General Data Protection Regulation (GDPR)
Information concerning data processing according to Art. 13 and 14
We hereby inform you about the processing of your personal data and your data protection-related rights and entitlements.
Who is responsible for data processing and whom can you contact?
The controller for data processing purposes is:
Phone: +43 (0) 7732 47200-0
Fax: +43 (0) 7732 47200-91
If you contact us using the form on the website or by email, the data you provide will be stored with us for six months for the purpose of processing your enquiry and in the event of follow-up questions. We will not share this data without your consent.
What data are processed and what are their sources?
We process personal data that we receive from you in the context of our business relationship. In addition, we process data that we have lawfully received from publicly accessible sources (e.g. company register, register of associations, land register, media).
Personal data includes your personal details (name, address, contact details, birthday and place, nationality, etc.), identification data (e.g. ID data) and authentication data (e.g. specimen signature). In addition, this may include contract-related data (e.g. payment orders), data from the performance of our contractual obligations (e.g. sales data in payment transactions), advertising and sales data, documentation data (e.g. consulting protocols), register data, image and sound data (e.g. video recordings), information from your electronic transactions with Smartbow GmbH (e.g. apps, cookies, etc.), processing results generated by Smartbow GmbH itself and data to fulfil legal and regulatory requirements.
For what purposes and on what legal basis will your data be processed and for how long will your data be stored?
We process your personal data in accordance with applicable data protection laws.
We store the following data in order to perform our contracts with you: name, address, bank details, photos and videos. Data provided by you is necessary for the fulfilment of a contract or in order to take steps prior to entering into a contract. We cannot conclude the contract with you absent this data.
Data processing is carried out on the basis of the provisions of section 96(3) Telecommunications Act (TKG) and Art 6(1)(a) (consent) and/or (b) (necessary for contract fulfilment) and/or Art 6(1)(f) (protection of legitimate interests) of the GDPR.
We process your personal data, if necessary, for the duration of the entire business relationship (from the initiation, performance through the termination of a contract) as well as beyond that in accordance with applicable legal retention and documentation obligations.
In addition, the statutory limitation periods, which may amount to up to 30 years in certain cases (the general limitation period is 3 years) according to the Austrian Civil Code (ABGB), must be taken into account when determining the retention period.
Who receives your data?
Within Smartbow GmbH, our employees who require your data in order to fulfil contractual and legal obligations, as well as in pursuit of legitimate interests, receive your data.
Data is not shared with third parties, with the exception of the transfer of bank data to the processing bank institutions/payment service providers for the purpose of debiting the sales price, to the relevant transport company/shipping company commissioned by us for the delivery of the goods and to our tax consultant for the fulfilment of our tax obligations. In addition, contractors commissioned by us (in particular IT and back-office service providers and the service line) receive your data if they require such data to perform their respective services. All contract data processors are contractually obliged to treat your data confidentially and to process it only within the scope providing their respective services.
Public authorities and distributions may also be provided your data in light of any applicable statutory basis.
What data protection rights do you have?
You have a right to information, rectification, erasure or restriction of the processing of your stored data, a right to object to processing as well as a right to data portability in accordance with the requirements of data protection law. Complaints can be addressed to the Austrian Data Protection Authority (www.dsb.gv.at).
Are you obliged to provide data?
As part of our business relationship, you must provide those types of personal data required for the establishment and performance of the business relationship as well as data we are legally obliged to collect. If you do not provide us with this data, we will generally have to refuse to conclude a contract or to execute the order or will no longer be able to perform an existing contract and will therefore be required to terminate any existing contract. However, you are not obliged to give your consent to the processing of data which are not relevant for the performance of the contract or which are not required by law and/or regulation.
Is there automated decision making including profiling?
We do not use automated decision making according to Art 22 GDPR to make about a decision on the establishment and performance of the business relationship.
You have the opportunity to subscribe to our newsletter via our website. For this we need your e-mail address and your declaration that you consent to the subscription to the newsletter. As soon as you have subscribed to the newsletter, we will send you a confirmation e-mail with a link to confirm the registration. You can cancel the subscription to the newsletter at any time. Please send your cancellation to the following e-mail address: email@example.com. We will immediately delete the data we have for you in connection with your newsletter subscription.
Your data security is our highest priority. Our declared aim is to take all necessary technical and organisational measures to ensure the security of data processing and to process your personal data in such a way that they are protected from access by unauthorised third parties. By using the latest security software, coding and encryption methods, our IT infrastructure meets the highest international security standards. In addition, we promote the security of your data through the use of risk-minimizing measures and other preventive safeguards.