Last updated 2019-04-23
Data processing principles within the Styrian Service Cluster
The SSC attaches great importance to the protection of your privacy and your personal data.
To fulfill our obligations to provide information according to Article 12 et seq. of the General Data Protection Regulation (GDPR), we are glad to provide you with the following information about data protection.
Who is responsible for data processing?
As defined in the data protection law, the responsible party is:
Styrian Service Cluster
Contact person: https://www.styrianservicecluster.com/kontakt/
Which personal data is processed by the SSC, and for what purpose?
If we have received data from you, then we only use this data in principle for the purposes for which we have received or collected it.
Data processing for different purposes would only come into question to the extent that the legal requirements according to Article 6(4) of the GDPR are fulfilled. In that case we will of course observe any obligations to inform under Article 13(3) of the GDPR and Article 14(4) of the GDPR.
The use of this website is generally possible without providing any personal data. Only you determine whether, for example, you want to give us your email address or your postal address in order for us to get in touch with you, to process your inquiry, or to grant you access to special information or offers. We do not collect any personal data on our website in this respect without your explicit and voluntary consent. If you provide us with personal data, it will be handled in strict confidence and will not be passed on to third parties without your explicit consent. All information we receive from you when you use our Internet services is exclusively used to process user information and for communication regarding orders, products and services.
Server log files
The website provider automatically collects and saves information in server log files, which your browser automatically transmits to us. They are as follows:
- Browser type / browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server query
This data cannot be attributed to specific persons. This data will not be combined with other sources of data. We reserve the right to check this data at a later time, if we learn of specific evidence of unlawful use.
What is the legal basis for the processing described above?
The legal basis for processing personal data is, in general – as long there is no specific legal requirement – Article 6 of the GDPR. Here the following possibilities must be observed in particular:
- Consent (Article 6(1)(a) GDPR)
- Data processing for the performance of contracts (Article 6(1)(b) GDPR)
- Data processing based on the consideration of interests (Article 6(1)(f) GDPR)
- Data processing for the compliance with a legal obligation (Article 6(1)(c) GDPR)
If personal data of yours is processed on the basis of your consent, you have the right to revoke such consent at any time and we are bound to respect the revocation in the future.
If we process data based on a consideration of interests, you, as the data subject, have the right to object with regard to the provisions of Article 21 of the GDPR on the processing of personal data.
How long will the data be saved?
We process the data as long as it is necessary for the purpose in question.
If there are legal obligations to retain the data – for example, under business law or tax law – the relevant personal data will be saved for the duration of the retention obligation. Once the retention obligation expires, a check is made whether further necessity for processing exists. When there is no necessity, the data is deleted.
You can of course request information (see below) about your personal data that has been saved and in the case where there is no necessity, request that the data be deleted or that the processing be limited.
Which recipients will the data be given to?
In principle, your personal data is only passed on to third parties if this is necessary to fulfil the contract with you, the data is permitted to be passed on based on the consideration of interests within the meaning of Article 6(1)(f) of the GDPR, we are legally obligated to pass the data on or if and when you have issued consent.
How does the SSC guarantee the security of the data?
We take careful precautions to protect your data from loss, manipulation and unauthorized access. The precautions are in accordance with the latest state-of-the-art technology and legal requirements.
How can I exercise my rights as a “data subject”?
You have the right to access to the personal data that we have processed.
If the request for access to the data is not made in writing, we kindly ask you to note that we, if necessary, require proof from you that verifies that you are the person who you claim to be.
You also have a right to request rectification or erasure or restriction of processing as far as you are legally entitled.
You also have a right to object to such processing in accordance with legal requirements. The same applies to a right to data portability.
In particular, you have a right to object, according the Article 21(1) and (2) of the GDPR, to the processing of your data in connection with direct marketing purposes, if this is based on the consideration of interests.
You furthermore have the right to complain to the data protection supervisory authority regarding our processing of personal data.
Wherever we collect data for a specific purpose on this website, you will be given the opportunity to exclude your data, either by clicking a box or by adjusting your browser settings accordingly.
You can consult firstname.lastname@example.org at any time for notices in connection to the above-mentioned rights as well as other questions, concerns or suggestions pertaining to the topic of data protection.
Links to other websites
The website contains links to external websites. As we are unable to influence these websites, we cannot take any responsibility for their content and data protection policies.