Privacy

Declaration on information to be provided – Privacy Policy

 

The protection of your personal data is important to us. We want you to be informed about what types of personal data we collect and how we process them. We process your data only in compliance with applicable data protection laws and regulations (GDPR, Data Protection Amendment Bill, Telecommunications Act 2003). This Privacy Policy contains the most important aspects of data processing.

In the course of further developing our websites and the implementation of new technologies, changes to this Privacy Policy may occur. Thus, we advise you to periodically reread this Privacy Policy.

 

Contacting us
If you contact us via the form on this website, e-mail or telephone, we store your personal data for a period of two years for the purpose of processing your request and for the event that follow-up-communication is necessary. We do not transmit this data to third parties without your consent.

 

We collect personal data for the following purposes:

  1. Legal basis of performance of a contract: The data provided by you is necessary for the performance of a contract or the implementation of pre-contractual measures. Without this data, we cannot conclude a contract with you. Examples of purposes: Processing requests, preparing offers & invoices
  2. Legal basis of legitimate interests: We process your personal data on the basis of our legitimate interest (e.g. CRM-system for the efficient and timely processing of user requests, Google Analytics for analyses, optimized and efficient operation of our online offer).
  3. Legal basis of consent: You have freely provided us with your personal data and we process this data on the basis of your consent. Examples of purposes: Consent to receiving the newsletter or registration for an event

You can withdraw your consent at any time. Upon such notice of withdrawal, we will stop processing your personal data for the aforementioned purposes. To withdraw your consent, please contact: office@biedermaier.com

 

Period for which the data will be stored/Time limits for erasure
The collected personal data is erased when the user has withdrawn his consent to its storage or when the storage of the data is no longer necessary for the intended purposes.
Furthermore, the period for which your data is stored depends on the applicable laws and regulations and the specific application:

  • Contact details in consequence of offers and invoices: 7 years
  • Contact details in consequence of requests: 1 year
  • Job applications: 6 months

Processor
We hire processors for our data processing (e.g. e-mail & web hosts, CRM-system, e-mail newsletter service, website statistics, tax consultant). These processors are strictly obligated to protect your personal data and are not authorized to process your personal data for any other purpose than the provision of our services.

Security measures
We take state-of-the-art organisational, contractual and technical security measures to ensure that the provisions of the data protection law are complied with and to protect the data processed by us from accidental or deliberate manipulation, loss, destruction or access by unauthorised persons.

Cookies
Cookies are small text files sent from our web server to your browser when you visit our websites and stored on your device.

We set the following cookies on our website:

Youtube
On our website we use components (videos) the company’s YouTube, LLC 901 Cherry Ave., 94066 San Bruno, CA, USA, a subsidiary of Google Inc., Amphitheater Parkway, Mountain View, CA 94043, one. Here we use the provided by YouTube available option “extended data protection mode.” When you visit a page that has an embedded video, a link to the YouTube servers is established while the contents shown by notifying your browser on the Internet. According to the data from YouTube only data to the YouTube server are transmitted in “privacy-enhanced mode”, in particular which of our web pages you have visited when you watch the video. Are you simultaneously logged into YouTube, this information will be associated with your user account on YouTube. You can prevent this by logging out of your user account before visiting our website. Learn more about privacy from YouTube are provided by Google under the following link: https://www.google.de/intl/de/policies/privacy/

If you wish to refuse the storing of cookies on your device, we kindly ask you to deactivate the corresponding option in your browser settings. You can delete stored cookies via your browser settings. However, if you deactivate cookies, certain features of our online services may not work properly.

Web analytics
This website uses:

1. Website statistics
Automatically provided by our web host. The access statistics do not contain any personal data, since the IP-addresses of our website’s users are anonymised.

2. Web host IP-address
Our web host is processing the following personal data in a server log file for the purpose of monitoring the technical function and raising the operational safety of the web server, on the basis of the legitimate interest of the controller (technical security measures):
Accessed website, date and time of server inquiry, type of browser/browser version, used operating system, transferred data volume, notice of successful access, referrer URL, IP-address, host name. We ourselves do not have access to the log files.
Our Web host saves these data for 30 days.

Integration of the services and contents of third parties
Within our online offer, we integrate content or services provided by third parties, like videos or text fonts (hereinafter referred to as “contents”), on the basis of our legitimate interest (i.e. interest in the analysis, optimization and efficient operation of our online offer based on Art. 6 para 1 lit f GDPR). This always requires the third parties providing these contents to have access to the users’ IP-addresses, because without IP-address they cannot send contents to the users’ browsers. Thus, the IP-address is necessary for the display of these contents. We make an effort to exclusively use contents of providers who use these IP-addresses only for the provision of their contents.
The following list gives you an overview of third party providers and their contents as well as links to their privacy policies containing more information on the processing of data and possibilities of withdrawal or refusal (so-called opt-out), as partly mentioned before:

eMail-Newsletter.
You can subscribe to our newsletter via our website. By subscribing to our newsletter, you agree to receive it and to the procedures described.

In order to subscribe to the newsletter, we need your e-mail address.

Our newsletter is distributed by e-mail and on our homepage. The usual content is reporting on current projects relating to our services.
The subscription is free of charge. Registration/deregistration: directly in each newsletter.

The newsletters are sent by the mailing service “MailChimp”, a newsletter mailing platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. You can view the privacy policy of the shipping service provider here: https://mailchimp.com/legal/privacy/. The Rocket Science Group LLC d/b/a MailChimp is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with the European data protection level (https://www.privacyshield.gov/participantid?=a2zt0000000TO6hAAG&status=Active).

The shipping service provider is used on the basis of our legitimate interests pursuant to Art. 6 para. 1 lit. f DSGVO and an order processing contract pursuant to Art. 28 para. 3 sentence 1 DSGVO. The dispatch service provider can use the recipient’s data in pseudonymous form, i.e. without allocation to a user, to optimise or improve its own services, e.g. for technical optimisation of dispatch and presentation of the newsletter or for statistical purposes. However, the dispatch service provider does not use the data of our newsletter recipients to write to them itself or to pass the data on to third parties.

Likewise the changes of your data stored with the Versanddienstleister are logged.

Statistical survey and analyses – The newsletters contain a so-called “web beacon”, i.e. a pixel-sized file which is retrieved from the server of the dispatch service provider when the newsletter is opened. Within the scope of this retrieval, technical information such as information about the browser and your system, as well as your IP address and time of retrieval are first collected. This information is used for the technical improvement of the services on the basis of the technical data or the target groups and their reading behaviour on the basis of their retrieval locations (which can be determined with the help of the IP address) or the access times. The statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our nor the shipping service provider’s intention to monitor individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our contents to them or to send different contents according to the interests of our users.

The statistical surveys and analyses as well as the logging of the registration procedure are carried out on the basis of our legitimate interests pursuant to Art. 6 Para. 1 lit. f DSGVO. Our interest is directed towards the use of a user-friendly and secure newsletter system that serves both our business interests and the expectations of users.

Cancellation/revocation – You can cancel the receipt of our newsletter at any time, i.e. revoke your consent. This means that your consent to its dispatch [by the dispatch service provider] and the statistical analyses will expire at the same time. A separate revocation of the dispatch by the dispatch service provider or the statistical evaluation is unfortunately not possible. You will find a link to cancel the newsletter at the end of each newsletter.

Web Fonts
For the coherent presentation of text fonts, this site uses so-called Web Fonts provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, California 94043 USA. When accessing a site, your browser loads the needed Web Fonts in your browser cache to correctly display texts and text fonts.
For this purpose, the server you are using has to contact the servers of Google Fonts. This way, Google Fonts is informed that our website has been accessed via your IP-address. We use Web Fonts for the purpose of a coherent and appealing presentation of our online offers. This presents a legitimate interest based on Art. 6 para 1 lit f DSGVO.
If your browser does not support Web Fonts, your computer uses a standard text font instead.
Google is certified under the Privacy Shield Framework and has made a commitment to comply with European Data Protection Law –  https://www.privacyshield.gov/
Data Protection: https://www.google.com/policies/privacy/
Opt-Out: https://www.google.com/settings/ads/

Online presence in social media
We maintain online presences in social networks and platforms to communicate with our customers, prospective customers and users there active and inform them about our services. When accessing any of these networks and platforms, the terms and conditions and policies on data processing of the respective operators apply. Unless stated otherwise in our Privacy Policy, we process user data if they communicate with us via social networks or platforms, e.g. write posts in connection with our online presence or send us messages.
Privacy Policies of the platforms:
Facebook: https://www.facebook.com/business/gdpr
Instagram: https://help.instagram.com/519522125107875?helpref=page_content
YouTube: https://policies.google.com/privacy?hl=de&gl=de

Your rights
In general, you have a right to request from the controller access to and rectification or erasure of personal data or restriction of processing or the right to object to processing or withdraw consent as well as the right to data portability. If you believe that the processing of your personal data infringes applicable data protection law or that your data protections rights are infringed in any other way, you can lodge a complaint with the competent supervisory authority. In Austria, the competent supervisory authority is:

Austrian Data Protection Authority
Wickenburggasse 8-10
1080 Wien
Telephone: +43 1 531 15-202525
eMail: dsb@dsb.gv.at
Homepage: https://www.dsb.gv.at/

You can contact us via the following contact details:

Bieder & Maier
m2 Kaffeemanufaktur und Vertriebsges.m.b.H.
Halbgasse 1a/3-4
A-1070 Wien

Telephone:+43 676 725 00 69
eMail: office@biedermaier.com
Homepage: http://www.biedermaier.com

You can contact our data protection officer
Telephone:+43 676 725 00 69
eMail: office@biedermaier.com