Privacy

I. General

The protection and security of your data are paramount for us, regardless of whether you are a customer, interested in our products, or simply visiting our website. We are committed to safeguarding your privacy as well as treating your personal data confidentially and in accordance with the applicable data protection regulations.
This privacy notice provides information about the personal data that are collected in connection with your visit to our website, the purposes they are processed for, and your rights as a data subject.

II. Controller

This website is operated by Danzer Holding GmbH, Hintere Achmühlerstrasse 1, 6850 Dornbirn, Austria, +43 5572 394490 (referred to below as "Danzer" or "we").

Danzer is the controller within the meaning of the GDPR and the Austrian Data Protection Act.

Data Protection Officer:
In accordance with the legal regulations, Danzer has appointed an external data protection officer. They can be contacted at aumiller@iitr.de.

You can also send any general queries regarding data protection to this address. Your queries will be handled in accordance with the legal regulations.

III. Data collected, purposes of processing, and retention periods

1. Server log files/access data

Bei jedem Aufruf dieser Website werden automatisch Zugriffsdaten in einer Protokolldatei (Server-Log) gespeichert. Dieser Datensatz umfasst:

Date and time of access
IP address of the device that accessed the website
Session ID
URLs/pages accessed
Referrer URL (the page from which the website was accessed)
Information on the browser used and the operating system

These data are used exclusively to ensure the secure operation of the website, as well as to identify and protect against misuse. The log files are only evaluated when there are specific grounds for suspecting misuse. The data are generally not associated with specific individuals; if, in exceptional cases, this is possible, processing only takes place on an appropriate legal basis.

Legal basis: Article 6(1)(f) GDPR (legitimate interest in ensuring IT security and website operation)

Retention period: the recorded data are automatically deleted after 30 days at the latest, unless a longer retention period is required for the investigation of a suspected case of misuse.

2. Contacting us

If you contact us using the form on our website or by email, we process the data you provide (in particular your name, email address and the content of your message) in order to deal with and reply to your query.

Legal basis: Article 6(1)(b) GDPR (steps taken prior to entering into a contract or for performance of a contract) and Article 6(1)(f) GDPR (legitimate interest in answering queries)

Retention period: data stored when you contact us are deleted as soon as the query has been dealt with and no further contact is expected, unless a longer retention period is required under statutory retention obligations.

3. Newsletter

Provided you have given your consent to receive our newsletter, we use your name, email address and, where applicable, other information you have provided (e.g. company, industry, language) to deliver and personalize the newsletter.

Legal basis: Article 6(1)(a) GDPR (your express consent)

Retention period: your data will be stored for as long as you subscribe to the newsletter and deleted immediately when you withdraw your consent.

You can withdraw your consent to receive future newsletters at any time, e.g. using the unsubscribe link in each newsletter or by emailing our Data Protection Officer.

4. Direct marketing/event invitations

If you are a Danzer customer, we may use your master data based on our legitimate interest for direct marketing purposes, and to invite you to relevant events in your region.

Legal basis: Article 6(1)(f) GDPR (legitimate interest in customer relationship management and business development)
You have the right to object to this use of your data at any time (see Section IX).

5. Statutory retention obligations

If your personal data are also relevant for accounting or tax-law purposes, your data will be stored based on the statutory retention obligations for the period specified by law. In Austria, this period is generally seven years. However, different national periods (up to 10 years) may apply to the performance of contracts with international partners.

IV. General data processing principles

1. Lawfulness and transparency

We process personal data exclusively on a valid legal basis in accordance with Article 6 GDPR. The respective legal bases can be found in Section III. We comply unconditionally with the applicable European Union data protection regulations as well as the Austrian Data Protection Act.

2. Data minimization

We only collect the personal data required for a given purpose. The data are deleted or locked as soon as continued processing is no longer necessary.

3. External processing

In some cases, we commission external service providers to process personal data (e.g. IT service providers, hosting providers, mailing service providers). These external processors are carefully selected and are contractually obliged to process data solely in accordance with our instructions and in compliance with legal data protection regulations.

4. Transmission to third parties

In principle, personal data are not transmitted to third parties unless:

you have given your express consent
a legal obligation applies (e.g. under an official or court order)
transmission is necessary for the performance of a contract or to enforce our rights
transmission is related to corporate restructuring or mergers, provided the acquiring company has undertaken to comply with these data protection principles

5. Transfers to third countries

Processors outside the European Union may be used in connection with performance of a contract. In such cases, we ensure that an adequate level of data protection is guaranteed by means of appropriate safeguards (e.g. EU standard contractual clauses in accordance with Article 46 GDPR or EU Commission adequacy decisions).

V. Recipients and categories of recipients

The following categories of recipients may have access to personal data in connection with the operation of this website:

Hosting providers and IT infrastructure service providers
Mailing and newsletter service providers (if the relevant consent has been given)
Public authorities, courts (in the case of a legal obligation)
Other external bodies, provided the data subject has given their consent or the transfer of data is permitted on legal grounds
Data are only transferred to Danzer Group companies based on consent or on another legal basis in accordance with Article 6 GDPR.

VII. Cookies und Tracking-Technologien

Our website uses cookies to provide certain functions, analyze website use and integrate services from third-party providers. Cookies are small text files saved on your device.

Types of cookies

Session cookies: these cookies are automatically deleted when you close your browser.

Persistent cookies: these cookies remain on your device and enable it to be recognised the next time a website is visited.

Third-party cookies: these cookies are placed by external services (e.g. analytics or social media services); the privacy policies of these services apply additionally.

Cookie management

You can deactivate the storage of cookies in your browser or delete stored cookies. Please note that if you deactivate cookies, you may not be able to use certain functions on our website, or to use the website's full functionality.

If cookies are deactivated using an opt-out tool, a permanent cookie may be stored on your device in some cases. If you delete this cookie, you will have to deactivate cookies once again.

Where required by law, we gain your consent for the use of non-essential cookies. You can withdraw your consent for the future use of cookies at any time.

VIII. Technical and organizational security measures

We have implemented technical and organizational measures (TOMs) to protect your personal data against accidental or unlawful destruction, loss, alteration, and unauthorized disclosure or access. These measures are regularly reviewed and adapted in line with the current state of the art.

Please note that online data transmission (e.g. by email) may be affected by security flaws. From a technical standpoint, full protection against access by third parties is not possible.

IX. Your rights as a data subject

When we process your personal data, you have the following rights:

Right of access (Article 15 GDPR):
you have the right, at any time, to obtain confirmation as to whether we process your personal data and, if so, information on which data are processed, the purposes, the source of the data, the recipients of the data, and the retention period.

Right to rectification (Article 16 GDPR): you have the right to demand the rectification of inaccurate personal data or the completion of incomplete personal data.

Right to erasure (Article 17 GDPR): you have the right to demand the erasure of personal data if the data are no longer necessary, if you have withdrawn your consent, or if data have been unlawfully processed.

Right to restriction of processing (Article 18 GDPR):
under certain circumstances, you can demand the restriction of processing of your personal data.

Right to data portability (Article 20 GDPR):
if you have provided data to us and the data have been processed on the basis of a contract or of your consent, you have the right to receive the data in a structured, commonly used and machine-readable format, or to have the data transmitted directly to another controller.

Right to object (Article 21 GDPR):
if we process data based on a legitimate interest (Article 6[1][f] GDPR), you have the right to object to this processing on grounds relating to your particular situation. In the case of processing for direct marketing purposes, you have an unconditional right to object.

Right to lodge a complaint with a supervisory authority (Article 77 GDPR): you have the right to lodge a complaint with the relevant supervisory authority responsible for data protection. In Austria, this is the Austrian Data Protection Authority, Barichgasse 40-42, 1030 Vienna (www.dsb.gv.at).

To exercise your rights, or if you have any questions, please contact our Data Protection Officer at: aumiller@iitr.de

XI. Social media and external services

Links to social media platforms (LinkedIn, Instagram, YouTube) are integrated into our website. If you click on these links, personal data are transferred to the operator of the platform concerned. Danzer has no influence over the scope, location and retention period of data stored by these platforms. You can find details of these providers' privacy policies directly on their websites.

Where social media plugins or widgets (e.g. share buttons) are embedded in our website, they are only activated after you give your consent, in order to prevent unwanted data transmission ("two-click solution").