Data protection

WHAT DATA IS PROCESSED?

We collect and store the following personal data records for each of our billing customers and billing suppliers:

  • Customer or supplier

  • Title, first name, last name, salutation

  • Home address

  • E-mail address

  • Landline or cell phone number

  • Customer or supplier number (assigned by EAID&C*)

  • Invoice numbers (assigned by EAID&C)

  • Last activity in relation to clearing (clearing content assigned by EAID&C)

  • Settlement amount net and gross (awarded by EAID&C)

  • Project number (assigned by EAID&C)

  • Year since start of billing Customer / supplier (assigned by EAID&C)

FOR WHAT PURPOSES AND ON WHAT LEGAL BASIS IS THE DATA PROCESSED?

In order to fulfill our business model and the associated services - as described on the homepage www.altenbergerinteriordesign.at under the title / section 'Services' - we collect and process personal and company-related data of our customers and suppliers, which we require in stored form for the following processing contents:

  • Quotation preparation

  • Order confirmations

  • Creation of creative concepts and all information contained therein, such as plans, parts lists and dimensional drawings

  • Invoicing or reminders and credit notes

  • Business communication via e-mail

  • Netbanking

WHO RECEIVES YOUR DATA?

Only the billing and processing customers or suppliers themselves receive the data. Customers who are interested in special EAID&C services will be informed of any suppliers from the EAID&C portfolio who are suitable for the project in question.

HOW LONG IS THE DATA STORED AND PROCESSED?

The storage of e-mail-related business correspondence takes place on the server of Internex - Business Class Hosting A-3950 Gmünd, i.e. within the EU. The storage and processing takes place in the form of Excel files at Ms. Elke Altenberger, the owner of EAID&C as an EPU. The data is stored locally on the PC and decentrally as part of the data backup.

Members can view their personal data stored by us at any time.

Members can request deletions and changes at any time.

The data remains stored for 7 years via the invoice archiving prescribed by the tax authorities. This means that customer or supplier data that has not been involved in any business activity with EAID&C for 7 years will be deleted.

WHAT DATA PROTECTION RIGHTS ARE YOU ENTITLED TO?

You have at any time:

  • the right to receive information about your data

  • the right to have this data changed by us or deleted by us according to your own specifications

  • a right to data portability in accordance with the requirements of data protection law

You can address complaints to the Austrian Data Protection Authority: www.dsb.gv.at

PROVISION OF DATA ?

Customers and suppliers must provide the personal data required to carry out our business processes. Without their provision of data, it is not possible for us to operate a functioning business process.

The declaration that customers and suppliers agree to the storage and processing of their personal data will be requested from them once. They will also be informed about the possibility of exercising their data protection rights. If no consent is given, we will not be able to maintain the business relationship with those customers and suppliers.

GENERAL USE OF SOCIAL MEDIA AND ADVERTISING

In general, EAID&C uses Facebook as social media, although no customer data is used there.

EAID&C uses Google Adwords for advertising purposes to make it easier for our customers to find the site on the Internet and also to provide more precise address details. No customer data is used. Access to the website www.altenbergerinteriordesign.at is registered by Google Adwords but is not passed on to EAID&C in the form of customer data.

IS THERE AUTOMATED DECISION MAKING / PROFILING?

Customers and suppliers who do not pay / settle their invoices or claims of any kind to EAID&C and do not respond to reminders must reckon with processing by a debt collection agency and / or legal consequences of the claim.

USE OF GOOGLE TAG MANAGER

Our website uses Google Tag Manager, a service provided by Google LLC ("Google"), Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Tag Manager is used to manage marketing tags (section codes) on our website. Google Tag Manager is a cookie-free domain that does not collect any personal data. Google Tag Manager triggers other tags, which in turn may collect data. These include Google Analytics 4, for which we refer to the privacy policies of the respective third-party providers. Google Tag Manager does not use this data. If a deactivation has been made at domain or cookie level, this remains in place for all tracking tags that are implemented with Google Tag Manager. You can find more information about Google Tag Manager at https://www.google.com/intl/de/tagmanager/use-policy.html.

USE OF GOOGLE ANALYTICS

This website uses Google Analytics, a web analytics service provided by Google Inc ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymization is activated on this website, your IP address will be shortened by Google beforehand within member states of the European Union or in other contracting states of the Agreement on the European Economic Area.

We have activated IP anonymization (therefore - IP masking) (your IP address, so that your IP address is shortened by Google in the EU and EEA before transmission, so that no other conclusions can be drawn about the person. Only this anonymized IP address is transmitted to Google). Further details can be found here: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage

Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de

USE OF THE LINKED INSIGHT TAG

LinkedIn: Social network; Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.linkedin.com; Privacy Policy: https://www.linkedin.com/legal/privacy-policy; Third country transfer basis: EU-US Data Privacy Framework (DPF), Standard Contractual Clauses(https://legal.linkedin.com/dpa); Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
(Created with Datenschutz-Generator.de by RA Dr. jur. Thomas Schwenke)

On our website we use the LinkedIn Insight Tag, a web analytics tool from LinkedIn Ireland Unlimited Company. This tag allows us to collect detailed information about visitors to our website, including job-related data such as company sectors, job titles and locations. This information helps us to better target our marketing campaigns and measure the effectiveness of our advertisements. The LinkedIn Insight Tag also allows us to show you personalized ads on LinkedIn after you visit our website. The data collected by the tag is anonymous to us and does not allow users to be personally identified. However, LinkedIn can link this data to your LinkedIn profile if you have a LinkedIn account and are logged in while visiting our website. Further information on data collection and processing by LinkedIn can be found in LinkedIn's privacy policy. You can opt out of data collection by the LinkedIn Insight Tag by adjusting your LinkedIn advertising settings.

USE OF THE PINTEREST TAG

Social network; Service provider: Pinterest Europe Limited, 2nd Floor, Palmerston House, Fenian Street, Dublin 2, Ireland; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.pinterest.com. Privacy Policy: https://policy.pinterest.com/de/privacy-policy.
(Created with Datenschutz-Generator.de by RA Dr. jur. Thomas Schwenke)

Our website uses Pinterest Tag, a web analytics service provided by Pinterest Inc. This tool helps us to track and analyze the effectiveness of our Pinterest advertising campaigns by collecting data about visitors' action behavior on our website after clicking on one of our Pinterest ads. The Pinterest tag also allows us to collect information about user behavior on our site in order to better tailor our website and our advertising on Pinterest to the interests of our users. The data collected by the Pinterest tag is anonymous and is not used to personally identify individual visitors to our website. However, Pinterest can link this data to your Pinterest account if you are logged in to Pinterest while visiting our website. You can find more information on data protection at Pinterest in Pinterest's privacy policy. If you do not want Pinterest to collect your data, you can adjust the relevant settings in your Pinterest account or restrict the use of cookies in your browser.

USE OF THE META TRACKING PIXEL FOR INSTAGRAM MARKETING

Instagram: Social network; Service provider: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://www.instagram.com. Privacy Policy: https://instagram.com/about/legal/privacy.
(Created with Datenschutz-Generator.de by RA Dr. jur. Thomas Schwenke)

On our website, we use the Meta Tracking Pixel (formerly Facebook Pixel), an analysis tool from Meta Platforms, Inc. that specifically helps us to optimize our marketing activities on Instagram. This tool allows us to analyze the effectiveness of our Instagram advertising campaigns by tracking user actions on our website that occur after clicking on one of our Instagram ads. This enables us to better understand how our users interact with our website and to make our content and advertising measures on Instagram more targeted and effective. The data collected via the Meta Tracking Pixel is anonymous and does not allow us to directly identify users personally. However, Meta may link this information to your Instagram or Facebook account if you are logged in to Instagram or Facebook while visiting our website. For more information about Meta's privacy practices, please visit Meta's Privacy Policy. You can prevent data collection by the Meta Tracking Pixel by adjusting your privacy settings in your Instagram or Facebook account accordingly.

Plugins and embedded functions and content

We incorporate functional and content elements into our online offering that are obtained from the servers of their respective providers (hereinafter referred to as "third-party providers"). These may be, for example, graphics, videos or city maps (hereinafter uniformly referred to as "content").

The integration always requires that the third-party providers of this content process the IP address of the user, as they would not be able to send the content to their browser without the IP address. The IP address is therefore required to display this content or function. We endeavor to only use content whose respective providers only use the IP address to deliver the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. Pixel tags can be used to analyze information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online offer, as well as being linked to such information from other sources.

  • Processed data types: Usage data (e.g. websites visited, interest in content, access times); meta, communication and procedural data (e.g. IP addresses, time data, identification numbers, consent status). Location data (information on the geographical position of a device or person).

  • Data subjects: Users (e.g. website visitors, users of online services).

  • Purposes of processing: Provision of our online offer and user-friendliness.

  • Legal bases: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR). Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR).

Further information on processing operations, procedures and services:

USE OF GOOGLE FONTS

Obtaining fonts (and symbols) for the purpose of a technically secure, maintenance-free and efficient use of fonts and symbols with regard to up-to-dateness and loading times, their uniform presentation and consideration of possible licensing restrictions. The provider of the fonts is informed of the user's IP address so that the fonts can be made available in the user's browser. In addition, technical data (language settings, screen resolution, operating system, hardware used) are transmitted that are necessary for the provision of the fonts depending on the devices used and the technical environment. This data may be processed on a server of the font provider in the USA - When visiting our online offer, users' browsers send their browser HTTP requests to the Google Fonts Web API (i.e. a software interface for retrieving fonts). The Google Fonts Web API provides users with the Google Fonts Cascading Style Sheets (CSS) and then the fonts specified in the CCS. These HTTP requests include (1) the IP address used by the respective user to access the Internet, (2) the requested URL on the Google server and (3) the HTTP headers, including the user agent, which describes the browser and operating system versions of the website visitors, as well as the referral URL (i.e. the web page on which the Google font is to be displayed). IP addresses are neither logged nor stored on Google servers and are not analyzed. The Google Fonts Web API logs details of HTTP requests (requested URL, user agent and referrer URL). Access to this data is restricted and strictly controlled. The requested URL identifies the font families for which the user wants to load fonts. This data is logged so that Google can determine how often a particular font family is requested. With the Google Fonts Web API, the user agent must adapt the font that is generated for the respective browser type. The user agent is primarily logged for debugging and used to generate aggregated usage statistics to measure the popularity of font families. These aggregated usage statistics are published on the Google Fonts "Analytics" page. Finally, the referral URL is logged so that the data can be used for production maintenance and to generate an aggregated report on the top integrations based on the number of font requests. According to its own information, Google does not use any of the information collected by Google Fonts to create profiles of end users or to place targeted ads; service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal basis: Legitimate interests (Art. 6 para. 1 sentence 1 lit. f) GDPR); Website: https://fonts.google.com/; Privacy Policy: https://policies.google.com/privacy; Basis for third country transfer: EU-US Data Privacy Framework (DPF). Further information: https://developers.google.com/fonts/faq/privacy?hl=de.

INTEGRATION OF GOOGLE MAPS

We integrate the maps of the "Google Maps" service of the provider Google. The processed data may include, in particular, IP addresses and location data of the users; Service provider: Google Cloud EMEA Limited, 70 Sir John Rogerson's Quay, Dublin 2, Ireland; Legal basis: Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR); Website: https://mapsplatform.google.com/; Privacy Policy: https://policies.google.com/privacy. Basis for third country transfers: EU-US Data Privacy Framework (DPF).
(Created with Datenschutz-Generator.de by RA Dr. jur. Thomas Schwenke)

DATA SECURITY

Your data security is our concern. It is our declared aim to take all necessary technical and organizational measures to ensure the security of data processing and to process your personal data in such a way that it is protected against access by unauthorized third parties.

Customers and suppliers can contribute to this by

  • not forward any e-mails, offers, concepts, order confirmations, invoices, etc. from EAID&C to outsiders and persons not involved in the joint business cases

  • Inform us of any changes to your data as soon as possible

If you have any questions, please contact Ms. Altenberger by e-mail:
design@elkealtenberger.at