DATA PRIVACY STATEMENT

Introduction

With the following data privacy statement, we would like to inform you of which types of your personal data (hereinafter also referred to in brief as “data”) we process for which purposes and to what extent. The data privacy statement applies to all our processing of personal data, both as part of fulfilling our services and in particular on our websites and within our external online presence, e.g. our social media profiles (hereinafter referred to in summary as “online offer”).

The terms used are not gender-specific.

Status: 21.05.2021

The controller as defined by the General Data Protection Regulation is:

Josef Rath Gmbh
Neudorf 74
8424 Gabersdorf
M: +43 (0)664 5066559

Authorised representatives: Josef Rath
E-mail address: josef.rath@m-p-s-rath.at
Legal notice: https://www.m-p-s-rath.at/impressum/

The protection and safety of your personal data is very important to us. We therefore process your personal data exclusively on the basis of the applicable legal regulations (GDPR, TKG 2003 – Telecommunications Act). In this data privacy statement we inform you of the most important aspects of data processing in relation to our website.

Purpose of use

We need the personal data collected for the fulfilment of the contract in relation to your booking or order. The data is collected, stored, processed and used for this purpose.

Legal basis

The legal bases for processing your personal data are the fulfilment of a contract, legitimate interests and meeting legal or contractual obligations. In addition, we process data that we have permissibly received from contractual partners on the basis of a request from you. The processing is carried out in accordance with § 96 par. 3 TKG and Art 6 GDPR.

Automated data collection

During a mere informational visit to our Internet website, i.e. if you do not register to use our services or otherwise transmit information to us, your Internet browser or mobile device regularly transmits non-personal data automatically for technical reasons (including date and time of the request, content of the request (specific page), access status/HTTP status code, the respective amount of data transmitted), which we store in a log file. This data is stored and evaluated exclusively for technical reasons to ensure the trouble-free operation of the website in order to improve our services, but does not allow us to draw any conclusions about your person.

Collection of personal data

Due to legal regulations, our website contains information that enables quick electronic contact with our company as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If a data subject contacts the controller by e-mail or via a contact form, the personal data transmitted by the data subject is automatically stored. Such personal data provided on a voluntary basis by a data subject to the controller shall be stored for the purposes of processing or contacting the data subject. This personal data will not be passed on to third parties.

We use the following data

General data – if you conclude a contract with us, we process the following data:

  • Your core data: Surname and first name, academic degree, address and contact information (e.g. e-mail address, telephone number), information about the nature and content of our contractual relationship.
  • Other personal data that you or third parties make available to us with your consent or otherwise permissibly when initiating a contract or during the contractual relationship, including: date of birth or age, marital status, gender. This term does not include sensitive data under data protection law, which includes in particular racial and ethnic origin, political opinions, religious or ideological beliefs, trade union membership, genetic or health data.

Processing

In accordance with Art. 6 of the GDPR, you are informed that, with your consent, we will process the personal information collected through the service and use it to perform the following actions:

  • to provide and improve our service and support;
  • to contact you;
  • to personalise the service and provide the content you select;
  • to invite you to participate in surveys or similar promotions;
  • for data analysis;
  • for internal audits;
  • for the development of new products;
  • to identify trends in usage;
  • to prevent and detect security threats, fraud and other malicious activities; to comply with our legal obligations and enforce our agreements;
  • to secure online access;
  • to generate statements and statistics on access behaviour (e.g. number of times a source has been accessed, number of times a customer has accessed a source or the site in total, changes in access frequency);

Retention duration

We process your personal data for the duration of the entire business relationship (from the initiation and processing to the termination of a contract) and beyond that in accordance with the statutory retention and documentation obligations as well as for evidence purposes when required. Afterwards, the data is erased and destroyed.

Google Fonts

We use Google Fonts on our website to display external fonts. This is a service by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter just called “Google”. Through certification under the EU-US Privacy Shield

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Google guarantees that the data protection requirements of the EU are also complied with when processing data in the USA. To enable the display of certain fonts on our website, a connection to the Google server in the USA is established when our website is accessed. The legal basis is Art. 6 par. 1 lit f) GDPR. Our legitimate interest lies in the optimisation and economical operation of our Internet presence. Through the connection to Google established when you access our website, Google can determine from which website your request was sent and to which IP address the display of the font is to be transmitted.

Google offers further information at https://adssettings.google.com/authenticated  https://policies.google.com/privacy in particular on the possibilities of preventing the use of data.

Cookies

Our website uses so-called cookies. These are small text files that are deposited on your end device with the help of the browser. They do not cause any damage. We use cookies to make our offer user-friendly. Some cookies remain stored on your end device until you delete them. They enable us to identify your browser at your next visit. If you do not want this, you can set up your browser so that it informs you of the placing of cookies and you only permit it in individual cases. When deactivating cookies, the functionality of our website can be restricted.

SSL-encryption

For security reasons and to protect the transmission of confidential content, for example in enquiries that you send to us as the site operator, this page uses SSL encryption. You can recognise an encrypted connection by the address line of the browser changing from “http://” to “https://” and by the lock symbol on your browser line. When the SSL encryption is activated, the data you transmit to us cannot be read by third parties.

Links to websites of other providers

No liability for linked partner online offers
Our websites may contain links to websites of other providers to which this data protection declaration does not extend. Insofar as the collection, processing or use of personal data is associated with the use of the websites of other providers, please observe the data protection information of the respective providers.

No data transferal to third parties

Your data will not be transferred to third parties unless we are legally obliged to do so. Where external service providers come into contact with your personal data, we have taken legal, technical and organisational measures as well as carried out regular checks, to ensure that they comply with the provisions of the data protection laws.

Data security

The controller uses technical and organisational safety measures to protect the stored personal data against accidental or intentional manipulation, loss or destruction and against access by unauthorised persons. Our safety measures are improved continuously in line with technical progress.

Rights of data subjects

As a data subject as defined by the GDPR, you have various rights as stated in particular in Art. 15 to 21 GDPR:

  • Right to objection: You have the right, for reasons relating to your specific situation, to object at any time to the processing of your personal data on the basis of Art. 6 par. 1 lit. e or f GDPR; this also applies to profiling based on these provisions. If your personal data is processed to carry out direct advertising, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling, insofar as it is associated with such direct advertising.
  • Right to withdraw consent: You have the right at any time to withdraw any granted consent.
  • Right to information: You have the right to request a confirmation about whether data relating to you is being processed and to information about this data as well as further information and a copy of the data in accordance with legal regulations.
  • Right to rectification: In accordance with legal regulations, you have the right to request the completion of data relating to you or the rectification of any incorrect data.
  • Right to erasure and restriction of processing: In accordance with legal regulations, you have the right to request that your personal data is erased immediately, or alternatively to request a restriction of the data processing in accordance with legal regulations.
  • Right to data portability: In accordance with legal provisions, you have the right to receive data you have provided to us in a structured, standard and machine-readable format or to request its transferral to another controller.
  • Complaining to a supervisory authority: In addition, in line with legal provisions, you have the right to file a complaint at a supervisory authority, in particular in the member state of your habitual abode, your workplace or the place of the presumed infringement, if you are of the opinion that the processing of your personal data infringes the GDPR.

Amendments and updating the data privacy statement

We reserve the right to amend this data privacy statement at any time, in line with the applicable data protection regulations.