Skip to main content

Privacy Policy

GENERAL INFORMATION ON OUR DATA PROTECTION EFFORTS

1. DATA CONTROLLER

Responsible for data processing (data controller), is delfortgroup AG (“we”, “us”).

You can reach us at:
delfortgroup AG
Fabrikstraße 20
A – 4050 Traun
dataprotection@delfortgroup.com

The Singapore Data Protection Officer can be reached via this E-mail.

 

2. COLLECTION AND PROCESSING OF DATA

Our website can, in most cases, be used without providing personal information. If the user is prompted to provide personal information it is understood that the user does this voluntarily.

2.1. Contacting us

Should the website user (customer or non-customer) provide personal information in the context of establishing contact with us or sending a request, then we will only process personal data provided by the user (eg name, e-mail-address, phone number, subject and content of your message). This data processing is necessary for the fulfilment of our (pre)contractual obligations to get in contact with you or to provide you the desired information (Art 6 para 1 lit b GDPR).

2.2. Server-Log-Files

The provider of the website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Browser type and
  • Browser version used operating system
  • Referrer URL
  • Host name of the accessing computer
  • Time of the server requestThis data can not be assigned to specific persons. A merge of this data with other data sources will not occur. We reserve the right to check this data retrospectively, if we become aware of specific indications for illegal use.

    We therefore process server log files solely to be able to operate our website and the connected services, to identify you as a user authorized to access, to distribute web server requests in our server pool as well as for security reasons (e.g. for clarification of abusive and fraudulent activities). Thus, this data processing activity is necessary to ensure our legitimate interests in operating a user friendly and secure website (Art 6 para 1 lit f GDPR).

3. EMBEDDED SERVICES AND THIRD PARTY CONTENTS

3.1. Google Maps

With your consent, this website uses the service Google Maps by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). For details regarding the data collected see section 7.
The privacy policy for Google Maps can be accessed here: HTTPS://POLICIES.GOOGLE.COM/PRIVACY
The Terms of Use of Google Maps can be accessed here: HTTPS://WWW.GOOGLE.COM/INTL/EN/HELP/TERMS_MAPS/

3.2. YouTube

On our website, you will find videos from the platform YouTube of the third party provider Google Inc. By clicking on the video, you agree to the collection and processing of your data by Google Inc.
The privacy policy can be accessed here: https://policies.google.com/privacy?hl=de

 

4. DISCLOSURE AND TRANSMISSION OF DATA

Personal data will only be disclosed or transmitted by us to third parties to the extent necessary (data processors):

  • IT-service providers and/or providers of data hosting solutions or similar services;
  • Other service providers, providers of tools and software solutions that support us with the performance of our services as well and operate on our behalf (including providers of marketing tools, marketing agencies, communication service providers, shipping service providers).All our data processors process your data only on our behalf and on the basis of our instructions. Apart from that, we transmit your personal data to the extent necessary to the following recipients (controllers):
  • Potential third parties that are participating in the provision of services to you for the fulfilment of our contractual obligations (e.g. banks for processing of the payment, payment service providers etc);
  • External third parties on the basis of our legitimate interests in the extent necessary (e.g. auditors and tax consultants, insurances in case of insured events, legal representatives in case of incidents);
  • Authorities and other public entities in the extent legally necessary (e.g. financial authorities).

If we process your data in a third country outside the European Union (EU) or the European Economic Area (EEA), or if we do so in the context of using third-party services, this will only occur if it is necessary to fulfill our (pre-)contractual obligations, on the basis of your consent, due to a legal obligation, or on the basis of our legitimate interests. We have implemented appropriate safeguards to ensure that the transfer of your data to the respective third country complies with data protection requirements (e.g., adequacy decisions, Binding Corporate Rules or conclusion of Standard Contractual Clauses including additional measures). Upon your request, we will provide you with a copy of these appropriate safeguards if we process or have your data processed in third countries.

If there is no sufficient guarantee for a data transfer, the transfer may take place in individual cases based on your voluntary consent for specific purposes: If you have given your express consent, data will be transferred to a third country for which there is no adequacy decision pursuant to Art 45 (3) GDPR or no other suitable guarantees pursuant to Art 46 DSGVO, on the basis of this express consent pursuant to Art 49 (1) lit a GDPR in conjunction with Art 6 (1) lit a GDPR. You can revoke your explicit and voluntary consent at any time with effect for the future. To do this, you can simply adjust your cookie preferences in the cookie settings, for example.

For the USA, there is currently no adequacy decision within the meaning of Art 45 GDPR, which confirms an adequate level of protection in the third country, and no suitable guarantees pursuant to Art 46 GDPR. Accordingly, a data transfer to the USA only takes place on the basis of your prior explicit and voluntary consent. Risks associated with the transfer of data include the possibility that US authorities, such as US intelligence services, access your data for control and monitoring purposes and that you are not informed about these accesses. There is also the risk that you will not have effective legal remedies against these accesses.

 

5. DATA RENTENTION AND DATA DELETION

We store your personal data just as long as it is necessary for the fulfillment of the purpose pursued with the processing. Beyond that, we are potentially obligated to store your data in accordance to legal retention periods.
Specifically, we store your data in connection with the establishment of contact with us in accordance with legal retention periods for a time period of usually seven years.
Access data and log files are stored for a maximum time period of one year and are erased subsequently.
Apart from that, we may store your personal data after an incident beyond the abovementioned time periods as long as legal claims out of the relationship between you and us can be enforced, or respectively until the definitive clarification of an incident or legal dispute. This longer storage occurs for the ensuring of our overriding legitimate interests to the enforcement, clarification and defence of our legal claims.

 

6. RIGHTS OF DATA SUBJECTS

On request, we will gladly inform you about the data processed about your person. Please direct your request to the above mentioned contact addresses.
If your data processed by us is not correct, please inform us about it. We will correct it immediately and inform you.
If you no longer wish us to process your data, we ask you to inform us informally using the above contact details. As soon as your request for erasure reaches us, we will delete your data immediately and inform you. If there are compelling legal reasons for the deletion of your personal data, you will be notified by us.
Additionally, you have the right to restriction of processing as well as the right to data portability concerning the data you have provided us with.
Moreover, you have the right to object on grounds relating to your particular situation. Such an objection can in particular occur relating to processing of data for the purposes of direct marketing.

Additionally, you have the right to withdraw your consent at any time with effect for the future.
If you believe that the processing of your personal data does not take place within the legal framework, you have a right to lodge a complaint with the respective supervisory authority. In Austria this is the Austrian data protection authority.

The data protection authority can be reached at the following address:
Österreichische Datenschutzbehörde
Barichgasse 40-42
1030 Wien
+43 1 52 152-0
E-Mail

 

7. COOKIES

7.1. What are cookies?

Cookies are tiny text files, which are stored on your end device via the browser when you use our website. These text files contain information for the provision of user-friendly services and are exported from web browsers. Cookies allow our web server to present you with a better, faster website. Additionally, they enable us to analyze your behavior on our website.
Therefore, please consider that you may not receive any access to some website contents if you block cookies.

A differentiation is basically made between the following types of cookies:

  • Session-based cookies: These are stored on your computer/end device while you surf on our website and are then deleted afterwards.
  • Permanent cookies: These cookies remain on your computer for a longer period of time.
  • Cookies of third-party providers: These cookies are generated by partner websites and are embedded in our website. They are for the purpose of delivering personalized advertising, for example.

7.2. This is how we use cookies

According to Section 165 (3) TKG 2021, we may store cookies on your device if they are necessary for the operation of this site. For all other cookie types, we require your prior, voluntary consent, which can be revoked at any time.

Technically necessary cookies are those that are required to display the website and to be able to guarantee the technical operation of the website (e.g.: website security settings). The storage, processing and use of technically necessary cookies is based on the legal grounds of the legitimate interest in the technically functioning operation of the website in accordance with Art 6 para 1 lit f GDPR. Due to the legitimate interest, the consent of the website visitor is also not required pursuant to Section 165 (3) TKG 2021. However, you can deactivate the use of cookies in your browser settings (point 7.4).

Statistics cookies help us, for example, to understand how you use the website in order to improve it or to be able to set targeted advertising activities. The storage, processing and use of statistical cookies is based exclusively on your voluntary consent in accordance with Art 6 (1) lit a GDPR in conjunction with Section 165 (3) TKG 2021.

We generally only use Internet technologies (e.g. cookies, Java script) to simplify the use of our website for you and optimize our service and your communication with our contents (necessary and functionality cookies). These are necessary to be able to provide you with our Website and the connected services, to operate our Website and serve for the proper functionality and security of our Website. These cookies are therefore necessary to pursue our legitimate interests in the provision of a user friendly and secure Website.

7.3. Google Analytics

With your consent, we use Google Analytics on this website, a web analytics service provided by Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

The information generated by these cookies, for example about the time, place and frequency of your use of this website, is generally transferred to a Google server in the USA and stored there. Please note that Google may transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf.

Google will use the information generated by cookies on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. According to Google, the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

See for more information: https://support.google.com/analytics/answer/6004245?hl=de#zippy=%2Ccookies-und-kennzeichnungen-von-google-analytics%2Cgoogle-analytics-gem%C3%A4%C3%9F-der-eu-datenschutz-grundverordnung-dsgvo.

Details about the different Cookies that are used and their storage period can be found in the Cookie Banner.

7.4. Google Maps

With your consent, we use Google Maps on this website (see section 3.1).
The information generated by these cookies, for example about your user preferences and your use of Google Maps, is generally transferred to a Google server in the USA and stored there. Please note that Google may transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf.
Details about the different Cookies that are used and their storage period can be found in the Cookie Banner.

7.5. Management of cookies/objection

In your browser menu, you can find setting options for the use of cookies. A browser usually has the following setting options:

  • View cookies,
  • allow cookies,
  • deactivate all or specific cookies,
  • deactivate all cookies when closing the browser,
  • block cookies,
  • messages when cookies are to be set and
  • objection to tracking analysis.

For the following browsers, you can find the instructions for deactivating cookies on the manufacturers’ websites. If you block our cookies in your browser, you may not be able to use some areas of our website.

FIREFOX
INTERNET EXPLORER
CHROME (WINDOWS) / CHROME (MAC) / CHROME FOR IOS / CHROME FOR ANDROID
SAFARI
SAFARI (IOS)

DATA PROTECTION NOTICE FOR CUSTOMER, SUPPLIER AND POTENTIAL CUSTOMERS

delfort places great value on protection of your personal data. Therefore, it has implemented technical and organisational data protection measures and standards on a large scale. These standards ensure protection of the rights of all data subjects. They are subject to continuous review and further improvement.

For you as a customer, supplier or potential customer, we have summarised the most important information on the subject of data protection subsequently.

 

1. Data controller
The undertaking of delfort that is in contact with you is the respective data controller for processing of your personal data (“we”, “us”). You can find a list of the undertakings including contact details here.

 

2. What personal data are processed for what purpose?
Personal data of customers and suppliers are processed within the scope of support, marketing, administration and settlement, based on our legitimate interests (point (f) of Article 6(1) GDPR) for the purpose of carrying out (pre-)contractual measures, compliance with contractual obligations and in order to maintain business relationships (point (b) of Article 6(1) GDPR). These data were disclosed by you beforehand (e.g. name, contact details, position) or determined within the scope of the business relationship.

Concerning potential customers, we also record personal data (name, address, phone number) within the scope of our acquisition and sales activities. We maintain a CRM marketing database in order to allow specific information and advertising for our products. If we do not have your explicit consent beyond this, we will keep the data for a duration of three years after the end of the last (unsuccessful) attempt of contacting you in accordance with Art 6 para 1 lit a or lit f GDPR in conjunction with recital 47.

 

3. Disclosure and transmitting of personal data
Only such people have access to your data who are involved in processing for the above purposes, for instance people from the companies of the group and/or the respective departments.

Data are, in principle, only forwarded to third parties if we are obligated to do so by law, if forwarding of data is necessary to carry out a contractual relationship (e.g. external processors, banks, insurances, logistics companies) or if you have explicitly consented to it beforehand.

Personal data will only be disclosed or transmitted by us to third parties to the extent necessary (data processors):

  • IT-service providers and/or providers of data hosting solutions or similar services;
  • Undertakings of delfort as service providers within the group;
  • Other service providers, providers of tools and software solutions that support us with the performance of our services as well and operate on our behalf (including providers of marketing tools, marketing agencies, communication service providers, shipping service providers).

All our data processors process your data only on our behalf and on the basis of our instructions.

Apart from that, we transmit your personal data to the extent necessary to the following recipients (controllers):

  • Potential third parties that are participating in the provision of services to you for the fulfilment of our contractual obligations (e.g. banks for processing of the payment, payment service providers etc);
  • Undertakings of delfort as separate or joint controllers;
  • External third parties on the basis of our legitimate interests in the extent necessary (e.g. auditors and tax consultants, insurances in case of insured events, legal representatives in case of incidents);
  • Authorities and other public entities in the extent legally necessary (e.g. financial authorities).

If we process your data in a third country outside the European Union (EU) or the European Economic Area (EEA), or if we do so in the context of using third-party services, this will only occur if it is necessary to fulfill our (pre-)contractual obligations, on the basis of your consent, due to a legal obligation, or on the basis of our legitimate interests. We have implemented appropriate safeguards to ensure that the transfer of your data to the respective third country complies with data protection requirements (e.g., adequacy decisions, Binding Corporate Rules or conclusion of Standard Contractual Clauses including additional measures). Upon your request, we will provide you with a copy of these appropriate safeguards if we process or have your data processed in third countries. If there is no sufficient guarantee for a data transfer, the transfer may take place in individual cases based on your voluntary consent for specific purposes.

 

4. How long are your data stored for?
The storage duration of your data depends on the statutory requirements.

In the case of preparation of a contract or conclusion of a contract, your personal data shall remain stored until the expiration of the warranty, guarantee, prescription and statutory storage periods that are applicable to us. Furthermore, they shall remain stored until the completion of any disputes in which the data are needed as evidence.

 

5. How are your data protected?
We apply comprehensive technical and organisational safety measures in order to protection your data from loss, destruction and manipulation. Our systems are kept up to date according to the state of the art at all times.

 

6. What rights can you exercise in relation to data protection?
Information and rectification: Upon request, we will inform you in accordance with the statutory specifications of which of your personal data we have processed. If your data have changed, we will initiate rectification of the data at once after your information.

Object/erasure: You may object to processing of your personal data at any time, with effect for the future, or request erasure if your claim is not opposed by any statutory storage period or other statutory or contractual necessity (e.g. active contract).

Data portability: Under certain conditions, you may also demand transfer of your personal data to yourself or to a third party. Additionally, you have the right to restriction of processing.

Withdrawal of your consent: You may withdraw your consent given for processing of your data at any time.

If you exercise one of the above rights, we will make a statement concerning it without undue delay, but at the latest within one month after receipt, or respond to the request during this period. If you believe that processing of personal data is not within the statutory framework, you have the right to lodge a complaint with the respective supervisory authority. If you have any questions about your data subject rights or any other questions on data protection, you can contact us using this link.

DATA PRIVACY STATEMENT FOR APPLICANTS

delfort attaches great importance to the protection of your personal data. Therefore it has implemented extensive technical and organisational data protection measures and standards. These standards ensure the rights of all parties concerned and are constantly reviewed and improved.

For you as an applicant, we have summarized the most important information on the subject of data protection below.

 

1. Data controller
The group company to which your application was directed is the respective data controller for processing of your personal data (“we”, “us”). You can find a list of the undertakings including contact details here.

The main contact address for inquiries regarding the processing of your personal data is:

delfortgroup AG
Fabrikstraße 20
4050 Traun
Austria
Phone: +43 (0)7229 776-0
Fax: +43 (0)7229 77618-100
E-Mail

 

2. Purpose of data processing
During the application procedure, delfortgroup AG will process the following personal data of yours:

  • Data which you have provided yourself or which have been transmitted electronically (eg name, address, telephone number, birth date, education and professional experience as well as data and images within your letter of application, CV or other documents);
  • Recordings of interviews and/or telephone conversations.

Your data will be processed solely for the purpose of the application process for selecting the applicant best suited for a particular job. Pursuant to Art 6 para 1 lit b GDPR, processing is necessary prior to entering into a contract. In case of a successful application, your data will be further processed for employment purposes for the performance of the contract according to Art 6 para 1 lit b GDPR and for the compliance with legal obligations pursuant to Art 6 para 1 lit c GDPR.

If you give us your voluntary consent (i) to keep a record of your application documents for a longer period after the end of the application process and/or (ii) to send you new job advertisements or (iii) to forward your application to a further group company, we will process your data in accordance with Art 6 para 1 lit a GDPR.

Moreover, your data is processed pursuant to Art 6 para 1 lit f GDPR for the purposes of our legitimate interests in defending our position in the event of claims being raised under the Equal Treatment Act.

 

3. Forwarding of data
Personal data will only be disclosed or transmitted by us to third parties to the extent necessary (data processors):

  • IT-service providers and/or providers of data hosting solutions or similar services;
  • delfortgroup AG as service provider within the delfort group;
  • Other service providers, providers of tools and software solutions that support us with the performance of our services as well and operate on our behalf (including communication service providers, shipping service providers etc).

All our data processors process your data only on our behalf and on the basis of our instructions.

Apart from that, we transmit your personal data to the extent necessary to the following recipients (controllers):

  • External third parties on the basis of our legitimate interests in the extent necessary (e.g. auditors and tax consultants, insurances in case of insured events, legal representatives in case of incidents);
  • Authorities and other public entities in the extent legally necessary (e.g. financial authorities).
  • In case of further positions relevant for you your application may also be forwarded to companies of delfort group within the European Union or in third countries. In this case we will obtain your voluntary consent.

If we process your data in a third country outside the European Union (EU) or the European Economic Area (EEA), or if we do so in the context of using third-party services, this will only occur if it is necessary to fulfill our (pre-)contractual obligations, on the basis of your consent, due to a legal obligation, or on the basis of our legitimate interests. We have implemented appropriate safeguards to ensure that the transfer of your data to the respective third country complies with data protection requirements (e.g., adequacy decisions, Binding Corporate Rules or conclusion of Standard Contractual Clauses including additional measures). Upon your request, we will provide you with a copy of these appropriate safeguards if we process or have your data processed in third countries. If there is no sufficient guarantee for a data transfer, the transfer may take place in individual cases based on your voluntary consent for specific purposes.

 

4. Restricted access to your data
Your application data will be treated with utmost care and discretion. Only those people who are involved in the filling of the vacancy (e.g., human resources, relevant department) have access to your applicant data. All persons who have access to your application documents, are obliged to maintain privacy.

 

5. Data retention
Your data will be stored for a period of seven months from the end of an unsuccessful application process. Should the application process result in you being employed by us, we will store your data for the period of employment and delete them after the termination of employment as soon as the period of data retention required by law expires.

 

6. Data subject rights
As an applicant, you can make use of following rights if no statutory requirement for retention is contrary to your claim:

Information and rectification: Upon request, we will inform you in accordance with the statutory specifications of which of your personal data we have stored. If your data have changed, we will initiate rectification of the data at once after your information.

Object/erasure: You may object to processing of your personal data at any time, with effect for the future, or request erasure if your claim is not opposed by any statutory storage period or other statutory or contractual necessity (e.g. active contract).

Data portability: Under certain conditions, you may also demand transfer of your personal data to yourself or to a third party. Additionally, you have the right to restriction of processing.

Withdrawal of your consent: You may withdraw your consent given for processing of your data at any time.

For requests regarding your data subject rights or any other questions on data protection, you can contact us using this link.

If you do not want us to disclose your application details within our group or disagree with our keeping of your documents for further use, please let us know in writing.

If you believe that the processing of your personal data does not comply with the law, you are entitled to file a complaint with the respective supervisory authority. We will be happy to answer any other questions with regard to privacy.