EBNER | Data protection
DATA PROTECTION POLICY.
EBNER Industrieofenbau GmbH
To improve readability, the text of this policy will dispense with gender-neutral formulations. The regulations apply equally to men and women.
1. Purpose of data processing
EBNER processes personal data, especially data relating to employees, pensioners, applicants, customers, suppliers and other partners for the purpose of performing business activities and fulfilling the associated legal and contractual requirements.
1.1 Processing of data relating to employees and retirees
EBNER saves and processes personal data of employees, former employees, retirees and their relatives in fulfillment of all contractual and legal requirements and obligations.
Personal data that is not essential to the fulfillment of contractual and legal requirements are only processed if employees have granted their permission.
1.2 Processing data relating to customers, partners and suppliers
EBNER saves and processes data made available by prospective customers, customers, partners and suppliers, especially names, email addresses and telephone numbers for creating proposals and processing orders as well as fulfilling the associated contractual and legal obligations. The data may be forwarded to the authorities and public institutions if this is necessary to fulfill legal obligations.
The information is processed within the whole company group to ensure that trouble-free service is provided.
1.3 Applicants
The contact data and application documents provided by applicants for a job are electronically processed to allow suitable candidates to be selected. Data are kept on record should an application be rejected, enabling review should other positions that match an applicant’s profile become open or the position for which the application was originally submitted again become vacant; this allows the application process to be accelerated in such cases. While data is on record, only a limited group of people – the Human Resources department – have access to application documents. Before any data is forwarded to another business unit within the company, applicants will be contacted to obtain their permission. Data will be erased no later than three years after a rejection. If you object to your data being stored in this way, please email us at [email protected].
1.4 Website & cookies
1.4.1 IP-Adress
Information is saved automatically to the web server when you visit our website. This includes information on the browser used, the operating system, the IP address and the time of the visit. From EBNER ‘s point of view these data are pseudonymized and without another source of data cannot be associated clearly with particular persons. EBNER does not evaluate these data as long as no unlawful use of the website has occurred.
1.4.2 Google Analytics
This website uses Google Analytics, software used for the statistical evaluation of visitors accessing the website. Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The data are saved on the web servers (located in Germany) rented by EBNER. The IP address is anonymized immediately after processing and before saving. You may refuse the installation of cookies by selecting the appropriate settings on your browser, however, please note that, if you do so, you may not be able to use the full functionality of this website.
1.4.3 Cookies
When you visit this website, “cookies” are saved to your computer or mobile device that allow you to be recognized when you return to the website. The user-friendliness of the website is enhanced as a result. No personal information is saved. No information is forwarded to third parties (except to IT providers who help us to optimize the website from a technical point of view).
There are two types of cookies: permanent cookies and temporary cookies. Permanent cookies are saved as a file on your device for up to twelve months. Temporary cookies are saved for the duration of your visit and then deleted when you close the browser session. We use permanent cookies only to remember which start page you have chosen.
You can easily delete cookies from your computer or mobile device by using the settings in your browser. In the “Help” menu of your browser you can see how to manage and delete cookies. You can also deactivate cookies and be notified if a new cookie is sent to your computer or mobile device. Please note that in certain situations you will not be able to use all the services offered by our website if you reject its cookies.
Data is processed based on the legal regulations specified in clause 96 section 3 of the Austrian telecommunications law.
1.5 Newsletter
The names and email addresses of our customers and other people interested in our company and products are used to subscribe to the newsletter in order to receive the latest news and offers.
If the data are not correct, they can be changed by the newsletter recipient.
If the recipient no longer wishes to receive the newsletter, they can unsubscribe by clicking on the link in the email.
2. Principles of processing personal data
The processing of personal data is based on strict principles in terms of data protection and security and the rights of the people affected.
2.1 Lawfulness & transparency
Data processing takes place on a lawful basis in accordance with the data protection terms while taking into consideration the rights of the data subjects.
2.2 Limitation of purpose
The data are recorded and processed for clearly specified and legitimate purposes. Data is not processed in a way that is considered incompatible with the initial purpose.
2.3 Data minimization
Only the data that is essential to the purpose specified is recorded and processed. Where possible for achieving the purpose and if the effort is deemed reasonable, only anonymized data is processed
2.4 Storage limitation and erasure
Personal data will be erased as soon as the purpose for which the data was originally recorded no longer exists and the legal grace periods do not prevent erasure.
If there are special cases where the data is deemed worthy of protection, the data will be stored until interest in the data no longer exists.
2.5 Data security
Personal data is subject to data confidentiality The data is to be treated confidentially and is protected by suitable organizational and technical measures against unauthorized access, unlawful manipulation or forwarding as well as loss and destruction.
2.6 Material accuracy
Personal data must be accurate, complete and kept up to date. Suitable measures are implemented to correct old, incorrect or incomplete data.
3. Obligation to maintain data confidentiality
All employees at EBNER are obliged to maintain confidentiality and are instructed and trained at regular intervals on how to treat personal data and other critical data.
4. Data security
The protection of confidentiality, availability and integrity of data is one of EBNER‘s key tasks. This applies equally to company secrets, customer data, personal data and other critical information. For this purpose, technical and organizational security measures that comply with the state-of-the-art and internationally recognized best practices and security standards have been installed and are continuously improved.
5. Data Protection Officer
EBNER is not in the position of having to nominate a Data Protection Officer because the terms of the EU GDPR do not apply in this case. However, because data protection is so important to us, EBNER has decided to name a Data Protection Coordinator. This person is available to assist data subjects on any matters concerning data protection within the EBNER Group. Another task is to continuously check and improve EBNER‘s data protection measures.
6. Rights of data subjects
Each data subject whose personal data is processed by EBNER can at any time exercise the rights of data subjects by contacting the Data Protection Coordinator at EBNER.
Data security is also very important in relation to the rights of data subjects, which is why the rights of data subjects can only be made valid after the data subject has been clearly identified beyond all doubt.
To exercise your rights, you can send an email to [email protected] at any time. In addition, every data subject has the right to complain to the data protection authorities.
The implementation of the following data subject laws are governed by the terms of the EU GDPR.
6.1 Information
Data subjects can demand information at any time about which of their personal data are being processed and what purpose the processing serves.
6.2 Correction
Data subjects have the right to demand immediate rectification of any personal data that is incorrect.
6.3 Limitation
Data subjects have the right to limit processing if the correctness of the data relating to them is disputed, the processing is unlawful, the data is no longer needed for processing or the data subjects have objected to the processing.
6.4 Objection
Data subjects have the right to object to the processing of their personal data at any time.
6.5 Portability
Data subjects have the right to obtain the personal data they have made available to EBNER in a structured, accessible and machine-readable format. They also have the right to demand that this data is transferred to another controller providing this is technically possible.
Portability applies only to personal data that has been processed using automated processes.
6.6 Erasure - right to be forgotten
Data subjects have the right to obtain the personal data they have made available to EBNER in a structured, accessible and machine-readable format. They also have the right to demand that this data is transferred to another controller providing this is technically possible.
Portability applies only to personal data that has been processed using automated processes.
7. Data transfer
The transfer of personal data to recipients outside the company group or recipients in non-EU countries only takes place in accordance with the applicable laws while observing strict confidentiality and data security.
In the course of processing data within the group, personal data is transferred between companies in the EBNER Group. This transfer is governed by standardized contract clauses, which represent a uniform standard for the protection and legally-compliant processing of data.
EBNER uses various processors to process data. All processors have signed a data processing agreement and are legally obliged to adhere to the data protection regulations.
8. Ongoing checks and improvements
The ongoing improvement of quality and processes is very important to EBNER.
Adherence to the directives on data protection as well as the laws and effectiveness of measures to ensure data protection and data security are continuously being analyzed and improved in order to ensure that data protection measures are implemented in the best way possible.