Data Protection

Declaration of Information Obligation

Data protection is an important concern for us. We therefore assure you that we process your personal data in accordance with the principle of "good faith" and only for the purposes listed below. We also confirm that we have taken appropriate technical and organizational measures to protect your data and fulfill our obligations under the GDPR and the Data Protection Amendment Act 2018.
In accordance with Articles 13 ff GDPR, we would like to provide you with the following information about the processing of your personal data and your related rights:

Responsible Party

EUROPEAN HEADQUARTERS
Flexcisst Technology GmbH
Heinrich-Schneidmadl-Straße 15
3100 St. Pölten, Austria

Tel: +43 676 840 638 800
E-Mail: sales@flexcisst.eu

Purposes
Fulfillment of contractual obligations, compliance with legal obligations, protection of legitimate interests of the responsible party, or based on your consent.

Storing Your IP Address
The temporary storage of the IP address by the system is necessary to enable the delivery of the website to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session.

The following data are collected in this process: browser type and version, the user's operating system, the user's internet service provider, hostname of the accessing computer, date and time of access, websites from which the user's system reaches our website, and websites that are accessed by the user's system through our website.

Storage in log files ensures the functionality of the website. Additionally, the data serve to optimize the website and ensure the security of our IT systems. Data is not analyzed for marketing purposes. The data is not combined with other data sources.

The data is stored for a period of 3 months and then automatically deleted.

The legal basis for processing the IP address is Art. 6 (1) lit. b GDPR. The storage of data for the above-mentioned period is based on Art. 6 (1) lit. f GDPR.

Use of Cookies
Our website uses so-called "cookies." Cookies do not harm your computer and do not contain viruses. Cookies serve to make our offering more user-friendly, effective, and secure. Cookies are small text files that are stored on your computer and saved by your browser. For example, your language settings and other user preferences are saved in the cookies so that they can be maintained even after switching pages.

Most of the cookies we use are so-called "session cookies." They are automatically deleted after your visit (the so-called "session") ends.
Some cookies remain stored on your end device until you delete them. These enable us to recognize your browser during your next visit.
If you do not wish this, you can configure your browser to inform you about the setting of cookies and allow this only in individual cases.
The functionality of our website may be restricted if cookies are deactivated.

The legal basis for processing personal data using the described cookies is Art. 6 (1) lit. f GDPR. Our legitimate interest in data processing lies in the technically error-free and optimized provision of our services.

Use of Google Maps

We use the "Google Maps" component of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as "Google," on our site. Each time the "Google Maps" component is called up, Google sets a cookie to process user settings and data when displaying the page in which the "Google Maps" component is integrated. This cookie is generally not deleted when you close the browser but expires after a certain period unless you delete it manually beforehand. If you disagree with this data processing, you can disable the "Google Maps" service and prevent the transfer of data to Google by disabling JavaScript in your browser. Please note, however, that in this case, you may not be able to use "Google Maps" or only to a limited extent. The use of "Google Maps" and the information obtained through "Google Maps" is carried out in accordance with Google's Terms of Use www.google.de/intl/en/policies/terms/regional.html as well as the additional terms and conditions for "Google Maps" www.google.com/intl/en_en/help/terms_maps.html.

IP Anonymization

We use the "IP anonymization" feature on this website. As a result, your IP address is shortened by Google within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area before transmission. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, compile reports on website activity, and provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be combined with other data from Google. The relationship with the web analysis provider is based on the adequacy decision C(2016) 4176 of the European Commission (EU-US "Privacy Shield"). Data processing is based on the legal provisions of § 96 (3) TKG and Art. 6 (1) lit. a (consent) and/or f (legitimate interest) of the GDPR. Our concern in the sense of the GDPR (legitimate interest) is the improvement of our offering and our web presence. Since the privacy of our users is important to us, user data is pseudonymized.

Contact Form
Our website has a contact form that can be used for electronic contact. If you take advantage of this opportunity, the data entered in the input mask will be transmitted to us and processed by us. This data may include:
Name, e-mail address, phone number, message (everything you want to tell/ask us)
The legal basis for processing personal data to respond to or handle your inquiry is Art. 6 (1) lit. b GDPR.

Contact via Email or Phone
If you send us an email or call us, the personal data you provide will be processed for the purpose of responding to and handling your inquiry or order.
The legal basis for processing personal data to respond to or handle your inquiry is Art. 6 (1) lit. b GDPR.

General Retention Period
If we are in a contractual relationship with you, the data we have collected will be stored in compliance with all technical and organizational protective measures. If the contractual relationship with you is terminated, we undertake to minimize data while taking into account our statutory retention and documentation obligations, as well as the statutory limitation periods, which may be up to 30 years in certain cases according to the General Civil Code.

Legal Basis for the Processing of Personal Data
Where we obtain the data subject's consent for processing personal data, Art. 6 (1) lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis. For the processing of personal data necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary for pre-contractual measures.

If processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 (1) lit. c GDPR serves as the legal basis. If vital interests of the data subject or another natural person require the processing of personal data, Art. 6 (1) lit. d GDPR serves as the legal basis. If processing is necessary to protect a legitimate interest of our company or a third party, and the interests, fundamental rights, and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 (1) lit. f GDPR serves as the legal basis for processing.

Transfer of Data to Third Parties

Data is only transferred to third parties within the scope of legal requirements. We only transfer users' data to third parties based on consent given under Art. 6 (1) lit. a) GDPR, if required for contractual purposes under Art. 6 (1) lit. b) GDPR, or based on legitimate interests under Art. 6 (1) lit. f GDPR, for economic and effective operation of our business operations.

If we use subcontractors to provide our services, we take appropriate legal precautions and implement corresponding technical and organizational measures to ensure the protection of personal data in accordance with the relevant legal provisions.

Data Subject Rights

The applicable data protection law grants you comprehensive data subject rights (information and intervention rights) vis-à-vis the data controller with regard to the processing of your personal data, about which we will inform you below:

Right of Access pursuant to Art. 15 GDPR: You have the right to obtain information about your personal data processed by us, the purposes of processing, the categories of processed data, recipients or categories of recipients, the planned storage period or criteria for the determination of the storage period, the origin of your data, if this was not collected from you by us, the existence of automated decision-making including profiling and, if applicable, meaningful information about the logic involved and the scope and intended effects of such processing that concerns you, as well as your right to information about the guarantees according to Art. 46 GDPR when data is transferred to third countries;

Right to Rectification pursuant to Art. 16 GDPR: You have the right to request immediate rectification of incorrect data concerning you and/or completion of your incomplete data stored by us;

Right to Erasure pursuant to Art. 17 GDPR: You have the right to request the erasure of your personal data when the requirements of Art. 17 (1) GDPR are met. However, this right does not exist if the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise, or defense of legal claims;

Right to Restriction of Processing pursuant to Art. 18 GDPR: You have the right to request the restriction of the processing of your personal data as long as the accuracy of your data disputed by you is verified, if you refuse the deletion of your data due to impermissible data processing and instead request the restriction of the processing of your data, if you need your data for the assertion, exercise, or defense of legal claims, after we no longer need this data after achieving the purpose, or if you have objected due to reasons related to your particular situation, as long as it is not yet certain whether our legitimate reasons prevail;

Right to Information pursuant to Art. 19 GDPR: If you have asserted the right to rectification, erasure, or restriction of processing against the controller, the controller is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing unless this proves impossible or involves disproportionate effort. You have the right to be informed about these recipients.

Right to Data Portability pursuant to Art. 20 GDPR: You have the right to receive your personal data, which you have provided to us, in a structured, commonly used, and machine-readable format, or to request transmission to another controller, if this is technically feasible;

Right to Withdraw Consent pursuant to Art. 7 (3) GDPR: You have the right to withdraw your once given consent to the processing of data at any time with effect for the future. In the event of withdrawal, we will immediately delete the affected data unless further processing can be based on a legal basis for processing without consent. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal;

Right to Lodge a Complaint pursuant to Art. 77 GDPR: If you believe that the processing of personal data concerning you violates the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work, or place of the alleged infringement.

Data Breach Notification Obligation pursuant to Art. 33 GDPR: In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we are obliged to notify you and the competent supervisory authority within 72 hours. An exception to this notification is if the data breach does not result in a high risk to your rights and freedoms.

Data Processing Safety

We apply appropriate technical and organizational measures to protect personal data processed from accidental or intentional manipulation, loss, destruction, or unauthorized access. The measures taken are continually improved in line with technological developments.