General Data Protection Regulation
If you are our customer, news subscriber, or website visitor, you entrust us with your personal data. We are responsible for their protection and security. Therefore, please familiarize yourself with the protection of personal data, principles, and rights you have in relation to the GDPR (Regulation (EU) No. 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data and cancellation of Directive 95/46 / EC (General Data Protection Regulation)).
Who is the personal data manager?
We are BISO GmbH, VAT: ATU1859223, A-4773 Eggerding, Edenaichet 21, AUSTRIA, registered at the Registry Court in A-4910 Ried i.I .. Firmenbuch-No .: FN 438049 which operates the www.biso.at website. We process your personal data as an administrator (a personal data manager), ie. we determine how your personal data will be processed, for what purpose, for how long it waits and we select any further processors that will help us processing this data
If you want to contact us during processing, you can contact us at: firstname.lastname@example.org
We declare that, as the controller of your personal data, we comply with all legal obligations required by applicable legislation, in particular GDPR, and that:
we will only process your personal data on the basis of a valid legal reason, in particular a legitimate interest, performance of the contract, legal obligation or consent granted,
fulfil Article 13 of the GDPR information obligation before starting the processing of personal data,
we will enable and support you in exercising and enforcing your rights under the GDPR.
scope of personal data and processing purposes
we process personal data that you entrust to us yourself for the following reasons (to fulfil these purposes):
● provision of services, performance of the contract
your personal data in the range: name, surname, address, telephone, e-mail we absolutely need to fulfil the contract (delivery of goods, sending information about the order).
If you are a customer, we urgently need your personal data (invoicing data) to comply with the legal obligations for the issuance and registration of tax documents. We keep the documents for a period of 10 years from the end of the business relationship.
● marketing - sending newsletters
We use your personal data (e-mail and name, what you click on and when you open it most often) for the purpose of direct marketing - sending business messages. If you are our customer, we do so out of a legitimate interest, as this is made possible by the provisions of § 7 par. 3 of Act no. 480/2004 Coll., On certain society service´s information, for a period of 5 years from the last order.
If you are not our customer, we send you newsletters only with your consent. If you are not interested, you can unsubscribe by using the unsubscribe link in each e-mail sent.
Cookies for targeted ads will only be processed with your consent according to your browser settings. We use them to address you again with a precisely targeted product or service. We use the following platforms to process cookies for targeted advertising, with which we have a valid agreement or agreement on personal data protection:
- AdWords company GOOGLE Ireland Limited
- Facebook Ireland Limited
Security and protection of personal data
We protect your personal data as much as possible by using modern technologies that correspond to the level of technical development. We protect them as if they were our own. We have taken and maintain all possible (currently known) technical and organizational measures to prevent the misuse, damage or destruction of your personal data.
Transfer of personal data to third parties
Our employees and partners have access to your personal data.
To ensure specific processing operations that we cannot provide on our own, we use the services and applications of processors who can protect data even better than we do and specialize in the processing.
• transport and transportation services
• accounting and tax offices
• technology companies providing operation and administration of the website
• online and marketing agencies and platforms
• goods comparators
It is possible that in the future we will decide to use other applications or processors to facilitate and improve the processing. However, we promise you that in such a case, when selecting, we will place at least the same demands on the processor for security and quality of processing as for ourselves.
Data transfer outside the European Union
All processing of personal data will be carried out in the EU.
Your rights in relation to the protection of personal data
You have a number of rights regarding the protection of personal data. If you wish to exercise any of these rights, please contact us via email@example.com
You have the right to information that is already fulfilled in this information page with the principles of personal data processing.
Thanks to the right of access, you can appeal to us at any time and we will prove to you within 30 days what personal data of yours is being processed and why.
If something changes for you or you find your personal data out of date or incomplete, you have the right to add and change your personal data.
You can exercise the right to restrict the processing if you believe that we are processing your inaccurate data, you believe that we are processing illegally but you do not want to delete all data, or you have objected to the processing. You can limit the scope of personal data or the purposes of the processing. (For example, by unsubscribing from the newsletter, you limit the purpose of processing to sending business messages.)
Right to data portability
If you would like to take your personal data and transfer it to someone else, we will proceed in the same way as when exercising the right of access - with the only difference that we will provide you with the information in machine-readable form. In this case, we need at least 60 days.
Right to delete (to be forgotten)
Your next right is the right to delete (to be forgotten). We do not want to forget you, but if you wish, you have the right to do so. In this case, we will delete all your personal data from our system as well as from the system of all the sub-processors and backups. We need 90 days to secure the right to delete.
In some cases, we are bound by a legal obligation and e.g. we must register the issued tax documents for the period stipulated by law. In this case, we delete all such personal data that is not bound by another law. We will notify you by email when the deletion is complete.
Complaint to the Office for Personal Data Protection
If you feel that we are not handling your data in accordance with the GDPR Regulation, you have the right to contact your Data Protection Authority at any time. We would be very happy if you first inform us of this suspicion so that we can do something about it and correct any mistakes.
Unsubscribe from sending newsletters and business messages
We send you inspiration emails, articles, products and services, if you are our customer, based on our legitimate interest.
If you are not yet a customer, we will only send them to you with your consent. In either case, you can unsubscribe from our emails by clicking the unsubscribe link in each email sent.
We would like to assure you that our employees, as well as co-workers and partners who will process your personal data, are obliged to maintain the confidentiality of personal data and security measures, the disclosure of which would jeopardize the security of your personal data. At the same time, this confidentiality continues even after the end of your contractual relation with us. Your personal data will not be passed on to any other third party without your consent.
These principles of personal data processing apply from 25.5.2018.