Ellbognerstraße 24, 4020 Linz, for
- the website www.silhouette-internatinal.com (“website”)
1. Data processing during use of the website
Whenever you visit our website, we collect the following data: IP address.
You can visit our website without having to disclose information about yourself. Whenever you access the website, only certain access data (your IP address and other metadata, such as the date and time of access and the requesting provider) are processed with the support of automated processes, par-ticularly for the purposes of security or improvement of the website’s quality. This information does not enable us to identify you personally. Nevertheless, IP addresses are considered personal data under the GDPR. You can visit our website for purely informational purposes, to find out about our products, services and activities, without it becoming possible for us to link such data to you personally.
2. Data subject’s rights
One of the main objectives of data protection legislation is to grant you certain options for controlling your personal data after data processing has already begun. For this purpose, data subjects have vari-ous rights which we must observe immediately upon your request (or, in any case, within one (1) month of your request). To exercise your rights, contact us at the following e-mail address: firstname.lastname@example.org. Specifically, you have the following rights:
(a) Should you exercise your right to information, and no legal restrictions apply, we will pro-vide you with comprehensive information about our processing of your data. To do so, we will provide you with (i) copies of the data (e-mails, database excerpts, etc.), as well as in-formation related to (ii) specifically processed data, (iii) processing purposes, (iv) categories of data being processed, (v) data recipients, (vi) storage limits and/or criteria for determining these, (vii) the origin of the data, and (viii) other information, as necessary, depending on your specific case. Please note, however, that we cannot issue any documents which could infringe upon the rights of other persons.
(b) With your right to correction, you can request that we correct information that we have recorded incorrectly, that is no longer correct or that is incomplete (for the specific processing purposes in question). Your request will be evaluated, during which time you can request for the data processing in question to be restricted until the evaluation is complete.
(c) The right to (data) deletion can be exercised (i) in the event that there is no necessity with regard to the processing purpose, (ii) in case you withdraw your consent, (iii) in case of a special objection, if the data processing in question is based on Silhouette’s legitimate interests, (iv) in case of improper data processing, (v) in the event that there is a legal requirement to delete the data, and (vi) in case of processing of personal data referring to minors under the age of 16.
(d) In specific cases, the data subject has a right to restriction of processing. After this right is exercised, the data in question can only be stored. In addition to the option of restriction during the evaluation period for data corrections, this extends to (i) unlawful data processing (insofar as no deletion is requested) and (ii) the duration of the evaluation of a special objection.
(e) Furthermore, you have a fundamental right to object to data processing at any time. This only applies whenever the processing is based on Silhouette’s legitimate interests. Please note, however, that legitimate interests can only be invoked as a legal basis for processing activities in specific cases.
(f) You can also exercise your right to complain to supervisory authorities (see point 11).
Please also note that in some cases we will be unable to comply with your request due to mandatory, protected reasons for processing (weighing of interests) and/or processing based on the exertion, ex-ercise or defence of legal claims (on our side). The same applies in the case of excessive requests, in which case (as in the case of compliance with manifestly unfounded requests), a fee may be imposed.
3. Data security
Silhouette takes all the suitable technical and organisational measures to ensure that, by default, personal data is only processed to the extent strictly necessary for the business purpose in question. The measures taken by Silhouette relate to the quantity of the collected data, the scope of the processing as well as the storage limits and accessibility of the data. Through these measures, Silhouette ensures that personal data is made available by default only to a strictly limited and necessary number of persons. No other persons are granted access to personal data without the explicit consent of the data subject. Furthermore, Silhouette uses various safety mechanisms (back-ups, encryption) to secure its website and other systems. These are intended to provide your (personal) data with the greatest possible level of protection against loss, theft, destruction, unauthorised access, modification or distribution.
All Silhouette employees are adequately informed of all applicable regulations under data protection law as well as internal data protection rules and data security precautions. They are bound to confidentiality with respect to any information made known and/or accessible to them within the scope of their work. The provisions of the GDPR are strictly observed and personal data is only provided to individual employees to the extent necessary with regard to the purpose of the data collection and our obligations arising from it. If Silhouette engages processors, they are bound to us by specific frame-work agreements to act in accordance with our data protection practice.
4. Links to Third-Party Websites
We use links to the third party webpages on our website, which consist on the one hand of links to our long-term partners, and on the other, of links to social networks (e.g. Facebook, Twitter, Instagram, Pinterest). If you click on any of these links, you will be redirected directly to the relevant webpage. The only data that the website operators will receive is that you have come via our website. We therefore refer you to the privacy policies of these websites. Please note, however, that if you do not want a particular social network to assign data collected via our website to your profile in that social network, you must log out before clicking on the link and accessing it.
We use small pieces of text data called “cookies” that are stored on your computer when you use our website. These help us to optimise our service to make it more user-friendly and secure, and to make design improvements. In many cases, the cookies installed will be “session cookies”, which will be automatically deleted when you finish your browser session without needing further action on your part. Other cookies (e.g. those that store your language preferences) are stored over a longer period of time, and must be deleted manually. Cookies contain absolutely no personal data.
Most browsers automatically accept cookies. However, you can change your browser settings so that cookies are either totally blocked or only certain types are permitted (e.g. you can choose to only block third-party cookies). Please note that you may not be able to enjoy the full functionality of the website if you change your cookie settings. You can find out how to change your settings on the most common browsers using the following links:
Internet Explorer™: https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies
6. Google Analytics
Our website uses Google Analytics, a website analysis tool by Google Inc., 1600 Amphitheatre Park-way, Mountain View, CA 94043, USA (“Google”). Cookies allow Google Analytics to evaluate your us-age of a particular website. We will process your data in accordance with our legitimate interest to collect website visitor statistics in a cost-efficient and convenient way (Art. 6 Para. 1 Letter F of the GDPR regulations).
The information gathered by the cookies about your use of the website will be transmitted to Google’s servers in the USA and stored there. We do not store any data that is generated through Google Ana-lytics. In exceptional cases, your full IP address will be sent to the USA and shortened there. Google uses this information to evaluate your website usage for us and to compile reports about your website activity in order to offer us additional services relating to website behaviour and Internet usage. Your IP address will not be associated with any other data held by Google, and will not therefore allow your identity to be discerned.
Google is a participant of the EU-US Privacy Shield, which requires Google to uphold the agreement and comply with European data protection standards. The certification for the Privacy Shield can be found at https://www.privacyshield.gov/list.
Using the process described in point 7, you can set up your browser preferences to stop it from stor-ing cookies (or restrict third-party cookies only) on your computer. Moreover, you can prevent Google from collecting and processing data gathered from cookies tracking your website usage (incl. your IP address) by downloading and installing the appropriate browser plugin (http://tools.google.com/dlpage/gaoptout?hl=en). Alternatively, you can click here to install an “opt-out cookie” which will be stored on your device and which also prevents Google Analytics from collecting your data. You will need to repeat this step again if you delete all your cookies. However, we would also point out that you may not be able to enjoy the website’s full functionality if you do so.
You can find more detailed information about your data privacy with regard to Google Analytics and how you can manage it at https://policies.google.com/privacy?hl=en.
7. Contact Form on the Website
On our website you have the option of filling out a contact form to ask us specific questions or get in touch with us. The information that you submit will only be used to respond to your question, and will not be stored.
8. Right of Complaint
If you decide that we have infringed against incumbent data privacy laws, you have the right to file a complaint with the relevant national data protection authority. The requirements involved in lodging a complaint will depend on the specific national regulations governing the implementation of GDPR. However, we would request that you get in touch with us beforehand so that we can clear up any questions or problems.
9. Contact Details for Data Protection Questions, Messages and Requests
Please send questions, notifications or requests regarding data protection law to the following contact address:
Silhouette International Schmied AG