Data Protection Statement
Information by the Contipark Group of Companies, Austria on the processing of personal data (Privacy Statement)
The following information is to provide you with an overview regarding the processing of your personal data by the organizations of the Contipark group of companies in Austria listed below, and your respective rights in this regard:
Contipark International Austria GmbH
Reichenhaller Straße 8
5020 Salzburg
Telefon: +43 (0)662-80990-0
E-Mail: office@contipark.at
You can reach our data protection officer at the above postal address or by e-mail sent to:
ÖPARK Garagen-GmbH
Tivoligasse 25/10
1120 Wien
Telefon: +43 (0)662-80990-0
E-Mail: office@contipark.at
You can reach our data protection officer at the above postal address or by e-mail sent to:
Optimus Parkhausverwaltungs-GmbH &Co KG
Tivoligasse 25/10
1120 Wien
Telefon: +43 (0)662-80990-0
E-Mail: office@contipark.at
You can reach our data protection officer at the above postal address or by e-mail sent to:
Arbeitsgemeinschaft Salzburger Parkgaragen Gesellschaft mbH – Contipark International Austria GmbH
Reichenhaller Straße 8
5020 Salzburg
Telefon: +43 (0)662-80990-0
E-Mail: office@contipark.at
You can reach our data protection officer at the above postal address or by e-mail sent to:
Servipark Austria GmbH
Reichenhaller Straße 8
5020 Salzburg
Telefon: +43 (0)662-80990-60
E-Mail: servipark@contipark.at
You can reach our data protection officer at the above postal address or by e-mail sent to:
A) General information applicable to processing
We process your personal data in accordance with the provisions of the European Data Protection Basic Regulation (GDPR) and all other relevant laws, such as the Data Protection Act (DSG). Where necessary, we will obtain your prior consent.
“Personal data” means any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. a cookie) or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“Processing” means any operation or set of operations which is performed upon personal data, whether or not by automatic means. The term is broad and covers virtually all processing of data.
The term “controller” means the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data.
With regard to these and other terms used, we refer to the definitions in Art. 4 of the Basic Data Protection Regulation (GDPR).
Within the entire group of companies, those bodies that require your data to fulfil our contractual services and legal obligations are given access to your data. Insofar as your data is passed on to parties within the group of companies or to external services (e.g. billing services, IT services, consulting, sales and marketing, data destruction, logistics, telecommunications), this is only done on the basis of a legal authorisation, e.g. if a transfer of the data to third parties, such as to payment service providers, is necessary to fulfil the contract in accordance with Art. 6 Para. 1 lit. b) GDPR, if you have suffered a) GDPR in accordance with Art. 6 Para. 1, a) GDPR, if a legal obligation in accordance with Art. 6 Para. 1 lit. c) GDPR provides for this or on the basis of our legitimate interests in accordance with Art. 6 Para. 1 lit. f) GDPR.
If we commission third parties to process data on the basis of a so-called “contract processing agreement”, this is done on the basis of Art. 28 GDPR.
As a matter of principle, we do not transfer any personal data to bodies in third countries (outside the EU or EEA) or international organisations.
If, exceptionally, we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)), or if this is done in the context of using the services of third parties or disclosing or transferring data to third parties, this is only done to fulfil the above-mentioned purposes. Subject to legal or contractual permissions, we would only process the data in a third country if the special conditions of Art. 44 ff. GDPR or have them processed. In other words, processing would then be based, for example, on special guarantees, such as the officially recognised determination of a level of data protection equivalent to that in the EU (e.g. for the USA through the “Privacy Shield”) or compliance with officially recognised special contractual obligations (so-called “standard contractual clauses”). You can find out at any time at the contact addresses provided about the guarantees we have implemented to ensure an adequate level of data protection.
You have the right to obtain confirmation as to whether or not data in question is being processed, to be informed of this data and to receive further information and a copy of the data in accordance with Art. 15 GDPR.
You have the right to request the completion of the data concerning you or the correction of incorrect data concerning you in accordance with Art. 16 GDPR.
In accordance with Art. 17 GDPR, you have the right to demand that data relating to you be deleted immediately or, alternatively, in accordance with Art. 18 GDPR, to demand that the processing of the data be restricted.
You have the right to demand that the data concerning you which you have made available to us be received in accordance with Art. 20 GDPR and to demand that it be passed on to other responsible parties.
You also have the right under Art. 77 GDPR to lodge a complaint with a competent supervisory authority, e.g.
Austrian Data Protection Authority
Wickenburggasse 8
1080 Vienna
You have the right to revoke consents granted in accordance with Art. 7 Para. 3 GDPR at any time without stating reasons with effect for the future. You can do this by sending a simple message to the above-mentioned contact addresses.
You can object to the future processing of data concerning you at any time in accordance with Art. 21 GDPR. In particular, you may object to processing for the purposes of direct advertising..
The data processed by us will be deleted or limited in their processing in accordance with articles 17 and 18 GDPR. Unless expressly stated in this data protection declaration, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and the deletion does not conflict with any statutory storage obligations. If the data are not deleted because they are required for other and legally permissible purposes, their processing is restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons.
The obligation to retain data applies to all accounting documents and records (accounts, vouchers, business documents, statement of income and expenditure, etc.) and is for seven years. The period begins at the end of the calendar year for which the accounting entry was made or to which the document refers. In addition, the documents shall be retained to the extent necessary to preserve evidence within the framework of the statutory limitation provisions.
B) Processing in detail
The data controller (company) depending on the websites that you visited is:
Contipark International Austria GmbH, Servipark Austria GmbH
The hosting services we use serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services that we use for the purpose of operating this online service.
In doing so, we or our hosting provider store all inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors of this online offer in connection with the website on the basis of our legitimate interests in an efficient and secure provision of this online offer in accordance with Art. 6 Para. 1 letter f GDPR in conjunction with Art. 6 Para. 1 letter f GDPR. Art. 28 GDPR (conclusion of contract processing agreement).
We, or our hosting provider, on the basis of our legitimate interests in the sense of Art. 6 Par. 1 lit. f. GDPR, in particular in the secure and efficient provision of our website, collect data on every access to the server on which this service is located (so-called server log files). Access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited site), IP address and the requesting provider.
For security reasons (e.g. to clarify acts of abuse or fraud), log file information is stored for a maximum period of seven days and then deleted. Data whose further storage is required for evidence purposes is excluded from deletion until the respective incident has been finally clarified.
If users leave comments or other contributions, in addition to your comment, information on the time of creation, their IP addresses, the e-mail address and the user name selected by you will also be recorded on the basis of our legitimate interests within the meaning of Art. 6 para. 1 lit. f. GDPR for seven days. This is done for our security in case someone leaves unlawful content in comments and contributions (insults, prohibited political propaganda, etc.). In this case, we may possibly be prosecuted ourselves for the comment or contribution and are therefore interested in the identity of the author.
Google is certified under the Privacy-Shield-Agreement and thus offers a guarantee to comply with appropriate data protection standards (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Google will use this information on our behalf in order to evaluate the use of our website by the users, to compile reports on the activities within this website and to provide us with further services associated with the use of this website and the internet. In doing so, pseudonymous user profiles of the users can be created from the processed data.
We only use Google Analytics with activated IP anonymisation. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transferred to a Google server in the USA and shortened there.
The IP address transmitted by the user’s browser is not combined with other data from Google. Users can prevent the storage of cookies by adjusting their browser software accordingly; users can also prevent the collection of data generated by the cookie and related to their use of the online offer by Google and the processing of this data by Google by downloading and installing the browser plugin available under the following link http://tools.google.com/dlpage/gaoptout?hl=de.
Alternatively to the browser add-on or while the browser on a mobile terminal device is open, please click the following link to opt out of Google Analytics collecting data in the future while on this website: Analytics-Opt-Out. This places an opt-out cookie on your device. If you delete your cookies, you will have to click on this link again.
For more information on data usage by Google, on setting options and your possibilities to object, please go to the following Google webpages: https://www.google.com/intl/de/policies/privacy/partners (‘How Google uses information from sites or apps that use our services’), http://www.google.com/policies/technologies/ads (‘How Google uses data for advertising’), http://www.google.de/settings/ads (‘Control the information Google uses to show you ads’).
Within our online offer, we set the following priorities on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR), we use content or service offers from third parties in order to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as “content”).
This always presupposes that the third-party providers of these contents are aware of the IP address of the users, as without the IP address they would not be able to send the contents to their browsers. The IP address is therefore necessary for the display of these contents. We make every effort to use only such content whose respective providers use the IP address solely for the purpose of delivering the content. Third party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. Pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may contain technical information on the browser and operating system, referring websites, visiting times and other details on the use of our online offer, among other things, and may be linked to such information from other sources.
We have no influence on this collection of your data by the third party providers. The processing of your data by the respective third party provider is solely subject to the data protection regulations of the third party provider.
In detail:
Vimeo
We embed videos posted on the ‘Vimeo’ platform by Vimeo Inc., Attention: Legal Department, 555 West 18th Street New York, New York 10011, USA. Privacy statement: https://vimeo.com/privacy.
YouTube
We embed videos posted on the ‘YouTube’ platform by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy statement: https://www.google.com/policies/privacy/, Opt-out: https://adssettings.google.com/authenticated.
Google Maps
We embed the maps provided by Google Maps from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy statement: https://www.google.com/policies/privacy/, Opt-out: https://adssettings.google.com/authenticated.
Google Fonts
We embed Google Fonts by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy statement: https://www.google.com/policies/privacy/, Opt-out: https://adssettings.google.com/authenticated.
Google ReCaptcha
We embed the functionality to recognize bots, e.g. while completing online forms (‘ReCaptcha’), by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy statement: https://www.google.com/policies/privacy/, Opt-out: https://adssettings.google.com/authenticated.
On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR) the marketing and remarketing services (in short “Google Marketing Services”) of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (“Google”).
Google is certified under the Privacy Shield Agreement, which provides a guarantee of compliance with appropriate standards of data protection (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
Google Marketing Services enable us to place more specific ads for us and on our website so that users only see ads that are potentially aligned with their interests. If, for example, ads promoting products which a user is interested in are shown to a user on other websites, this is termed ‘remarketing’. For these purposes and when prompting our and other websites where Google Marketing Services are enabled, Google directly activates a Google code and so-called (re)marketing tags (invisible graphics or code, also termed web beacons) are embedded in the website. With the help of these web beacons a personalized cookie, i.e. a small text file (instead of cookies, comparable technology may also be used) is saved on the user’s device. The cookies may be placed by different domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com or googleadservices.com. These files record which websites the user visited; which content the user showed interest in; and which offers the user clicked on; also, technical information on the browser and the operating system, referral URLs, the duration of the visit and additional information on the use of the online offer. The user’s IP address is also recorded, whereby in the framework of Google Analytics this means that the IP address in member states of the European Union or other member states of the European Economic Area is truncated before sending and only transmitted to a Google server in USA as a whole in the exceptional case, where it is then truncated. The user’s IP address is not consolidated with other Google data from other offers. Google may also consolidate the above information with such information from other sources. If the user goes on to visit other websites, he will be shown personalized ads that have been aligned with his specific interests.
User data are processed in the framework of Google Marketing Services, meaning Google saves and processes e.g. not the name or the e-mail address of the user, but processes the relevant cookie-related data within user profiles under a pseudonym. This means that from Google’s perspective, the ads are not managed and shown for a specific person whose identity is known, but for the cookie owner regardless of who the cookie owner is. This does not apply if a user expressly consents to Google processing the data without pseudonymization. The information gathered by Google Marketing Services on the users is transmitted to Google and saved on Google servers in the US.
The Google Marketing Services which we refer to include, for example, Google AdWords. As for Google AdWords, each AdWords client receives a different conversion cookie. Cookies therefore cannot be traced across websites of AdWords clients. The information collected using AdWords serves to create conversion rate statistics for AdWords clients which have opted-in for conversion tracking. AdWords clients learn about the total number of users that clicked on their ad and were referred to a site using a conversion tracking tag. However, they do not receive information which will enable the identification of the user.
On the basis of Google Marketing Services we can embed AdSense ads by third parties. AdSense uses cookies which enable Google and its partner websites to place ads based on the visits of users to this website or to other websites on the Internet.
We may also use the Google Tag Manager to embed and manage Google Analytics and Google Marketing Services in our website.
For more information on the use of data for marketing purposes by Google, please go to the following overview site: https://www.google.com/policies/technologies/ads, Google’s privacy statement can be retrieved here: https://www.google.com/policies/privacy/.
If you prefer to opt-out of interest-based advertising from Google Marketing Services, please use the settings and opt-out preferences provided by Google: http://www.google.com/ads/preferences.
The Share buttons used by our online presence protects your data. These Share buttons enable greater privacy on the Internet. This makes it possible to protect our users against the exaggerated inquisitiveness of social media networks like Facebook, Google+ and Twitter. When using our online offer, no data are collected for and transmitted to social media networks. However, users are free to share posts or pages with their preferred social media networks. Only after clicking on the Share button is the user redirected to their chosen social media network. Only then are data sent to the respective services. Provided that users do not use a Share button to visit a social media network, there will be no data connection between the user and the social network.
When prompting the individual networks and platforms, the terms and conditions as well as data processing rules of their respective providers apply.
Cookies are small text files which are saved on the users’ computers. Cookies may save a variety of different information. A cookie primarily saves the details regarding a user (or the device on which the cookie is saved) while or even after their visit of the online offer. Temporary cookies, so-called session cookies or transient cookies, are cookies which are deleted after the user leaves an online offer and closes his browser. Such a cookie can save, for example, the content of a shopping basket of an online shop or the log-in status. Permanent or persistent cookies are cookies which remain saved even after the user closed the browser. For example, the log-in status may be saved for when the user returns after a few days. Likewise, such a cookie may save the interests of users which are used to measure the reach, or for marketing purposes. Third-party cookies are cookies which are managed by providers other than the controller of the online offer (otherwise, if they are their cookies only, they are termed first-party cookies).
If users prefer not to have cookies saved on their computer, they are asked to opt-out of the respective system setting in their browser. Saved cookies can be deleted in the browser’s system settings. Opting-out of the use of cookies may limit the use of the online offer’s functionalities.
The general objection to the use of cookies employed for online marketing purposes for a number of services, especially for tracking, can be declared via the US site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/. Also, the saving of cookies by opting out can be prevented in the browser settings. Please be mindful that it is possible that the full functionality of the online offer may not be available.
The controllers (companies) depending on the parking facility that you visited are:
Contipark International Austria GmbH
ÖPARK Garagen-GmbH
Optimus Parkhausverwaltungs-GmbH &Co KG
Arbeitsgemeinschaft Salzburger Parkgaragen Gesellschaft mbH – Contipark International Austria GmbH
Due to our legitimate interest in accordance with Art. 6 Para. 1 letter f GDPR as well as § 30 DSG for the exercise of domestic authority, the collection of evidence, the prosecution of fraud and other offences, our parking facilities are partially video-monitored. Furthermore, video surveillance is carried out to fulfil our contractual obligations towards you (Art. 6 Para. 1 lit. b GDPR), as it is necessary to contact our central technical customer service and to rectify faults.
The recorded data will be deleted again at the latest 14 days after recording, unless there is a concrete reason for the longer recording, i.e. in particular if the recordings are necessary for the investigation of concrete criminal offences. In these cases, we collect further contact data from the Federal Motor Transport Authority or the central call centre of the car insurers on the basis of our justified interest.
Responsible companies depending on the product and the parking facility:
Contipark International Austria GmbH
ÖPARK Garagen-GmbH
Optimus Parkhausverwaltungs-GmbH &Co KG
Arbeitsgemeinschaft Salzburger Parkgaragen Gesellschaft mbH – Contipark International Austria GmbH
We process the licence plate number on the basis of our legitimate interest in accordance with Art. 6 Para. 1 lit. f GDPR as well as § 30 DSG for the purpose of exercising domestic authority, preventing fraud and enforcing our contractual and employment conditions.
Automatically recorded data will be deleted immediately after leaving the parking facility, unless there is a concrete reason for longer storage, i.e. in particular if the recordings are necessary to solve concrete crimes or to enforce our contractual rights and obligations. In these cases we collect further contact data from the Federal Motor Transport Authority or the central call centre of the car insurers on the basis of our justified interest
The controllers (companies) depending on your contract are:
Contipark International Austria GmbH
ÖPARK Garagen-GmbH
Optimus Parkhausverwaltungs-GmbH &Co KG
Arbeitsgemeinschaft Salzburger Parkgaragen Gesellschaft mbH – Contipark International Austria GmbH
Servipark Austria GmbH
We process inventory data (e.g. names and addresses as well as contact data of users) and contractual data (e.g. services used, names of contact persons, payment information) for the purpose of fulfilling our contractual obligations and services in accordance with Art. 6 Para. 1 letter b. GDPR. We only collect data that is necessary for the conclusion or execution of the contract and use it exclusively for these purposes. We also collect data required for the assertion of contractual claims or in relation to the settlement of damages within the framework of a contractual relationship from third parties, e.g. the Federal Motor Transport Authority or the central call centre of car insurers.
The deletion of the data is carried out after the expiry of statutory warranty periods, the necessity for the storage of the data is reviewed every three years; in the case of statutory archiving obligations, the deletion is carried out after the expiry of these obligations, unless there is a concrete reason for further storage. Information in any customer account remains until it is deleted.
The controllers (companies) depending on your request are:
Contipark International Austria GmbH
ÖPARK Garagen-GmbH
Optimus Parkhausverwaltungs-GmbH &Co KG
Arbeitsgemeinschaft Salzburger Parkgaragen Gesellschaft mbH – Contipark International Austria GmbH
Servipark Austria GmbH
When contacting us (e.g. by contact form, e-mail, telephone or via social media), the user’s details are processed in order to process the contact request and to handle it in accordance with Art. 6 Para. 1 lit. b) GDPR or to safeguard our legitimate interests in accordance with Art. 6 Para. 1 lit. b) GDPR in the execution of the communication requested by the user. The user’s details may be stored in a customer relationship management system (“CRM system”) or comparable enquiry organisation.
We delete the enquiries and the associated communication with the user if they are no longer necessary for processing the enquiries. We review the necessity every two years; furthermore, the statutory archiving obligations apply.
The controllers (companies) depending on the company offering the vacancy are:
Contipark International Austria GmbH
ÖPARK Garagen-GmbH
If you send us your personal data in connection with an application for an open vacancy at one of our companies or as a speculative application, this is done on a voluntary basis. The data of an application may include the following data: Personal data (first and last name, date of birth, address, possibly even information on family members), communication data (e-mail address, mobile and landline phone number, Skype name), data on your previous career (school, training and job references), information on other qualifications, areas of interest, personal preferences, future wishes, information on salary requirements and the earliest possible entry/termination period, application photo.
We will use the information you provide exclusively to process your application for the advertised vacancy or, in the case of a speculative application, to check all vacancies at one of our companies in order to verify the conclusion of an employment contract with you in accordance with Art. 6 Para. 1 lit. b) GDPR. Only persons involved in the application process will be informed of your personal data. Within three months after completion of the specific application/examination procedure, all your data will be deleted immediately. This does not apply if legal provisions prevent deletion and further storage is necessary for the purpose of providing evidence or if you have expressly agreed to longer storage, e.g. for the consideration of future job placements. You can object to the use of your data for the aforementioned purposes at any time or request that your data be deleted.
The controller (responsible company) is:
Servipark Austria GmbH
We send newsletters, e-mails and other electronic notifications containing advertising information (hereinafter referred to as “newsletters”) only with your consent or legal permission. For the purpose of sending newsletters, we process your e-mail address and, in the case of registered customers, the name for a personal approach.
The dispatch of the newsletter and the associated measurement of success is based on the consent of the recipients in accordance with Art. 6 Para. 1 letter a, Art. 7 GDPR in conjunction with § 107 (2) TKG or on the basis of the legal permission pursuant to § 107 (2) and (3) TKG.
The registration procedure is recorded on the basis of our legitimate interests pursuant to Art. 6 (1) lit. f GDPR. We are interested in the use of a user-friendly and secure newsletter system that serves our business interests as well as meeting the expectations of the users and also allows us to provide proof of consent.
If the contents of the newsletter are specifically described in the context of a registration, they are decisive for the consent of the users. In addition, our newsletters contain information about our services and us as well as about us and the services of our affiliated companies.
Double-Opt-In and logging: The registration for our newsletter takes place in a so-called Double-Opt-In procedure. This means that after registration you will receive an e-mail asking you to confirm your registration. This confirmation is necessary so that no one can register with foreign e-mail addresses. The newsletter registrations are logged in order to be able to prove the registration process in accordance with the legal requirements. This includes the storage of the registration and confirmation time as well as the IP address. Changes to your data stored by the dispatch service provider are also logged.
Cancellation/revocation – You can cancel the receipt of our newsletter at any time, i.e. revoke your consent. You will find a link to cancel the newsletter at the end of each newsletter. We may store the unsubscribed e-mail addresses for up to three years on the basis of our legitimate interests before we delete them for the purpose of sending the newsletter, in order to be able to prove that we have previously given our consent. The processing of this data is limited to the purpose of a possible defence against claims. An individual request for deletion is possible at any time, provided that the former existence of a consent is confirmed at the same time.
The newsletter is sent via an e-mail-handling service provider, SC-Networks GmbH, Enzianstrasse 2, 82319 Starnberg, Germany. To review the data privacy statement of the e-mail-handling service provider, please go to: https://www.sc-networks.de/unternehmen/datenschutz/. We use the e-mail-handling service provider on the basis of our legitimate interests in accordance with Art. 6 (1) lit. f GDPR and a data processing contract in accordance with Art. 28 (3) sentence 1 GDPR.
The e-mail-handling service provider may use the recipients’ data under a pseudonym meaning without allocation to a specific user, in order to optimize or to improve their own service, e.g. to technically optimize the sending and the presentation of the newsletter or for statistical purposes. However, the e-mail-handling service provider does not use the data from our newsletter recipients to address these independently or to forward the data to third parties.
Newsletters contain a so-called web beacon. A web beacon is a pixel file which is retrieved by our server when opening the newsletter or, if we use an e-mail-handling service provider, by their server. In the framework of this retrieval technical information is initially raised such as information on the browser and your system as well as your IP address and the time when the information was retrieved.
This information is used to technically improve the service using the technical data or the target groups and your reading behavior using the locations of retrieval (which can be determined with the help of your IP address) or the times of access. The statistical collection also includes determining if the newsletters were opened, when they were opened, and which links were clicked on. This information may be allocated to the individual newsletter recipients for technical reasons. However, we neither strive to, nor, if contracted, does the e-mail-handling service provider scrutinize individual users. The evaluation instead serves to recognize the reading habits of our users and to adapt our content to them or send out different content according to the interests of our users.
The controller (responsible company) is:
Contipark International Austria GmbH
We, or our hosting provider, will collect data on the basis of our legitimate interests in the meaning of Art. 6 (1) lit. f GDPR relating to any access to the server which hosts this service (so-called server log files). Access data include the names of prompted websites, the file, date and time of the prompt, the volume of the data transfer, a message regarding the successful download, the type of browser plus its version, the user’s operating system, referral URL (previously visited page), IP address and enquiring provider.
Server log file information will be saved for reasons of security (e.g. to clarify misuse or fraud) for a maximum seven days before being erased. Data that must be retained for the purpose of evidence are excluded from being erased until the individual incident has been clarified.
Version: May 2018