THE NEW AGE OF
PRODUCTIVITY

Automatisierte Auftragsabwicklung

entlang der Supply Chain.

DATA PROTECTION

1. Purpose of data processing

EBNER processes personal data, especially data relating to employees, pensioners, applicants, customers, suppliers and other partners for the purpose of performing business activities and fulfilling the associated legal and contractual requirements.

1.1 Processing data relating to employees and pensioners

EBNER saves and processes personal data of employees, former employees, pensioners and their relatives in fulfillment of all contractual and legal requirements and obligations.

Personal data that is not essential to the fulfillment of contractual and legal requirements are only processed if employees have granted their permission.

1.2 Processing data relating to customers, partners and suppliers

EBNER saves and processes data made available by prospective customers, customers, partners and suppliers, especially names, email addresses and telephone numbers for creating proposals and processing orders as well as fulfilling the associated contractual and legal obligations. The data may be forwarded to the authorities and public institutions if this is necessary to fulfill legal obligations.

The information is processed within the whole company group to ensure that trouble-free service is provided.

1.3 Job applicants

We electronically process the contact data and application documents provided by applicants for a job so that we can select suitable candidates.

We also keep your data on record following a possible rejection in case we have other jobs available that match your profile, or the position for which your originally applied becomes vacant again and in such a case we can accelerate the application process. While your data is on record, only a limited group of people – our Human Resources department – have access to your application documents and before we forward data to another business unit within the company we will contact you to obtain your permission. Your data will be erased no later than three years after the rejection.

1.4 Website & cookies

1.4.1 IP address

Information is saved automatically to the web server when you visit our website. This includes information on the browser used, the operating system, the IP address and the time of the visit. From EBNER’s point of view these data are pseudonymized and without another source of data cannot be associated clearly with particular persons.

EBNER does not evaluate these data as long as no unlawful use of the website has occurred.

1.4.2 PIWIK

This website uses Piwik, which is open source software used for the statistical evaluation of visitors accessing the website. Piwik uses cookies, which are text files placed on your computer, to help the website analyze how users use the site. The data are saved on the web servers (located in Germany) rented by EBNER. The IP address is anonymized immediately after processing and before saving. You may refuse the installation of cookies by selecting the appropriate settings on your browser, however, please note that, if you do so, you may not be able to use the full functionality of this website.

1.4.3 Cookies

When you visit this website, cookies are saved to your computer or mobile device that allow you to be recognized when you return to the website. The user-friendliness of the website is enhanced as a result. No personal information is saved. No information is forwarded to third parties (except to IT providers who help us to optimize the website from a technical point of view).

There are two types of cookies: permanent cookies and temporary cookies. Permanent cookies are saved as a file on your device for up to twelve months. Temporary cookies are saved for the duration of your visit and then deleted when you close the browser session. We use permanent cookies only to remember which start page you have chosen.

You can easily delete cookies from your computer or mobile device by using the settings in your browser. In the Help menu of your browser you can see how to manage and delete cookies. You can also deactivate cookies and be notified if a new cookie is sent to your computer or mobile device. Please note that in certain situations you will not be able to use all the services offered by our website if you reject its cookies.

Data is processed based on the legal regulations specified in clause 96 section 3 of the Austrian telecommunications law.

1.5 Newsletter

The names and email addresses of our customers and other people interested in our company and products are used to subscribe to the newsletter in order to receive the latest news and offers.

If the data are not correct, they can be changed by the newsletter recipient.

If the recipient no longer wishes to receive the newsletter, they can unsubscribe by clicking on the link in the email.

2. Principles of processing personal data

The processing of personal data is based on strict principles in terms of data protection and security and the rights of the people affected.

2.1 Lawfulness & transparency

Data processing takes place on a lawful basis in accordance with the data protection terms while taking into consideration the rights of the data subjects.

2.2 Purpose limitation

The data are recorded and processed for clearly specified and legitimate purposes. Data is not processed in a way that is considered incompatible with the initial purpose.

2.3 Data minimization

Only the data that is essential to the purpose specified is recorded and processed. Where possible for achieving the purpose and if the effort is deemed reasonable, only anonymized data is processed

2.4 Storage limitation and erasure

Personal data will be erased as soon as the purpose for which the data was originally recorded no longer exists and the legal grace periods do not prevent erasure.

If there are special cases where the data is deemed worthy of protection, the data will be stored until interest in the data no longer exists.

2.5 Data security

Personal data is subject to data confidentiality The data is to be treated confidentially and is protected by suitable organizational and technical measures against unauthorized access, unlawful manipulation or forwarding as well as loss and destruction.

2.6 Material accuracy

Personal data must be accurate, complete and kept up to date. Suitable measures are implemented to correct old, incorrect or incomplete data.

3. Obligation to maintain data confidentiality

All employees at EBNER are obliged to maintain confidentiality and are instructed and trained at regular intervals on how to treat personal data and other critical data.

4. Data security

The protection of confidentiality, availability and integrity of data is one of CATCH.direct´s key tasks. This applies equally to company secrets, customer data, personal data and other critical information.

For this purpose, technical and organizational security measures that comply with the state-of-theart and internationally recognized best practices and security standards have been installed and are continuously improved.

5. Data Protection Officer

EBNER is not in the position of having to nominate a Data Protection Officer because the terms of the EU GDPR do not apply in this case.

However, because data protection is so important to us, CATCH.direct has decided to name a Data Protection Coordinator. This person is available to assist data subjects on any matters concerning data protection. Another task is to continuously check and improve CATCH direct´s data protection measures.

6. Rights of data subjects

Each data subject whose personal data is processed by CATCH.direct can at any time exercise the rights of data subjects by contacting the Data Protection Coordinator at CATCH.direct.

Data security is also very important in relation to the rights of data subjects, which is why the rights of data subjects can only be made valid after the data subject has been clearly identified beyond all doubt.

The implementation of the following data subject laws is governed by the terms of the EU GDPR.

6.1 Information

Data subjects can demand information at any time about which of their personal data are being processed and what purpose the processing serves.

6.2 Rectification

Data subjects have the right to demand immediate rectification of any personal data that is incorrect.

6.3 Limitation

Data subjects have the right to limit processing if the correctness of the data relating to them is disputed, the processing is unlawful, the data is no longer needed for processing or the data subjects have objected to the processing.

6.4 Objection

Data subjects have the right to object to the processing of their personal data at any time.

6.5 Portability

Data subjects have the right to obtain the personal data they have made available to CATCH.direct in a structured, accessible and machine-readable format. They also have the right to demand that this data is transferred to another controller providing this is technically possible. Portability applies only to personal data that has been processed using automated processes.

6.6 Erasure – right to be forgotten

The data subject has the right to demand immediate erasure of their personal data if the legal basis for processing the data is missing or no longer exists, if an objection to the data processing has been made, if the data processing is unlawful and there is no legal grace period for erasing the data.

7. Data transfer

The transfer of personal data to recipients outside the company group or recipients in non-EU countries only takes place in accordance with the applicable laws while observing strict confidentiality and data security.

This transfer is governed by standardized contract clauses, which represent a uniform standard for the protection and legally-compliant processing of data.

EBNER uses various processors to process data. All processors have signed a data processing agreement and are legally obliged to adhere to the data protection regulations.

8. Ongoing checks and improvements

The ongoing improvement of quality and processes is very important to CATCH.direct.

Adherence to the directives on data protection as well as the laws and effectiveness of measures to ensure data protection and data security are continuously being analyzed and improved in order to ensure that data protection measures are implemented in the best way possible.