Data Protection Statement

Information by the Contipark Group of Companies, Austria on the processing of personal data (Privacy Statement)

With the following data protection declaration, we would like to inform you about the types of your personal data (hereinafter also referred to as “data”), the purposes for which they are processed and the extent to which they are processed by the respective companies of the Contipark Group of Companies Austria and what rights you have in this regard. The data protection declaration applies to all processing of personal data carried out by us, both in the context of the provision of our services in the parking facilities and in particular on our websites, in mobile applications and within external online presences, such as our social media profiles (hereinafter collectively referred to as the “online offer”).

The following companies belong to the Contipark Group Austria:

Contipark International Austria GmbH

Reichenhaller Straße 8
5020 Salzburg
Telefon: +43 (0)662-80990-0

You can reach our data protection officer at the above postal address or by e-mail sent to:

ÖPARK Garagen-GmbH

Tivoligasse 25/10
1120 Wien
Telefon: +43 (0)662-80990-0

You can reach our data protection officer at the above postal address or by e-mail sent to:

Optimus Parkhausverwaltungs-GmbH &Co KG

Tivoligasse 25/10
1120 Wien
Telefon: +43 (0)662-80990-0

You can reach our data protection officer at the above postal address or by e-mail sent to:

Arbeitsgemeinschaft Salzburger Parkgaragen Gesellschaft mbH – Contipark International Austria GmbH

Reichenhaller Straße 8
5020 Salzburg
Telefon: +43 (0)662-80990-0

You can reach our data protection officer at the above postal address or by e-mail sent to:

Servipark Austria GmbH

Reichenhaller Straße 8
5020 Salzburg
Telefon: +43 (0)662-80990-60

You can reach our data protection officer at the above postal address or by e-mail sent to:

A. General information applicable to all processing operations

We process your personal data in accordance with the provisions of the European Data Protection Regulation (GDPR), hereinafter referred to as DS-GVO and all other applicable laws, such as the Data Protection Act (DPA), hereinafter referred to as DSG. Where necessary, we obtain your consent beforehand.

“Personal data” means any information relating to an identified or identifiable natural person (hereinafter “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

“Processing” means any operation or set of operations which is performed upon personal data, whether or not by automatic means. The term is broad and covers virtually any handling of data.

Controller” means the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data.

With regard to these and other terms used, we refer to the definitions in Art. 4 DS-GVO,

Within the entire group of companies, access to your data is granted to those offices that require it in order to fulfil our contractual services and legal obligations.
Insofar as your data is disclosed or otherwise passed on to third parties within the group of companies or to external services (e.g. billing services, IT services, consulting, sales and marketing, data destruction, logistics, telecommunications), this will only be done on the basis of legal permission, e.g. if a transfer of the data to third parties, such as payment service providers, is necessary for the performance of the contract pursuant to Art. 6 para. 1 lit. b) DS-GVO, you have consented pursuant to Art. 6 para. 1 lit. a) DS-GVO, a legal obligation pursuant to Art. 6 para. 1 lit. c) DS-GVO provides for this or on the basis of our legitimate interests pursuant to Art. 6 para. 1 lit. f) DS-GVO.
If we commission other companies within our group of companies, other companies or other contractors with the processing of your data in accordance with instructions, this is done on the basis of a commissioned processing agreement within the meaning of Art. 28 DS-GVO. In the case of cooperation based on division of labour or cooperation as joint controllers within the meaning of Art. 4 No. 7 DS-GVO, the joint processing of data takes place on the basis of an agreement within the meaning of Art. 26 DS-GVO . The agreements ensure in particular that your rights as a data subject are protected and can be asserted against the companies responsible. We will be happy to provide you with further details on the processing of your data in the context of cooperation with other companies, persons or bodies as well as your rights in accordance with the law upon request. Furthermore, within the framework of this data protection declaration, we would like to point out which companies of our group of companies are involved in which types of processing as the persons responsible for the respective processing.

If we process data in a third country (i.e., outside the European Union (EU), the European Economic Area (EEA)) or the processing takes place in the context of the use of third-party services or the disclosure or transfer of data to other persons, bodies or companies, this is only done in accordance with the legal requirements.

Subject to express consent or contractually or legally required transfer, we only process or allow data to be processed in third countries with a recognised level of data protection, contractual obligation through so-called standard protection clauses of the EU Commission, in the presence of certifications or binding internal data protection regulations (Art. 44 to 49 DS-GVO, information page of the EU Commission:

You have the right to request confirmation as to whether data relating to you is being processed, information about this data and further information and a copy of the data in accordance with Art. 15 DS-GVO.

In accordance with Art. 16 DS-GVO, you have the right to request that the data concerning you be completed or that the incorrect data concerning you be corrected.

In accordance with Art. 17 GDPR, you have the right to demand that data relating to you be deleted without delay, provided that there are no legal obligations to the contrary, or alternatively, in accordance with Art. 18 DS-GVO, to demand restriction of the processing of the data.

You have the right to request to receive the data concerning you that you have provided to us in accordance with Art.20 DS-GVO and to request that it be transferred to other data controllers.

You also have the right to lodge a complaint with a competent supervisory authority pursuant to Art. 77 DS-GVO, e.g. with

Austrian Data Protection Authority
Barichgasse 40-42
AT – 1030 Vienna

You have the right to revoke given consent pursuant to Art. 7 para. 3 DS-GVO at any time without stating reasons with effect for the future. You can do this by sending a simple message to the above contact addresses.

You may object to the future processing of data concerning you in accordance with Art. 21 DS-GVO at any time. The objection can be made in particular against processing for direct marketing purposes.

The data processed by us will be deleted or restricted in its processing in accordance with Articles 17 and 18 DS-GVO. Unless expressly stated within the scope of this data protection declaration, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations. If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted. I.e. the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law.

According to legal requirements in Austria, commercial letters and similar correspondence, commercial books and similar records, accounting vouchers and documents relevant for taxation are stored for seven years. Furthermore, storage is carried out as far as necessary for the preservation of evidence within the framework of the legal statute of limitations. These limitation periods can be up to 30 years, whereby the regular limitation period is three years. We also ask you to note that the above-mentioned periods generally begin at the end of the year in which the relevant events took place or records and other documents were created.

In the following, we share the legal basis of the GDPR (DS-GVO) on the basis of which we process personal data. Please note that in addition to the provisions of the GDPR (DS-GVO), the national data protection provisions in your or our country of residence and domicile may apply. Should more specific legal bases be relevant in individual cases, we will inform you of these in the data protection declaration.

  • Consent (Art. 6 para. p. 1 lit. a) DS-GVO) – The data subject has given his/her consent to the processing of personal data relating to him/her for a specific purpose or purposes.
  • Contract performance and pre-contractual enquiries (Art. 6 (para. p. 1 lit. b) DS-GVO) – Processing is necessary for the performance of a contract to which the data subject is party or for the performance of pre-contractual measures taken at the data subject’s request.
  • Legal obligation (Art. 6 para. 1 p. 1 lit. c) DS-GVO) – Processing is necessary for compliance with a legal obligation to which the controller is subject.
  • Protection of vital interests (Art. 6 para. 1d) GDPR) – Processing is necessary in order to protect the vital interests of the data subject or another natural person.
  • Legitimate interests (Art. 6 para. 1 p. 1 lit. f) DS-GVO) – Processing is necessary to protect the legitimate interests of the controller or a third party, unless such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data.

B. Processing operations in detail

Responsible for data processing depending on the website you visit:
Contipark International Austria GmbH,
Servipark Austria GmbH

Our websites are managed on the servers of the hosting providers Planet IC GmbH, Mettenheimer Straße 9-15, 19061 Schwerin, Germany and Scheidt & Bachmann GmbH, Breite Straße 132, 41238 Mönchengladbach, Germany. The hosting services used by us serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services, which we use for the purpose of operating this online offer.

We, or our hosting providers, store all inventory data, contact data, content data, contract data, usage data, meta data and communication data of customers, interested parties and visitors of this online offer in connection with the website on the basis of our legitimate interests in an efficient and secure provision of this online offer pursuant to Art. 6 para. 1 lit. f) DS-GVO in conjunction with Art. 28 DS-GVO. Art. 28 DS-GVO (conclusion of order processing contract).

We, or our hosting providers, collect data about each access to the server on which this service is located (so-called server log files) on the basis of our legitimate interests within the meaning of Art. 6 para. 1 f) DS-GVO, in particular in the secure and efficient provision of our website.

The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider.
When using this general data and information, we do not draw any conclusions about your person. Rather, this information is required to deliver the content of our website correctly, to optimise the content of our website as well as the advertising for it, to ensure the permanent functionality of our IT systems and the technology of our website as well as to provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack.

Therefore, the data and information collected will be evaluated by us, on the one hand, statistically and, on the other hand, with the aim of increasing the data protection and data security of our enterprise so as to ultimately ensure an optimal level of protection for the personal data we process. The data of the server log files are stored separately from any personal data provided by a data subject.
Log file information is only stored for as long as necessary for the above purposes and is then anonymised or deleted. The maximum storage period is seven days. Data whose further storage is required for evidentiary purposes is exempt from deletion until the final clarification of the respective incident.

When users leave comments or other contributions, in addition to their comment, information on the time of creation, their IP addresses, the email address and the user name they have chosen are also stored on the basis of our legitimate interests within the meaning of Art. 6 para. 1 lit. f) DS-GVO. The storage takes place for security reasons, in case someone leaves illegal content in comments and posts (insults, forbidden political propaganda, etc.). In this case, we may be prosecuted ourselves for the comment or post and are therefore interested in the identity of the author for the purpose of exculpation. The data may be stored for a longer period of time if there are concrete indications of a legal violation or a comparable necessity for storing the data. The personal information provided in the context of comments and contributions, any contact and website information as well as the content-related information will be permanently stored by us until the user objects.

Cookies” are small files that are stored on users’ computers. Different information can be stored within the cookies. A cookie is primarily used to store information about a user (or the device on which the cookie is stored) during or after his or her visit to an online offer. Temporary cookies, or “session cookies” or “transient cookies”, are cookies that are deleted after a user leaves an online offer and closes his browser. The content of a shopping basket in an online shop or a login jam, for example, can be stored in such a cookie. Cookies that remain stored even after the browser is closed are referred to as “permanent” or “persistent”. For example, the login status can be stored if users visit them after several days. Likewise, the interests of users can be stored in such a cookie, which is used for range measurement or marketing purposes. Third-party cookies” are cookies that are offered by providers other than the responsible party that operates the online offer (otherwise, if they are only its cookies, they are referred to as “first-party cookies”).

You can delete cookies, allow only selected cookies or completely deactivate cookies at any time via the settings of the browser you are using. You can find more information on the support pages of the respective providers:




Microsoft Edge:

A general objection to the use of cookies for online marketing purposes can be declared for many of the services, especially in the case of tracking, via the US-American website or the EU website Furthermore, the storage of cookies can be prevented by deactivating them in the browser settings. Please note that not all functions of this online offer can then be used.

The cookies set are automatically deleted after a predefined period of time. The respective storage period of the cookies can be set in the settings of the consent tool used or at respectively –

We use the consent tool “Cookiebot” from Cybot A/S, Havnegade 39, 1058 Copenhagen (Denmark). This service enables us to obtain and manage the consent of website users for data processing.

Cookiebot collects data generated by end users who use our website.
When an end user gives consent via the cookie consent tool, Cookiebot automatically logs the following data:

  • The IP number of the end user in anonymised form (the last three digits are set to ‘0’).
  • Date and time of consent.
  • User agent of the end user’s browser.
  • The URL from which the consent was sent.
  • An anonymous, random and encrypted key.