Please rotate your device
back
discover our paper
csm_delfort_paper_cupcake-blaustich_c7199753da

General Information on our data protection efforts

  1. DATA CONTROLLER
    Responsible for data processing (data controller), is delfortgroup AG (“we”, “us”).

    You can reach us at:
    delfortgroup AG
    Fabrikstraße 20
    A – 4050 Traun
    dataprotection@delfortgroup.com

    The Singapore Data Protection Officer can be reached via this E-mail.

  2. COLLECTION AND PROCESSING OF DATA
    Our website can, in most cases, be used without providing personal information. If the user is prompted to provide personal information it is understood that the user does this voluntarily.

    2.1. Contacting us

    Should the website user (customer or non-customer) provide personal information in the context of establishing contact with us or sending a request, then we will only process personal data provided by the user (eg name, e-mail-address, phone number, subject and content of your message). This data processing is necessary for the fulfilment of our (pre)contractual obligations to get in contact with you or to provide you the desired information (Art 6 para 1 lit b GDPR).

    2.2. Server-Log-Files

    The provider of the website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are: 

    – Browser type and
    – browser version used operating system
    – Referrer URL
    – Host name of the accessing computer
    – Time of the server request

    This data can not be assigned to specific persons. A merge of this data with other data sources will not occur. We reserve the right to check this data retrospectively, if we become aware of specific indications for illegal use.

    We therefore process server log files solely to be able to operate our website and the connected services, to identify you as a user authorized to access, to distribute web server requests in our server pool as well as for security reasons (e.g. for clarification of abusive and fraudulent activities). Thus, this data processing activity is necessary to ensure our legitimate interests in operating a user friendly and secure website (Art 6 para 1 lit f GDPR).

  3. EMBEDDED SERVICES AND THIRD PARTY CONTENTS

    3.1. Google Maps
    This website uses links to the service Google Maps by Google Inc. By clicking on the link you will be redirected to Google Maps. In this case you agree to the collection, processing, and use of the automatically collected data by Google Inc., their representatives, and third parties.

    The Terms of Use of Google Maps can be accessed here: https://www.google.com/intl/en/help/terms_maps/

    3.2. YouTube
    On our website, you will find videos from the platform YouTube of the third party provider Google Inc. By clicking on the video, you agree to the collection and processing of your data by Google Inc.

    The privacy policy can be accessed here: https://policies.google.com/privacy?hl=de


  4. DISCLOSURE AND TRANSMISSION OF DATA
    Personal data will only be disclosed or transmitted by us to third parties to the extent necessary (data processors):

    – IT-service providers and/or providers of data hosting solutions or similar services;
    – Other service providers, providers of tools and software solutions that support us with the performance of our services as well and operate on our behalf (including providers of marketing tools, marketing agencies, communication service providers, shipping service providers).

    All our data processors process your data only on our behalf and on the basis of our instructions.

    Apart from that, we transmit your personal data to the extent necessary to the following recipients (controllers):

    – Potential third parties that are participating in the provision of services to you for the fulfilment of our contractual obligations (e.g. banks for processing of the payment, payment service providers etc);

    – External third parties on the basis of our legitimate interests in the extent necessary (e.g. auditors and tax consultants, insurances in case of insured events, legal representatives in case of incidents);

    – Authorities and other public entities in the extent legally necessary (e.g. financial authorities).

    If we process your data in a third country outside the European Union (EU) or the European Economic Area (EEA), or if we do so in the context of using third-party services, this will only occur if it is necessary to fulfill our (pre-)contractual obligations, on the basis of your consent, due to a legal obligation, or on the basis of our legitimate interests. We have implemented appropriate safeguards to ensure that the transfer of your data to the respective third country complies with data protection requirements (e.g., adequacy decisions, Binding Corporate Rules or conclusion of Standard Contractual Clauses including additional measures). Upon your request, we will provide you with a copy of these appropriate safeguards if we process or have your data processed in third countries. If there is no sufficient guarantee for a data transfer, the transfer may take place in individual cases based on your voluntary consent for specific purposes.

  5. DATA RENTENTION AND DATA DELETION
    We store your personal data just as long as it is necessary for the fulfillment of the purpose pursued with the processing. Beyond that, we are potentially obligated to store your data in accordance to legal retention periods.

    Specifically, we store your data in connection with the establishment of contact with us in accordance with legal retention periods for a time period of usually seven years.

    Access data and log files are stored for a maximum time period of one year and are erased subsequently.

    Apart from that, we may store your personal data after an incident beyond the abovementioned time periods as long as legal claims out of the relationship between you and us can be enforced, or respectively until the definitive clarification of an incident or legal dispute. This longer storage occurs for the ensuring of our overriding legitimate interests to the enforcement, clarification and defence of our legal claims.

  6. RIGHTS OF DATA SUBJECTS
    On request, we will gladly inform you about the data processed about your person. Please direct your request to the above mentioned contact addresses.

    If your data processed by us is not correct, please inform us about it. We will correct it immediately and inform you.

    If you no longer wish us to process your data, we ask you to inform us informally using the above contact details. As soon as your request for erasure reaches us, we will delete your data immediately and inform you. If there are compelling legal reasons for the deletion of your personal data, you will be notified by us.

    Additionally, you have the right to restriction of processing as well as the right to data portability concerning the data you have provided us with.

    Moreover, you have the right to object on grounds relating to your particular situation. Such an objection can in particular occur relating to processing of data for the purposes of direct marketing.

    Additionally, you have the right to withdraw your consent at any time with effect for the future.

    If you believe that the processing of your personal data does not take place within the legal framework, you have a right to lodge a complaint with the respective supervisory authority. In Austria this is the Austrian data protection authority.

    The data protection authority can be reached at the following address:

    Österreichische Datenschutzbehörde
    Barichgasse 40-42
    1030 Wien
    +43 1 52 152-0
    E-Mail

  7. COOKIES

    1. What are cookies?

    Cookies are tiny text files, which are stored on your end device via the browser when you use our website. These text files contain information for the provision of user-friendly services and are exported from web browsers. Cookies allow our web server to present you with a better, faster website.

    Therefore, please consider that you may not receive any access to some website contents if you block cookies.

    A differentiation is basically made between the following types of cookies:

    Session-based cookies: These are stored on your computer/end device while you surf on our website and are then deleted afterwards. Permanent cookies: These cookies remain on your computer for a longer period of time.

    2. This is how we use cookies

    We generally only use Internet technologies (e.g. cookies, Java script) to simplify the use of our website for you and optimize our service and your communication with our contents (necessary and functionality cookies). These are necessary to be able to provide you with our Website and the connected services, to operate our Website and serve for the proper functionality and security of our Website. These cookies are therefore necessary to pursue our legitimate interests in the provision of a user friendly and secure Website.

    We use so-called session-based cookies to keep the present session active.

    We do not use any tracking, marketing or web-analysis cookies which process personal data. Thus there is no processing based on your consent.

    Matomo

    For the purpose of searching for and analysing mistakes, evaluating usage and deriving measures for the future development of our website, we use the local analysis software Matomo, InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand (https://matomo.org/).
    As this service concerns a local analysis tool, no personal data whatsoever is passed on to service providers or third parties. In addition, your personal data is anonymised immediately after collection. There is no storage of personal data beyond the first processing step.

    The legal basis for processing data is the legitimate interest (unconditional technical necessity for the provision and delivery of the website service expressly requested by you) in accordance with Art 6 para 1 lit f GDPR. The legal basis for the transfer to New Zealand is the implementing decision of the EU Commission 2013/65/EU (https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32013D0065).

    4. Management of cookies/objection

    In your browser menu, you can find setting options for the use of cookies. A browser usually has the following setting options:

    – View cookies,
    – allow cookies,
    – deactivate all or specific cookies,
    – deactivate all cookies when closing the browser,
    – block cookies,
    – messages when cookies are to be set and
    – objection to tracking analysis.

    For the following browsers, you can find the instructions for deactivating cookies on the manufacturers’ websites. If you block our cookies in your browser, you may not be able to use some areas of our website.

    Firefox
    Internet Explorer
    Chrome (Windows) / Chrome (Mac) / Chrome for iOS / Chrome for Android
    Safari
    Safari (iOS)

 

Data protection notice for customer, supplier and potential customers

delfort places great value on protection of your personal data. Therefore, it has implemented technical and organisational data protection measures and standards on a large scale. These standards ensure protection of the rights of all data subjects. They are subject to continuous review and further improvement.

For you as a customer, supplier or potential customer, we have summarised the most important information on the subject of data protection subsequently.

1.           Data controller
The undertaking of delfort that is in contact with you is the respective data controller for processing of your personal data (“we”, “us”). You can find a list of the undertakings including contact details here.

2.           What personal data are processed for what purpose?
Personal data of customers and suppliers are processed within the scope of support, marketing, administration and settlement, based on our legitimate interests (point (f) of Article 6(1) GDPR) for the purpose of carrying out (pre-)contractual measures, compliance with contractual obligations and in order to maintain business relationships (point (b) of Article 6(1) GDPR). These data were disclosed by you beforehand (e.g. name, contact details, position) or determined within the scope of the business relationship.

Concerning potential customers, we also record personal data (name, address, phone number) within the scope of our acquisition and sales activities. We maintain a CRM marketing database in order to allow specific information and advertising for our products. If we do not have your explicit consent beyond this, we will keep the data for a duration of three years after the end of the last (unsuccessful) attempt of contacting you in accordance with Art 6 para 1 lit a or lit f GDPR in conjunction with recital 47.

3.           Disclosure and transmitting of personal data
Only such people have access to your data who are involved in processing for the above purposes, for instance people from the companies of the group and/or the respective departments.

Data are, in principle, only forwarded to third parties if we are obligated to do so by law, if forwarding of data is necessary to carry out a contractual relationship (e.g. external processors, banks, insurances, logistics companies) or if you have explicitly consented to it beforehand.

Personal data will only be disclosed or transmitted by us to third parties to the extent necessary (data processors):

  • IT-service providers and/or providers of data hosting solutions or similar services;
  • Undertakings of delfort as service providers within the group;
  • Other service providers, providers of tools and software solutions that support us with the performance of our services as well and operate on our behalf (including providers of marketing tools, marketing agencies, communication service providers, shipping service providers).

All our data processors process your data only on our behalf and on the basis of our instructions.

Apart from that, we transmit your personal data to the extent necessary to the following recipients (controllers):

  • Potential third parties that are participating in the provision of services to you for the fulfilment of our contractual obligations (e.g. banks for processing of the payment, payment service providers etc);
  • Undertakings of delfort as separate or joint controllers;
  • External third parties on the basis of our legitimate interests in the extent necessary (e.g. auditors and tax consultants, insurances in case of insured events, legal representatives in case of incidents);
  • Authorities and other public entities in the extent legally necessary (e.g. financial authorities).

If we process your data in a third country outside the European Union (EU) or the European Economic Area (EEA), or if we do so in the context of using third-party services, this will only occur if it is necessary to fulfill our (pre-)contractual obligations, on the basis of your consent, due to a legal obligation, or on the basis of our legitimate interests. We have implemented appropriate safeguards to ensure that the transfer of your data to the respective third country complies with data protection requirements (e.g., adequacy decisions, Binding Corporate Rules or conclusion of Standard Contractual Clauses including additional measures). Upon your request, we will provide you with a copy of these appropriate safeguards if we process or have your data processed in third countries. If there is no sufficient guarantee for a data transfer, the transfer may take place in individual cases based on your voluntary consent for specific purposes.

4.           How long are your data stored for?
The storage duration of your data depends on the statutory requirements.

In the case of preparation of a contract or conclusion of a contract, your personal data shall remain stored until the expiration of the warranty, guarantee, prescription and statutory storage periods that are applicable to us. Furthermore, they shall remain stored until the completion of any disputes in which the data are needed as evidence.

5.           How are your data protected?
We apply comprehensive technical and organisational safety measures in order to protection your data from loss, destruction and manipulation. Our systems are kept up to date according to the state of the art at all times.

6.           What rights can you exercise in relation to data protection?
Information and rectification: Upon request, we will inform you in accordance with the statutory specifications of which of your personal data we have processed. If your data have changed, we will initiate rectification of the data at once after your information.

Object/erasure: You may object to processing of your personal data at any time, with effect for the future, or request erasure if your claim is not opposed by any statutory storage period or other statutory or contractual necessity (e.g. active contract).

Data portability: Under certain conditions, you may also demand transfer of your personal data to yourself or to a third party. Additionally, you have the right to restriction of processing.

Withdrawal of your consent: You may withdraw your consent given for processing of your data at any time.

If you exercise one of the above rights, we will make a statement concerning it without undue delay, but at the latest within one month after receipt, or respond to the request during this period. If you believe that processing of personal data is not within the statutory framework, you have the right to lodge a complaint with the respective supervisory authority. If you have any questions about your data subject rights or any other questions on data protection, you can contact us using this link.

 

 

Data privacy statement for applicants

delfort attaches great importance to the protection of your personal data. Therefore it has implemented extensive technical and organisational data protection measures and standards. These standards ensure the rights of all parties concerned and are constantly reviewed and improved.

For you as an applicant, we have summarized the most important information on the subject of data protection below.

1.           Data controller
The group company to which your application was directed is the respective data controller for processing of your personal data (“we”, “us”). You can find a list of the undertakings including contact details here.

The main contact address for inquiries regarding the processing of your personal data is:

delfortgroup AG
Fabrikstraße 20
4050 Traun
Austria
Phone: +43 (0)7229 776-0
Fax: +43 (0)7229 77618-100
E-Mail

2.           Purpose of data processing
During the application procedure, delfortgroup AG will process the following personal data of yours:

  • Data which you have provided yourself or which have been transmitted electronically (eg name, address, telephone number, birth date, education and professional experience as well as data and images within your letter of application, CV or other documents);
  • Recordings of interviews and/or telephone conversations.

Your data will be processed solely for the purpose of the application process for selecting the applicant best suited for a particular job. Pursuant to Art 6 para 1 lit b GDPR, processing is necessary prior to entering into a contract. In case of a successful application, your data will be further processed for employment purposes for the performance of the contract according to Art 6 para 1 lit b GDPR and for the compliance with legal obligations pursuant to Art 6 para 1 lit c GDPR.

If you give us your voluntary consent (i) to keep a record of your application documents for a longer period after the end of the application process and/or (ii) to send you new job advertisements or (iii) to forward your application to a further group company, we will process your data in accordance with Art 6 para 1 lit a GDPR.

Moreover, your data is processed pursuant to Art 6 para 1 lit f GDPR for the purposes of our legitimate interests in defending our position in the event of claims being raised under the Equal Treatment Act.

3.           Forwarding of data
Personal data will only be disclosed or transmitted by us to third parties to the extent necessary (data processors):

  • IT-service providers and/or providers of data hosting solutions or similar services;
  • delfortgroup AG as service provider within the delfort group;
  • Other service providers, providers of tools and software solutions that support us with the performance of our services as well and operate on our behalf (including communication service providers, shipping service providers etc).

All our data processors process your data only on our behalf and on the basis of our instructions.

Apart from that, we transmit your personal data to the extent necessary to the following recipients (controllers):

  • External third parties on the basis of our legitimate interests in the extent necessary (e.g. auditors and tax consultants, insurances in case of insured events, legal representatives in case of incidents);
  • Authorities and other public entities in the extent legally necessary (e.g. financial authorities).
  • In case of further positions relevant for you your application may also be forwarded to companies of delfort group within the European Union or in third countries. In this case we will obtain your voluntary consent.

If we process your data in a third country outside the European Union (EU) or the European Economic Area (EEA), or if we do so in the context of using third-party services, this will only occur if it is necessary to fulfill our (pre-)contractual obligations, on the basis of your consent, due to a legal obligation, or on the basis of our legitimate interests. We have implemented appropriate safeguards to ensure that the transfer of your data to the respective third country complies with data protection requirements (e.g., adequacy decisions, Binding Corporate Rules or conclusion of Standard Contractual Clauses including additional measures). Upon your request, we will provide you with a copy of these appropriate safeguards if we process or have your data processed in third countries. If there is no sufficient guarantee for a data transfer, the transfer may take place in individual cases based on your voluntary consent for specific purposes.

4.           Restricted access to your data
Your application data will be treated with utmost care and discretion. Only those people who are involved in the filling of the vacancy (e.g., human resources, relevant department) have access to your applicant data. All persons who have access to your application documents, are obliged to maintain privacy.

5.           Data retention
Your data will be stored for a period of seven months from the end of an unsuccessful application process. Should the application process result in you being employed by us, we will store your data for the period of employment and delete them after the termination of employment as soon as the period of data retention required by law expires.

6.           Data subject rights
As an applicant, you can make use of following rights if no statutory requirement for retention is contrary to your claim:

Information and rectification: Upon request, we will inform you in accordance with the statutory specifications of which of your personal data we have stored. If your data have changed, we will initiate rectification of the data at once after your information.

Object/erasure: You may object to processing of your personal data at any time, with effect for the future, or request erasure if your claim is not opposed by any statutory storage period or other statutory or contractual necessity (e.g. active contract).

Data portability: Under certain conditions, you may also demand transfer of your personal data to yourself or to a third party. Additionally, you have the right to restriction of processing.

Withdrawal of your consent: You may withdraw your consent given for processing of your data at any time.

For requests regarding your data subject rights or any other questions on data protection, you can contact us using this link.

If you do not want us to disclose your application details within our group or disagree with our keeping of your documents for further use, please let us know in writing.

If you believe that the processing of your personal data does not comply with the law, you are entitled to file a complaint with the respective supervisory authority. We will be happy to answer any other questions with regard to privacy.

Data Privacy Contact