PRIVACY NOTE – general

This is the privacy notice hosted by Innerio Heat Exchanger GmbH (“we”, “us” and ” Innerio”), headquartered in 2542 Kottingsbrunn, Austria at https://www.innerio-heatexchanger.com. Our contact details can be found below.

At Innerio, we take your privacy seriously. Please read the following information in this privacy notice to learn how we process your personal data. “personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person).

What this privacy notice covers

We have prepared this privacy notice to describe to you our processing operations in relation to the personal data we collect directly from users of our website https://www.innerio-heatexchanger.com (the / our “Website”), users engaging with our other online content (for example, via social media) and recipients of our e-mails (collectively, “Services”) as a data controller within the meaning of Article 4 of the General Data Protection Regulation (“GDPR”). The privacy notice also applies to the use of our Services with mobile devices or by other means.

Personal data we collect, how we use it and on what legal basis

Depending on how you interact with our Services (through the website, social media, online advertising, etc.), we collect different categories of personal data and use them in different ways based on different legal bases, as set out here below:

  1. Information that you provide to us when you interact with us.

Personal Contact Information:

This includes your name, home or postal address, telephone number and e-mail address. This may also include information you give us about another person (for example, if you ask us to send product information to another person). We process personal contact information in connection with product orders and customer service. The legal basis for this processing is contract performance / pre-contractual measures.

Information on orders and products:

This includes details of the products you searched for on our website and the time and date of the searches.

We use this information to deliver ordered products to you, as well as to send you promotional e-mails (where appropriate, with your consent) for products and offers tailored to your interests, to provide you with personalised product recommendations when you return to the website, to provide you with advertisements when you visit social media platforms such as LinkedIn or other websites, and to better understand our customers so that we can improve our products and our users’ experience of our website. The legal basis for this processing is contract performance / pre-contractual measures, our legitimate interest in informing you about our products and services, or otherwise your consent.

Legitimate interests is a technical term in data protection law that means that we have a good and legitimate reason to use your personal data and that we do so in a way that does not harm your interests and rights. We will use your data on the basis of our legitimate interests where it is reasonable to be expected in the course of our business and your rights, freedoms or interests will not be significantly harmed.

In some cases, we process personal data on the basis of your explicit consent at the time of collection. If we process personal data on the basis of your consent, you will be expressly informed of this at the time of collection.

User-generated content and contributions:

Any content, posts or requests that you create and then share with us (and potentially others) by uploading them to our website or applications, including our company websites on social media platforms (such as LinkedIn). Examples include queries, photos, videos or other similar media or content. The provision of user-generated content and posts also typically requires the processing of your account information.

In relation to a corporate website, the relevant account information of the respective social media platform is also processed by the provider of the social media platform.

In relation to our website, the legal basis for this processing is either contract performance / pre-contractual measures (where we only provide you with the relevant service involving the sharing of user-generated content) or otherwise our legitimate interest in providing you with the opportunity to share such data.

With regard to the processing of your personal data when you visit our corporate websites, you will find detailed information in Section 4.

  1. Information collected automatically when you visit the website

When you visit our website, we store certain information about the browser and operating system you use, the date and time of your visit, the access status (for example, whether you were able to access a website or received an error message), the use of functions on the website, search terms you entered, how often you visit individual sub-pages, the name of files you access, the amount of data transferred, the website from which you accessed our website, and the website you visit after visiting our website, whether by clicking on links on our website or by entering a domain directly in the input field of the same tab (or window) of your browser in which you opened our website. In addition, for security reasons, we store your IP address and the name of your Internet provider for seven days, in particular to prevent and detect attacks on our website or attempts at fraud.

The legal basis for this processing is our legitimate interest in the presentation of our website as well as data protection organisation and data security.

  1. Cookies and similar technologies

When you use the website, we use various technologies (including cookies and pixel tags) to collect certain information (that is, personal data) about how you use the website. These are categorised as “functional cookies”, “performance / analytics cookies” and “marketing cookies”. We use this information to better understand your preferences so that we can improve our website and for security and anti-fraud purposes.

The legal basis for the use of “functional cookies” is our legitimate interest; the use of all other categories of cookies is based on your consent.

Cookies and similar technologies enable you to be recognised when you use the same computer or device to interact with websites and online services, and may be used to manage a range of features and content, as well as to store searches and display personalised content, and enable you to use your social media user profiles in connection with the website, and enable us to target advertisements to you on our website, social media platforms (such as LinkedIn) and other websites and apps (that is, online advertising).

With regard to online advertising, we work with social media platforms and digital advertising platforms to show you advertisements for our products on other websites and social media platforms. For example, if you express interest in a product or purchase a product on our website, we may promote that product or other products we think you may be interested in and show them to you on other websites, LinkedIn or other social networking sites. For this purpose, we share information, in particular collected through cookies, with our social media and digital advertising partners so that they can better understand what you are interested in. Our partners may also retain and use this information to help other companies unrelated to Innerio show you advertisements online. In the “real world” you cannot be identified by this information. Additional information on how to opt-out of this feature can be found below or at http://www.youronlinechoices.eu.

For further details please see our Cookie Policy.

Insofar as cookie / similar technology providers are deemed to be our processors or joint controllers with us for the processing, we have entered into appropriate agreements with those providers where these are available. To the extent required by law, we will provide you upon request with a description of the material terms of any joint controller agreements we have entered into with the relevant cookie providers.

Note about YouTube

We use the YouTube.com platform to post our own videos and make them publicly accessible. This is a video portal of YouTube LLC, 901 Cherry Ave, 94066 San Bruno, CA, USA, hereinafter referred to as “YouTube”. YouTube is a subsidiary of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. We use YouTube with the “extended data protection mode” function. YouTube itself provides this mode and thus ensures that YouTube does not initially save any cookies on your device. The legal basis is Art. 6 Para. 1 lit. f GDPR; our legitimate interest lies in improving the quality of our website. According to YouTube, at least your IP address, the date and time, and the website you visited are only recorded and processed when the video is started. In addition, a connection to Google’s “DoubleClick” advertising network is usually established.

Without this “extended data protection setting”, a connection to the YouTube server in the USA is established as soon as you call up one of our Internet pages on which a YouTube video is embedded. If you are logged in to YouTube at the same time, YouTube will link the connection information to your YouTube account. If you wish to avoid this, you must either log out of YouTube before visiting our website or make the appropriate settings in your YouTube user account.

In order to analyse user behaviour and for the purpose of functionality, YouTube stores cookies via your internet browser on your respective end device. If you do not agree to this processing, you can prevent the storage of cookies through appropriate browser settings and extensions.

Further information on the collection and use of data as well as your rights in this regard can be found in the Google/YouTube data protection information at https://policies.google.com/privacy.

  1. Company websites

As described in Section 1, we maintain a publicly accessible corporate website on the social media platform LinkedIn. It is likely that the provider of the social media platform will process other information in addition to storing the personal data you specifically provide on the social media platform. When you visit our corporate website on the social media platform, personal data may be transferred to providers in countries outside the European Economic Area that do not ensure an “adequate level of protection” for the processing of personal data according to EU standards from the perspective of the European Union (“EU”). Please consider this before clicking on a relevant link on our website or visiting a company website directly and thereby triggering a transfer of your data.

For details on the collection and storage of your personal data as well as the type, scope and purpose of use by the provider of the social media platform, please refer to the privacy policy for LinkedIn. LinkedIn is operated by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. You can find LinkedIn’s privacy policy at: https://www.linkedin.com/legal/privacy-policy?trk=content_footer-privacy-policy.

In the following, we outline our processing activities in connection with your visit to our corporate website. Based on the type of personal data processed, we explain for which purposes and on which legal basis we process your personal data.

Visiting our company website

When you visit our company website, your personal data is also collected, used and stored by the providers of the respective social media platform. This can also happen if you do not have a profile with the respective social media platform. If you are logged in to the respective social media platform with your personal user profile when visiting a social media platform, the provider of the social media platform may link the visit to your user profile. If you do not want such a link, you must log out of your user profile before visiting our company website and delete the cookies where necessary. Details can be found in the data protection information of the provider of the social media platform linked above.

As the operator of the corporate website, we can view the information stored in your respective public user profile when you visit our respective corporate website. However, this is only possible if you have such a user profile on the respective social media platform and are logged in there when you visit our respective corporate website. Accordingly, you can also visit our corporate websites without us having access to the aforementioned information. If we view the information stored in your public user profile, we do so in order to offer you and the rest of our target group the most interesting content possible.

In addition, certain social media platform providers provide us with anonymous usage statistics to varying degrees, which we use to improve the user experience when visiting our respective corporate website. However, we do not have access to the usage data (personal data) that the providers of the respective social media platform collect to create these usage statistics. The providers of the social media platforms are therefore always to be regarded as the responsible parties with regard to the processing of this data. Depending on the social media platform provider and the personal data that provider provides to us, we may be considered joint controllers with the social media platform provider in this regard. To the extent that the social media platform providers are considered joint controllers with us, please note the description in the last paragraph of Section 3 in relation to joint controllers, which will then apply mutatis mutandis to the processing operations described herein.

Our own data processing in connection with our corporate websites serves our (and your) legitimate interest (legal basis) in improving the user experience when visiting the respective corporate website.

Contact via the Messenger (message function) of a social media platform

If you communicate with us via the Messenger of a social media platform or contact us by linking in your own posts or by responding (for example, likes or comments) to one of our posts, we process personal data in this context in the form of:

  • Your respective profile name.
  • Your first and last name, if this is publicly visible.
  • Other information stored as public in your profile.
  • Your message or the content of your post or your reaction.
  • The date and time of your interaction.

Furthermore, when contacting us via Messenger, you may voluntarily provide additional information that you deem necessary to process your request.

If you contact us, we process the aforementioned personal data to handle your enquiry and the associated technical administration and store it in case follow-up questions arise. Otherwise, we only process the aforementioned personal data to find out whether visitors to our company website like our content.

The processing of the aforementioned personal data is carried out, if you express interest in our products, on the basis of contract fulfilment / pre-contractual measures, that is, for the initiation of a contractual relationship. Otherwise, it is carried out on the basis of mutual interest in providing good service to visitors to our company website and is thus based on our legitimate interest.

There is no obligation to provide the above personal data, but without it we are unable to process enquiries or interact with you.

  1. Other processing purposes

We use all the information described above for the following general purposes:

  • To protect against or deter fraudulent, illegal or harmful activities and to maintain the security and integrity of our services.
  • To comply with our legal or contractual obligations, resolve disputes and enforce our terms of use.
  • To respond to law enforcement requests and when required by applicable law, court order or government regulations.

The legal basis for this processing is our legitimate interest in protecting our website or in complying with our legal obligations.

As stated in the explanations above, we may communicate with you if you have given us the opportunity to do so. For example, if you have given us your e-mail address, we may send you promotional e-mails or inform you about your use of the services. We may also receive confirmation when you open an e-mail  from us, which helps us to improve our services. If you do not wish to receive such marketing communications from us, you can also tell us by e-mailing office@innerio.com.

The legal basis for this processing is our legitimate interest in informing you about our products and services, or otherwise your consent.

We will not collect additional categories of personal data or use the personal data we collect for substantially different, unrelated or incompatible purposes without informing you.

How personal data can be disclosed to third parties

  1. Your personal data (as listed above) may be disclosed to the following categories of third parties:
  • To our third party service providers who provide services such as website hosting, data analytics, e-mail delivery services, customer relationship management, and other services, or when we use freelancers to provide their services for the purposes described in this Privacy Notice
  • Some of these service providers process personal data on our behalf in the United States (“U.S.A.”) and other countries outside the European Economic Area.
  • If we are under a duty to disclose or share your personal information in order to comply with any legal obligation or in order to establish, exercise, defend, enforce or apply our conditions of sale and other agreements or legal rights; to investigate or prevent actual or suspected illegal activities, loss or damage in connection with our services and to protect the rights, property or safety of our customers or others; or as otherwise required or permitted by law. This includes sharing information with other companies and organisations to protect against fraud and reduce credit risk and to prevent cybercrime.
  • To the extent permitted, to a third party in the event of a reorganisation, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or partnership interests.
  • To other companies in the Innerio group of companies from time to time and for the purposes set out in this privacy notice (in the main, the transfer of personal data to companies in the Innerio group of companies is for the fulfilment of product orders; the legal basis in this case is contract performance / pre-contractual measures).
  1. Your name and contact information (and any other information you disclose) may also be shared with the following categories of third parties:
  • To the extent permitted by law to third party strategic partners with whom we may enter into a special relationship for promotional activities.
  • To third parties in connection with certain promotions or competitions in which you may participate; where the rules of the promotion regarding the treatment of your personal data are stricter than this Privacy Notice, the rules of the promotion shall apply.
  1. Information that is automatically collected may be shared with the following categories of third parties:
  • To the extent permitted by law, our online and e-mail advertisers, social media partners or other third party providers we use who may provide cookies or other similar technologies for use on our website to manage and improve our online and e-mail advertising campaigns.
  1. With recipients in so-called “third countries” within the meaning of the GDPR; where applicable, we will use EU standard contractual clauses or binding internal data protection rules to ensure an “adequate level of protection” in accordance with the legal requirements of the GDPR. We will be happy to provide you with more information on this upon request via the contact information below.

No obligation to provide

The provision of personal data by you is usually on a voluntary basis. In principle, there is neither a legal nor a contractual obligation on your part to provide such personal data. However, in the event that you do not provide personal data, it may not be possible to provide some or all of our services properly.

Data security and retention period

We seek to protect your personal data from unauthorised access, use or disclosure by implementing appropriate physical, technical, organisational and administrative safeguards based on the nature of the personal data and the manner in which we process it. For example, the website uses industry standard Transport Layer Security (TSL) technology to enable encryption of the personal data you provide to us.

We will retain your personal data for as long as is necessary to provide you with our services or as necessary to fulfil the purpose(s) for which it was collected. In some cases, we may retain personal information longer if necessary to comply with our legal obligations, resolve disputes or collect fees owed, or as otherwise permitted or required by applicable laws, rules or regulations. We may also retain information in anonymous or aggregate form if that information no longer personally identifies you or makes you unidentifiable.

Information on legal bases as well as rights of the data subjects and transfers of personal data

Legal bases in accordance with the GDPR

We will only process your personal data if we have a lawful legal basis for doing so under the GDPR. The specific legal bases for the various personal data processing operations we undertake are detailed above. For better understanding, these legal bases for processing, that is, consent, performance of contract / pre-contractual measures, our “legitimate interests” or the “legitimate interests” of others, and compliance with legal obligations, are described in general terms below:

  • Contract performance / pre-contractual measures: We process personal data in the form of your name, address(es), order details, e-mail address and telephone number in order to fulfil our contractual obligations to supply products to you or to take action at your request before an order can be completed. Where we need to process data on the basis of contract performance / pre-contractual measures, failure to provide this personal data will result in you being unable to use some or all of the parts of our website for which this data is required.
  • Legitimate interests: This is a technical term in data protection law that means that we have a good and legitimate reason to process your data and that we do so in a way that does not harm your interests and / or rights. We will use your data in our legitimate interests where it is reasonable to expect us to do so in the course of our business and it does not materially affect your rights, freedoms or interests. For example, we will send you promotional communications via our service, subject to your statutory rights to determine this. We also use cookies / other similar technologies to analyse how users interact with our website to understand how the various elements of the website work so that we can improve and develop the website. We also process your data to protect against fraud and security threats and may do so when processing corporate transactions to sell part or all of our business.
  • Consent: In some cases, we process personal data on the basis of your explicit consent at the time of collection. If we process personal data on the basis of your consent, you will be expressly informed of this at the time of collection.
  • Compliance with legal obligations: For example, we retain personal data in the form of order and transaction records in order to comply with our tax record-keeping obligations under the law.

Rights of the data subject

You have certain rights in relation to your personal data, including those set out below. For more information about these rights or to make a request, please contact us as follows:

Send us an e-mail to: dataprotection@innerio.com

In some cases, you may need to provide us with additional information, which may include personal data, to verify your identity and the nature of your request.

  • Information: You can request more information about the personal data we hold about you and request a copy of that personal data.
  • Correction: If you believe that the personal data we hold about you are incorrect or incomplete, you may ask us to correct or supplement that data.
  • Deletion: You can request that we delete some or all of your personal data from our systems.
  • Withdrawal of consent: If we process your personal data on the basis of your consent (as indicated at the time of collection of that data), you have the right to withdraw your consent at any time. The lawfulness of the processing of your personal data until withdrawal shall not be affected by the withdrawal. Please note, however, that if you exercise this right, you may be required to give explicit consent to the use or disclosure of certain personal data on a case-by-case basis if such use or disclosure is necessary to enable you to use some or all of our services.
  • Portability: You can request a copy of your personal data in a machine-readable format. You may also request that we transfer the data to another data controller where this is technically feasible.
  • Restriction of processing: You can request us to restrict further processing of your personal data.
Objection: You can contact us to let us know that you object to the further use or disclosure of your personal data for certain purposes, for example, for direct marketing purposes.
  • Right to complain: You have the right to lodge a complaint with the competent supervisory authority about our practices in relation to your personal data.

Transfer of personal data

We will take all reasonable steps to ensure that your data is subject to appropriate safeguards, for example, by using a recognised legal adequacy mechanism including standard contractual clauses, and that it is processed securely and in accordance with this Privacy Notice. Examples of when we transfer your personal data outside the European Economic Area include:

  • In order to store them.
  • To enable us to provide you with goods or services and to perform our contract with you. This includes the presentation of our products, the fulfilment of orders and the provision of customer services.
  • If we are legally obliged to do so.
  • To facilitate the operation of our group of companies where it is in our legitimate interest to do so and we have concluded that your rights are not predominant.

Automated decisions

We will not use your personal data to make automated decisions (including profiling) about you that have legal effects on you or similarly significantly negatively affect you.

Changes to this Privacy Notice

As we are constantly trying to improve our services, we may also need to change this Privacy Notice from time to time. The use of information we collect is governed by the Privacy Notice in effect at the time that information is collected.

Contact information

If you have any questions or comments about this Privacy Notice, the way we process your personal data and your choices and rights in relation to that use, please contact us at dataprotection@innerio.com.

Status: 1st of December 2022

PRIVACY STATEMENT – JOB APPLICANTS

Data protection has the highest priority at Innerio Heat Exchanger GmbH because we respect your privacy and personal sphere. In the following, we therefore inform you about the processing of personal data in the context of a job application to Innerio Heat Exchanger GmbH and the data protection claims and rights to which you are entitled.

In order to ensure the transparent, comprehensible and clear presentation of the information for you, we have designed this data protection information in the form of a question and answer dialogue.

  1. Who is responsible for processing my personal data?

Innerio Heat Exchanger GmbH

Etrich-Straße 59-73

2542 Kottingbrunn, Austria

Austria

Telephone: +43 (0) 2252 4080-0

E-mail: office@innerio.com

Internet: http://www.innerio-heatexchanger.com

Commercial Register Number: FN: 114477z

Hereinafter referred to as “we” or “Innerio”, is the controller within the meaning of Art. 4 Para. 7 of the General Data Protection Regulation (“GDPR”).

  1. Who can I contact with questions about data protection?

For all questions related to the processing of your personal data and the exercise of your rights in accordance with the GDPR, you can contact us at dataprotection@innerio.com.

  1. For what purposes will my personal data be processed?

Your data will be processed exclusively for the following purposes:

  • To carry out the selection procedure to the extent necessary for making a decision on the establishment of an employment relationship with us.
  • For the initiation, establishment and termination of the employment relationship.
  • To contact you should you be considered for an alternative position.
  • To contact you regarding your unsolicited application.
  • To send you personalised information about job vacancies at Innerio in accordance with the consent you have given us.
  • To exercise or fulfil the rights and obligations arising from a law or a collective agreement or a works agreement.

Your personal data may possibly be used for internal statistical purposes in an anonymised form and without allowing any conclusions to be drawn about your person.

  1. On what legal basis does Innerio process personal data?

The legal basis for the processing of your data is your consent given prior to submitting your application (Art. 6 Para. 1 lit. a GDPR, possibly in conjunction with Art. 9 Para. 2 lit. a GDPR if special personal data are included in your application), the implementation of pre-contractual measures against the background of a potential employment relationship (Art. 6 Para. 1 lit b GDPR) and, where applicable, to safeguard our legitimate interests (Art. 6 Para. 1 lit f GDPR).

When we obtain information from your public profile on professional social networks, we base the processing on our legitimate interest to form a basis for making a decision on the establishment of an employment relationship with you. The legal basis is Art. 6 Para. 1 lit. f GDPR in conjunction with Art. 9 Para. 2 lit. e GDPR.

Furthermore, we may process personal data about you insofar as this is necessary for the defence of legal claims asserted against us arising from the application process. The legal basis for this is Art. 6 Para. 1 lit. f GDPR; the legitimate interest is, for example, a duty to provide evidence in proceedings under the Equality Act (GlBG) or the Disabled Persons Employment Act (BEinstG).

  1. What categories of personal data does Innerio process?

We process personal data related to your job application. This may be general personal data (such as name, address and contact details), information about your professional qualifications and school education or information about further professional training or other information that you provide to us in connection with your application (for example, earliest possible starting date).

In addition, we may process work-related information that you have made publicly available, such as a profile on professional social media networks.

  1. Do I have to provide my personal data?

The provision of personal data is neither legally nor contractually required, nor are you obliged to provide the personal data. Providing your personal data as part of the application process is voluntary. However, the provision of personal data is necessary for the conclusion of a contract of employment with us. This means that if you do not provide us with personal data when applying, we will not enter into an employment relationship with you.

  1. From which sources do personal data originate?

We process the personal data about you that you provide to us as part of the application process. We may also obtain personal data about you from other sources, including external service providers, for example, recruitment companies. We may also receive data that you have made public on work-related social networking sites or that you provide to us via other websites or from other publicly available sources (only if such data is relevant to your professional life).

  1. What are the categories of recipients of data?

We may transfer your personal data to companies associated with us, insofar as this is permissible within the framework of the purposes set out under Point 3 and the legal bases set out under Point 4.

In addition, personal data is processed on our behalf on the basis of contracts in accordance with Art. 28 GDPR, in particular by host providers or providers of applicant management systems. These service providers process data only in accordance with Innerio’s instructions and under Innerio’s control and solely for the purposes described in this Privacy Statement.

In addition, we are entitled to use or disclose personal data if this is necessary to comply with laws, regulations or legal requirements and / or to assert or defend legal claims. The legal basis for this in such cases is Art. 6 Para. 1 lit. c GDPR.

Otherwise, your personal data will not be passed on to other third parties without your express consent.

  1. Will my application data be transferred to a third country?

A transfer to a third country (these are all states other than the member states of the European Union or the EEA) does not take place.

  1. How long will my data be retained?

We retain your personal data for as long as is necessary to reach a decision about your application. Insofar as an employment relationship between you and us does not come about, we may also continue to store data insofar as there are statutory retention obligations or this is necessary for defence against possible legal claims. In this case, the application documents are deleted seven months after notification of the rejection decision unless longer storage is necessary due to legal disputes.

If you give your consent before submitting your application, your data may also be kept on record for a period of 36 months. One month before the expiry of the retention period, you will receive an email giving you the option to extend the retention of your application data by 36 months. You can withdraw this consent at any time at dataprotection@innerio.com.

  1. Are my data secure with Innerio?

We currently have appropriate technical, physical and organisational security measures in place to protect against unauthorised access, disclosure and / or loss of personal data. The collection, transmission and storage of data cannot be guaranteed to be 100% secure. However, we take steps to ensure that appropriate security measures are in place for the protection of your data.

  1. Who at Innerio is given access to my data?

As a matter of principle, your personal data will only be forwarded to the internal offices and specialist departments of Innerio responsible for the specific application procedure; in particular, to authorised employees of the Human Resources department and responsible managers.

  1. Is there any automated decision making?

No automated decision in individual cases within the meaning of Art. 22 GDPR takes place, that is, the decision on your application is not based exclusively on automated processing.

  1. What rights do I have?

To exercise any of the rights below against us, please simply contact us by email at dataprotection@innerio.com. We will be happy to help you.

Right to information

You have the right to find out from us whether and to what extent we process your data.

Right to correction

If we process incomplete or inaccurate personal data about you, you can request that it be corrected or completed at any time.

Right to deletion

If your personal data is processed by us unlawfully, you can demand that we delete your personal data. There may well be reasons that stand in the way of immediate deletion (retention obligations or other legal obligations).

Right to restriction of processing

If you dispute the accuracy of the data, you can request the restriction of the processing of your data for the duration of the investigation if the processing of the personal data is unlawful but you do not wish it to be deleted or if we no longer require the data for the agreed purpose but you need it to assert/enforce legal claims or if you have objected to the processing of the data.

Right to data portability

You have the right to request the return and / or transmission of the data you have provided in a structured, commonly used and machine-readable form.

Right to object

If the processing of your personal data serves the execution of duties in the public interest, the exercise of official authority or if there is a legitimate interest for us, you can object to this data processing provided that there is an interest in your personal data worthy of protection.

Right to complain

If, in your opinion, the processing of your personal data violates Austrian or European data protection law, please contact us to clarify any issues. Of course, you have the right to complain to the Austrian data protection authority or to a data protection supervisory authority within the EU.

Verification of identity

To protect your rights and privacy, we are entitled to request proof of identity in the event of doubt.

Manifestly unfounded or excessive claim of rights

In principle, you can exercise these aforementioned rights free of charge. If you claim any of the aforementioned rights in a manifestly unfounded or particularly frequent manner, we are entitled to charge an appropriate processing fee or to refuse to process the request. In some situations, Innerio may refuse to process or place restrictions on the data disclosed; this applies, for example, in cases where disclosure would prejudice the rights and freedoms of others, interfere with the exercise or enforcement of the law or interfere with pending or future litigation.

Amendments to this Statement

This privacy statement has been updated to the status indicated below. From time to time it may be necessary for us to amend this Privacy Statement. Should this be the case, we will publish the revised version on the Internet at www.innerio.at/datenschutz and, in this case, change the effective date at the end of the Privacy Statement.

Date

1st of July 2022