Data Privacy Statement
Information pursuant to article 13 GDPR
Your data privacy for us, Vita 34 Gesellschaft für Zelltransplantat m.b.H., Hartäckerstraße 28, 1190 Vienna, Austria (“Vita34”, “we”, “us”), is of special concern. We process your personal data exclusively on the basis of statutory provisions as specified in particular in the General Data Protection Regulation (“GDPR”), the applicable Data Protection Act 2018 (“DSG”), and the Broadcast Media Act (“TKG”). In the following, you will learn what kind of information we collect, process, and use, when you contact us.
2. Data collection, purpose, and legal basis
We collect and process your personal data only, when you provide them of your own accord by e-mail, via the online form, by mail, or by telephone. We will process such information that is communicated in the course of establishing contact, including in particular name and communicated contact details (e.g. address, telephone number, and e-mail address), date and reason of approach. We will use your collected personal data only to the purpose of providing you with the requested products or services and to communicate with you. The processing therefore has the purpose of fulfilling the contract and/or of performing measures before the contract is concluded.
You are not obligated to provide the above given personal data. The data given may be required to conclude a contract, though. Without providing the data, communication, conclusion of a contract, or processing of the contract may be impossible.
3. Recipient and categories of recipients of personal data, forwarding to third countries
We submit your personal data to the necessary extent in particular to external contractors or service providers:
- to IT service providers and/or providers of data hosting or data processing or similar services;
- to other service providers, providers of tools and software solutions that support us in performing our services and act on our authority (including providers of marketing tools, marketing agencies, communication service providers, and call centers);
- to our affiliated companies;
- to possible third parties involved in meeting our obligations to you (e.g. parcel service providers, payment services providers, banks to handle payments);
- to other external third parties to the necessary extent (e.g. auditors, insurance companies in case of claims, legal representatives when needed, etc.);
- to authorities and other public institutions to the extent as required by law (e.g. financial authorities, etc.).
We do not intend to pass your data onto a recipient in a third country (non-member state of EU/EEA) or an international organization.
4. Storage time
We will delete your personal data, when they are not needed anymore for the intended purposes. The personal data communicated within the scope of establishing contact will be stored for six months after the respective conversation with you has ended in order to be able to respond to possible follow-up questions. The conversation has ended, when we can assume from the circumstances that the concerned issue has been settled finally.
If the provided data are subject to obligations to retain data under tax or commercial law, they will be stored for the defined time of retention of seven years and deleted afterwards, unless you agreed to storage exceeding such time or further data processing is required to assert, exercise, or defend legal claims (statutory period of limitation von of three or up to thirty years).
5. Data security
We take suitable technical and organizational safety measures to protect your data from accidental or unauthorized deletion, manipulation and against loss, theft, or unauthorized inspection, forwarding, reproduction, use, change and access by third parties. Furthermore, we and our employees are obligated to observe the data confidentiality and to maintain secrecy. Our contractors and authorized agents, who need to access your personal data in order to perform their professional tasks, are subject to the same obligations of observing the data confidentiality and maintaining secrecy.
6. Your rights
On principle, you have the rights of information, rectification, erasure, restriction, data portability, withdrawal, and objection. If you believe that the processing of your data violates the data privacy laws or your claims under data privacy law were infringed otherwise, you can lodge a complaint with a supervisory authority. For us, this is the Österreichische Datenschutzbehörde (Austrian Data Protection Authority), Wickenburggasse 8, 1080 Vienna, Austria.
Before you lodge a complaint with the data protection authority or if you have any questions regarding the assertion of your rights or other issues, please contact us:
Vita 34 Gesellschaft für Zelltransplantat m.b.H
1190 Vienna, Austria
You can contact our data protection officer by sending an e-mail to firstname.lastname@example.org or by writing to our address, adding “Der Datenschutzbeauftragte” (FOA The Data Protection Officer).
For us to be able to process your inquiry regarding your rights as given above and to make sure that personal data are not passed onto unauthorized third parties, please identify yourself clearly with the inquiry and briefly describe the scope of exertion of your rights of the data subject as given above.
7. Right of objection
You have the right to object to the processing of your personal data for direct marketing purposes without giving reasons at any time. If your personal data are processed on the basis of legitimate interests pursuant to article 6, section 1, clause f) GDPR, you have the right to enter an objection against the processing of your personal data pursuant to article 21 GDPR, insofar as grounds are available that relate to your particular situation.
8. Further information
For further information on the processing of your data, please refer to our Data Privacy Statement on our website at https://www.vita34.at/datenschutz to be retrieved and printed at any time.
As at: June 2018