Privacy and Personal Data Protection Policy
The Gewista Advertising Company is aware of its immense responsibility regarding the processing of personal data and is, therefore, committed to complete adherence of data protection laws within the framework of its social responsibility. Of uppermost priority to us, is the safeguarding of the personal rights and privacy of each individual in the handling of personal data.
We, hereby, conduct ourselves in accordance with the principles of legality, transparency, appropriation, storage limitation and data security.
The existing privacy policy serves to inform our clients and potential clients about all aspects of the processing of their personal data (transparency) and to facilitate access to their rights and options within the framework of data protection regulations. It will also describe those measures that we have put into place in order to protect the security and confidentiality of data. We process personal data solely for the purposes that were determined prior to the collection of data. We only process the type of personal data that is necessary for the implementation of our services and for the administration of clients and potential clients. This only applies when the service is purchased or we are obliged by legal stipulations. The processing of all personal data follows strict observance of current regulations regarding data protection laws. Personal data is neither published nor passed on unauthorized to any third party by us. The processing of data takes place exclusively within the European Union.
This privacy policy applies to our website http://www.gewista.at. Single pages may include links to other providers and controllers, to which this privacy policy is not extended. We accept no liability for this content.
Legal Principles of our Data Processing
We process data of clients, as well as potential clients and information purchasers that have made their personal data available to us on the basis of their enquiry.
The data protection is based on the following legal principles:
1. processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
2. the data subject has given consent to the processing of his or her personal data for one or more specific purposes. This consent may be revoked at any time
Contract Data Processor
A data processing order exists when a data processor is charged with the processing of personal data, without being held responsible for the associated business process. In such cases we reach an agreement with the external data processor regarding a data processing order. In doing so, we maintain full responsibility for the correct implementation of the data processing in accordance with data protection laws. The data processor may only process personal data within the framework of the instructions issued by the person responsible.
We only work with contract data processors (for example, printers or mail-order agencies) that provide sufficient guarantees that suitable technical and organisational measures will be taken in the processing, in accordance with the requirements of the GDPR and, therefore, ensuring the protection of personal data. The processing by a contract data processor only takes place on the basis of a contract with us, that sets out the subject-matter and duration of the processing, the nature and purpose of the processing, the type of personal data and categories of data subjects and the obligations and rights of the controller. All contract data processors that process and check personal data are monitored on a regular basis to verify that they are complying with the stipulations of data protection laws.
Data Types and the Purpose of Processing
The personal data of our clients and potential clients is collected and processed by us for the purpose of service and information provision. The personal data is stored for the duration of their service or information reference and for as long as claims arising from it may exist or legal regulations require the processing.
Duration of Data Storage
We only store personal data for as long as the purpose of processing requires it and legal claims may exist, or for as long as legal regulations stipulate us to. They will be irrevocably deleted afterwards.
For example, the personal data in question must be stored for 7 years due to legal regulations (record preservation obligations) of the Austrian Commercial Code (§ 212) and the Federal Fiscal Law (§ 132) for accounting and financial data.
Collection and processing of personal data when visiting our website.
When you visit our website, our web server stores each request temporarily in a log file. The following data is, thereby, gathered and stored encrypted for 6 months:
• IP-Address of the enquiring computer
• Date and time of the request
• Name and URL of the requested page
• Data quantity transferred
• Report if the retrieval was successful
• Identification data of the browser used and operating system
The processing of this data takes place for the purpose of enabling use of the website, system security, the technical administration of the network infrastructure, as well as the optimisation of the internet presence. The log file will only be analysed in the event of attacks on our network infrastructure.
Cookies
Our cookie information site explains how we handle cookies, embeddings and other trackers when you use our website, and how you can choose to consent or opt-out.
Web Analysis - Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Inc. ("Google"). Google Analytics uses so-called “cookies”, which are text files placed on your computer, to help the website analyse how visitors use the site. The information generated by the cookie about your use of the website will normally be transmitted to and stored by Google on servers in the United States. The IP address transmitted by your browser as part of Google Analytics is not combined with other data from Google.
On behalf of the operating company of this website, Google will use this information to evaluate your use of the website, to compile reports on website activities and to provide other services related to website activity and internet usage to the website operating company. You may refuse the use of cookies by selecting the appropriate settings on your browser; however, please note that if you do this you may not be able to use the full functionality of this website.
You can also prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) and Google from processing this data by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de. As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent the collection by Google Analytics by clicking on this link. An opt-out cookie is set to prevent your data from being collected in the future when you visit this website. The opt-out cookie applies only to this browser and only to our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again. [You will find information on how to integrate the opt-out cookie at: https://developers.google.com/analytics/devguides/collection/gajs/?hl=de....
We continue to use Google Analytics to evaluate data from double-click cookies and AdWords for statistical purposes. If you do not wish for this to happen, you can deactivate it using the Ads Preferences Manager (http://www.google.com/settings/ads/onweb/?hl=de).
Google Tag Manager
With the Google Tag Manager, marketers can manage website tags across an interface. The Tag Manager itself, which uses the tags, functions without Cookies and does not gather any personal data. The Tag Manager merely triggers other tags, which, in turn, collect data under certain circumstances. The appropriate declarations about these third party providers can be found in this data protection declaration. The Google Tag Manager does not, however, use this data. If you have Cookie deactivation set up or otherwise opted out, this will be observed for all tracking-tags used with Google Tag Manager; the tool will not change your cookie settings.
Google may ask your permission to share some product data (for example, your account information) with other Google products, in order to activate certain features, for example, to facilitate the addition of new conversion tracking tags for AdWords.
In addition, Google’s developer will, from time to time, review product usage information, in order to further optimise the product. Google will, however, never share data of this kind with other Google products without your consent.
You will find further information in the Google usage guidelines and the Google data protection notice for this product.
Youtube Data Protection Regulations for the use and application of Youtube
Components of YouTube are integrated on this website. YouTube is an internet portal that allows video publishers to upload video clips free of charge and other users to view, rate and comment on a likewise cost-free basis. YouTube permits the publication of all types of videos, which is why complete film and television programmes, as well as music videos, trailers or user’s self-produced videos are downloadable on the internet portal.
The operating company of YouTube, is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
Each visit to any of the pages on this website, on which a YouTube component (YouTube-video) was integrated, automatically prompts the internet browser on the information technology system of the person in question to download a representation of the corresponding You-tube component. Further information about YouTube can be accessed at https://www.youtube.com/yt/about/de/. In the context of this technical process, YouTube and Google will receive information about which specific sub sites of our website are visited by the person in question.
If the person in question is logged into YouTube at the same time, Youtube recognises, by the selection of a sub page, which contains a YouTube video, which specific sub page of our website the person in question is visiting. This information will be collected by YouTube and Google and associated with the respective YouTube account of the person in question.
YouTube and Google will always receive information that the person in question has visited our website, if they are logged into YouTube at the same time as the point in time of the selection; this occurs whether the person in question clicks on a YouTube video or not. If such a transmission of this information is not intended by the person in question, this transmission can be prevented by logging out of their YouTube account before selecting our website.
The published YouTube data protection regulations that are available at http://www.google.de/intl/de/policies/privacy/ , give information about the collection, processing and use of personal data by YouTube and Google.
AddThis
On our website, we use Plugins of the service AddThis, which is operated by AddThis, LLC, 1595 Spring Hill Rd, Suite 300, Vienna, VA 22182, (USA) (“AddThis”). AddThis provides website creation and design tools (www.addthis.com) that make it easier for site visitors to share their current page with other internet users by email or in social networking. The Plugins are recognised on the “Tweet”, “E-Mail”, “Linkedin” and “g+1” buttons integrated on parts of our website. In addition, AddThis provides tools for website operators to help analyse and improve the use of their own website or to enable a direct user approach. In doing so, AddThis also applies Cookies and web beacons (small graphics, “tracking pixels” that enable a log file-record and a log file analysis). When you use this AddThis-Plugin, your internet browser establishes a direct connection with the servers of AddThis and, if applicable, the chosen social network. The data generated (for example, time of use or browser-language) is transferred to AddThis and processed there. When you send content of our website to social networks, a link between the visit to the website and your user profile on the corresponding social network can be established. Further information about data processing and data protection through AddThis can be found at http://www.addthis.com/privacy/privacy-policy.
No processing of the data in question or transfer to a third party will occur.
By using the AddThis-plugin you agree to data processing by AddThis, as well as data collection and storing by AddThis
Eyepin – Newsletter
We use the newsletter tool provided by eyepin. The Newsletters of the eyepin GmbH, Billroth Straße 52, 1190 Vienna, contain the so-called tracking pixels. A tracking pixel is a miniature graphic that is embedded in emails sent in the HTML format, to enable a log file record and a log file analysis. As a result, a statistical evaluation of the success or failure of online marketing campaigns is carried out. With the aid of the embedded tracking pixel, the eyepin GmbH can detect if and when an email was opened by a person concerned. Furthermore, via the Newsletter-Tracking, it is ascertained which links in the email were accessed by persons concerned. Personal data collected by the tracking pixel contained in the Newsletter and the Newsletter tracking is stored and evaluated by the person responsible for processing to optimise the Newsletter delivery and to better adapt the content of future Newsletters to the interests of persons concerned. This personal data will not be passed onto third parties. Persons concerned are entitled, at any time, to revoke the, in this regard, separate declaration of consent to unsubscribe from receipt of the Newsletter through the Double-Opt-In procedure. Following a revocation, no further data will be collected at all and the address will be placed on a block list to document the notice of departure and to prevent further mailings. The data protection clarification of the eyepin can be found at: https://support.eyepin.com/hc/de/articles/360001151006-Datenschutz-bei-…. (eyepin data protection).
Data Security Measures
Personal data that is processed by us will be stored and secured with particular care, both on a technical and organizational level. You are protected from accidental or unlawful destruction and loss and we ensure that it is used properly and that the data is not accessible to unauthorized persons. All our contract data processors are bound by a contractual agreement with us to adhere to all technical and organizational measures to ensure secure processing. This is verified by us on a regular basis.
Data Protection Officer
The data protection officer works in conjunction with the highest level of the organization and is the first person of contact in matters of data protection. They meet on a regular basis to discuss matters of data security and protection.
He works, when necessary, in conjunction with the supervisory authorityand acts as person of contact for the supervisory authority in matters related to the processing of personal data, inclusive of prior consultation. Persons concerned may consult the data protection officer on any matter relating to the processing of their personal data and the exercise of their rights in relation to any matters that may arise. We ensure that the data protection officer receives no instructions in the fulfillment of his duties. The contact details of our data protection officer can be found in the contact information at the end of the privacy policy.
Communication Obligation
In the event of a personal data breach, we are obliged to notify the supervisory authorityof such a breach immediately. It is likely that such a breach will harm the privacy of persons concerned or the personal data itself, therefore, the supervisory authoritymay require us to communicate the personal data breach to the data subject, after consideration of the probable effects of the breach.
Information regarding the rights of persons concerned
As a data subject you are entitled to a right to information regarding personal data stored about you, a right to rectify incorrect data, to restriction and opposition to processing and to deletion. In order to exercise this right, you must provide a suitable form of identification. Our information will provide the processed data, information about their origin, any recipients or recipients of transfers, the purpose of the use of the data and the legal basis for this in a generally understandable form. On your request, names and addresses of contract processors are also made known. As a solicitor of information, you must participate in the information procedure to an extent that is reasonable to you in order to avoid unjustified and disproportionate efforts on the part of the person responsible for data processing. Within a month following arrival of your request, we will issue the information or state in writing why it cannot be issued or not fully issued. For information about your personal data or their rectification or deletion or if you have further questions about the use of your personal data provided to us, please contact our data protection officer. The contact options can be found at the end of this privacy policy.
The Supervisory Authority
In the case of an alleged inadequacy of the protection of personal data, persons concerned have the possibility to lodge a complaint with the Austrian Data Protection Authority - Datenschutzbehörde (http://www.dsb.gv.at).
Modification to this Privacy Policy
As this information is subject to the current legal situation and our services are constantly being further developed, we reserve the right to change this privacy policy accordingly. We recommend reading this privacy policy on a regular basis to stay informed about the personal data we collect.
The company responsible is the Gewista Advertising Company GmbH; Address: Litfaß Straße 6, 1031 Vienna, E-Mail: gewista@gewista.at
Contact address of the data protection officer: datenschutzbeauftragter@gewista.at