Privacy

Privacy policy of datavisyn GmbH

GENERAL NOTICE

Controller of the website: datavisyn GmbH

We would like to inform you about all processing activities of your personal data that we carry out on this website. 

This privacy policy applies only to https://datavisyn.io/ and its related subpages, but not to websites controlled and operated by third parties. Please check the privacy statements of websites that are controlled and operated by third parties, as these websites are beyond our control and datavisyn is not responsible for their content and data protection measures.

Contact details: privacy@datavisyn.io

 

DATA PROCESSING ACTIVITIES

1) General contact form or direct contact

When you submit the contact form or contact us directly, your personal data will be processed to respond to your request.

  • Categories of data processed: Contact data provided; content of the message
  • Purpose: Answering your request.
  • Justification: legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR to be able to process and reliably answer your individual inquiries or fulfill pre-contractual services in accordance with Art. 6 para. 1 lit. b GDPR
  • Storage period: maximum 12 months after receipt of your personal message
  • Recipient: IT service provider


2) Initial contact, preparation of offers, provision of services and post-contractual activities

Personal data of the contact persons of the commissioning party are processed as part of the initial contact, the preparation of the offer and the implementation of the commissioned services. After the successful completion of the services, personal data is processed to fulfill contractual and legal obligations. In addition, personal data is stored for the purpose of commissioning follow-up services.

  • Categories of data processed: Contact data provided; company-related data (position, project name if applicable)
  • Purpose: Performance of services; fulfillment of legal obligations; defense against legal claims; commissioning of follow-up services
  • Justification: (i) fulfillment of (pre-)contractual services pursuant to Art 6 para 1 lit b GDPR; (ii) legitimate interest pursuant to Art 6 para 1 lit f GDPR to process the data for the defense of legal claims and for the commissioning of follow-up services; (iii) fulfillment of legal obligations pursuant to Art 6 para 1 lit c GDPR (§ 132 BAO – Federal Fiscal Code)
  • Storage period: (i) After successful fulfillment of the contract, (ii) 3 years from successful fulfillment of the contract, (iii) 7 years from issuance of the invoice
  • Recipient: IT service provider
  •  

3) Processing of requests from data subjects

If you submit a data subject request within the meaning of the GDPR, we process your personal data for processing and for verification purposes vis-à-vis the authority or a court.

  • Categories of data processed: All existing personal data; communication history in the context of the data subject request 
  • Purpose: To respond to the data subject’s request; to provide evidence to the data protection authority or a court
  • Justification: legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR, the data to defend against legal claims and to provide evidence to authorities and courts; fulfillment of legal obligations pursuant to Art. 6 para. 1 lit. c GDPR (Art. 12ff GDPR)
  • Storage period: 3 years after successful processing of the data subject request
  • Recipient: IT service provider

 

4) Processing of data in the context of a job application

If you apply for a job, we will process your personal data as part of the application process. If you have consented to us keeping your data on file, we will save your application for future vacancies and contact you by telephone or e-mail. You can revoke your consent to record-keeping at any time by sending an e-mail to privacy@datavisyn.io. The consent to keep records is valid for three years and can be extended at any time.

  • Processed data categories: Master data, contact details, letter of application, CV and the data contained therein 
  • Purpose: Handling the application process; keeping a record of the application
  • Justification: legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR to handle the application process properly and to store it for a period of 7 months from the end of the application process to defend against legal claims and to provide evidence to authorities and courts (Equal Treatment Act); consent pursuant to Art. 6 para. 1 lit. a GDPR (keeping records)
  • Storage period: 7 months from the end of the application process; in the case of record keeping 3 years from the submission of consent
  • Recipient: IT service provider

 

5) Processing of data on social media platforms

LinkedIn

The company and LinkedIn are joint controllers (Art. 26 GDPR) with regard to the company profile and the statistics provided. Further information on joint controllership can be found at https://legal.linkedin.com/pages-joint-controller-addendum . 

We use an LinkedIn to get in touch with our customers and interested parties and to provide information about our offers and services. 

  • Categories of data processed: Master data, contact data, other information provided via LinkedIn 
  • Purpose: Responding to your request, marketing 
  • Justification: legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR to be able to process and reliably answer your individual inquiries or fulfill pre-contractual services pursuant to Art. 6 para. 1 lit. b GDPR and legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR to carry out marketing activities via LinkedIn
  • Recipient: IT service provider
  • Storage period: Depending on the purpose of the request, the data will be deleted after the periods specified in 1) or 2).

 

6) Processing of technical information when visiting our website

When you visit our website, certain technical information required for the provision and secure operation of the website is automatically processed. This data may be personal in individual cases.

  • Data categories: IP address; date and time of access; pages/files accessed; amount of data transferred; notification of successful access; browser type and version; operating system; referrer URL; provider.
  • Purpose: Ensuring the technical functionality of the website; ensuring IT security (e.g. defense against attacks); evaluation for purely technical administration purposes.
  • Justification: legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in the secure and trouble-free provision of the website.
  • Storage duration: Log files are generally stored for 30 days and then deleted, unless a security-related analysis is required due to specific incidents.
  • Recipient: IT service provider (hosting provider) based in the EU.
  • Cookies: Only technically necessary cookies that are required for the functionality of the website are used.

 

7) Cookies that require consent (e.g. for statistics and marketing)

In addition to the technically necessary cookies, we only use other cookies if you have expressly consented to this. These cookies are generally used to analyze user behavior (tracking cookies), to measure reach, to optimize our website or for marketing and advertising purposes.

  • Data categories: User ID, time stamp of consent, selection of cookie categories, pseudonymized usage data (e.g. pages visited, length of stay, interactions, browser and device type used).
  • Purpose: Analysis and improvement of the website; statistical evaluation of usage; targeted advertising based on user profiles.
  • Legal basis: Consent pursuant to Art. 6 para. 1 lit. a GDPR in conjunction with § 165 para. 3 TKG 2021.
  • Revocation: You can change or revoke your consent at any time with effect for the future via the cookie banner (symbol at the bottom left of the website).
  • Storage duration: depending on the cookie categories; you can find precise information in the detailed information in the cookie banner and in the cookie policy.
  • Recipient: Depending on your consent, the data may be passed on to service providers (e.g. providers of web analysis or marketing tools). For more information on the individual services, their location and any data transfers to third countries, please refer to the detailed information in the cookie banner.

 

RIGHTS OF THE DATA SUBJECT

You can assert the following rights with regard to data processing: 

Right to information You can request confirmation as to whether and to what extent personal data concerning you is being processed.

Right to rectification If we process incomplete or inaccurate personal data about you, you can request that it be rectified or completed at any time. 

Right to erasure You can request the erasure of your personal data if the purpose for which it was collected no longer applies, the processing is unlawful, the processing disproportionately interferes with your legitimate protection interests or the data processing is based on your consent and you have withdrawn it. Please note that there may be other reasons that prevent your data from being deleted immediately, e.g. statutory retention obligations, pending proceedings, assertion, exercise or defense of legal claims, etc.

Right to restriction of processing You have the right to request that the processing of your data be restricted if 

  • you contest the accuracy of your data, for a period enabling us to verify the accuracy of the data 
  • the processing of your data is unlawful, but you refuse to have it erased and instead request that the use of the data be restricted 
  • we no longer need the data for the intended purpose, but you still need this data to assert, exercise or defend legal claims, or 
  • you have objected to the processing of the data. 

Right to data portability You may request that we provide you with the data you have provided to us in a structured, commonly used and machine-readable format, provided that we process the data on the basis of your consent or to fulfill a contract between us and the processing is carried out using automated procedures. 

Right to object If we process your data to perform tasks that are in the public interest, to exercise official authority or if we invoke the need to protect our legitimate interests when processing your data, you can object to this data processing if there is an overriding interest in protecting your data. You can object to the sending of advertising at any time without giving reasons.

Special right to object If we process your data for the purposes of direct marketing or profiling and we base this on our legitimate interest, you have the right to object to this data processing for the purposes of direct marketing at any time.   

Right of revocation All declarations of consent given by you can be revoked independently of each other at any time. The consequence of a revocation is that we will no longer process your data for the purposes stated in the declaration of consent from this point on, and therefore the corresponding rights and benefits can no longer be claimed.  

You can assert these rights at any time by sending a message via the contact form or to the e-mail address privacy@datavisyn.io. In case of doubt, we may request additional information to confirm your identity. This serves to protect your rights and your privacy. 

 

OTHER INFORMATION

Right to complain If you are of the opinion that we have violated Austrian or European data protection law when processing your data and thereby infringed your rights, we ask you to contact us so that we can clarify any questions you may have. Of course, you also have the right to lodge a complaint with the Austrian data protection authority or a European supervisory authority.