This website is operated by Findustrial GmbH, (FN 529651 z), hereinafter referred to as “we”, “us” and “Findustrial”, based in Gahberggasse 9, 4861 Schörfling am Attersee. In this privacy policy, we, as the controller pursuant to Art. 4 (7) GDPR, describe which data we collect when you visit our website and for what purpose we process it. We also inform you about how we generally process the data of our customers, suppliers and interested parties and finally explain what rights and safeguards we offer in the course of data processing. All relevant contact details can be found in section 11 of this privacy policy.
As the protection of your personal data is of particular concern to us, we strictly adhere to the legal requirements of the DSG and the GDPR when collecting and processing your personal data.
Below we inform you in detail about the scope and purpose of our data processing as well as your rights as a data subject. Therefore, please read our privacy policy carefully before you continue to use our website and, if necessary, give your consent to data processing.
It is generally possible to use our website without providing personal data. However, there may be different regulations for the use of individual services, which we will inform you of separately.
Apart from the cookies described in detail below, we therefore only collect and store the data that you yourself provide to us by entering it in our input masks or actively interacting with our website in any other way.
Personal data is all information that relates to an identified or identifiable natural person. This includes, for example, your name, your address, your telephone number or your date of birth, but also your IP address or geolocation data that can be used to identify you.
a. If you only use our website for information purposes, i.e. if you do not register for a service or otherwise provide us with information – for example via a contact form – we only collect the (personal) data that your browser transmits to our server. If you wish to visit our website, we collect the data listed below, which is technically necessary for us to display the website to you and to ensure its stability and security in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR:
• IP address
• Date and time of the request
• Time zone difference to Greenwich Mean Time (GMT)
• Content of the request
• Access status / http status code
• Amount of data transferred in each case
• Website from which the request comes
• Browser used
• Operating system and its interface
• Language and version of the browser software
However, this data is not processed beyond the purpose of displaying our website.
b. In addition to the aforementioned data, first and third-party cookies are stored on your computer when you use our website; these are small text files that are stored on your hard disk in the browser you are using. The body that sets a cookie (this is done either by us or an explicitly named third party) receives certain information as a result.
We need these cookies on the one hand to recognize you as a user of the website and on the other hand to be able to track the use of our services. Finally, we may use cookies for marketing purposes in order to analyze your usage behavior and to send you targeted advertising if necessary.
c. A basic distinction can be made between first party cookies, third party cookies and third party requests.
• First party cookies
First party cookies are stored in your browser by us or our website itself in order to offer you the best possible user experience. These are functional cookies in particular, such as shopping cart cookies. We may also use cookies to identify you for subsequent visits if you have an account with us – otherwise you will have to log in each time you visit.
• Third party cookies
Third-party cookies are stored in your browser by a third-party provider. These are usually tracking or marketing tools which, on the one hand, evaluate your user behaviour and, on the other hand, enable the third-party provider to recognize you on other websites you visit. Retarget marketing, for example, is generally based on the function of such cookies.
• Third Party Requests
Third party requests are all requests that you as a site user make to third parties via our site – for example, if you interact with social network plugins or use the services of a payment provider. In this case, no cookies are stored in your browser, but it cannot be ruled out that personal data will be sent to this third-party provider as a result of the interaction. For this reason, we also inform you in detail in our privacy policy about the tools and applications we use.
d. In order to provide you with comprehensive information about the cookies we use, we have designed a cookie banner in accordance with the case law of the ECJ of 01.10.2019, C-673/17 (Planet 49) and other relevant decisions, which is displayed when you first visit our website. This cookie banner shows all cookies used, including their function, storage duration and origin. Only if you consent to the use of some or all cookies will they be stored by us; an exception to this may be technically essential cookies, without whose use our website could not be displayed correctly.
e. You can change your browser settings at any time, for example to refuse to accept third-party cookies or all cookies. In this case, however, we must point out that you may no longer be able to use all the functions of our website.
a. Website
Personal data that goes beyond the information stored by cookies is only processed by us as part of the operation of our website if you provide it to us voluntarily, for example when you register with us, enter into a contractual relationship with us or otherwise contact us. This relates exclusively to contact details and information on the matters with which you contact us.
We only use the personal data you provide to the extent that this is necessary to fulfill the respective purpose of the processing (e.g. registration, sending newsletters, processing an order, sending information material and advertising, processing a competition, answering a question, providing access to certain information) and this is permitted by law (in particular pursuant to Art. 6 or Art. 9 GDPR). in accordance with Art. 6 or Art. 9 GDPR) (e.g. the sending of advertising and information material to existing customers in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR).
The purpose of processing your data is the operation of our website and the targeted provision of company-specific information, including the presentation of our range of goods and services (marketing).
Any further use of your data will only take place if you have given your express prior consent, if we need your data to fulfill a contract concluded with you or if we are obliged to retain it due to a legal provision. You can revoke any consent you have given at any time for the future, as explained in detail below.
b. Contracts, marketing and more
In general, we use personal data of our customers, suppliers and other contractual and cooperation partners, e.g. contact persons, their contact details and marketing-relevant information, for the purpose of contract processing and within the scope of statutory retention obligations (e.g. accounting), and also for legitimate interests, such as for marketing and customer care purposes.
We also collect personal data from interested parties (e.g. contact persons, their contact details and marketing-relevant information) in the course of our acquisition and sales activities. We are always on the lookout for potential contractual partners
on the Internet, at trade fairs and other events and maintain a marketing database for this purpose in order to enable targeted advertising for our products and services. We carry out all of the measures listed here in our legitimate interest for marketing purposes in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR in conjunction with recital 47 for a period of three years from the end of a contractual relationship (customers & suppliers) or our first (unsuccessful) contact (interested parties), unless the data subject has given their express consent beyond this.
If we do not collect personal data for marketing purposes from the data subject themselves, we will also inform the data subject of where we have collected their data in accordance with Art. 14 GDPR when they first contact us.
c. Application management
We collect data from applicants for job offers open with us for the purpose of initiating a possible employment relationship Art. 6 para. 1 sentence 1 lit. b GDPR or, if necessary, on the basis of explicit consent for evidence purposes.
We generally store data that you have provided to us exclusively for customer service or for marketing and information purposes for a period of three years after our last contact. However, if you so wish, we will also delete your data before this period expires, provided there is no legal obstacle to this.
In the event of contract initiation or conclusion, we process your personal data after complete contract processing until the expiry of the guarantee, warranty, limitation and statutory retention periods applicable to us, and beyond that until the end of any legal disputes in which the data is required as evidence.
We will only store data that you may send us as part of an application process for a period of 6 months without separate consent.
If storage is required by law, we will comply with the period standardized there. If we process your personal data for purposes other than those described in this privacy policy, for example for legitimate interests, we will inform you separately before processing begins.
a. General
Your data will not be transferred to third parties unless we are legally obliged to do so, the transfer of data is necessary for the execution of a contractual relationship concluded between us or you have previously expressly consented to the transfer of your data.
External processors or other cooperation partners will only receive your data if this is necessary for the execution of the contract, if we have a legitimate interest in it, which we always disclose separately in the event of an incident, or if this is necessary due to special standards, with your consent.
Your personal data will not be sold or otherwise marketed by us to third parties. If our contractual partners or processors are based in a third country, i.e. a country outside the European Economic Area (EEA), we will inform you of the consequences of this circumstance in the description of the offer.
If one of our processors comes into contact with your personal data, we ensure that they comply with the provisions of the data protection laws in the same way as we do.
b. Data transfer to the USA?
We occasionally offer some services in the course of which data is or may be transferred to the USA. The transfer of data to the USA has always led to legal challenges in recent years. There are several legal bases for a legally compliant data transfer to the USA, whereby we generally rely on two different legal bases:
• Data transfer based on the existence of an adequacy decision
On July 10, 2023, the European Commission adopted a new adequacy decision pursuant to Art. 45 GDPR for the USA – namely the EU-U.S. Data Privacy Network.
However, this adequacy decision only applies to those data importers in the USA that are registered in the Data Privacy Framework List (https://www.dataprivacyframework.gov/s/participant-search).
For each of our service providers that is to receive personal data in the USA as a data importer, we check whether it is registered in the Data Privacy Framework List. If this is the case, this is stated in our privacy policy for the respective service provider.
The EU Commission’s press release on the EU-U.S. Data Privacy Network can be found at: https://ec.europa.eu/commission/presscorner/detail/en/ip_23_3721.
• Consent
However, if a data importer is not registered in the Data Privacy Framework List, it is necessary – unless there is another justification, such as the fulfillment of contractual obligations – that you consent to the use of your data collected via these services, including in the USA (Art. 49 para. 1 lit. a GDPR).
This is because we are not yet able to assess how jurisdiction will develop as a result of the EU-U.S. Data Privacy Network. We collect this consent – depending on the service – via our cookie banner or separately by means of a corresponding declaration of consent directly before using a service offered.
Your consent is required because, according to recent decisions by authorities and courts and the case law of the ECJ, the USA is not considered to have an adequate level of data protection when processing personal data (C-311/18, Schrems II). These official and court decisions are particularly critical of the fact that access by US authorities (FISA 0702) is not comprehensively restricted by law, does not require approval by an independent authority and there are no relevant legal remedies available to those affected in the event of such interventions.
Apart from the contracts concluded with US service providers, we have no direct influence on the access of US authorities to personal data that is transferred to service providers in the USA when using these services. Even if we assume that our service providers take the necessary steps to guarantee the promised level of protection in accordance with the contractual agreements concluded with us, access by US authorities to data processed in the USA is nevertheless conceivable.
We therefore request your consent to the processing of data in the USA before using such services. We will point out separately for each service or application that there is a possibility of data transfer to the USA.
You have the option of subscribing to our free newsletter. With this newsletter you will receive all the latest news and information about our company as well as customized advertising at regular intervals. To receive our newsletter, you need a valid e-mail address.
We check the e-mail address you have entered in our registration form to see whether you actually wish to receive newsletters. This is done by sending you an e-mail to the e-mail address you have provided, which you can confirm by clicking on a link provided. After confirming the e-mail, you are registered for our newsletter. (double opt-in)
We store your IP address and the date and time of your registration when you first subscribe to the newsletter. This is done for security reasons in case a third party misuses your e-mail address and subscribes to our newsletter without your knowledge. We do not collect and process any other data for the newsletter subscription; the data is used exclusively for the newsletter subscription.
Unless you object to this, we may transfer your data to companies affiliated with our company for the purpose of analysis and for the transmission of information for advertising purposes. Within the group of companies, your data that you have provided to us to receive the newsletter will be compared with data that may be collected by us elsewhere (e.g. when purchasing a product or booking a service).
Your newsletter registration data will not be passed on to third parties who do not belong to the group of companies. You can unsubscribe from our newsletter at any time; you will find the details for unsubscribing in the confirmation email and in each individual newsletter.
a. We use Hubspot, which is a web analytics service provided by HubSpot, Inc, USA. This service uses cookies, the functionality of which is explained in detail in the cookie banner. The information generated by these cookies about your use of this website is generally transmitted to a Hubspot server and stored there.
Hubspot uses this information on our behalf to evaluate your use of our website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Hubspot will not be merged with other Hubspot data.
If you would like further information on the type, scope and purpose of the data collected by Hubspot, we recommend that you read their privacy policy. https://legal.hubspot.com/privacy-policy.
HubSpot also processes your data in the USA. Before you give your consent to the storage of cookies through the use of HubSpot, please read the relevant information in our cookie banner.
HubSpot, Inc. is registered in the Data Privacy Framework List.
b. We also use the services of Google Maps on our website. This allows us to show you interactive maps directly on our website and enables you to conveniently use the map function to find our location and make your journey easier.
When you visit our website, Google receives the information that you have accessed the corresponding subsite of our website and the personal data listed under 2. This takes place regardless of whether you are logged in via a Google account or not. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish this to happen, you must log out of Google before using this service. Google uses your data for the purposes of advertising, market research and needs-based website design. You have the right to object to the use of your data in this regard, which you must address directly to Google.
Further information on the purpose and scope of data collection can be found in Google’s privacy policy at http://www.google.de/intl/de/policies/privacy. Google also processes your data in the USA. Before you give your consent to the storage of cookies through the use of Google Maps, please read the relevant information in our privacy policy.
Google LLC is registered in the Data Privacy Framework List.
c. We also provide links to other websites on our website for information purposes only. These websites are not under our control and are therefore not subject to the provisions of this privacy policy. However, if you activate a link, it is possible that the operator of this website will collect data about you and process it in accordance with its privacy policy, which may differ from ours. Please always inform yourself about the current data protection regulations on the websites we link to.
d. We also use (analysis) tools and applications from third-party providers on our website. Some of these make it possible to interact with various social networks via plugins. The tools, applications and plugins we use are
• Facebook, operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The parent company, Meta Platforms Inc, Menlo Park, California, is registered in the Data Privacy Framework List.
• Linked In, operated by LinkedIn Inc., 2029 Stierlin Court, Mountain View, CA 94043, USA
• Instagram, operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The parent company, Meta Platforms Inc, Menlo Park, California, is registered in the Data Privacy Framework List.
• Google Adwords, Google Recaptcha, GoogleTagManager, operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google LLC is registered in the Data Privacy Framework List.
• Microsoft Teams, operated by Microsoft Corporation, One Microsoft Wa. Redmond, WA 98052-6399, USA. Microsoft is registered in the Data Privacy Framework List.
• Leadinfo, operated by Team.blue Gmbh, Bunsenstr. 19, 40215 Düsseldorf, Germany
If you click on a plugin of one of these social networks, it is activated and a connection to the respective server of this network is established as described above.
If you activate these plugins, you consent to the use of your data collected via these plugins in the USA.
We have no influence on the scope and content of the data that is transmitted to the respective operator of this social network by clicking on the plugin or which may subsequently be subject to access by US authorities.
If you want to find out about the type, scope and purpose of the data collected by the operators of these social networks, we recommend that you read the data protection provisions of the respective social network.
a. Facebook – Fan page
We operate a Facebook fan page at https://www.facebook.com/profile.php?id=100091059758941. The purpose of this fan page is to share information about our company’s activities, to implement marketing measures and to offer a further communication channel with us.
In this context, we are “joint controllers” with Facebook, operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, which provides us with this service. In principle, Facebook allows you to select in your settings which personal data is shared with us. If you do not want this, we will receive all information regarding the use of our fan page and personal data about visitors in anonymized form.
For this purpose, we have concluded a so-called Art. 26 GDPR agreement with Facebook, in which the mutual rights and obligations of us and Facebook are regulated. This can be found at https://www.facebook.com/-legal/EU_data_transfer-_addendum/update. In this context, we also ask you to read Facebook’s privacy policy, which you can find at https://www.facebook.com/policy.php.
In the Art. 26 GDPR agreement concluded by us, Facebook undertakes to be the first point of contact for data subjects regarding the processing of In-sights data and to fulfill the associated obligations and tasks.
You can therefore assert your data subject rights both against us in accordance with point 10 of this privacy policy and against Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
b. Instagram – Profile
We operate an Instagram profile “findustrial_at”. We want to use this profile to implement marketing measures, draw attention to our products and services and create another communication channel with our customers.
In this context, we are also “joint controllers” with Instagram, operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, which provides us with this service. In principle, Instagram allows you to select in your settings which personal data is shared with us. If you do not want this, we will receive all information regarding the use of our fan page and personal data about visitors in anonymized form.
For this purpose, we have concluded a so-called Art. 26 GDPR agreement with Instagram, in which the mutual rights and obligations of us and Instagram are regulated. This can be found at https://www.facebook.com/-legal/EU_data_transfer-_addendum/update. In this context, we also ask you to read Instagram’s privacy policy, which you can find at https://help.instagram.com/519522125107875.
In the Art. 26 GDPR agreement concluded by us, Instagram undertakes to be the first point of contact for data subjects regarding the processing of In-sights data and to fulfill the associated obligations and tasks.
You can therefore assert your data subject rights both against us in accordance with point 10 of this privacy policy and against Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
We use numerous technical and organizational security measures to protect your data against manipulation, loss, destruction and access by third parties. Our security measures are constantly being improved in line with technological developments on the Internet. Should you require further information on the nature and scope of the technical and organizational measures we have taken, please do not hesitate to contact us in writing at any time.
In accordance with the General Data Protection Regulation and the Data Protection Act, you are entitled to the following rights and legal remedies as a data subject of our data processing:
• Right to information (Art. 15 GDPR)
As the data subject of the data processing described above and other data processing, you have the right to request information about whether and, if so, which personal data about you is being processed. For your own protection – so that no unauthorized person receives information about your data – we will verify your identity in a suitable form before providing information.
• Right to rectification (Art. 16) and erasure (Art. 17 GDPR)
You have the right to obtain without undue delay the rectification of inaccurate personal data concerning you or – taking into account the purposes of the data processing – the completion of incomplete personal data and the erasure of your data, provided that the criteria of Art. 17 GDPR are met.
• Right to restriction of processing (Art. 18 GDPR)
Under the legal requirements, you have the right to restrict the processing of all personal data collected. This data will only be processed with your individual consent or for the assertion and enforcement of legal claims after the request for restriction.
• Right to data portability (Art. 20 GDPR)
You may request the unhindered and unrestricted transfer of personal data that you have provided to us to you or a third party.
• Right to object (Art. 21 GDPR)
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is necessary for the purposes of our legitimate interests or those of a third party. Your data will no longer be processed after objection, unless there are compelling legitimate grounds for processing that outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims. You can object to data processing for the purpose of direct advertising at any time with effect for the future.
• Revocation of consent
If you have separately given your consent to the processing of your data, you can withdraw this at any time. Such a revocation affects the permissibility of processing your personal data after you have given it to us.
If you take a measure to enforce your rights under the GDPR as listed above, Findustrial must respond to the requested measure or comply with the request without delay, but at the latest within one month of receipt of your request.
We will respond to all reasonable requests within the legal framework free of charge and as promptly as possible.
The data protection authority is responsible for applications concerning violations of the right to information, violations of the rights to confidentiality, rectification or erasure. Their contact details are as follows:
Austrian Data Protection Authority
Barichgasse 40-42
1030 Vienna
dsb@dsb.gv.at
a. Contact information of the person responsible
Findustrial GmbH
Gahberggasse 9, 2nd floor,
4861 Schörfling am Attersee,
Austria
Phone: +43 664 88578731
E-Mail: office@findustrial.io
b. Contact information of the contact person for data protection matters
Werner Sponer
mobile +43 664 2565024
w.sponer@dsgvo-konform.at
Data protection compliant GmbH
Spittelwiese 6, 4020 Linz, Austria
tel. +43 732 272990
www.dsgvo-konform.at
Status: May 2024
All texts are copyrighted.