Privacy policy

The protection of your privacy and your data is very important to us and is always taken into account in all business transactions.

In principle, you can use our website without providing personal data. However, other regulations may apply to individual services, which we will inform you about separately below.

The purpose of processing your personal data (hereinafter referred to as “data”) is to provide you with information about the machines we sell. In this privacy policy, we inform you about, among other things

  • the name and contact details of the controller
  • all purposes for which your data is processed
  • the legal bases on which the processing activities are based, including our legitimate interest where applicable
  • all recipients of your data
  • a possible transfer of your data to a third country and the presentation of the legal basis for this
  • the storage duration of your data or the criteria for determining the duration
  • the categories of your data that are processed
  • the origin of your data
  • the rights of those affected

LASCO Heutechnik GmbH, A-4891 Pöndorf, Lascostraße 1, Tel: 0043-7684-21666-0, Email:

No data protection officer has been appointed, as this is not required by law.

You have the following rights vis-à-vis us with regard to your personal data:

  • Right to information
  • Right to rectification or erasure
  • Right to restriction of processing
  • Right to object to the processing
  • Right to data portability
  • Right to withdraw your consent

You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.

You can contact us at any time if you have further questions on the subject of personal data.

Right to information

You have the right to receive free information from us at any time about the personal data stored about you and a copy of this information, including information about

  • the purposes of processing
  • the categories of personal data that are processed
  • the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations
  • where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period
  • the existence of a right to rectification or erasure of personal data concerning you or to restriction of processing by us or a right to object to such processing
  • the existence of a right to lodge a complaint with a supervisory authority
  • if the personal data is not collected from the data subject: All available information about the origin of the data
  • the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

Furthermore, you have a right to information as to whether personal data has been transferred to a third country or to an international organization. If this is the case, you also have the right to receive information about the appropriate guarantees in connection with the transfer.

Right to rectification

You have the right to demand the immediate correction of incorrect personal data concerning you.

Furthermore, you have the right to request the completion of incomplete personal data – also by means of a supplementary declaration – taking into account the purposes of the processing.

Right to erasure

You have the right to obtain from us the erasure of your personal data without undue delay where one of the following grounds applies and insofar as the processing is not necessary:

  • The personal data was collected or otherwise processed for purposes for which it is no longer necessary.
  • You withdraw your consent on which the processing was based pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR and there is no other legal basis for the processing.
  • You object to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) GDPR.
  • The personal data was processed unlawfully.
  • The deletion of personal data is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject.
  • The personal data was collected in relation to information society services offered in accordance with Art. 8 para. 1 GDPR.

Right to be forgotten

If we have made the personal data public and if our company is obliged to erase the personal data as the controller pursuant to Article 17(1) GDPR, we shall take reasonable steps, including technical measures, taking into account the available technology and the cost of implementation, to inform other controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, those personal data, as far as processing is not required.

Right to restriction of processing

You have the right to obtain from us restriction of processing where one of the following applies:

  • The accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of the personal data.
  • The processing is unlawful, you oppose the erasure of the personal data and request the restriction of the use of the personal data instead.
  • We no longer need the personal data for the purposes of the processing, but you need it for the establishment, exercise or defense of legal claims.
  • You have objected to the processing pursuant to Art. 21 (1) GDPR and it is not yet clear whether our legitimate reasons outweigh yours.

Right to data portability

You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format.

You also have the right to transmit this data to another controller without hindrance from us, provided that the processing is based on consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR or on a contract pursuant to Art. 6 para. 1 lit. b GDPR and the processing is carried out by automated means, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.

Furthermore, in exercising your right to data portability, you have the right to have the personal data transmitted directly from us to another controller, where technically feasible and provided that this does not adversely affect the rights and freedoms of others.

Right to object

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR. This also applies to profiling based on these provisions.

In the event of an objection, we will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

If we process personal data for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for the purpose of such marketing. This also applies to profiling insofar as it is associated with such direct advertising.

If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes.

You also have the right to object, on grounds relating to your particular situation, to processing of personal data concerning you which is carried out by us for scientific or historical research purposes or statistical purposes pursuant to Article 89(1) GDPR, unless such processing is necessary for the performance of a task carried out for reasons of public interest.

Automated decisions in individual cases including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, provided that the decision (1) is not necessary for entering into, or performance of, a contract between you and us, or (2) is authorized by Union or Member State law to which we are subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or (3) is based on your explicit consent.

Right to withdraw consent under data protection law

You have the right to withdraw your consent to the processing of personal data at any time. However, your revocation does not affect the legality of the data processing carried out until the revocation.

Our Website and Services are not intended for use by minors, and we do not wish to collect information from minors. If a parent or guardian of a minor believes that their child may have provided us with personal information, please write to us at the contact details below and we will delete that personal information, subject to applicable law and this Policy.

We use appropriate technical and organizational measures and security precautions (TOMs) to prevent unauthorized access, unlawful processing and unauthorized or accidental loss of your data.

This includes, for example, the encryption of your communication with us via this website based on the Secure Socket Layer (SSL) encryption protocol.

You can check the quality of our encryption here: https://www.ssllabs.com/ssltest

It is important for us to point out that data transmission on the Internet can have security gaps, as complete protection against access by unauthorized third parties is not possible.

The server on which this website is hosted is located in Germany and is operated by Mittwald CM Service GmbH & Co KG, with which a (sub)processing agreement has been concluded.

For more details, please visit https://www.mittwald.de/datenschutz.

Our website collects a range of general data and information each time you access it via an automated system.

This general data and information is stored in the log files of our server by Mittwald CM Service GmbH & Co KG in Germany.

The following can be recorded

  • the browser types and versions used
  • the operating system used by the accessing system
  • the website from which an accessing system reaches our website (so-called referrer)
  • the sub-websites that are accessed via an accessing system on our website
  • the date and time of access to the website
  • an Internet Protocol address (IP address)
  • the Internet service provider of the accessing system
  • other similar data and information that serve to avert danger in the event of attacks on our information technology systems.

When using this general data and information, we do not draw any conclusions about you.

This information is required in order to

  • deliver the content of our website correctly
  • to optimize the content of our website and the advertising for it
  • to ensure the long-term functionality of our information technology systems and the technology of our website
  • to provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack.

We evaluate this anonymously collected data and information both statistically and with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal level of protection for you. In any case, we may process this data on the basis of our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR.

The logs are stored separately from all personal data provided by you and are also deleted after a maximum of 90 days.

You can find information on the use of cookies and information on your corresponding options and rights in our cookie banner.

You can currently send us an email, contact us by telephone, fax, post or in person. Please note that unencrypted emails sent via the Internet are not adequately protected against unauthorized access by third parties.

Application form, contact form website

If you would like to send us an application or a message using the relevant form, it is necessary for you to provide the personal data listed below, which we require to process your application or inquiry. To prevent unauthorized access to your personal data by third parties, the order process is encrypted using SSL technology.

If you contact us, e.g. simply to obtain information from us, we will process your data for this purpose. If you contact us to conclude a contract, for example, we process your data for this purpose.

To process your order or purchase order, including customer support

If you provide your order or order data via e-mail, contact us by telephone, fax, post or in person, the data you provide, including your personal data, will be processed by us and the recipients named below as part of our business relationship with you for (pre-)contract processing, in order to process and manage your contract and to support you as a customer.

Website contact form

We process the data you provide in order to be able to answer your request in the best possible and personalized way and to be able to determine from which country/location a request originates.

a. To process your application

If you provide your applicant data via e-mail, the data you provide, including your personal data for the purpose of recruitment and selection, will be processed by us and the recipients named below on the basis of your consent or, depending on the individual case, for (pre-)contract processing in order to process and manage your application.

b. After completion of the application procedure

After completion of the application process, we or the recipients named below will only process the data required in each case for the purpose of contacting you, as a contact for the recruitment of other candidates or as a source of information for potential candidates.

We are not obliged to consider your data as part of a search and selection process and you have no legal claim to the use of your data by us.

Marketing (general)

To initiate business and intensify the business relationship with existing and potential customers.

If you contact us, e.g. simply to obtain information from us, we may process your data on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR or Art. 6 para. 1 lit. f GDPR. If you contact us, e.g. to conclude a contract, we may process your data on the basis of Art. 6 para. 1 lit. b GDPR and, if necessary, store it on the basis of Art. 6 para. 1 lit. c GDPR.

Order or purchase order

The processing of your data, including the personal data provided by you, is carried out by us and the recipients listed below on the legal basis of Art. 6 para. 1 sentence 1 lit. b in order to be able to process the service, work or purchase contract in question appropriately, for correspondence with you and to identify you as a customer. The data processing takes place at your request and is necessary for the stated purposes for the appropriate processing of the contract.

Website contact form

If we receive a message from you, the legal basis is Art. 6 para. 1 lit. a, Art. 6 para. 1 lit. b or Art. 6 para. 1 lit. f GDPR, depending on the content of the message.

a. To process your application

The processing of your data, including the personal data provided by you as well as any unsolicited and voluntarily provided special categories of personal data, is carried out by us and the recipients listed below on the legal basis of Art 6 para 1 sentence 1 lit b and Art 9 para 2 lit a GDPR in order to be able to identify you as an applicant, to be able to consider you appropriately for the processing of the application procedure in question, and for correspondence with you. The data processing is carried out at your request and is necessary for the purposes mentioned for the appropriate processing of your application.

b. After completion of the application procedure

In addition, you can consent to the above-mentioned data being kept on record beyond the statutory period and processed by us until you withdraw your consent, so that we can inform you as soon as we become aware of a position that may be of interest to you. However, this personal data will be stored and processed for a maximum of 3 years.

You consent to us recording and processing your personal data and application documents that you have provided to us in an applicant database so that we can find and contact you again during recruitment procedures if you are considered a potential candidate on the basis of the data you have provided.

Marketing (general)

The legal basis is our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR. The legitimate interest is our interest in initiating business and intensifying the business relationship with existing and potential customers.

In general, we expressly request that you do not disclose any data to us that is likely to be of little or no relevance to the purpose intended by you; this applies in particular to special categories of personal (“sensitive”) data. The provision of information by you is purely voluntary.

Information

If you contact us simply to obtain information from us, we will process the data you provide.

Order or orders

We process the necessary mandatory information for the processing of contracts; further information is voluntary.

Website contact form

When we receive a message from you, our web host logs and stores the date/time of registration and the IP address from which the registration was received. This is only for evidence purposes in the event that an e-mail address is used by an unauthorized person. In addition, your name, address, a valid e-mail address and a selection as to whether you would like an appointment/visit on site must be entered. The provision of further information is voluntary.

a. Application procedure

Depending on what you voluntarily provide to us, your data processed by us may include the following:

  • Your contact details (name, address, telephone number, e-mail address, etc.)
  • Your bibliographic data
  • Information about your vocational training
  • Your educational credentials, professional qualifications and certificates
  • Your professional background and information about your salary
  • special categories of personal data provided to us by you voluntarily and unsolicited

The provision of applicant information by you is purely voluntary. The more information you provide to us, the better we can assess your potential suitability for a vacant position.

Nevertheless, we expressly request that you do not disclose any data to us that is likely to have little or no relevance in the context of normal recruitment processes or that would not even be taken into account from a legal perspective. This applies in particular to special categories of personal (“sensitive”) data.

We will never ask you for this “sensitive” data (this includes data about racial and ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health or sex life, i.e. also e.g. religious denomination, family status).

If we receive an application from you via our application form, our web host logs and stores the date/time of registration and the IP address from which the registration was received. This is only for evidence purposes in the event that an e-mail address or telephone number is used by an unauthorized person. The required mandatory information is marked separately. The provision of further information is voluntary.

Marketing (general)

Depending on what you have voluntarily provided to us, your data processed by us may include the following:

  • Your contact details (name, address, telephone number, e-mail address, etc.)
  • Contents of previous orders

Your data may be disclosed in whole or in part, but only to the extent and to the extent necessary, to the following controllers:

  • Banks (Payment transactions – Austria)
  • Tax consultant (Accounting – Austria)
  • Debt collection agencies (debt collection – Austria)
  • Legal representative (law enforcement – Austria)
  • Courts (law enforcement – Austria)
  • Administrative authorities (Austria)

In addition, your data may be passed on to the following recipients as (sub)processors; a (sub)processing agreement has been concluded with all of them and the appropriate technical and organizational measures (TOMs) have been verified:

  • Innpuls Werbeagentur GmbH (Marketing agency, Austria)
  • Mittwald CM Service GmbH & Co KG, (Webhosting, Webmail, Germany)

Your data will be stored in a form that allows you to be identified only for as long as is necessary for the purpose for which it is processed.

Information

By providing us with your data via email, contacting us by telephone or in person, you expressly consent to your data, including the personal data you have provided and any unsolicited and voluntarily provided special categories of personal data, being processed by us and the above-mentioned recipients for the duration of the processing of the information in question.

If you contact us merely to obtain information from us, your data will therefore either be deleted immediately or deleted after a reasonable period of time corresponding to the content of the communication, depending on the content of the communication.

If you withdraw your declaration of consent, we will delete (or have deleted) all your data – including cumulative data – from all databases.

Order or purchase order

Due to company and tax law requirements, we are obliged to store your address, payment and order data for a period of 7 years. If you contact us to conclude a contract, the data will be deleted at the end of the 7th year after the last receipt has been posted (§ 132 BAO). If a contract is concluded, all data from the contractual relationship will therefore be stored until the end of this period.

Statutory/legal retention obligations or contractual obligations, e.g. towards customers arising from warranty or compensation or towards contractual partners, are a further basis for continuing to store your data. (Art 6 para 1 lit c GDPR; Art 17 para 3 lit e GDPR).

The data categories name, address, purchased goods and date of purchase are also stored until the expiry of product liability (10 years).

a. Application

By providing us with your data via e-mail, you expressly consent to your data, including the personal data you have provided and any unsolicited and voluntarily provided special categories of personal data, being processed by us and the recipients listed above for the duration of the application process in question.

b. Rejection of the application

The retention period for discrimination in job applications is 6 months after the end of the application procedure (§§ 15 para. 1 and 29 GlBG).

Your data will therefore be deleted at the end of this period, unless you have given your consent for your data to be processed for a longer period, in which case this period will apply.

Please also note that the processing of this data is also permitted if other legal standards permit or require this data processing.

c. Applicant receives job

If you are offered a position as an applicant, all of your data – including accumulated data – will be deleted after this period has expired, unless another legal reason (see below) justifies a longer storage period.

If you have consented to your data being included in the applicant database of our processor Mittwald CM Service GmbH & Co KG and processed by it, us and the other recipients mentioned above, this is for the purpose of informing you as soon as we become aware of a position that may be of interest to you, or in order to be able to find and contact you again during recruitment procedures, if you are considered a potential candidate on the basis of the data you have provided, may be kept on record beyond the statutory period and may be processed by us until you withdraw your consent, your data will be stored or processed for a maximum of 3 years.

Please note in particular that there are retention obligations for certain data (e.g. in accordance with the Austrian Commercial Code and tax law), at least for vacancies that have been filled.

Statutory/legal retention obligations or contractual obligations, e.g. to customers under warranty or compensation or to contractual partners, are a further basis for continuing to store your data.

In principle, your data will be deleted at the end of the 7th year after the last document relating to the concluded contract has been posted (retention period; § 132 BAO).

In these cases, the deletion of the data is followed by blocking.

Your data will be stored in a form that allows you to be identified only for as long as is necessary for the purpose for which it is processed.

Marketing (general)

Marketing data is stored for 3 years after the last contact.