Einleitung
Introduction:
We are very pleased with your interest in our company. Data protection is of particular importance to the management of European Trans Energy GmbH. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject. Through this privacy policy, our company aims to inform visitors to our website about the nature, scope, and purpose of the personal data we collect, use, and process. Furthermore, this privacy policy will also clarify the rights of data subjects.
As the data controller, we have implemented numerous technical and organizational measures to ensure the highest possible level of protection for the personal data processed through this website. However, internet-based data transmissions can have inherent security vulnerabilities, so absolute protection cannot be guaranteed. For this reason, every data subject is free to request information about us or transmit personal data to us through alternative means, such as by telephone or mail.
Definitions:
This privacy policy is based on the terminology used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our aim is to make this privacy policy easily understandable for the public, as well as for our customers and business partners. To ensure this, we would like to explain the terminology used in advance.
In this privacy policy, we use, among others, the following terms:
- Personal data: Personal data refers to all information relating to an identified or identifiable natural person (hereinafter "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more specific characteristics that express the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
- Data subject: A data subject is any identified or identifiable natural person whose personal data is processed by the controller responsible for the processing.
- Processing: Processing refers to any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- Restriction of processing: Restriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.
- Profiling: Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
- Pseudonymization: Pseudonymization is the processing of personal data in a way that the data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
- Controller: Controller or data controller is the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
- Processor: Processor or data processor is a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.
- Recipient: Recipient is a natural or legal person, public authority, agency, or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.
- Third party: Third party is a natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
- Consent: Consent is any freely given, specific, informed, and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
Name and Contact Details of the Controller:
The controller in accordance with the General Data Protection Regulation and other national data protection laws of the Member States, as well as other data protection regulations, is:
European Trans Energy GmbH
Emil-Fucik-Gasse 1
1100 Vienna, Austria
Austria
VAT ID: ATU 62583056
HRB 276198z
Managing Directors: Wilfried Rendl, Franz Rossler
Contact Person: Wilfried Rendl, Franz Rossler
Contact Details of the Data Protection Team:
You can reach the data protection team in writing at the above address • Data Protection Officer (DPO) personally/confidentially • or by email at: datenschutz@~@europten.com
- General Information on Data Processing:
1.1. Scope of Processing Personal Data:
We generally process personal data of our users only to the extent necessary to provide a functioning website and to optimize our content and services. The processing of personal data of our users is regularly carried out only with the user's consent. An exception applies to cases in which obtaining prior consent is not possible for factual reasons and the processing of data is permitted by statutory provisions. Further details on this can be found in the following sections.
1.2. Legal Basis for Processing Personal Data: I
nsofar as we obtain the consent of the data subject for processing personal data, Article 6(1)(a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
For the processing of personal data necessary for the performance of a contract to which the data subject is a party, Article 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations required to carry out pre-contractual measures.
If processing personal data is necessary to fulfill a legal obligation to which our company is subject, Article 6(1)(c) GDPR serves as the legal basis.
If the processing is necessary to protect a legitimate interest of our company or a third party, and the interests, fundamental rights, and freedoms of the data subject do not outweigh the first-mentioned interest, Article 6(1)(f) GDPR serves as the legal basis for the processing.
The legal basis for processing personal data using technically necessary cookies is Article 6(1)(f) GDPR.
The legal basis for processing personal data using cookies for analysis purposes is Article 6(1)(a) GDPR if the user has given consent.
1.3. Data Erasure and Storage Duration:
The personal data of the data subject will be deleted or blocked as soon as the purpose of storage ceases to apply. Storage may also take place if this has been provided for by the European or national legislator in EU regulations, laws, or other provisions to which the controller is subject. Data will also be blocked or deleted if a storage period prescribed by the mentioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.
2. Scope, Purpose, and Duration of Processing Personal Data
The temporary storage of the IP address by the system is necessary, for example, to enable the delivery of the website to the user's computer. For this purpose, the user's IP address must be stored for the duration of the session.
The storage in log files, for example, is carried out to ensure the functionality of the website. Additionally, the data is used for optimizing the website and ensuring the security of our information technology systems.
In these purposes, our legitimate interest in data processing according to Art. 6(1)(f) GDPR is involved.
The data will be deleted as soon as they are no longer necessary for the purpose for which they were collected. The data recorded in the log files is automatically deleted from the server after 30 days.
2.1.1 Third-Party Cookies and Plugins Used
If the visitor allows the use of additional cookies through their browser settings or consent, cookies from the following third-party providers and plugins may be used on our websites:
- Google Tag Manager
- Google Maps
- OpenStreetMap
- Google Analytics
If these cookies may also relate to personal data, we provide information about them under "Plugins."
The visitor can delete individual cookies or the entire cookie inventory through their browser settings. In addition, they will receive information and instructions on how to delete these cookies or block their storage in advance.
Depending on the browser used, the necessary information can be found in your browser's settings.
For more information on cookies in general, you can refer to:
2.1.2 Access to the Website and Log Files
We use an Internet service provider to host our online presence, on whose server the website is stored (hosting), and who makes our site available on the Internet. In this process, the internet service provider processes contact data, content data, contract data, usage data, inventory data, as well as meta and communication data on our behalf.
Name and address of the Internet service provider: master design gmbh Hauptstraße 6/4 7350 Oberpullendorf
You can view their data protection provisions here: [Link to the provider's privacy policy]
The collection of this data is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of their website, which requires the collection of server log files.
If you only use our website for informational purposes, our internet service provider will only collect the personal data that your browser transmits to their server. This data includes the following:
- Browser type and browser version
- Operating system used
- Referrer URL
- Hostname of the accessing computer
- Time of the server request
- IP address
These data will not be merged with other data sources.
2.1.3 Plugins and Third-Party Cookies
CookieFirst
This website uses the Cookie Consent technology from CookieFirst to obtain your consent to the storage of certain cookies on your device and to document this in compliance with data protection regulations. The provider of this technology is Digital Data Solutions B.V., Plantage Middenln 42a, 1018 DH Amsterdam, website: CookieFirst.
When you enter our website, the following personal data is transmitted to CookieFirst:
- Your consent(s) or the revocation of your consent(s)
- Your IP address
- Information about your browser
- Information about your device
- Time of your visit to the website
Furthermore, CookieFirst stores a cookie in your browser to associate the granted consents or their revocation with your browser. The data collected in this way will be stored until you request us to delete it, delete the CookieFirst cookie yourself, or the purpose for data storage no longer applies. Mandatory statutory retention periods remain unaffected.
The use of CookieFirst is based on obtaining the legally required consents for the use of cookies. The legal basis for this is Art. 6(1)(c) GDPR.
Google Tag Manager
We use Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google Tag Manager is a tool that allows us to integrate tracking or analytics tools and other technologies on our website. Google Tag Manager does not create user profiles, store cookies, or conduct its own analyses. It is used solely for the management and deployment of the tools integrated through it. However, Google Tag Manager does collect your IP address, which may also be transferred to Google's parent company in the United States.
The use of Google Tag Manager is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in a quick and uncomplicated integration and management of various tools on their website. If consent has been requested, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR; consent can be revoked at any time.
Google Analytics
Our website uses Google Analytics, including features of Universal Analytics, a web analytics service provided by Google Inc. ("Google"). Google Analytics uses "cookies," which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States.
IP anonymization (IP masking) is used on our website. Due to the unresolved legal situation regarding the use of full IP addresses with analytics tools, Google Analytics is used with the "_anonymizeIp()" extension. This means that your IP address will be truncated by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before being transferred to the USA and will only be fully processed there in exceptional cases. Google will use this information on our behalf to evaluate your use of the website, to compile reports on website activity, and to provide us with other services related to website activity and internet usage.
The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by setting your browser software accordingly; however, please note that if you do this, you may not be able to use all the features of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link: Google Analytics Opt-out Browser Add-on.
More information on terms of use and data protection can be found at Google Analytics Terms of Service.
Google Maps
This website uses Google Maps for displaying map information. When using Google Maps, Google also processes data about the use of the map functions by visitors to the websites. For more information about data processing by Google, please refer to Google's privacy policy at Google Privacy Policy. You can also change your settings in the Google Privacy Center to manage and protect your data.
OpenStreetMaps
We use the open-source map service "OpenStreetMaps" (OSM) provided by the OpenStreetMap Foundation, 132 Maney Hill Road, Sutton Coldfield, West Midlands, B72 1JU, United Kingdom, for displaying geodata on our website. OSM allows us to provide an interactive map on our website that shows how to find and reach us. This service enables us to present our website in an appealing way by loading map material from an external server. The following data is transmitted to OSM's servers during display: the pages of our website that you have visited and the IP address of your device. The legal basis for processing your data in relation to the "OSM" service is Art. 6(1)(f) GDPR (Legitimate interest in data processing). The legitimate interest arises from our need for an attractive presentation of our online offering and the easy accessibility of the locations provided on our homepage.
For more information on how user data is handled, please refer to the OSM Foundation's privacy policy.
YouTube with Enhanced Privacy
This website embeds videos from YouTube. The operator of the pages is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
We use YouTube in enhanced privacy mode. According to YouTube, this mode ensures that YouTube does not store information about visitors to this website before they watch the video. However, the extended privacy mode does not necessarily exclude data sharing with YouTube partners. For example, YouTube - regardless of whether you watch a video - establishes a connection to the Google DoubleClick network.
When you start a YouTube video on this website, a connection to YouTube's servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you allow YouTube to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.
Furthermore, YouTube may store various cookies on your device after starting a video or use similar recognition technologies (e.g., device fingerprinting). This allows YouTube to obtain information about visitors to this website. This information may be used, among other things, to collect video statistics, improve user-friendliness, and prevent fraud.
Additional data processing operations may be triggered after starting a YouTube video, over which we have no control.
The use of YouTube is in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6(1)(f) GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR; the consent can be revoked at any time.
For more information about data protection at YouTube, please refer to their privacy policy at: YouTube Privacy Policy.
2.2 Data Sharing
Personal data is transmitted to third parties when:
- The data subject has expressly consented to it in accordance with Art. 6(1)(a) GDPR.
- The transfer is necessary for the establishment, exercise, or defense of legal claims under Art. 6(1)(f) GDPR, and there is no reason to believe that the data subject has an overriding legitimate interest in not disclosing their data.
- There is a legal obligation to transmit the data under Art. 6(1)(c) GDPR, and/or
- It is necessary for the performance of a contract with the data subject under Art. 6(1)(b) GDPR.
In other cases, personal data will not be disclosed to third parties.
3. Rights of the Data Subject
Where personal data concerning the visitor is processed during their visit to our website, the visitor is considered a "data subject" within the meaning of the GDPR and is entitled to the following rights:
3.1 Information
The visitor can request information from us as to whether personal data concerning them is being processed by us. There is no right to information if the provision of the information would violate a duty of confidentiality or if the information must be kept secret for other reasons, in particular due to an overriding legitimate interest of a third party. Notwithstanding this, there may be an obligation to provide the information if, in particular in the case of imminent damage, the interests of the visitor outweigh the interest in confidentiality.
The right to information is also excluded if the data is only stored because it may not be deleted due to legal or statutory retention periods or solely serves the purpose of data backup or data protection control, provided that the provision of information would require a disproportionate effort and the processing for other purposes is excluded by appropriate technical and organizational measures.
If, in the specific case, the right to information is not excluded and personal data is processed by us, the visitor can request information from us about the following information:
- Purposes of processing
- Categories of personal data processed by the visitor
- Recipients or categories of recipients to whom personal data of the visitor is disclosed, particularly for recipients in third countries
- If possible, the planned duration for which personal data will be stored or, if this is not possible, the criteria for determining this duration
- The existence of a right to rectify or erase or restrict the processing of personal data concerning the visitor or to object to such processing
- The existence of a right to lodge a complaint with a supervisory authority for data protection
- If the personal data was not collected from the visitor as the data subject, the available information about the data source
- The existence of automated decision-making, including profiling, and meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing
- In the case of transfers to recipients in third countries, if there is no decision by the EU Commission on the adequacy of the level of protection pursuant to Art. 45(3) GDPR, information about what appropriate safeguards pursuant to Art. 46(2) GDPR have been taken for the protection of personal data.
3.2 Correction and Completion
If the visitor determines that we have incorrect personal data concerning them, they can request us to promptly correct this incorrect data. In the case of incomplete personal data concerning the visitor, they can request completion.
3.3 Deletion
a) Obligation to Delete
You can request the controller to delete your personal data concerning you without undue delay, and the controller is obliged to delete this data without undue delay if one of the following reasons applies:
(1) The personal data concerning you is no longer necessary for the purposes for which it was collected or otherwise processed.
(2) You withdraw your consent on which the processing is based according to Art. 6(1)(a) or Art. 9(2)(a) GDPR, and there is no other legal basis for the processing.
(3) You object to the processing pursuant to Art. 21(1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21(2) GDPR.
(4) Your personal data concerning you have been unlawfully processed.
(5) The deletion of your personal data is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject.
(6) Your personal data concerning you has been collected in relation to information society services offered pursuant to Art. 8(1) GDPR.
b) Information to Third Parties
Where the controller has made your personal data public and is obliged pursuant to Art. 17(1) GDPR to erase your personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you, as the data subject, have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.
c) Exceptions
The right to deletion does not exist insofar as the processing is necessary
(1) to exercise the right to freedom of expression and information;
(2) to fulfill a legal obligation which requires processing according to the law of the Union or the Member States to which the controller is subject, or to carry out a task carried out in the public interest or in the exercise of official authority vested in the controller;
(3) for reasons of public interest in the field of public health according to Art. 9(2)(h) and (i) and Art. 9(3) GDPR;
(4) for archival purposes in the public interest, scientific or historical research purposes, or statistical purposes according to Art. 89(1) GDPR, insofar as the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of such processing, or
(5) to assert, exercise or defend legal claims.
3.4 Restriction of Processing
The visitor can request us to restrict the processing if one of the following conditions is met:
- The visitor disputes the accuracy of the personal data. In this case, the restriction can be requested for the duration that allows us to verify the accuracy of the data.
- The processing is unlawful, and the visitor requests the restriction of the use of their personal data instead of deletion.
- We no longer need the personal data for the purposes of processing, but the visitor needs them to assert, exercise, or defend legal claims.
- The visitor has objected to the processing pursuant to Art. 21(1) GDPR. The restriction of processing can be requested as long as it is not yet clear whether our legitimate reasons outweigh the visitor's reasons.
Restriction of processing means that personal data will only be processed with the visitor's consent or for the purpose of asserting, exercising, or defending legal claims or protecting the rights of another natural or legal person or for reasons of important public interest. Before lifting the restriction, we have an obligation to inform the visitor about it.
3.5 Right to Information
If you have asserted your right to correction, deletion, or restriction of processing to the responsible party, they are obliged to inform all recipients to whom the personal data concerning you has been disclosed about this correction or deletion of data or restriction of processing unless this proves impossible or involves a disproportionate effort. You have the right to be informed about these recipients from the responsible party.
3.6 Right to Data Portability
The visitor has the right to data portability if the processing is based on their consent (Article 6(1)(a) or Article 9(2)(a) GDPR) or on a contract to which they are a party, and the processing is carried out by automated means. In this case, the right to data portability includes the following rights, provided that this does not adversely affect the rights and freedoms of others. The visitor can request to receive the personal data they have provided to us in a structured, commonly used, and machine-readable format. They have the right to transmit this data to another controller without hindrance from us. To the extent technically feasible, the visitor can request that we transmit their personal data directly to another controller.
3.7 Right to Object
If processing is based on Article 6(1)(e) GDPR (performance of a task carried out in the public interest or in the exercise of official authority) or Article 6(1)(f) GDPR (legitimate interests pursued by the controller or a third party), the visitor has the right to object, on grounds relating to their particular situation, at any time to the processing of personal data concerning them. This also applies to profiling based on Article 6(1)(e) or (f) GDPR. After the exercise of the right to object, we will no longer process the visitor's personal data unless we can demonstrate compelling legitimate grounds for the processing that override the visitor's interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims. The visitor can object at any time to the processing of their personal data for direct marketing purposes, including profiling related to such direct marketing. After exercising this right to object, we will no longer use the relevant personal data for direct marketing purposes. The visitor has the option to informally communicate their objection by telephone, email, possibly by fax, or to the postal address listed at the beginning of this data protection declaration.
3.8 Automated Individual Decision-Making, Including Profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision is necessary for entering into or performing a contract between you and the responsible party, is authorized by Union or Member State law to which the controller is subject, and that law contains suitable measures to safeguard your rights, freedoms, and legitimate interests, or is based on your explicit consent. However, these decisions may not be based on special categories of personal data referred to in Article 9(1) GDPR unless Article 9(2)(a) or (g) GDPR applies, and suitable measures to safeguard your rights, freedoms, and legitimate interests are in place. With regard to the cases referred to in (1) and (3), the responsible party takes reasonable measures to safeguard your rights, freedoms, and legitimate interests, including at least the right to obtain human intervention on the part of the controller, to express your point of view, and to contest the decision. As a responsible company, we refrain from automated decision-making or profiling.
3.9 Right to Lodge a Complaint
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR. The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.
4. Email Contact4.1 Description and Scope of Data Processing
Contact via the provided email addresses on the website is possible. In this case, the personal data of the user transmitted with the email will be stored. There is no further disclosure of the data to third parties. The data is exclusively used for processing the conversation.
4.2 Legal Basis for Data Processing
The legal basis for processing the data is Art. 6(1)(a) GDPR if the user has given their consent. The legal basis for processing the data transmitted in the course of sending an email is Art. 6(1)(f) GDPR. If the email contact aims to conclude a contract, an additional legal basis for the processing is Art. 6(1)(b) GDPR.
4.3 Purpose of Data Processing
The processing of personal data from email contact serves us to process the conversation as well as any necessary steps before concluding a contract.
4.4 Duration of Data Storage
The data will be deleted as soon as it is no longer necessary to achieve the purpose of its collection. For personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation is considered ended when it can be inferred from the circumstances that the matter in question has been finally clarified.
4.5 Objection and Removal Option
The user has the option to revoke their consent to the processing of personal data at any time. If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued. All personal data stored in the course of contacting will be deleted.
Update of this Data Protection Declaration
This data protection declaration is subject to adaptation and change. We reserve the right to update the data protection declaration at any time to improve data protection and/or to adapt it to changed supervisory practices or case law.