Privacy Statement
General
It is important to us to protect your personal data during collection, processing and use when you visit our website. We treat your personal data confidentially and in accordance with the statutory data protection regulations. In this Privacy Statement, we inform you in detail about the type, scope and purposes of processing personal data.
Controller
AT & S Austria Technologie & Systemtechnik Aktiengesellschaft
FN 55638x
Fabriksgasse 13
8700 Leoben
Österreich
T: +43 3842 200-0
Data protection office
Visiting our website
You can visit our website without registering or providing information about yourself.
Provision of the website and log files
Each time our website is accessed and a file is retrieved, data on this procedure is automatically collected and stored in a log file. In detail, the following data record will be stored for each retrieval:
- Date and time of access
- IP address of the inquiring computer
IP addresses are not fully recorded, but truncated prior to storage and can therefore not be traced back to a specific computer. - Host name of the accessing computer
- Website from which the website is accessed (referrer)
- Visited pages on our website
- Report whether the access was successful
- Data volume transferred
- User agent (client-side application for the use of a network service)
- Host name accessed (unique label assigned to a computer in a network)
- Information on the browser type and the version used
- Operating system of the device used
- Internet service provider of the user
Storage of such data exclusively serves for internal system-related and statistical purposes. We use this information to continuously improve and update our website and thus make it more attractive. In addition, we use this data to identify and fend off attempted attacks and to clarify suspicions of criminally relevant use. We do not merge logged data with other data sources, in particular data allowing the identification of a specific person. Temporary storage of the user’s IP address in our system is necessary in order to enable delivery of the website to your device. For this purpose, we temporarily save your IP address for the duration of the session.
The legal basis for the temporary storage and processing of the above-mentioned data is our legitimate interest pursuant to Art. 6 (1) point (f) of Regulation (EU) 2016/67 (General Data Protection Regulation, GDPR) as the responsible website operator. We cannot grant you a possibility to object to this storage as the server log is essential to secure the availability of this website and in the event the website is attacked. The server log data will be deleted automatically after seven days.
Cookies
Newsletter
We send newsletters to inform about AT&S products and innovations or for the purpose of direct marketing to existing customers and interested parties. In doing so, we process e-mail addresses. Our newsletters also contain cookies or tracking pixels and enable us to analyze whether the e-mails have been opened. In addition, the cookie or tracking pixel enables the analysis of click behavior. We use this data for statistical purposes and for the individual optimization of our newsletter.
Legal basis for sending newsletters
If the user subscribes to the newsletter himself, the legal basis is the user’s consent within the meaning of Art. 6 (1) point (a) GDPR.
When sending the newsletter to existing customers, the legal basis is Art. 6 (1) point (f) in conjunction with § 174 (4) TKG, namely the legitimate interest in carrying out direct marketing as a result of the sale of similar goods or services to existing customers.
Double opt-in
If you subscribe to the newsletter directly at AT&S, the data in the respective input mask will be transmitted to AT&S. After subscribing, you will receive an e-mail asking you to confirm your subscription. This confirmation is necessary so that no one can register with other people’s e-mail addresses. When registering for the newsletter, the user’s IP address and the date and time of registration are also stored. This serves to prevent misuse of the services or the data subject’s e-mail address.
Cancellation, revocation and objection
The subscription to the newsletter can be terminated by the data subject at any time. Likewise, consent to the storage of personal data can be revoked at any time or the processing can be objected to. There is a corresponding link for this purpose in every newsletter. The legality of the data processing operations that have already taken place remains unaffected by the withdrawal of consent.
Recipients
We use Microsoft Dynamics 365 to send the newsletter. The provider is Microsoft Ireland Operations Limited (One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland) – hereinafter referred to as “Microsoft”.
Further information about how Microsoft Dynamics 365 works can be found in Microsoft’s privacy policy, available at: https://www.microsoft.com/en-us/privacy/privacystatement
Storage duration
The data stored by us as part of your consent for the purpose of the newsletter will be stored by us until you revoke your consent (objection) or unsubscribe from the newsletter.
Processing of personal data provided by you
Personal data such as your name, address, telephone number or e-mail address will not be collected unless you provide this information voluntarily.
Please note that data transfer on the Internet (e.g. when using web forms or in the communication via e-mail) may not be fully secure. Complete protection of data from access by third parties is not possible.
Inquiries
If you have provided your personal data to us, we will use it only for the purpose of technical administration of our websites and to fulfil your requests and requirements or to respond to your inquiry.
If you send us an inquiry using our contact form, we may store the information you provide in the form, including your contact details, for the purpose of processing the inquiry and in case of follow-up questions. The legal basis is Art. 6 (1) point (b) GDPR (taking steps prior to entering into a contract and performance of a contract).
We do not forward, sell or otherwise transmit your personal data to third parties unless
- this is necessary for the purpose of executing a contract. It may, for example, be necessary that we pass on your address and order data to our suppliers when you order products;
- this is required for invoicing purposes;
- you have given your express consent to the disclosure of your data.
The legal basis is Art. 6 (1) point (b) GDPR (performance of a contract) or Art. 6 (1) point (a) GDPR (consent).
Other advertising and customer care
Without your consent, we use personal data only to the extent legally permitted, i.e. for customer relations management and for sending advertising material per post and e-mail (for more information, please see “Newsletter” above). We do not use your fax and telephone number for advertising without your express consent. The legal basis is Art. 6 (1) point (f) GDPR (pursuit of legitimate interests).
You may object to the processing of your data for the purpose of direct marketing at any time and will then no longer receive advertising material from us.
Storage periods
We delete your data when it is no longer necessary after processing an inquiry or termination of a contract. This does not include data which we are not permitted to delete based on legal obligations (e.g. documents which must be stored according to tax law and commercial law) and data we need to pursue legitimate interests, in particular for the assertion of claims or for direct marketing.
Your rights
You have the following rights if the relevant legal requirements are met:
- You have the right of access to personal data concerning you (Art. 15 GDPR).
- You have the right to demand rectification of inaccurate data (Art. 16 GDPR).
- You have the right to demand erasure (Art. 17) or the restriction of processing (Art. 18 GDPR) of data that is no longer required. Where statutory storage obligations exist, e.g. for business correspondence under commercial law and tax law or any other legal exemption is in place, the data is not deleted, but only its use is restricted.
- You can object at any time to the processing of your data for the purpose of direct advertising and other processing of your data on grounds relating to your particular situation (Art. 21 GDPR).
- You have the right to data portability (Art. 20 GDPR), i.e. the right to receive data which you have provided to use in a structured, commonly used and machine-readable format and to transmit this data to another controller without hindrance from us; and, if required, you also have the right to demand that we transmit the data directly to another controller, where technically feasible.
Right to object: In accordance with Art. 21 (2) GDPR you have the right to object at any time to the processing of personal data concerning you for purposes of direct marketing. The processing of your data will then be limited to the other purposes for which it is required and your data will no longer be processed for direct marketing. In addition, you also have the right to object to the processing of your personal data on grounds relating to your particular situation.
To claim your rights, please contact the address mentioned above.
If you consider the processing of your data to be an infringement of data protection laws, you have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR).