Responsibility for this website lies with:
EWP Recycling Pfand Österreich gGmbH
Managing Directors: Monika Fiala and Simon Parth
The protection of your personal data is of particular concern to us. We therefore process your data exclusively on the basis of the legal provisions (GDPR, DSG (Austrian Data Protection Act), TKG (Austrian Telecommunications Act) 2003). In this data protection information, we inform you about the most important aspects of data processing within the framework of our website.
The data we process
In the course of your visit to this website, the following information will be processed: The date and time you accessed a page on our website, your IP address, the name and version of your web browser, the website (URL) you visited before accessing this website, certain cookies (see below) and the information you provide yourself by filling out the contact form or another form.
There is no obligation to actually provide the information we ask you to provide on our website. However, if you do not do so, you may not be able to use all the features of the website.
Purposes of the data processing
We will process your personal data for the following purposes:
- to provide you with this website and to further improve and develop this website;
- to be able to create usage statistics;
- to detect, prevent and investigate attacks on our website;
- to respond to your enquiries;
- to receive your application documents;
- to enable you to subscribe to our newsletter.
Legal basis of the processing
The legal bases for the processing of your personal data are:
- overriding legitimate interest (pursuant to Art. 6(1)(f) EU General Data Protection Regulation), which consists of achieving the purposes mentioned above.
- fulfilment of legal obligations in connection with the assertion, exercise or defence of legal claims (e. g. claims under the Equality Act) (applications)
If a purpose so necessitates, your explicit consent will be obtained.
If you contact us by email or contact form, the data you provide will be purposefully stored with us for the purpose of processing your enquiry and in case of follow-up questions. We will not pass on these data without your consent.
You can change your cookie settings here.
Hosting and log files
In order to operate this website, we need hosting services such as infrastructure and platform services, processing capacity, storage, database services, security and maintenance services. We or our hosting service provider process the data of our website visitors such as contact details, content data, usage data, meta and communication data on the basis of our legitimate interest in providing a satisfying and secure website offering. For the same reason, we or our hosting service provider process so-called server log files (incl. accessed website, file, access time, data volume, browser and operating system information, referrer website, IP address, user provider). Log files are retained for a maximum of 3 months for security reasons (clarification of misuse or fraud). If necessary for evidence purposes following an incident, data can also be stored for longer. We have entered into a contract with our hosting provider on the subject of order data processing.
Web analysis and analytical cookies
Our website uses functions of the web analytics service "Google Analytics" of the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
If you consent to the processing, Google Analytics will place cookies on your device and your IP address will be transmitted to Google servers located in the EU, where it will be determined whether a website visit originates in the EU and therefore falls within the scope of the GDPR (location determination via IP address). Device IP addresses of EU citizens are subsequently rendered anonymous. The further processing of detailed measurement data (website usage data, location and device data) takes place only in conjunction with the anonymised IP address. These data sets are transmitted to Google in the USA. See also https://support.google.com/analytics/answer/12017362?hl=de
The permissibility of transmitting data to the USA is based on the adequacy decision of the EU of 10 July 2023 (EU-U.S. Data Privacy Framework). Google is certified under this framework: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active
The data processing is carried out on the basis of the legal provisions of Section 96 para 3 Telecommunications Act (TKG) as well as Art. 6(1)(a) (consent) and/or (f) (legitimate interest) of the GDPR. Our concern within the meaning of the GDPR (legitimate interest) is the improvement of our offer and our website. We have entered into a corresponding contract with the provider for order data processing.
You can change your cookie settings here.
You can subscribe to our newsletter on our website. For this, we need your email address as well as your consent. Once you have registered for the newsletter, you will receive a confirmation email with a link to confirm your registration. This method is called "double opt-in" and is state of the art. Applications are logged in order to comply with the requirement to provide evidence. This also includes the data categories of login and confirmation time as well as IP address. Changes to your data stored with the mailing service provider may also be logged.
The newsletters contain a small file that is retrieved from the server of the mailing service provider when the newsletters are opened. This collects technical information, access time and the user's IP address. This information serves to improve the service and to analyse target group behaviour. You can cancel the newsletter subscription at any time by clicking on the unsubscribe link contained in each newsletter email. Failing that, please send your cancellation request to the email address email@example.com. We will then immediately delete your data in connection with sending out the newsletter.
The data may be stored in a deletion log for the statutory period of limitation as evidence that we are permitted to send the newsletter, in the event of a complaint being raised. The newsletter is sent via the service provider “Brevo” of the company Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany. The data is processed exclusively within the EU. We have entered into a corresponding contract with the provider for order data processing.
Integration of third-party services and/or content
The websites of EWP may contain links to external third-party websites whose content is not under the control of EWP. The respective provider or operator of the websites is always responsible for the content of any linked pages. The linked pages were checked at the time of linking for possible legal violations. No illegal content was detectable at the time of making such links. Should we become aware of legal violations, we will remove the corresponding links to the external websites concerned without delay.
Services of third-party providers are used, e.g. to integrate videos. For this purpose, these third-party providers need IP addresses of the website users, otherwise they will not be able to send the integrated content to the users' devices. These data may be sent to servers in the USA.
The permissibility of transmitting data to the USA is based on the adequacy decision of the EU of 10 July 2023 (EU-U.S. Data Privacy Framework).
In addition, the third-party provider can place cookies on the devices of end users which, for example, record which video was watched and for how long, in order to be able to continue watching from that point. Furthermore, the cookies may contain technical information about the user's browser and operating system as well as information on website links, visit time, etc.
We incorporate the following third-party services:
Google is certified under the EU-U.S. Data Privacy Framework: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active
Server logs: We store your data for a period of three months. A longer retention period will apply only if this required to investigate identified attacks against our website.
User and event data are automatically erased in Google Analytics after 38 months. This erasure period is reset in the event of new activity.
Making contact: Your data can be stored in an enquiry management system for up to two years. In addition, statutory retention periods are complied with.
Applicant data: 7 months
Generally speaking, you have the right to information, correction, erasure, restriction, data portability, revocation and objection. If you believe that the processing of your data violates data protection law or if you believe that your data protection rights have been otherwise violated in any way, you can complain to the supervisory authority. In Austria, this is the Data Protection Authority.