Data protection and data security
We process and store the data that you have provided to us (e.g. through your input into the online screens on our website) that are necessary to transact business and/or handle an order. Any use of customer data above and beyond that requires a separate legal basis (e.g. explicit consent to the sending of a newsletter).
We use technical and organisational security measures to protect your administered data against accidental or deliberate manipulation, loss and erasure, and against unauthorised third-party access. These security measures are improved on an ongoing basis in line with technological developments.
Data is collected when you share data with us (e.g. contact form) on the one hand, and also automatically when you visit the website via IT systems or cloud services. The data are used both for the smooth operation of the website and for analysis.
Data processing is undertaken by our website operator:
chiliSCHARF Kommunikationsagentur e.U.
Telephone: +43 732 890 777
Cookies are small text files that the web server sends to your browser when you visit the website. Depending on your browser settings, these cookies are stored on your computer or are refused. If they are stored, they allow your computer to be recognised on a future visit to the website or when switching between functions that requires a password to be entered. This makes it easier for you to use the website on the one hand, insofar as user input is required and, on the other hand, allows us to conduct web analysis (see above).
Generally speaking, cookies can be refused or deleted at any time by adjusting the browser settings. It should however be noted that in this case, not all of the website’s functionalities, such as filling a shopping basket, may be available. Cookies pose no risk to your computer given that they are only text building-blocks and not executable computer programmes. Most importantly, cookies cannot facilitate the transfer of viruses, the reading of data on hard drives, the identification of e-mail addresses or the surreptitious sending of e-mails, nor can they be read by other web servers.
IP anonymisation on this website ensures that your IP address is anonymised when it is transmitted to Google. The IP address 18.104.22.168, say, is changed into 22.214.171.124. It is only after this anonymisation process that the processing request is written to the hard drive. Using this IP anonymisation method, the full IP address is never written to the hard drive since the entire anonymisation process takes place almost instantly after the request is received in memory.
On behalf of this website’s operator, Google uses the information received via the cookies to evaluate your use of the website, to produce reports about website activities, and to provide other services to the website operator related to website and internet usage. The IP address collected from your browser within the scope of Google Analytics is not combined with other data held by Google.
You can furthermore prevent the collection of data related to your website usage and generated by the cookie (incl. your IP address) by Google and the processing of your data by Google by downloading and installing the browser plugin available by clicking on the following link: tools.google.com/dlpage/gaoptout.
Our relationship with the web analysis provider is based on the provisions of the “EU-U.S. Privacy Shield Framework”. Data processing is undertaken on the basis of the statutory provisions of Art. 96 (3) of the Austrian Telecommunications Act (TKG) and Art. 6 (1) a) (consent) and/or f) (legitimate interest) of the General Data Protection Regulation (GDPR). Our legitimate interest in the sense of the GDPR is the improvement of our service and of our online presence.
Google Web Fonts
For the uniform display of fonts, this website uses Web Fonts provided by Google. When you visit one of our pages, your browser downloads the necessary Web Fonts to your browser cache, so that texts and fonts display correctly.
For this purpose, the browser you use must create a connection with Google’s servers. In doing so, Google is informed that you are visiting our website from your IP address. The use of Google Web Fonts is in the interest of a uniform and attractive presentation of our online services. This represents a legitimate interest in the sense of Art. 6 (1) f) GDPR. If your browser does not support Web Fonts, your computer will use a standard font.
Server log files
The provider of the web pages automatically collects and stores information in what are known as server log files which your browser transmits to us automatically. This information is:
- Browser type and browser version
- Operating system being used
- Referrer URL
- Host name of the computer being used
- Time of the server request
- IP address
These data are not associated with other data sources. The use of server log files is essential in order to retrospectively analyse any technical queries and represents a legitimate interest in the sense of Art. 6, (1) f) GDPR.
SSL and/or TLS encryption
Data transfer to and from our website is encrypted using SSL (secure socket layer). You can recognise an encrypted connection because the “http://” that you usually see in the browser address bar changes to “https://” and you will see a lock symbol in the address bar. If SSL and/or TLS encryption is activated, the data that you transfer to us cannot be read by third parties.
You can subscribe to our newsletter via our website. To do so, we require your e-mail address and your consent to the newsletter subscription.
To guarantee the protection of your e-mail address, once you have registered we will send you a confirmation link. Only when you have clicked on that link will you automatically receive our newsletter from that point in time.
If you have registered for our newsletter, we transfer the data required to send you the newsletter to our service provider eyepin GmbH (Billrothstraße 52, 1190 Vienna, Austria) who is contracted to dispatch the newsletter. You can unsubscribe from the newsletter at any time. Please send your cancellation to the following e-mail address: email@example.com. We will then delete your data in connection with the newsletter subscription without delay.
We will continue to store the data stored by eyepin GmbH for the purpose of your newsletter subscription until you unsubscribe from the newsletter.
You may register on our website as a product tester. For you to do so, we require your full name, your postal address, your e-mail address, and your consent to the processing of the data you have provided for the purpose of sending you test products by post, sending postal and e-mail questionnaires about the products, and sending you offers, invitations and competitions by post and e-mail. In order to provide you with relevant information, we also collect and process data about the size of your household, your date of birth, your profession and your professional category.
To guarantee the protection of your data, once you have registered we will send you a confirmation link. Only when you have clicked on that link will you automatically receive information about product testing from that point in time.
You can cancel your involvement in product testing at any time. Please send your cancellation to the following e-mail address: firstname.lastname@example.org. We will then delete your data in connection with product testing and newsletters without delay.
Social plugins, follow button, “custom audiences”
This website incorporates programmes from social networks (plugins) such as Facebook, Instagram and Pinterest, which are operated by the latter. On our website, these plugins can be identified from the logo or icon of the respective social network. When you visit our website containing this kind of plugin, your browser will create a direct link with the social network’s servers whereby the plugin content is transmitted to your browser and integrated by it into the website you are visiting. This allows the information that you have visited our website to be passed on to the social network. If you are logged in to a given social network and use its plugin on the website, your data can be associated with your user account on that social network. When you interact with a plugin – if, for example, you use the “Like” button or leave a comment on Facebook – this information is sent directly from your browser to the social network and stored there. You can prevent data being associated with your user account by logging out of the social network before you visit our website. With regard to the purpose and scope of data processing by social networks and the settings available to protect your privacy, please refer to the privacy policies of the respective social networks.
The website uses the “Custom Audiences” function provided by the Facebook social network. This function enables the provision of targeted advertising to the user. For this purpose, remarketing tags are used which create a direct link between your browser and the Facebook server. Facebook thus receives the information that you have visited the website from your IP address and can associate the visit with your Facebook user account. We receive the information that you have a Facebook user account and can inform you about news on the website, etc. by displaying Facebook ads, and can also contact you for the purposes of direct advertising. You have the option to opt out and contradict your data at any time under https://www.facebook.com/ads/website_custom_audiences/, „settings for advertisement“. We would like to point out that as the operator of the website we are not informed of the content of the data transmitted within the scope of Custom Audiences or about its use by Facebook. For further information about how Facebook uses data, please refer to: www.facebook.com/about/privacy.
If you contact us by e-mail, we will store the data you share with us for the purpose of dealing with your enquiry and any follow-up queries for seven years. We do not share these data with third parties without your consent.
You have the right to information, rectification, erasure, restriction, data portability, withdrawal of consent and the right to object.
If you are of the opinion that the processing of your data contravenes data protection law or that your data protection rights have been violated in some other way, you can lodge a complaint with the supervisory authority. In Austria, this is the Austrian Data Protection Authority.
The party responsible for data processing on this website is:
VOSSEN GmbH & Co KG
Telephone: +43 3329 400
Version 24. May 2018