As a controller, Novarion Systems GmbH has implemented numerous technical and organizational measures to ensure the most complete protection possible for the processed personal data. Nevertheless, in particular Internet-based data transmissions can in principle have security gaps so that absolute protection can not be guaranteed. For this reason, every person concerned is free to submit personal data to us in alternative ways, for example by telephone.
a. Personal data According to the GDPR, personal data are “all information relating to an identified or identifiable natural person (hereinafter referred to as” the person concerned “). A natural person is considered to be identifiable who, directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier or one or more special features, expresses the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person can be identified.
b. Affected person Affected person is any identified or identifiable natural person whose personal data is processed by the controller.
c. processing Processing means any process or series of operations related to personal data, such as collecting, collecting, organizing, organizing, storing, adapting or modifying, reading, querying, using, with or without the aid of automated procedures; disclosure by submission, dissemination or other form of provision, reconciliation or association, restriction, erasure or destruction.
d. Restriction of processing Restriction of the processing is the marking of stored personal data with the aim to limit their future processing.
e. pseudonymization Pseudonymisation is the processing of personal data in such a way that personal data can no longer be attributed to a specific data subject without the need for additional information, provided that such additional information is kept separate and subject to technical and organizational measures to ensure that the personal data not assigned to an identified or identifiable natural person.
f. Responsible or the controller The controller or controller is the natural or legal person, public authority, body or body that, alone or in concert with others, decides on the purposes and means of processing personal data. Where the purposes and means of such processing are determined by Union law or the law of the Member States, the controller or the specific criteria for his designation may be provided for under Union or national law.
g. processors The processor is a natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller.
h. receiver Recipient is a natural or legal person, agency, agency or other entity to whom Personal Data is disclosed, whether or not it is a third party. However, authorities which may receive personal data under Union or national law in connection with a particular mission are not considered as beneficiaries.
i. third Third is a natural or legal person, public authority, body or body other than the data subject, the controller, the processor and the persons authorized under the direct responsibility of the controller or the processor to process the personal data.
j. consent Consent is any voluntarily given and unambiguously expressed in the form of a statement or other unambiguous confirmatory act by the data subject for the particular case, by which the data subject indicates that they consent to the processing of the personal data concerning him / her is.
Tel: +43 1 5441159 – 0
What data is collected and how is it used? Generally, when visiting our website, technical information automatically saves information in server log files that your browser transmits to us. These are:
- Used browser type / version
- the operating system used by the accessing system
- the website from which an accessing system accesses our website, so-called Referrer URL
- the sub-websites, which are accessed via an accessing system on our website
- Date and time of access to the website
- an internet protocol address (IP address)
- the internet service provider of the accessing system
- other similar data and information used in the case of attacks on our information technology systems.
These data can not be assigned to specific persons. Rather, this information is needed to
- to deliver the contents of our website correctly,
- to optimize the content of our website as well as the advertising for it,
- to ensure the permanent functioning of our information technology systems and the technology of our website as well
- to provide law enforcement with the necessary information for prosecution in the event of a cyberattack.
This anonymously collected data and information is evaluated by Novarion Systems GmbH on the one hand statistically and further with the aim to increase the privacy and data security in our company, to ultimately ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by an affected person.
Furthermore, in some cases, visiting our website requires us to provide us with additional personal data (such as name, address, company, position, e-mail address or telephone number). This is the case, for example, when registering for an event / promotion / webinar, requesting the postal mailing of information material or the submission of a concrete and individual offer or registering as a new customer of Novarion Systems GmbH.
By signing up, a business relationship is established, according to which, according to the TKG 2003 § 107, contact by e-mail is permitted.
At events / webinars / promotions we protect the personal data of the participant and take all necessary measures for its security. The participant data are collected and used for the handling, support and evaluation of the offered events / webinars / promotions and for the purpose of optimizing the offer, but not passed on to third parties. By registering, the participant authorizes Novarion Systems GmbH for the media-independent use of the photos / videos taken by Novarion Systems GmbH as well as the publication of his name and his company.
You can always update your contact preferences by sending an e-mail to email@example.com. Likewise, event participants agree with their registration to name them by name, position and company for publications on the respective event.
Order processing requires automated data processing. The Reseller Partner acknowledges and agrees that in order to comply with this Agreement, we may require Personal Data from the Reseller Partner, its employees and affiliates to be used or stored in automated data processing and internally by Novarion Systems GmbH, Novarion Systems GmbH or to subcontractors. Such processing, storage and transmission is required to enable us to comply with the obligation to sell products, licenses or services to the Reseller Partner, as well as for commercial use based on local personal data protection laws.
Use of this data may be in any of the countries in which Novarion Systems GmbH and its affiliates conduct business, including outside the European Union.
We reserve the right, for the purpose of the credit check of the customer with credit reporting agencies or credit insurance, to obtain information regarding the creditworthiness of the customer and you data – limited to the case of non-contractual settlement z. B. request for payment of a claim in the case of undisputed claim, order of execution issued, enforcement measures – to be reported. The data transmission takes place only if this is necessary for the preservation of legitimate interests of Novarion Systems GmbH and protective interests of the customer are not affected. In doing so, Novarion Systems GmbH will comply with the relevant data protection regulations. The provision of the o. G. Data is necessary for the fulfillment of the contract (Art. 13 para. 2 DSGVO). Without this, the contract can not be concluded or brokered.
Subscription to our newsletter On the website of Novarion Systems GmbH, users are given the opportunity to subscribe to the newsletter of our company. Which personal data are transmitted to the data controller when the newsletter is ordered results from the input mask used for this purpose. Novarion Systems GmbH informs its customers and business partners at regular intervals by means of a newsletter about offers of the company. The newsletter of our company can only be received by the person concerned if
- the affected person has a valid e-mail address and
- the person concerned registers for the newsletter.
For legal reasons, a confirmation e-mail will be sent to the e-mail address entered by an affected person for the first time for newsletter mailing using the double-opt-in procedure. This confirmation email is used to check whether the owner of the e-mail address as the person concerned authorized the receipt of the newsletter.
When subscribing to the newsletter, we also store the IP address of the computer system used by the person concerned at the time of registration, as well as the date and time of registration, as assigned by the Internet Service Provider (ISP). The collection of this data is necessary in order to understand the (possible) misuse of an affected person’s e-mail address at a later date and therefore serves as legal safeguards for the controller.
The personal data collected in the context of registering for the newsletter will be used exclusively to send our newsletter. Subscribers to the newsletter may also be notified by e-mail if this is necessary for the operation of the newsletter service or registration, as might be the case in the event of changes to the newsletter or technical changes. There will be no transfer of the personal data collected as part of the newsletter service to third parties. Subscription to our newsletter may be terminated by the person concerned at any time. The consent to the storage of personal data that the data subject has given us for the newsletter dispatch can be revoked at any time. For the purpose of revoking the consent, there is a corresponding link in each newsletter. It is also possible to unsubscribe from the newsletter at any time, directly on the controller’s website, or to inform the controller in a different way.
Contact via the website Due to legal regulations, the website of Novarion Systems GmbH contains information that enables quick electronic contact with our company as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If an affected person contacts the data controller by e-mail or through a contact form, the personal data provided by the data subject will be automatically saved.
Such personal data, voluntarily transmitted by an individual to the controller, is stored for the purpose of processing or contacting the data subject. There is no disclosure of this personal data to third parties.
General instructions for handling your data We basically base the protection of your personal data on the three pillars:
- Full transparency of what happens to your data and when and how you handle it
- Data economy, d. H. Minimization of the amount of required data
- Strict purpose limitation for using the data you provide
In no case will collected data be sold or passed on to third parties, except the latter is required for the performance of the contract or the provision of services. A transmission to authorities or state institutions with information right only takes place, if these are subject to a legal obligation to provide information or judicially. In such cases, the transmission is generally limited to the minimum extent required.
After the purpose of the data retention is abolished (and after expiration of possibly relevant tax and commercial retention periods) all their personal data are deleted immediately, if at that time no explicit agreement to a further data use of you exists.
In principle, you can assert your rights formally and free of charge.
In principle, you have the rights to information, correction, deletion, restriction, data portability, revocation and opposition. If you believe that the processing of your data violates data protection law or if your data protection claims have otherwise been violated in a way, you can complain to the supervisory authority. In Austria, this is the data protection authority.
You may revoke your consent to data collection, storage and use at any time without giving reasons.
Please direct your inquiries or your general suggestions or complaints regarding data protection to the following contact options:
Data protection at Novarion Systems GmbH is achieved, among other things, through training, active communication and the written obligation to keep data confidential and to comply with the data protection requirements of all employees and external service providers.
All technical and organizational, physical and logical facilities and measures in the area of data protection, IT and information security serve to protect against damage, destruction and unauthorized access to stored data and to achieve the confidentiality, availability and integrity protection goals.
Persons under 18 years Persons under the age of 18 should not submit any personal data to us without the consent of their parents or guardians. We do not solicit personal information from children and adolescents, do not collect them and do not share them with third parties.
cookies If you visit one of our websites, we may store information in the form of a cookie on your computer. Cookies are small text files sent from a web server to your browser and stored on your computer’s hard drive. Thereby no personal data of the user are stored. This information is intended to automatically recognize you on your next visit to our websites and to make navigation easier for you. Cookies allow us, for example, to customize a website according to your interests or to store your password so that you do not have to re-enter it every time.
The company operating the Google Analytics services is Google Inc, 1600 Amphittheatre Pkwy, Mountain View, CA 94043-1351 USA.
The data controller uses the addition “_gat._anonymizelp” for the web analysis via Google Analytics. This addition is used by Google to shorten and anonymise the IP address of the Internet connection of the person concerned if access to our Internet pages is from a member state of the European Union or from another state party to the Agreement on the European Economic Area.
The purpose of the Google Analytics component is to analyse the flow of visitors to our website. Google uses the data and information obtained, among other things, to evaluate the use of our website, to compile online reports for us showing the activities on our website and to provide other services in connection with the use of our website.
Google Analytics places a cookie on the information technology system of the person concerned. What cookies are has already been explained above. When the cookie is set, Google is able to analyse the use of our website. Each time you access one of the individual pages of this website, which is operated by the data controller and on which a Google Analytics component has been integrated, the Internet browser on the information technology system of the person concerned is automatically prompted by the respective Google Analytics component to transmit data to Google for the purpose of online analysis. As part of this technical process, Google obtains knowledge of personal data, such as the IP address of the person concerned, which Google uses, among other things, to track the origin of visitors and clicks and subsequently to enable commission statements.
The cookie is used to store personal information such as the access time, the location from which the access originated and the frequency of visits to our website by the person concerned. Each time you visit our website, this personal data, including the IP address of the Internet connection used by the person concerned, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may share this personal data collected through the technical process with third parties.
The person concerned can prevent the setting of cookies by our website, as described above, at any time by means of an appropriate setting of the Internet browser used and thus permanently object to the setting of cookies. Such a setting of the Internet browser used would also prevent Google from setting a cookie on the information technology system of the person concerned. In addition, a cookie already set by Google Analytics can be deleted at any time via the Internet browser or other software programs.
In-house tools and systems The data collected through the website or other collaborations are recorded during in-house storage and retention in in-house tools and systems. The third-party tools we use have contracted in advance to secure the data in accordance with the requirements of the GDPR. Even specially programmed systems meet this safety standard without exception.
Legal basis of processing
Art. 6 GDPR: Art. 6 1 lit. A GDPR serves our company as the legal basis for processing operations in which we obtain consent for a particular processing purpose. If the processing of personal data is necessary to fulfill a contract of which the data subject is a party, as is the case, for example, in processing operations necessary for the supply of goods or the provision of any other service or consideration, processing shall be based on Art. 6 1 lit. b GDPR. The same applies to processing operations that are necessary to carry out pre-contractual measures, for example in cases of inquiries regarding our products or services. If our company is subject to a legal obligation which requires the processing of personal data, such as the fulfillment of tax obligations, the processing is based on Art. 6 1 lit. c GDPR. In rare cases, the processing of personal data may be required to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor to our premises were injured and his or her name, age, health insurance or other vital information would have to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6 1 lit. d GDPR are based. Ultimately, processing operations could be based on Art. 6 1 lit. f GDPRs are based. On this legal basis, processing operations that are not covered by any of the above legal bases are required if processing is necessary to safeguard the legitimate interests of our company or a third party, unless the interests, fundamental rights and fundamental freedoms of the person concerned prevail. Such processing operations are particularly allowed to us because they have been specifically mentioned by the European legislator. In that regard, it considered that a legitimate interest could be assumed if the data subject is a customer, supplier or other business partner of the controller (recital 47 sentence 2 GDPR).
The legitimate interest in the processing of personal data pursued by the controller or a third party is based on Article 6 1 lit. f GDPR. Accordingly, our legitimate interest is to conduct our business for the benefit of all of our employees and our shareholders.
Legal or contractual provisions for the provision of personal data; Necessity for the conclusion of the contract; Obligation of the data subject to provide the personal data; possible consequences of non-provision
We clarify that the provision of personal data is partly required by law (eg tax regulations) or may arise from contractual arrangements (eg details of the contracting party). Occasionally it may be necessary for a contract to be concluded that an affected person provides us with personal data that must subsequently be processed by us. For example, the data subject is required to provide us with personal information when our company enters into a contract with her. Failure to provide the personal data would mean that the contract with the person concerned could not be closed. If there are ambiguities or questions, the data subject can turn to us before providing any personal data. We will inform the data subject on a case-by-case basis whether the provision of the personal data is required by law or contract or is required for the conclusion of the contract, if there is an obligation to provide the personal data and what would be the consequence of the failure to provide the personal data.