Ochrona danych
This data protection policy applies to all personal data of natural persons that is processed by us, Kwapil & Co GmbH (“Kwapil & Co”). The protection of said data is of utmost concern to us. Thus, we process data exclusively in accordance with legal regulations (GDPR, TKG 2003).
Responsibility for the processing of data
Für die Datenverarbeitung verantwortlich:
Kwapil & Co GmbH
Kammelweg 9
AT-1210 Vienna
Email: datenschutz@kwapil.com
Data sources
The personal data we process includes the data that we have received from you as part of a business relationship or the initiation thereof. For example, when you contact us through a form on our website, through email or by calling us, when personal contact occurs (e.g. while visiting an exhibition), when you forward an offer to us or request an offer from us, or when you order from us, all provided data, including personal data, is processed by us (please refer also to section “purposes of data processing” below). This is done for the purpose of processing requests, in case of follow-up questions, for the processing of contracts, for direct marketing (especially sending out our “E-News”), as well as internal administrative purposes.
In particular and in regard to data processing within the framework of our website, we try to collect personal data as sparingly as possible. Therefore, it is possible for you to look through our website without providing any personal data. However, if you wish to contact us through an online form or want to order a catalogue, you are required to fill out at least the personal data marked with an asterisk (*) in the according forms. This provided data will be saved by our data management and therefore processed and as well used for other forms of direct marketing (e.g. forwarding our “E-News”) as well as internal administrative purposes.
Furthermore, we process data that we have received permissibly from publicly accessible sources (media in all forms, including print media, websites, etc.; commercial registers, registers of association, land registers, etc.). Additionally, we occasionally process data that we have received from the credit protection association (KSV 1870).
Purposes of data processing
Personal data of natural persons is processed by us with the following purposes:
• management and answering requests regarding desired information about products and services of Kwapil & Co
• managing client relationships (for example, but not limited to offers, orders from our suppliers, frame orders, client orders, billing, rectification of problems concerning clients or products, complaints, repairs, processing of contracts)
• managing relationships with suppliers or other business partners
• marketing, for example but not limited to forwarding our “E-News“, information about new products, sending out catalogues, invitations to exhibitions, et cetera. For example, we send out our newsletter “E-News” to our clients and other business partners. Through this newsletter tool, information about new products and offers is sent out regularly. Unsubscribing from this newsletter is possible at any time. Simply respond to a newsletter email with the word “Unsubscribe” in the subject heading.
• internal administrative purposes.
Legal bases for processing
Lawful processing requires that either the data subject has given consent to the processing of his or her personal data for one or more specific purposes or it is based on any other legitimate legal basis, such as (non-exhaustive list) processing is necessary for compliance with a legal obligation to which the controller is subject, or processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract, or processing is necessary in order to protect the vital interests of the data subject or of another natural person.
Our data processing is either based on
• legal obligations which have to be fulfilled by Kwapil & Co (certain legal obligations may require the processing of personal data), or
• the processing is necessary in order to fulfill a contract, whose contracting party is the data subject, or for the execution of pre-contractual measures that occur at the request of the data subject, or
• the processing is necessary for the purpose of pursuing legitimate interests of Kwapil & Co, as given for example in direct marketing and other forms of marketing and advertisement, in the forwarding of personal data within a corporate group for internal administrative purposes, in guaranteeing network and information security, and in the processing for research purposes, including market research.
• In case the processing of data is not covered by any of the conditions mentioned above, we will obtain the consent of the data subject before processing data. Data processing based on given consent will occur only according to the purposes set out in the declaration of consent and to the extent agreed within the declaration. If consent was given, it may be revoked at any time with effect for the future.
Data categories
Personal data that is processed by us includes
• first name and surname
• name and address of the company you are working for
• telephone number (including mobile number) from the company you are working for
• your email addresses from the company you are working for
• product and service interests (measured from the company you are working for)
• information about the products and services which you purchased for your business
• information about the financial status of the company you are working for
Furthermore, we can gather personal data through Cookies and similar methods, including but not limited to (also refer to section “Access data”):
• your IP addresses
• your Cookie ID
• your web browser
• your location
• the pages you visit on our website
Access data
When you visit our website, access data is captured in a logfile for web statistics: this includes, for example, the type of browser you are using, date and time, IP address, country and place of origin of the IP address, duration of stay on the website, number of page views and downloads. This data is solely used for statistical purposes.
Transfer of personal data
Appointed data processing companies may receive your data from us, provided that they need said data for the completion of their contractual obligations. Appointed processors transport and freight companies, businesses that support us with billing and accounting as well as businesses that help us take care of the data storage of our customer data base. In individual cases, we transfer personal data to businesses that help us with credit assessments and security checks of our (potential) customers, suppliers, and business partners (e.g. KSV).
Additionally, personal data is transferred to group companies (group companies include all businesses of Interelectric AG) for internal administrative purposes, which includes third countries. Within group companies, employees only have access to personal data as needed for the completion of their tasks.
We are aware that the transmission of data to third countries is only legal either on exception rule for the specific transmission of data or if an adequate level of data protection is ensured through additional measures (e.g. adequacy decision of the Commission).
Lastly, we will transfer personal data to a third party within the framework of existing laws if we are legally obligated to do so or if the transfer is necessary for the prosecution of criminal offences or the exercise and implementation of our rights and demands.
Links to other websites and advertising of third parties
In specific places, our website can contain advertisements of third parties as well as links leading to other websites, which we are not responsible for.
In part, these other websites are operated independently, and it is possible that they have different data protection policies and guidelines. We may recommend that you inform yourself about these other data protection policies and guidelines and read through them in order to understand how personal data is processed on these other websites. You should do so as we are not responsible for the contents of websites which are not in our ownership and are not managed by us, and we are not responsible for the stated usage policies and data protection policies on these websites.
Cloud
In specific places, our website can contain advertisements of third parties as well as links leading to other websites, which we are not responsible for.
In part, these other websites are operated independently, and it is possible that they have different data protection policies and guidelines. We may recommend that you inform yourself about these other data protection policies and guidelines and read through them in order to understand how personal data is processed on these other websites. You should do so as we are not responsible for the contents of websites which are not in our ownership and are not managed by us, and we are not responsible for the stated usage policies and data protection policies on these websites.
Duration of storage
The data is processed for the duration of the entire business relationship (from the initiation to the transaction up until the termination/completion of the contract) and according to legal storage and documentation retention periods. Provisions are given for example by the Austrian Commercial Code (UGB), the “Bundesabgabenordnung” (BAO) and the General Civil Code (ABGB). Additionally, the legal statute of limitation must be considered in regard to the duration of storage, which, for example under the General Civil Code, can come up to 30 years in specific cases.
Data protection rights
Hereby, we want to inform you about the rights you have as a party concerned in regard to the personal data that we process.
We refer to Article 14 of the GDPR, which lays down your right to information.
We refer to Article 16 of the GDPR, which lays down your right to rectification.
We refer to Article 17 of the GDPR, which lays down your right to erasure (“right to be forgotten”).
We refer to Article 18 of the GDPR, which lays down your right to restriction of processing.
We refer to Article 20 of the GDPR, which lays down your right to data portability.
We refer to Article 21 of the GDPR, which lays down your right to object to processing.
We refer to Article 7 Section 3 of the GDPR, which lays down your right to withdraw your consent, should the processing be based on Article 6 Section 1(a) or Article 9 Section 2(a) (consent of the data subject).
We refer to Article 77 of the GDPR, which lays down your right to lodge a complaint with a supervisory authority.
Automated decision-making
Decisions about the establishment and execution of business relationships based solely on automated processing (including profiling) in terms of Article 22 of the GDPR are not made by us.
Protection of personal data
We are aware of the responsibility to protect the personal data entrusted to us from loss, abuse and unlawful access. We use various security technologies and organizational procedures to ensure the protection of your personal data.
Data security
We give high priority to the security of personal data that is processed by us. Thus, we protect this data through technological and organizational measures to effectively prevent loss or abuse by a third party. In particular, our employees are required to maintain data secrecy. The technological security measures that are in place to protect this data are checked regularly and, if necessary, are updated to the state of the art. These principles also apply to companies that process and use data on our instructions.
Changes to the data protection policy
We reserve the right for ourselves to make regular changes to our data protection policy. Updated and amended versions are published via our website. The stated date on the data protection policy is the date of the last update. We recommend visiting the website regularly and looking through the latest version of the data protection policy. Changes to the data protection policy take effect as soon as they are published. If you still access or use our services after the date of entry into force of the changes, it constitutes the acceptance of the updated data protection policy.
Consent
Through the usage of this website, the user is consenting to the terms and conditions of this data protection policy and allows Kwapil & Co to process personal data as described in this document for the mentioned purposes.