DATA PROTECTION

Data protection
Information on data processing in accordance with Articles 13 and 14 of the General Data Protection Regulation (GDPR)

The protection of your personal data is a matter of course and special concern to us. Therefore, we process your personal data (“data” for short) solely on the basis of statutory provisions (DSGVO, DSG and TKG 2003). With the privacy policy we want to inform you comprehensively about the processing of your data in our company and the data protection claims and rights to which you are entitled. If you have any questions or concerns, we are happy to inform you by e-mail at datenschutz@technoflex.biz.

(1) Who is responsible for data processing and to whom can you contact?
Company: TECHNOFLEX Verpackungen GmbH
Address: Gewerbepark Ader 6, 4850 Timelkam
Telephone: +43 7672 911-55
E-Mail: datenschutz@technoflex.biz

(2) Personal data
The term “personal data” means all information that relates directly or indirectly to natural persons. Even if business secrets and business secrets are not directly covered by the concept of personal data, we give the same protection to such information and we expect the same from our business partners and customers.

We process the data that we receive from you as part of the business relationship and relationship. In addition, we process data obtained from credit bureaus, creditor protection associations, from publicly available sources (such as business register, club register, land register, media) and other companies with which we have a permanent business relationship.
Personal data related to business initiation and relationship include your family/contact details, such as

· As a corporate customer: company, company register number, UID number, company number, address, contact person contact data (e-mail address, telephone number, fax), bank details

· As supplier and service provider: company, company register number, UID number, company number, address, contact person contact data (e-mail address, telephone number, fax), bank data
In addition, we also process the following other personal data such as

· Information about the nature and content of our business relationship, such as contract data, order data, sales and receipt data, customer and supplier history, consulting documents,

· Subject of supplies or services and performance data and proofs,
· Delivery and service conditions,
· Financing and payment conditions,
· Information about your financial status (for example, credit information),
· Advertising and sales data,
· Documentation data (e.g., consulting protocols), image data
· Information from your electronic traffic (for example IP address, log-in data),
· Other data that we receive from you as part of our business relationship (for example, in customer meetings)

(3) Mandatory provision of data
The processing of your data is required to complete or fulfill your contract with us. If you do not provide us with this data, we will generally be required to refuse the conclusion of the contract or the execution of the contract or to be unable to complete an existing contract and consequently to terminate it. However, you are not obliged to give your consent for data processing with regard to data that are not relevant or legally required for the fulfillment of the contract.

(4) Processing purposes, legal bases, and scope of data processing
The processing of personal data is essential for the purpose of offering, drafting and managing the customer. Furthermore, data is required for the offer and contract design.
We process your data on the basis of the statutory provisions of § 96 (3) TKG and in accordance with the provisions of the General Data Protection Regulation (DSGVO) and the Austrian Data Protection Act (DSG), as amended:

· For the fulfillment of (pre-) contractual obligations (Art. 6 para. 1 lit.b DSGVO):
Your data is processed for the sale and distribution of our goods and services, for procurement and logistics purposes as well as for customer administration and analysis. The data will be processed in particular at business initiation and during the execution of contracts with you.

· For the fulfillment of legal obligations (Art. 6 para. 1 lit.c DSGVO):
Processing of your data is for the purpose of meeting various legal obligations, e.g. from the company code (UGB) or the federal tax code (BAO), money laundering regulations u.a. required.

· For the protection of legitimate interests (Art. 6 (1) lit.f DSGVO):
Due to a balancing of interests, data processing beyond the actual fulfillment of the contract may be carried out to safeguard legitimate interests of us or third parties.

In any case, in the following cases, data processing takes place to safeguard legitimate interests:
– Consultation and exchange of data with credit bureaus and creditor protection associations for the purpose of identifying creditworthiness data;
– advertising or marketing;
– business management and development of services and products;
– Lead the customer database to improve customer service;
– measures to protect against contractual or illegal behavior, e.g. Access control, video surveillance;
– in the context of legal action.
– In the context of your consent (Art. 6 para. 1lit.a DSGVO):

If you have given us consent to the processing of your data, processing will only take place in accordance with the purposes set out in the declaration of consent and to the extent agreed therein. A given consent can be withdrawn at any time with effect for the future, e.g. to send our newsletter or to transfer data to third parties. Please contact our e-mail address given in point 1. On the basis of any declarations of consent given to you separately, we also use your data to submit further offers from us or from our business partners.

(5) passing on the data to third parties
Due to the business model and the complexity of today’s data processing processes, it is sometimes essential that we sometimes use service providers and commission them with the processing of your data. Basically, we do not transmit any data to a third country. Transmission in individual cases will only take place on the basis of an adequacy decision by the European Commission, standard contractual clauses, appropriate guarantees or your express consent. If you would like to know more about how and to what extent we process your data in your specific business transaction or pass it on to service providers and which protective guarantees we have taken here, please contact our Data Protection Coordinator.

Regardless of the specific assignment, we transfer data to the following affiliated companies of the TECHNOFLEX Group, as required:
· TECHNOFLEX Holding GmbH
· TECHNOFLEX Packaging GmbH
· TECHNOFLEX Hungary Kft.
· TECHNOFLEX Germany GmbH

For the fair fulfillment of our duties, we use some external service providers and cooperation partners:
· Infotech EDV-Systeme GmbH
· Cegeka Austria GmbH (ERP system)
· I.Q. Office Technology Sales & Service GmbH

We point out that the persons authorized to process the order data are obliged to maintain confidentiality regarding all related information and to process them only within the framework of the provision of services. The processors commissioned by us will receive your data if they need the data to fulfill their respective performance. Furthermore, we point out to take all the state-of-the-art measures to protect your data.

(6) Data transfer to supervisory authorities and courts as well as to other third parties
As an Austrian corporation, we are subject to certain regulatory requirements. Therefore, there is a possibility that a disclosure of personal data may be required by a court or an authority. In all cases, we ensure that you comply with the legal requirements.
For the purposes of the protection of creditors, we reserve the right in individual cases to transmit master data and information on your financial status to credit insurers or credit protection associations and credit reference agencies.
If there is a legal obligation and in the context of legal action, authorities and courts as well as external auditors can be the recipients of your data.
In addition, for the purpose of contract initiation and fulfillment insurances, banks, credit bureaus and service providers may be recipients of your data.

(7) Data security
We use technical and organizational security measures to protect the stored personal data against accidental or intentional manipulation, loss or destruction and against access by unauthorized persons. Our security measures are continually being improved in line with technical progress.

(8) Data retention
The storage of your data takes place fundamentally over the duration of an upright performance relationship or until expiration of the valid warranty, warranty, statute of limitations and legal storage obligations. Should this exceed the duration of the upright service relationship, the data will be stored in accordance with the statutory provisions.
The categorization of data for storage is as follows:
· Statutory duty to keep records for books, records and supporting documents in accordance with § 132 para. 1 BAO: 7 years (beyond as long as they are relevant for the tax authorities in a pending case);
· Duty of storage for accountable entrepreneurs according to §§ 190, 212 UGB: 7 years;
· VAT obligation under Section 18 (2) 3. Subparagraph: 7 years;
In addition, your data will be stored until the termination of any litigation in which the data is needed as evidence.
Moreover, in the storage period, the statutory limitation periods, e.g. according to the General Civil Code (ABGB) in certain cases up to 30 years (the general limitation period is 3 years) may be considered.

(9) Affected rights
You have the right to receive information about your personal data. Under certain conditions, you also have the right to correct or delete your data. Furthermore, the right to limitation of processing, opposition and data transferability exists, provided the legal provisions are met. You also have the right to request your provided data in a structured, common file format. In order to assert your rights, please contact us at datenschutz@technoflex.biz or by post to TECHNOFLEX Verpackungen GmbH,
Gewerbepark Ader 6, 4850 Timelkam (password: privacy). If in doubt, we may ask for additional information confirming your identity when you provide information. This is to protect your rights and privacy.

(10) Right of withdrawal
You have the right to object or revoke your consent to the processing of your personal data on the basis of consent for marketing purposes. If your data is processed by us for the protection of legitimate interests, you can object to this as soon as there are reasons for your situation that contradict the data processing.

(11) Reference to your right to appeal
If you do not agree with the nature of the data processing, you have the right to complain to the Austrian Data Protection Authority. These can be reached by e-mail at dsb@dsb.gv.at.

(12) Application data
If you send us your application, your application data will only be made available to authorized persons involved in the application process. Your application data will be deleted if a contract of employment is not concluded.

(13) Automated decision-making including profiling
We do not use automated decision-making or profiling under Art. 22 GDPR to reach a decision on the establishment and conduct of the business relationship.

(14) Use of cookies and tracking tools
Our website uses so-called cookies. These are small text files that are stored on your device using the browser. They do no harm. We use cookies to make our offer user-friendly. Some cookies remain stored on your device until you delete them. They allow us to recognize your browser on your next visit.
If you do not want this, you can set up your browser so that it informs you about the setting of cookies and you allow this only in individual cases.
Disabling cookies may limit the functionality of our website.

(15) SSL / TLS ENCRYPTION
This site uses, for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as a site operator, an SSL or. TLS encryption. You can recognize an encrypted connection by changing the address line of the browser from “http: //” to “https: //” and the lock symbol in your browser line.
If SSL or TLS encryption is enabled, the data you submit to us can not b  e read by third parties.

(16) Log and Log Data
When you access our website, it automatically logs your information using information of a general nature. This information, such as server log files, includes, for example, the type of web browser, the operating system used, the domain name of your Internet service provider and the like. These are only general information that does not allow any conclusions about your person.
This information is technically necessary to correctly display the contents of web pages requested by you and is mandatory when using the internet. They are processed in particular for the following purposes:
– ensuring a problem-free connection setup on our website,
– ensuring a smooth use of our website,
– Evaluation of system security and stability, as well
– for further administrative purposes.
The processing of your personal data is based on our legitimate interest for the aforementioned purposes of data collection. We do not use your information to draw conclusions about you. We are the recipient of the data as the responsible body and possibly the processor.