“Umdasch” (Umdasch Group AG, Josef Umdasch Platz 1, 3300 Amstetten, Austria; controller pursuant to GDPR) takes the protection of personal data seriously. For this reason, Umdasch naturally processes personal data in accordance with the requirements of applicable legal provisions, in particular in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR”), the Austrian Data Protection Act (“DSG”) and the Austrian Telecommunications Act 2021 (“TKG 2021”).

“Personal data” means any information relating to an identified or identifiable natural person, such as name, address, e-mail address and IP address.

The purpose of this statement is to inform the visitor (hereinafter also referred to as “you”, “you”, “your” or “yours”) about the purpose and scope of the processing of personal data on the “website”.

www.umdaschgroup.com
umdaschgroup.com

When you use our website, we collect your personal data in various ways: Either the data is provided to us directly by you or we collect the data through applications in the background.

If you contact us via our contact details or via our contact form, we process the personal data you provide (name, telephone number, e-mail and message content). We process this data in order to be able to answer your inquiry and therefore on the basis of our or your overriding legitimate interests in a service-oriented response (Art. 6 para. 1 lit. f GDPR) or to fulfil (pre-)contractual obligations (Art. 6 para. 1 lit. b GDPR).

We use the reCAPTCHA service of Google Inc (Google), which acts as a processor for us, to protect your requests via the Internet form. The query serves to distinguish whether the input is made by a human or abusively by automated, machine processing. The query includes sending the IP address and any other data required by Google for the reCAPTCHA service to Google. For this purpose, your input is transmitted to Google and used there. However, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. Google will use this information on behalf of the operator of this app to evaluate your use of this service.

Your personal data may therefore also be processed outside the European Union (EU) or the European Economic Area (EEA), namely in the USA. There is an adequacy decision by the EU Commission for the USA. The data recipient is self-certified and listed in the Data Privacy Framework list.

Your data is processed on the basis of our legitimate interest in ensuring that our website and forms are not misused by bots or other automated applications. (Art 6 para 1 lit f GDPR)

To ensure your cookie settings, we use the CookieBot service of the company Usercentrics A/S, which acts as a processor for us. The application allows your consent and your personal cookie settings to be stored and retrieved when you visit the website again. We process your consent decision on the basis of our legitimate interest in complying with the legal requirements of the GDPR and also to be able to prove consent to the activation of cookies accordingly. (Art 6 para 1 lit f GDPR)

We use cookies and other tracking tools to make our website user-friendly and needs-oriented. For better readability, these technologies are collectively referred to as cookies below. There are cookies that are activated without your consent because they are technically necessary for us to provide our services (“strictly necessary cookies” pursuant to Section 165 (3) TKG 2021). These cookies are therefore necessary for the functioning of the website and we therefore process your data concerned on the basis of our legitimate interest in being able to provide you with a functioning and secure website (Section 6 (1) (f) GDPR). Furthermore, we use cookies that require your express voluntary consent (Section 165 (3) TKG 2021 in conjunction with Art. 6 (1) (a) GDPR) before they can be used on your end device.
Some of the services used are third-party providers based outside the EU or outside the EEA. If there is no adequacy decision for the country in accordance with Art 45 (3) GDPR and no other suitable guarantees in accordance with Art 46 GDPR (i.e. no level of data protection equivalent to the EU), data will only be transferred to this country if you have given your express voluntary consent in advance (Art 49 (1) (a) GDPR in conjunction with Art 6 (1) (a) GDPR). You can revoke your consent at any time without reason with effect for the future, in particular via the “Cookie settings” button:

You can also adjust your cookie preferences in the cookie settings of your browser.

Transient cookies:

Transient cookies are automatically deleted when you close your browser. These include session cookies in particular. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your computer to be recognized when you return to our website. These session cookies are deleted when you close the browser.

Persistent cookies:

Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. However, you can delete the cookies yourself at any time in your browser settings. They contribute to user-friendliness (e.g. location-appropriate display of content) and are used to analyze the website (see “Google Analytics”). In addition, integrated plug-ins (see below) use cookies to perform their services.

The following cookies are generally set on the website:

Necessary cookies:

These cookies are necessary for the normal functioning of the website and we therefore process your data concerned on the basis of our legitimate interest in being able to provide you with a functioning website in accordance with Section 6 (1) (f) GDPR.

We use all other cookies on our website exclusively on the basis of your prior express consent in accordance with Art. 6 para. 1 lit. a GDPR in conjunction with § 165 para. 3 TKG. You can generally give your consent the first time you visit our website by clicking on the yellow “Yes, accept all cookies” button. If you do not make a selection or click on the gray “Advanced cookie setting” button, no cookies requiring consent will be set. You can change or revoke your preferences via the “Cookie banner” and the “Cookies” button in the footer at any time without giving reasons, free of charge and with effect for the future. You can also reject or delete cookies via your browser settings.

Provider:
Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043 USA (“Google”)

Application:
Google Analytics

Description:
This website uses Google Analytics, a web analytics service provided by Google Inc (“Google”). The information collected by the cookies used by this application, for example about the time, place and frequency of your use of this website, is generally transmitted to a Google server in the USA and stored there. When using Google Analytics, it cannot be ruled out that the cookies set by Google Analytics may also collect other personal data in addition to the IP address.

Google will use the information generated by cookies on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. According to Google, the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

In order to ensure the best possible protection of your personal data, Google Analytics has been extended on this website by the code “anonymizeIP”. This code causes the last 8 bits of the IP addresses to be deleted and your IP address to be recorded anonymously (so-called IP masking). Your IP address will be shortened by Google before transmission within member states of the European Union or in other contracting states of the Agreement on the European Economic Area and thus anonymized. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

Cookies used:

“_ga” This cookie is used by Google Analytics to distinguish website visitors and to track page visits or the duration of page visits, expiry 2 years;
“_gat” This Google Analytics cookie is used to monitor and throttle the request rate to the servers, expiration 10 minutes;
“_gid” This cookie is used to distinguish between users. Expires 24 hours.
“_gali” This cookie is used by Google Analytics (Enhanced Link Attribution) to improve the accuracy of the In-Page Analytics report by automatically distinguishing between multiple links to the same URL on a single page using link element IDs

Application:
Google Maps AddIn

Description:
The integration of Google Maps enables a simple representation of our company location on our website and facilitates navigation for visitors. In order to display the map, Google needs to access certain data from your device.

Application:
YouTube AddIn

Description:
The integration of YouTube enables us to provide you with exciting videos and reports directly on our website. To enable this access, Google must access certain data on your end device.

Processing by Google also takes place outside the European Union (EU) or the European Economic Area (EEA), namely in the USA. The EU Commission has issued an adequacy decision for the USA. Google is self-certified and listed in the Data Privacy Framework list.

We transfer your personal data to the following recipients (controllers) where necessary:

To external third parties

• to the extent necessary on the basis of our legal obligations or our legitimate interests or for the assertion, exercise or defense of legal claims (e.g. auditors, insurance companies in the event of an insurance claim, legal representatives in the event of a claim, etc.)

• To authorities or other public bodies to the extent required by law or on the basis of official orders (e.g. data protection and tax authorities)

Your personal data will also be processed on our behalf by our service providers (processors) to the extent necessary. These processors are, in particular, IT service providers, providers of data hosting services and server solutions, providers of tools and software solutions, IT maintenance services and other providers of similar services. All our processors process your data only on our behalf and on the basis of our documented instructions for the purposes described above. We have concluded a processor agreement with our processors in accordance with Art. 28 GDPR.

If personal data is transferred to recipients in third countries outside the EU and there is no adequacy decision by the EU Commission for the third country in question in accordance with Art 45 GDPR, the transfer is carried out in individual cases subject to suitable guarantees in accordance with Art 46 GDPR or, if necessary, by consent for specific purposes.

We only store your personal data for as long as we need it to fulfill the purposes described above.
If you contact us, we will store your data until your request has been processed and will retain the data for a further six months on the basis of our legitimate interests. For example, we have an interest in being able to respond to any queries in an informed and customer-oriented manner. Data will be stored for longer if you enter into a contractual relationship with us.
If you enter into a contractual relationship with us, we are subject to mandatory statutory retention periods (in particular § 190, 212 UGB) and tax law requirements (in particular § 132 BAO). We therefore delete the necessary data after 7 years. We store your data in connection with a data subject request to assert your rights for 18 months. In addition, in individual cases, data will be stored for a longer period until the end of the business relationship or a legal dispute or until the expiry of the warranty and guarantee periods as well as the limitation periods in the event of the assertion of claims for damages.
If cookies are set on your device, we store your personal data for as long as is necessary to achieve their purposes. When we no longer need your personal data, we delete it from our systems and records or anonymize it so that you can no longer be identified. You can find more information on the storage periods of the cookies used.

As a data subject, you have a right to information about the personal data we process about you (Art. 15 GDPR). You also have the right to rectification of inaccurate data and erasure of your data (“right to be forgotten”) (Art. 16, 17 GDPR). You can also withdraw your consent to the processing of personal data with effect for the future at any time without reason if the processing is based on your consent (Art. 7 para. 3 GDPR). You may also have the right to restrict the processing of your data (Art. 18 GDPR) and the right to receive the data you have provided in a structured, commonly used and machine-readable format (“data portability”) (Art. 20 GDPR).

You also have the right to object (Art. 21 GDPR) if the processing of your personal data is based on Art. 6 para. 1 lit. f GDPR.

You also have the option of lodging a complaint with a data protection supervisory authority (Art 77 GDPR). Information on the Austrian data protection supervisory authority can be found at www.dsb.gv.at. An overview of the data protection authorities in the European Economic Area can be found here:

If you have any questions regarding your personal data, please contact us, for example by e-mail at or by post at the following address: Umdasch Group AG, Subject: Data protection request, Josef Umdasch Platz 1, 3300 Amstetten, Austria

Umdasch regularly updates its website. In the course of this, this declaration may be adapted. There is no separate reference to this adaptation. For this reason, we recommend that you access this statement regularly to keep yourself informed.