies that are offered by providers other than the person responsible for operating the online service (otherwise, if they are only their cookies, they are referred to as first-party cookies).

We only use temporary first party cookies that are necessary for the proper technical functioning of our website.

If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Saved cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions of this online offer.

Google Analytics

On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR), we use Google Analytics, a web analysis service of Google LLC (hereinafter referred to as "Google"). GDPR) Google Analytics, a web analytics service provided by Google LLC (hereinafter referred to as "Google"). Google uses cookies. The information generated by the cookie about the use of the online offer by the user is usually transmitted to a Google server in the USA and stored there.

Google is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law. We have also concluded a direct customer agreement with Google for the use of Google Analytics by accepting the "Data Processing Addendum" in Google Analytics. You can find out more about the data processing addendum for Google Analytics here.

Google will use this information on our behalf to analyse the use of our online offer by users, to compile reports on the activities within this online offer and to provide us with further services associated with the use of this online offer and the use of the Internet. Pseudonymised user profiles can be created from the processed data.

We only use Google Analytics with activated IP anonymisation. This means that the IP address of users is truncated by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area (deletion of the last quarter of the IP address).

The IP address transmitted by the user's browser will not be merged with other Google data. Users can prevent the storage of cookies by setting their browser software accordingly; users can also prevent Google from collecting the data generated by the cookie and relating to their use of the online offer and from processing this data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

Further information on the use of data by Google, setting and objection options, can be found in Google's privacy policy and in the settings for the display of advertisements by Google .

Users' personal data is deleted or anonymised after 14 months.

For this commissioned data processing of data from our website, we have concluded the "Data Processing Addendum" with Google on the basis of Art. 28 GDPR.

YouTube

Videos may be embedded on our website that are provided by the YouTube platform (service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) are made available for playback. With regard to YouTube, the following information and setting options regulate the processing of data by YouTube: Google privacy policy, information on the "Privacy Shield" (GDPR-compliant data protection level for US data processing), opt-out options and on adverts in YouTube videos. We provide videos on our website in "privacy-enhanced" mode, which prevents YouTube from setting cookies in your browser.

Utilisation of SalesViewer® technology:

This website uses SalesViewer® technology from SalesViewer® GmbH to collect and store data for marketing, market research and optimisation purposes on the basis of the website operator's legitimate interests (Art. 6(1)(f) GDPR).

For this purpose, a javascript-based code is used to collect company-related data and the corresponding use. The data collected using this technology is encrypted using a non-reversible one-way function (known as hashing). The data is immediately pseudonymised and is not used to personally identify the visitor to this website.

The data stored by Salesviewer is deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations.

You can object to the collection and storage of data at any time with effect for the future by clicking on this link https://www.salesviewer.com/opt-out to prevent the collection by SalesViewer® within this website in the future. An opt-out cookie for this website will be stored on your device. If you delete your cookies in this browser, you must click on this link again.