We attach great importance to the protection and security of your data, which is why we adhere to the data protection regulations in the GDPR and the DSG.
In this privacy policy you will find more information about the data processing we carry out:
Schinko GmbH
Matzelsdorf 60
4212 Neumarkt im Mühlkreis
Phone: +43 7941 6906
Email: info@schinko.at
Since we are not legally obliged to do so, we have not appointed a data protection officer or notified them to the data protection authority.
2.1 You have the following rights with regard to your personal data:
Right to information (Article 15 GDPR),
Right to rectification (Article 16 GDPR) or erasure (Article 17 GDPR),
Restriction of processing (Article 18 GDPR),
Right to data portability (Article 20 GDPR),
Right to object to processing (Article 21 GDPR).
Right of objection
If the processing of your personal data is based on a balance of interests (Article 6 (1) (f) GDPR: legitimate interests), you have the right to object to the processing at any time for reasons arising from your particular situation. When exercising your right of objection, we ask you to explain to us your reasons why we should not process your personal data as we do. We will examine the situation and either stop or adapt the data processing, or show you our compelling legitimate grounds and continue the data processing. We will also continue the data processing if it serves to assert, exercise, or defend legal claims.
You can object to data processing for direct marketing and data analysis purposes at any time. In this case, we will stop processing your data.
Right of withdrawal
If you have given us your consent to process your personal data, you can revoke your consent at any time. Your revocation will not affect the legality of the data processing carried out up to the time of revocation.
To exercise the above rights, you must inform us in person, by telephone or in writing:
Schinko GmbH
Matzelsdorf 60
4212 Neumarkt im Mühlkreis
Phone: +43 7941 6906
Email: info@schinko.at
Please note that we can only provide you with information if you can identify yourself.
2.2. If you believe that the data processing violates applicable data protection law or that we have violated your data protection rights, you also have the right to lodge a complaint with the supervisory authority in the Member State of your residence, place of work, or place of the alleged violation.
If you wish to lodge your complaint with the supervisory authority in Austria, please address it to:
Austrian Data Protection Authority
Barichgasse 40–42
1030 Vienna
Information about the processing of your personal data
Purpose: If our website is used for informational purposes only (no registration or transmission of other information), personal data will be collected and transmitted from your browser to our server. This is technically necessary to display our website and to ensure its stability and security.
Legal basis: Legitimate interest (Article 6 (1) (f) GDPR), Section 165 (3) TKG 2021
Affected: Website visitors
The following data is processed: IP address, date and time of the request, time zone difference to GMT, content of the request (specific page), access status/HTTP status code, amount of data transferred, requesting website, browser, operating system and interface, language and version of the browser software
Storage period: As long as you use our website.
Recipients/recipient categories: Processors
3.2 Electronic contact requests via the website
Purpose: Processing contact requests via email or the website contact form.
Legal basis: Performance of a contract, necessary for the implementation of pre-contractual measures (Article 6 (1) (b) GDPR), legitimate interest (Article 6 (1) (f) GDPR), Section 165 (3) TKG 2021
Affected parties: Website visitors who use the contact form
The following data is processed: master data, company name, content data of the request
Storage period: Until the request is answered. If legal retention obligations exist, processing will be restricted until then.
Recipients/Categories of Recipients: Processors
3.3. Cookies/Web analysis service
Purpose: Design of the own website appearance, improvement of the range of services, the web presence and direct advertising
Legal basis: Consent (Article 6 (1) (a) GDPR), fulfillment of a contract, necessary to carry out pre-contractual measures (Article 6 (1) (b) GDPR), legitimate interest, in particular to improve our own services for the benefit of users (Article 6 (1) (f) GDPR), Section 165 (3) TKG 2021, express consent (Article 49 (1) (a) GDPR), fulfillment of a contract, necessary to carry out pre-contractual measures (Article 49 (1) (b) GDPR), necessary to fulfil an interest of the data subject (Article 49 (1) (c) GDPR), assertion, exercise and defense of legal claims (Article 49 (1) (e) GDPR)
Affected parties: Website visitors
The following data is processed: IP address
Storage period: See cookie list
Recipients/recipient categories: Company of the analysis service/service provider
We use both session cookies and cookies for statistical analysis of the use of our website. You can view your specific consent status either in the cookie banner (symbol on the right-hand side of the screen) or by clicking the small arrow (>) next to the heading “Targeted cookies in detail.” You can also obtain detailed information about processing by cookies by clicking the small arrow (>) next to the heading “Targeted cookies in detail.” Specifically, the following targeted cookies are used:
3.3.1. Use of Google services
This website uses various services provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”). Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, is responsible for data processing for residents of the European Union, the European Economic Area, and Switzerland. We will explain exactly which services this website uses below.
Further information about Google’s services and the privacy policy can be found at: https://policies.google.com/privacy?hl=de.
Information on transfer to countries outside the EU / EEA
Google, as an active participant in the EU-US Data Privacy Framework, also processes your data in the USA when you use Google services. Companies that have successfully completed the Data Privacy Framework Program are considered to have an adequate level of security in accordance with the provisions of the EU-US and Swiss-US Data Privacy Frameworks. The Data Privacy Framework ensures secure data transfer for data of EU citizens to the USA. Further information on the EU-US Data Privacy Framework can be found at:
https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en
Information on participation can be found under the search term “Google LLC.” here: https://www.dataprivacyframework.gov/s/participant-search
In addition, Google uses standard contractual clauses (SCC) to ensure that the EU data protection level is adhered to when processing your data. Further information can be found at: https://commission.europa.eu/publications/standard-contractual-clauses-international-transfers_en
3.3.1.1. Google Analytics
Purpose: To improve our service offering, our website, and our direct advertising. We use user behavior analysis to optimize both our website and our advertising.
Legal basis: Consent (Article 6 (1) (a) GDPR), explicit consent (Article 49 (1) (a) GDPR)
Affected: Website visitors
The following data is processed: IP address for approximate location (region) (in abbreviated form), technical information about the browser and the devices used (e.g. language settings, screen resolution), visitor’s internet provider, the referrer URL (via which website/via which advertising medium you came to this website)
Processing triggering events: Processing of your data will only be initiated if one or more of the following events occurs when you visit the website: page views, first visit to the website, start of the session, your “click path”, interaction with the website, scrolls (whenever a user scrolls to the end of the page (90%)), clicks on external links, internal search queries, interaction with videos, file downloads, ads viewed/clicked, language setting
Storage period: See cookie list
Recipients / Recipient Categories: Service Providers / Processors
Transfer to countries outside the EU/EEA: USA (see section 3.3.1 for details)
3.3.1.2. Google Maps
This website uses a link to the Google Maps map service. When you click on the link, your IP address and our company location will be forwarded to use the Google Maps features. This information is usually transferred to a Google server in the USA and stored there.
Purpose: To provide a map service to make our location easier to find
Legal basis: Consent (Article 6 (1) (a) GDPR), explicit consent (Article 49 (1) (a) GDPR)
Affected: Website visitors who access the link to Google Maps
The following data is processed: IP address, content of the request
Recipients / categories of recipients: Companies of the service provider and processor
Transfer to countries outside the EU/EEA: USA (see section 3.3.1 for details)
3.3.1.3. Google Ads (formerly Adwords)
Purpose: To target website visitors with personalized, interest-based ads when they visit other websites in the Google Display Network. This feature is also used to limit the number of ads shown to visitors.
Legal basis: Consent (Article 6 (1) (a) GDPR), legitimate interest, in particular to improve our own services for the benefit of users (Article 6 (1) (f) GDPR), Section 165 (3) TKG 2003, express consent (Article 49 (1) (a) GDPR), assertion, exercise and defense of legal claims (Article 49 (1) (e) GDPR)
The following data is processed: IP address, unique user ID, content of the request (e.g. information about the advertisement).
Processing triggering events: Consent on our website, activating an advertisement by clicking
Storage period: See cookie list
Recipients/recipient categories: Processors/service providers
Transfer to countries outside the EU/EEA: USA (see section 3.3.1 for details)
The data collected is not visible to us as website operators. Further information about Google’s services and the privacy policy can be found at: https://policies.google.com/privacy?hl=de
3.3.1.4. Google Tag Manager
Google Tag Manager is used on this website.
Purpose: Optimizing the website to load additional applications, adding, editing and managing code on a website without programming effort.
Legal basis: Consent (Article 6 (1) (a) GDPR), legitimate interest, in particular to improve our own services for the benefit of users (Article 6 (1) (f) GDPR), Section 165 (3) TKG 2003, express consent (Article 49 (1) (a) GDPR), assertion, exercise and defense of legal claims (Article 49 (1) (e) GDPR)
The following data is processed: IP address
Recipients/recipient categories: Processors/service providers
Transfer to countries outside the EU/EEA: USA (see section 3.3.1 for details)
3.3.1.5. YouTube
This website uses the YouTube service to display videos on the website.
Purpose: Videos are displayed on our website in the interest of an appealing presentation and increasing the awareness of our online offerings and our company.
Legal basis: Consent (Article 6 (1) (a) GDPR), legitimate interest, in particular to improve our own services for the benefit of users (Article 6 (1) (f) GDPR), Section 165 (3) TKG 2003, explicit consent (Article 49 (1) (a) GDPR), assertion, exercise and defense of legal claims (Article 49 (1) (e) GDPR)
The following data is processed: IP address
Storage period: See cookie list
Transfer to countries outside the EU/EEA: USA (see section 3.3.1 for details)
3.3.2. TikTok Pixel
This website uses TikTok Pixel. TikTok is operated by the Chinese company ByteDance. TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland, is responsible for processing personal data when using TikTok in Europe. TikTok is a social media platform. Companies can book ads on this platform to promote their products or services. When you visit our site, a direct connection is established between your browser and the TikTok server via the TikTok Pixel. TikTok then receives the information that you have visited our website using your IP address. This allows TikTok to associate your visit to our pages with your user account. TikTok uses the information obtained to see how many interested parties land on our website by activating the advertising link. This data helps us understand how successful our ads are. This allows us to decide which commercials are successful or whether we need to improve the ads to reach more interested parties.
Purpose: To address website visitors with targeted advertising by displaying personalized, interest-based advertisements for website visitors, measuring ad success.
Legal basis: Consent (Article 6 (1) (a) GDPR), legitimate interest (Article 6 (1) (f) GDPR), explicit consent (Article 49 (1) (a) GDPR), assertion, exercise and defense of legal claims (Article 49 (1) (e) GDPR)
Affected parties: website visitors, interested parties
The following data is processed: IP address, user ID
Processing triggering events: Consent on our website, activating an advertisement by clicking
Storage period: See cookie list
Recipients / categories of recipients: Processors
Transfer to the following third countries subject to data protection law: USA, China, Malaysia
USA: For companies that have not completed the Data Privacy Framework Program, an adequate level of security cannot be guaranteed according to legal requirements.
China: The Chinese Multi-Level Protection Scheme 2.0 requires companies based in China to disclose data to Chinese authorities and guarantee them unrestricted access to servers. Consequently, a sufficient level of security and compliance with European data protection requirements cannot be guaranteed.
Malaysia: Malaysia has enacted data protection legislation, but an adequacy decision is not currently in place. Therefore, a sufficient level of security and compliance with European data protection requirements cannot be conclusively guaranteed.
TikTok, operated by the Chinese company ByteDance, relies on the Standard Contractual Clauses for international data transfers (SCC) issued by the European Commission when transferring personal data. Details can be found here:
https://www.tiktok.com/legal/page/eea/privacy-policy/de#share-info
https://www.tiktok.com/legal/page/eea/transferee-countries/de
The data collected is anonymous to us as the operator.
Further information can be found in TikTok’s privacy policy at https://www.tiktok.com/legal/page/eea/privacy-policy/de.
3.3.3. Snap Pixel
This website uses Spotify Pixel from Spotify AB, Regeringsgatan 19, SE-111 53 Stockholm, Sweden. Spotify is a music streaming service where you can listen to music, create playlists, and share them with friends. Spotify offers two versions of the service: a paid version (Premium) and a free version that contains advertising. Both versions require a user account. The free version is financed through mandatory advertising between songs. Companies can use this advertising to promote their products or services. When you visit our pages, a direct connection is established between your browser and the Spotify server via the Spotify Pixel. Spotify AB thus receives the information that you have visited our website using your IP address and can associate the visit to our website with your user account. Spotify AB uses the information obtained to see how many interested parties land on our website via the audio advertising. This data helps us understand how successful our Spotify ads are. This helps us decide which audio ads are successful or whether we need to improve the ads to reach more potential customers.
Purpose: To address website visitors with targeted advertising by displaying personalized, interest-based advertisements for website visitors, measuring ad success.
Legal basis: Consent (Article 6 (1) (a) GDPR), legitimate interest (Article 6 (1) (f) GDPR)
Affected parties: website visitors, interested parties
The following data is processed: IP address, internet and network data
Processing triggering events: Visiting our website, activating an advertisement by clicking
Storage period: See cookie list
Recipients / categories of recipients: Processors
Transfer to the following third countries under data protection law: Worldwide
Details about the specific data collection and processing by Spotify Pixel can be found here: https://www.spotify.com/us/legal/ad-analytics-privacy-policy/
3.3.5. Microsoft
3.3.5.1. Microsoft Ads/Bing Ads
This website uses technologies from Bing Ads (bingads.microsoft.com), which are provided and operated by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (“Microsoft”). Microsoft will place a cookie on your device if you have accessed our website via a Microsoft Bing ad. This allows Microsoft and us to recognize that someone has clicked on an ad, been redirected to our website, and reached a previously determined landing page (“conversion site”). We only learn the total number of users who clicked on a Bing ad and were then redirected to the conversion site. Microsoft collects, processes, and uses information via the cookie to create usage profiles using pseudonyms. These usage profiles are used to analyze visitor behavior and to display advertisements.
Purpose: To address website visitors with targeted advertising by displaying personalized, interest-based advertisements for website visitors, measuring ad success.
Legal basis: Consent (Article 6 (1) (a) GDPR), explicit consent (Article 46 (1) (a) GDPR)
Affected parties: website visitors, interested parties
The following data is processed: IP address, advertising ID or online identifier, access duration and number, navigation behavior, device identifiers, approximate location, browser settings
Storage period: See cookie list
Recipients / categories of recipients: Processors
Transfer to the following third countries under data protection law:
USA: Microsoft Corporation, as an active participant in the EU-US Data Privacy Framework, also processes your data in the USA. Companies that have successfully completed the Data Privacy Framework program are considered to have an adequate level of security under the provisions of the EU-US and Swiss-US Data Privacy Frameworks. The Data Privacy Framework ensures secure data transfers for EU citizens’ data to the USA. Further information on the EU-US Data Privacy Framework can be found at:
https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en
Information on how to participate can be found by searching for “Microsoft” here: https://www.dataprivacyframework.gov/s/participant-search
Details about the specific data collection and processing by Microsoft Corporation can be found here: https://about.ads.microsoft.com/de-de/policies/legal-privacy-and-security#datenschutzbestimmungen
A cross-website rejection of personalized advertising is possible in particular at or at youradchoices.com/?language=en.
3.3.6. Quantserve
This website uses technologies from Quantcast Corp., 795 Folsom Street, San Francisco, CA 94107, USA, which are provided and operated for the European region by Quantcast International Limited, Beaux Lane House, Lower Mercer Street, 1st Floor, Dublin 2, Ireland. An offer is sent digitally to interested parties to receive bids for ad placement. Potential buyers compete in an auction for ad placement. These requests are typically processed via advertising exchanges and contain data about the ad unit, the digital content of the ad, the user’s device, and their interaction with the content.
Purpose: To address website visitors with targeted advertising by displaying personalized, interest-based advertisements for website visitors, measuring ad success.
Legal basis: Consent (Article 6 (1) (a) GDPR), explicit consent (Article 46 (1) (a) GDPR)
Affected parties: website visitors, interested parties
The following data is processed: IP address, pseudonymous identifiers, inaccurate/approximate location information, ad request data, event data
Storage period: See cookie list
Recipients / categories of recipients: Processors
Transfer to the following third countries with data protection regulations: USA: For companies that have not completed the Data Privacy Framework Program, an adequate level of security cannot be guaranteed according to the legal requirements.
Details about the specific data collection and processing by Quantcast Corp. can be found here:
https://legal.quantcast.com/#Additional-information-for-EEA-UK-Switzerland-residents
3.3.7. LinkedIn Ads
This website uses LinkedIn Ads, a product of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.
Purpose: Conversion tracking and personalized advertising. When you visit one of the pages equipped with LinkedIn Ads, a connection is established to the LinkedIn server. The LinkedIn server is informed of the pages visited and your interaction with the website content. The collected data is not visible to us as the website operator.
If you are logged in to LinkedIn, LinkedIn can see your browsing habits. This allows personalized ads to be displayed to you on LinkedIn.
Legal basis: Consent (Article 6 (1) (a) GDPR), legitimate interest, in particular to improve our own services (Article 6 (1) (f) GDPR), Section 165 (3) TKG 2003, express consent (Article 49 (1) (a) GDPR), assertion, exercise and defense of legal claims (Article 49 (1) (e) GDPR)
Affected parties: website visitors, interested parties
The following data is processed: IP address, pseudonymous identifiers, inaccurate/approximate location information, ad request data, event data
Storage period: See cookie list
Recipients / categories of recipients: Processors
Transfer to the following third countries with data protection regulations:
USA: Companies that have successfully completed the Data Privacy Framework Program are considered to have an adequate level of security under the provisions of the EU-US and Swiss-US Data Privacy Frameworks. It is permissible under data protection law to transfer information to these companies within the framework of the Data Privacy Framework.
Further information on how user data is handled can be found in LinkedIn’s privacy policy at: de.linkedin.com/legal/privacy-policy?
3.3.8. Facebook Pixel
This website uses “Facebook Pixel” from Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or for residents of the European Union, the European Economic Area, and Switzerland, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”). When you visit our pages, a direct connection is established between your browser and the Facebook server via the Facebook Pixel. Facebook thus receives the information that you have visited our website using your IP address. This allows Facebook to associate your visit to our pages with your user account.
For more information, please see Facebook’s privacy policy at www.facebook.com/about/privacy.
Purpose: To address website visitors with targeted advertising by displaying personalized, interest-based advertisements for website visitors, measuring ad success.
Legal basis: Consent (Article 6 (1) (a) GDPR), legitimate interest, in particular to improve our own services (Article 6 (1) (f) GDPR), Section 165 (3) TKG 2003, express consent (Article 49 (1) (a) GDPR), assertion, exercise and defense of legal claims (Article 49 (1) (e) GDPR)
Affected parties: website visitors, interested parties
The following data is processed: IP address, user ID
Processing triggering events: Visiting our website, activating an advertisement by clicking
Storage period: See cookie list
Recipients/Categories of Recipients: Processors
Transfer to the following third countries under data protection law:
USA: Companies that have successfully completed the Data Privacy Framework Program are considered to have an adequate level of security under the provisions of the EU-US and Swiss-US Data Privacy Frameworks. It is permissible under data protection law to transfer information to these companies under the Data Privacy Framework.
Meta Platforms, Inc., the parent company of the Facebook and Instagram platforms, has committed to complying with the requirements of the EU-US and Swiss-US Data Privacy Frameworks by certifying itself in the Data Privacy Framework Program. Information about participation can be found by searching for “Meta Platforms, Inc.” here: https://www.dataprivacyframework.gov/s/participant-search
If you do not wish to have data collected via Custom Audience, you can deactivate it here: www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. You must first log in to Facebook. If you do not have a Facebook account, you can suppress Facebook’s usage-based advertising on the European Interactive Digital Advertising Alliance website: www.youronlinechoices.com/de/praferenzmanagement.
3.3.9. Issuu
We use the service of Issuu Inc., 131 Lytton Ave, Palo Alto, 94301, California, USA, to publish electronic documents and content.
Purpose: Sharing digital content, such as brochures, on our website and social media channels.
Legal basis: Consent (Article 6 (1) (a) GDPR), legitimate interest, in particular to improve our own services (Article 6 (1) (f) GDPR), Section 165 (3) TKG 2003, express consent (Article 49 (1) (a) GDPR), assertion, exercise and defense of legal claims (Article 49 (1) (e) GDPR).
Affected parties: Website visitors, interested parties who view our content published via Issuu
The following data is processed: IP address, date and time of the request, content of the request (specific document), number of visits, average length of stay
Storage period: See cookie list
Recipients/Categories of Recipients: Processors
Transfer to the following third countries under data protection law:
USA: For companies that have not completed the Data Privacy Framework Program, an adequate level of security cannot be guaranteed according to legal requirements.
Details about the specific data collection and processing can be found at: https://issuu.com/legal/privacy?tid=331709816206
3.4. Content Delivery Network (CDN)
This website uses the Content Delivery Network (CDN) of Cloudflare Germany mbH, Rosental 7, c/o Mindspace, 80331 Munich, Germany (Cloudflare), a subsidiary of Cloudflare Inc., 101 Townsend Street, San Francisco, USA, to ensure secure, high-speed website display. A Content Delivery Network (CDN) consists of data centers located around the world that can deliver website content to users at high speed. For this purpose, personal data may be processed in Cloudflare’s server log files.
Purpose: To display the website quickly by referring the user to the data center nearest to the user.
Legal basis: Legitimate interest (Article 6 (1) (f) GDPR), Section 165 (3) TKG 2021
Affected: Website visitors
The following data is processed: IP address, date and time of the request, time zone difference to GMT, content of the request (specific page), access status/HTTP status code, amount of data transferred, requesting website, browser, operating system and interface, language and version of the browser software
Storage period: As long as you use our website
Recipients/Categories of Recipients: Processors
3.5. Cookie banner
We use Cookiebot from Usercentrics A/S, located at Havnegade 39, 1058 Copenhagen. This service enables us to obtain and manage website visitors’ consent to data processing on our website.
Purpose: Obtaining, storing, displaying, and revoking consent to data processing on the website.
Legal basis: Legitimate interest (Article 6 (1) (f) GDPR), Section 165 (3) TKG 2021
Affected: Website visitors
The following data is processed: IP address, date and time of consent, consent status, browser information and URL from which the consent was sent, unique user ID
Storage period: 12 months
Recipients/Categories of Recipients: Processors
Details about the specific data collection and processing, including options for objection and removal from Usercentrics, can be found at: www.cookiebot.com/de/privacy-policy.
3.6. Social Media
Purpose: In addition to our website, we are also present on social networks such as X (formerly Twitter), Facebook, LinkedIn, YouTube, and Instagram to increase awareness of our company and conduct marketing activities. When you visit one of our online presences, personal data may be transmitted to the operator of the social network. Furthermore, the operator can link your profile to ours if you are logged into the respective network.
Affected parties: Visitors to our social media presence
Legal basis: Consent (Article 6 (1) (a) GDPR), legitimate interest (Article 6 (1) (f) GDPR), explicit consent (Article 49 (1) (a) GDPR)
The following data is processed: Date and time of the actions performed, user ID (only for logged-in users), location data (country/city), language setting, age/gender group (for logged-in users from the user profile), previously visited website, determination of the hardware (computer/mobile device)
Recipients/recipient categories: Operator of the social media platform visited
3.6.1. X (formerly Twitter)
X belongs to the company X Corp. The company responsible for the use of the service in Europe is Twitter International Unlimited Company, Fenian Street, D02 F663 Dublin, Ireland.
Transfer to the following third countries with data protection regulations:
USA: For companies that have not completed the Data Privacy Framework Program, an adequate level of security cannot be guaranteed according to the legal requirements.
Details about the specific data collection and processing by the respective operator can be found in the following links: https://twitter.com/de/privacy
X relies on the Standard Contractual Clauses for international data transfers (SCCs) issued by the European Commission when transferring personal data. Details can be found here:
https://gdpr.x.com/en/controller-to-controller-transfers.html
3.6.2. Facebook, Instagram (Meta Inc.)6.3. LinkedIn (Microsoft Corporation)
Facebook and Instagram are owned by Meta Inc. The services are operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, which is responsible for processing personal data through the use of Facebook and Instagram.
Details about the specific data collection and processing by the respective operator can be found in the following links:
Facebook: https://de-de.facebook.com/about/privacy/(general privacy policy) and www.facebook.com/legal/terms/page_controller_addendum#(specific data collection for Page Insights)
Instagram: https://help.instagram.com/155833707900388
Transfer to the following third countries with data protection regulations:
USA: Companies that have successfully completed the Data Privacy Framework Program are considered to have an adequate level of security under the provisions of the EU-US and Swiss-US Data Privacy Frameworks. It is permissible under data protection law to transfer information to these companies within the framework of the Data Privacy Framework.
Meta Platforms, Inc., the parent company of the Facebook and Instagram platforms, has committed to complying with the requirements of the EU-US and Swiss-US Data Privacy Frameworks by certifying itself in the Data Privacy Framework Program. Information about participation can be found by searching for “Meta Platforms, Inc.” here: https://www.dataprivacyframework.gov/s/participant-search.
3.6.3. LinkedIn (Microsoft Corporation)
LinkedIn is part of the Microsoft Corporation group of companies. LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, is responsible for processing personal data in connection with the use of LinkedIn services.
Transfer to the following third countries under data protection law:
USA: Companies that have successfully completed the Data Privacy Framework Program are considered to have an adequate level of security under the provisions of the EU-US and Swiss-US Data Privacy Frameworks. It is permissible under data protection law to transfer information to these companies under the Data Privacy Framework.
When transferring personal data, LinkedIn also relies on the Standard Contractual Clauses for international data transfers (SCC) issued by the European Commission. Details can be found here: https://www.linkedin.com/help/linkedin/answer/a1343190?trk=microsites-frontend_legal_privacy-policy&…
Details about the specific data collection and processing by the respective operator can be found here:
https://www.linkedin.com/legal/privacy-policy
3.7. Customer management, accounting, logistics and bookkeeping
Purpose: Processing of personal data in the context of any business relationship with customers and suppliers in the context of commercial activity, including systematic recording of all business transactions relating to income and expenditure.
Legal basis: Consent (Article 6 (1) (a) GDPR), fulfillment of a contract, necessary to carry out pre-contractual measures (Article 6 (1) (b) GDPR), fulfillment of a legal obligation (Article 6 (1) (c) GDPR), legitimate interest, in particular defense, exercise and assertion of legal claims (Article 6 (1) (f) GDPR), express consent (Article 9 (2) (a) GDPR).
Storage period: Until the end of the business relationship or until the expiration of the guarantee, warranty, limitation period and statutory retention periods applicable to the client (in particular the Federal Fiscal Code (BAO)); furthermore, until the end of any legal disputes in which the data is required as evidence.
Recipients/recipient categories: tax office, courts and authorities, suppliers, debt collection agencies, banks involved in the payment to the person concerned or to third parties, legal representatives, auditors, payroll clerks.
The provision of your personal data is necessary to fulfill the contract or to carry out pre-contractual measures. Without this data, we cannot conclude a contract with you.
3.8 Customer service and marketing for own purposes
Purpose: Processing of own or purchased customer and prospective customer data for the initiation of business regarding our own delivery or service offerings as well as for the implementation of advertising measures and newsletter distribution; customer relationship management.
Legal basis: Consent (Article 6 (1) (a) GDPR), performance of a contract, necessary for the implementation of pre-contractual measures (Article 6 (1) (b) GDPR), fulfillment of a legal obligation (Article 6 (1) (c) GDPR), legitimate interest, in particular the defense, exercise and assertion of legal claims (Article 6 (1) (f) GDPR)
The following data is processed for sending newsletters via our website: Master data
Storage period: The data may be stored until the end of the third year after the last contact with the client, unless longer contractual or statutory retention periods exist.
Recipient/recipient categories: Analysis service company/service provider
Our free newsletter regularly informs you via email about news from Schinko GmbH. The data you enter here will be used to personalize the newsletter and will not be shared with third parties. You can unsubscribe from the newsletter at any time (by clicking on the unsubscribe link) or revoke your consent by sending an email to info@schinko.at.
3.9. Applicant management
Purpose: Use and record keeping of personal data provided by applicants if this data was provided by the data subject.
Legal basis: Consent (Article 6 (1) (a) GDPR), express consent (Article 9 (2) (a) GDPR) as well as assertion, exercise and defense of legal claims (Article 9 (2) (f) GDPR) and legitimate interest (Article 6 (1) (f) GDPR; Article 10 GDPR in conjunction with Section 4 (3) (2) DSG).
Storage period: Applicant data will be deleted immediately after the advertised position has been filled or after the expiration of the eligibility period under the Equal Treatment Act (7 months), unless consent to retain the data is obtained. Unsolicited applications will be retained for the intended purpose until revoked by the person concerned.
Recipients/recipient categories: Applicant data will not be passed on.
Whistleblower System
Purpose: Processing of information in connection with possible violations of law under the Whistleblower Protection Act (§§ 1 and 8 paras 2 and 3 HSchG)
The following data is processed: master data of the whistleblower and the person named in the tip, data on potentially criminal acts punishable by courts and administrative authorities (content data of the tip)
Recipient/recipient categories: Internal reporting unit
Legal basis: Section 8 (3) HSchG, Article 6 (1) (c) GDPR (fulfilment of a legal obligation), Article 6 (1) (f) GDPR (legitimate interest, in particular processing for the establishment, exercise and defense of legal claims), Article 9 (2) (f) GDPR (in particular processing for the establishment, exercise and defense of legal claims) and Article 9 (2) (g) GDPR (processing on the basis of Union law and the law of a Member State).
Storage period: 5 years, log data is stored for 3 years from the last use.
5 Information on data transfers to third countries or international organizations
The data we process will not be transferred to recipients in third countries or international organizations unless expressly stated in point 3.
6 Change management
This privacy policy is available in its currently valid version on our website. If you have any questions regarding an earlier version, please contact the contact person listed in section 1.
We use both session cookies and cookies for statistical analysis of the use of our website. Specifically, we use the following targeted cookies:
You can prevent cookies from being saved by selecting the appropriate settings on your browser; however, please note that if you do this, you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
