General Data Protection Regulation

Privacy Notice

 

Information about the processing of personal data in compliance with Art 13 and 14 General Data Protection Regulation (GDPR)

The protection of your personal data and privacy is important to us. Therefore, we would like to provide you with the following information about how we handle your personal data, in particular about the purposes of the processing, to whom we transfer such data and about your corresponding rights under the applicable data protection regime. Any reference to data in this privacy notice is a reference to personal data relating to you. Personal data are any information which allows your identification, either directly or indirectly.

Thus, we would ask you to read the following information carefully.

1. Who is responsible for the processing?

The following company is responsible for the processing:

SPRINGER Maschinenfabrik GmbH
Hans-Springer-Straße 2
A-9360 Friesach / Carinthia, Austria
Telephone: +43 4268 2581 - 0
Fax: +43 4268 2581 - 45
E-mail: office(at)springer.eu

The company has not appointed a data protection officer.

2. Which types of data do we process and from which sources have we obtained these data

2.1. We process personal data which we have lawfully obtained based on your consent or which you have provided to us in the course of our business relationship (e.g. to comply with an order/performance of contracts or a legal obligation or based on your consent).

2.2. Personal data include in particular your personal details (name, address, contact details etc.), master contract data (contractual relationship, interests in a specific product or contract), customer history, invoicing and bank details, information about your financial status (e.g. your credit rating), results of processing generated by us as well as any data to comply with legal and regulatory requirements.

3. For which purposes and on which legal basis do we process your personal data?

We process your personal data in accordance with applicable data protection law (GDPR and the Data Protection Act (DSG) in the respective applicable version).


3.1. Newsletter

3.1.1.  We only use the data provided for the electronic distribution of a newsletter to which you have subscribed. We use the e-mail address provided to us in order to be able to send you the relevant newsletter. However, you are entitled to withdraw your consent to the processing of your personal data in connection with communications via newsletters at any time. To withdraw your consent, you can simply make use of the option to unsubscribe included in each newsletter or via e-mail to marketing(at)springer.eu.


Data = first name and surname, e-mail-address
Purpose = providing information about products, services and events
Legal basis = consent


3.1.2.  Double opt-in and records

The subscription to our newsletter is subject to a so called double opt-in process. This means that you receive an e-mail following the subscription requesting the confirmation of your subscription. This confirmation is necessary to prevent any subscription under someone else’s e-mail addresses. Subscriptions to newsletters are recorded in order to be able to demonstrate compliance of the subscription process with the legal requirements. This includes the storage of the time of the subscription and the confirmation as well as of the IP-address. Any changes of your data, which are stored by MailChimp, are recorded as well.


3.1.3.  Use of the service provider “MailChimp“

Newsletters are sent via “MailChimp”, an e-mail marketing service provided by the US company Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA.
E-mail addresses of our newsletter recipients as well as their further data, which is referred to in this privacy notice, are stored on the servers of MailChimp in the United States. MailChimp uses this information to send and to analyse newsletters on our behalf. Furthermore, according to MailChimp, it may use these data to optimise or improve its service, e.g. for the technical optimisation of the sending and layout of newsletters or for commercial purposes or to identify the recipients’ country. However, MailChimp does not use the data of our newsletter to contact recipients directly or to disclose their data to third parties.

We are confident that MailChimp is a reliable company and rely on its IT- and data security. MailChimp is certified under the US-EU Privacy Shield Frameworks and is thus obliged to comply with EU data protection law. Furthermore, we have entered into a data processing agreement with MailChimp. This agreement obliges MailChimp to protect the data of our users, to process such data on our behalf in accordance with the data protection provisions set out therein and, in particular, not to disclose such data to third parties. You can access the privacy notice of MailChimp https://mailchimp.com/legal/privacy/ here.

 

3.2. Advertising

When contacting you we may also request your consent to use data provided by you to advertise SPRINGER products (e.g. in connection with marketing communication) and to transfer such data to third parties (Microtec, FinScan, Woodeye)  for the purpose of market research and to advertise SPRINGER products. Such third parties may contact you via e-mail and telephone.

Data = title/academic title, first name and surname, address, e-mail address, telephone number
Purpose = providing information about products, services and events
Legal basis = legitimate interest

3.3. Direct marketing

3.3.1.  We use your personal data, which you have provided to use in the course of our contractual relationship, in connection with own marketing purposes for direct marketing of our own products and services. Thus, you receive interesting offers and information about our products via mail.

Data = title/academic title, first name and surname, address, e-mail address, telephone number
Purpose =  providing information about products, services and events of SPRINGER
Legal basis = legitimate interest

You have the right to object to the processing pursuant to Art 21 para 1 GDPR to the extent the processing is based on a legitimate interest. We refer to the specific information provided at the end of this privacy notice in this regard (What rights do you have?).

3.4. Accounting and logistics

3.4.1.  For the management of our internal accounting and the required logistics we may have to process certain personal information relating to your company to perform our contractual relationship with you.

Data = contact person of customer and supplier
(name, contact details, function, power of representation, processed business transaction, correspondence language) interested parties (name, contact details, function)
Purpose = providing information about products, services and events of SPRINGER
Legal basis = performance of a contract, legal obligation

3.5. Job applications

3.5.1.  We process your personal data to manage job applications. This includes on the one hand the processing of the specific application as well as keeping such application for future consideration and to inform you if a suitable position becomes available. The below data are stored if provided by the applicant. This depends on the specific application.

(Categories of) data = name, data of birth, address, CV, photo
Purpose = processing of the application and keeping such application for future consideration
Legal basis = performance of a (preliminary) contract, legitimate interest

3.6. School projects

3.6.1.  If you have participated or participate in a school project in cooperation with SPRINGER, we store your personal data to organise such project.

(Categories of) data = name and contact details of the teacher and the pupils, project related data, evaluations
Purpose = processing of the application and keeping such application for future consideration
Legal basis = performance of a contract, consent

4. Who receives your data?

Only units/departments, respectively employees within SPRINGER Maschinenfabrik GmbH receive your data, if and to the extent they require such data for the processing of the respective purposes. Furthermore, we disclose your data to processors instructed by us (IT-service providers, print services providers, marketing etc) to the extent they require such data to perform the respective services. All processors have been carefully selected and ensure by means of appropriate technical and organisation measures that the processing of your data complies with data projection requirements and that your corresponding rights are safeguarded. In particular, processors are not allowed to process your personal data for their own purposes.
We note in connection with a disclosure of data to any other third parties (e.g. affiliated companies), that such disclosure will only take place based on a valid legal basis and for purposed specified in advance.

5. Updates

Any updates of your personal data are primarily based on your direct feedback, respectively your notification of any changes. However, we may also update your personal data based on information provided by third parties (e.g. affiliated companies) or based on

6. How long do we store your data?

6.1. We process your personal data, to the extent required, for the duration of our business relationship (initiation, management and termination of a contract) and furthermore, in accordance with the statutory retention and documentation obligations pursuant to the Business Code (UGB) and the Federal Fiscal Code (BAO) or for the establishment, exercise or defence of legal claims.

6.2. The storage period also depends on statutory limitation periods, which pursuant to the Civil Code (ABGB) may be for example thirty, or in specific circumstances only three years.

6.3. In general, your data will be erased upon complete performance of the contract, withdrawal of your consent or your following your objection to the processing unless the storage is required to comply with a legal obligation or for the establishment, exercise or defence of legal claims. A further processing takes only place if you have given your express consent for the further use of your data or if we have reserved the right of further processing. Such further processing must also comply with applicable law.

6.4. Your data may be anonymised rather than erased. In this case all personal identifiers are irrevocably removed. Thus, the obligation to erase data pursuant to data protection law does not apply. In this case it is no longer possible to identify you as a data subject.

7. What rights do you have?

In general, you have the right of access, to rectification, erasure, restriction of processing, data portability and to object. Please contact us if you want to exercise any of your rights.

Right of access: You can request us to confirm whether we process any of your personal data. If this is the case, you can exercise your right of access to these personal data and the information pursuant to Art 15 para 1 GDPR (e.g. purposes of processing, categories of personal data).

Right to rectification: You can request us to rectify any incorrect personal data.

Right to erasure:
You can request erasure of your personal data, for example if
(a) the data are no longer required for the purposes for which they have been collected or processed in another way or
(b) the data are unlawfully processed or
(c) you withdraw your consent if the processing was based on your consent.
You are not entitled to request erasure if any of the exemptions of Art 17 para 3 GDPR applies, for example if the processing is required to comply with a legal obligation under EU or Austrian law (e.g. statutory retention requirements) or for the establishment, exercise or defence of legal claims.

Restriction of processing:
You can request the restriction of the processing, if
(a) you contest the accuracy of the personal data, for a period enabling us to verify the accuracy of the personal data,
(b) the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
(c) we no longer need the personal data for the purposes of the processing, but you require such data for the establishment, exercise or defence of legal claims; or
(d) you have objected to the processing pursuant to Article 21 para 1 GDPR pending the verification whether our legitimate grounds override yours (in this regard see the following).

Right to object: You can object to the processing of your personal data pursuant to Art 21 para 2 GDPR if we process such data
(a) to safeguard our legitimate interest. We will not process your personal data in the case of your overriding data protection interest.
(b) for the purposes of direct marketing. You can object to direct marketing at any time without giving reasons.

Right to data portability: You can request to be provided with the data, which you have provided to us, in a structured, commonly used and machine-readable format, if we process these data based on a consent given by you, which can be withdrawn, or for the performance of a contract and such processing is carried out by automated means. You can transfer such data to another controller. To the extent technically possible, you can also request the direct transfer from one controller to another.

7.2. Should you believe that the processing of your data is unlawful or your data protection rights are infringed in any other way, you can lodge a complaint with the supervisory authority. The data protection authority (Datenschutzbehörde) is the competent authority in Austria.

Austrian data protection authority (Datenschutzbehörde)
Wickenburggasse 8
A-1080 Vienna, Austria
Telephone: +43 1 52 152-0
E-mail: dsb(at)dsb.gv.at

8. Are you required to provide data?

You only have to provide personal data in the course of the contractual relationship, which is required for the establishment and performance of the relationship or if we are required by law to collect such data. Furthermore, you have to notify us of any changes of your personal data. If such data are not provided, we will in general not be able to enter into the contract, perform the order or will no longer be able to perform an existing contract and will consequently have to terminate such contract.

9. Are my data used for automated individual decision-making including profiling?

We do not use automated decision-making as set out in Art 22 GDPR.

USE OF COOKIES

1. We use cookies

1.1. A cookie is a small data file saved on your device and stores data as for example personal browser settings. This data file is created and sent to you by the web server, to which you have connected via your web browser. In general, we use cookies to analyse the interest in, as well as to improve the usability of, our websites. You can access our websites also without using cookies. However, if you want to fully use our websites, respectively use our websites in the optimal way, you should accept cookies enabling the use of certain functions, respectively to enjoy the best user experience. Cookies do not cause any damage to your computer, nor do they contain any viruses.

1.2. The majority of the cookies used by us are so called “session cookies”. These are automatically deleted once you have closed our website and are not saved permanently on your device. Other cookies are saved on your device until deleted by you (permanent cookies). These cookies enable us to recognise your browser when you access our website again.

1.3. To the extent your browser settings accept cookies, you consent to the use of these cookies when you access our website. However, you can change your browser settings, so that you are informed of any cookies and that you can accept cookies on a case by case basis, reject cookies in specific circumstances or in general or to activate the automatic deletion of cookies when you close your browser. Deactivation of cookies can limit the functionality of this website.

2. Third party cookies

2.1. Certain third party service providers place permanent cookies on your device to monitor in particular user preferences and to personalise offers (including advertisements). We are not able to control cookies of third party providers. Thus, we recommend reviewing the respective websites of third party providers to confirm which cookies are used and how these can be managed.

2.2. The “Digital Advertising Alliance” provides for the possibility of a general opt-out for common third party providers such as Facebook, Google and the like. Further information can be found below.

3. Google Analytics

3.1. This website uses the functions of the web analysis service Google Analytics. The service provider is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Google Analytics records interactions of users of your website by using their own cookies. If users use Google Analytics advertising feature, Google advertising cookies enable functions such as re-marketing in the Google display network for products such as AdWords.

3.2. Further information relating to the use of data for marketing purposes by Google, how to choose settings and possibilities to object is available on https://www.google.com/intl/en/policies/privacy/partners („How Google uses information from sites or apps that use our services“), http://www.google.com/policies/technologies/ads („Advertising“), http://www.google.de/settings/ads („Control the information Google uses to show you ads“) and http://www.google.com/ads/preferences („Specify which ads Google displays“).

4. YouTube

We use YouTube to provide access to videos about our products. YouTube may place cookies on your device, if you view videos on our website, which have been embedded by YouTube. The interactive YouTube function might not be available if you reject cookies. As a consequence, you might not be able to view the YouTube video that has been embedded on our website.

5. Google Maps

We use Google Maps to display maps and locations. Google Maps may place cookies on your device, if you use such maps on our website, which have been embedded by Google Maps. The interactive Google Maps functions might not be available if you reject cookies. As a consequence, you might not be able to view maps that have been embedded on our website.