Header data privacy

Privacy Policy

We have briefly summarized the most important points for you

Read the privacy policy here

Privacy Statement

Stand: 29.08.2022

In Short:

Please note that the following points in the "in short" section are an excerpt from our privacy policy.

Who is responsible for the processing of personal data:

APOCRAT GmbH
Heinrich Schneidmadl Str. 15, Top D.0.23a
3100 St. Pölten
office@apocrat.at
+43 676 4025255

What data is processed:

When

Which Data

Purpose

Methode

Storage period

Legal basis

By visiting the website

IP address, date, time, URL, identification data of the browser and the end device

Enable connection establishment, analyse possible attacks

server logs

28 days

Legitimate interest

When visiting the website and consenting to cookie banners

IP address, date, time, URL, identification data of the browser and the end device, amount of data, status of the request

Compilation of statistics regarding the use of our website

server logs and counting pixels

90 days

Consent

When contacting us via the contact form or via e-mail

E-mail, name, telephone number and all data disclosed in addition to this

Reply to the request

email

As long as they are needed

Execution of pre-contractual measures, fulfilment of a contractual relationship or legitimate interest in answering the enquiry

 

What rights do you have as a user?

Right to:

  • get information about stored data

  • the correction of data

  • deletion of data

  • restriction of the processing of data

  • transfer of data

  • objection to unreasonable data processing

  • revocation of consent

  • Complaint to the data protection authority

Detailed:

1. General

The protection and security of your personal data are important to us. As a result, we exclusively process personal data in accordance with the DSGVO, DSG and the TKG 2003.

In order to provide our website, sale our goods and to provide our services, we process information about you, so-called personal data - or "data" for short in the following. The term "processing" is understood to mean any handling of data, such as the collection, storage, use or deletion of personal data.

We will gladly inform you about the processing of your personal data and the claims and rights to which you are entitled according to the data protection regulations.

Responsible for processing personal data:

APOCRAT GmbH
Heinrich Schneidmadl Str. 15, Top D.0.23a
3100 St. Pölten
office@apocrat.at
+43 676 4025255

 

If you have any complaints, questions or suggestions on the subject of data protection, please do not hesitate to contact us at any time using the contact details provided.

2. General data processing in connection with our website

2.1. General

Within the scope of our website, we process data that you disclose to us (for example, in the context of orders), logs (our servers log who makes requests for security reasons) and cookies (these are small text files that are stored on your device and contain information to recognise you).

The web server for operating our website is technically operated by World4You as a data processor.

To prevent third-party cookies from being set, you can block so-called third-party cookies in your browser. Here you will find instructions on how to do this for the most common browsers:

Firefox: here
Chrome: here
Internet Explorer: here
Safari: In Apple's Safari, third-party cookies are blocked by default.

Only the following two types of cookies are set:

  • Cookies that are necessary from a technical point of view in order to visit the APOCRAT website

  • Cookies that are used for analysis purposes only with your consent

Name:

Duration:

Purpose:

apocrat_session

2 hours

Session ID

XSRF_TOKEN

2 hours

This technical cookie prevents "cross-site request forgery".

cookie-byte-consent-matomo-tag-manager

1 year

This technically necessary cookie indicates whether consent to data processing by the Matomo Tag Manager has been given.

cookie-byte-consent-showed

1 year

This technically necessary cookie indicates whether the APOCRAT cookie banner has already been displayed.

MATOMO_SESSID

14 days

This optional cookie is set by the statistics/analysis tool Matomo if there has been consent in Matomo. It stores an ID with which the tracking takes place.

2.2. Data processing for the operation and safety of our website (Server logs):

2.2.1. Server logs

Purpose of processing: When you access our website, the web server collects usage data (so-called server logs). The collection of this data is necessary to technically enable the connection to our server and the use of the website. In addition, this data is used for the defence and analysis of attacks.

The following server logs are collected: The IP address of the requesting device, together with the date, the time, the request, which file is requested (name and URL), which amount of data is transferred to you, a message as to whether the request was successful, identification data of the browser and operating system used, as well as the website from which the access was made (should the access be made via a link).

Legal basis of processing: Your data is processed on the basis of our legitimate interest in ensuring the operation of the service and system security.

Recipients of the data: The web server for the operation of our website is technically operated by the World4You IT service centre as a data processor. The data from the server logs will - should there have been a hacker attack - be passed on to the law enforcement authorities. Data will not be passed on to third parties beyond this.

Further information: The server logs are stored for a maximum of 28 days.

2.3. Data processing for marketing purposes:

2.3.1. Web analysis

We process data about your use of our website via the following tool in order to be able to adapt it to your interests in the best possible way.

-     Matomo

We use a web analysis tool from Matomo on our website.

Purpose of processing: When you visit our website, the web server collects usage data (so-called server logs). To analyse this data, we use a web analysis tool from Matomo on our website. This tool helps us to determine how many users visit our website, which pages and categories are popular and which content is rather uninteresting. This web analysis tool enables us to compile user statistics about your website activities and to adapt our website to your interests in the best possible way.

Matomo collects the following server logs for web analysis: The IP address of the requesting computer, pseudonymised user identification, together with the date, time, request (with anonymised order number, which file is requested (name and URL), which amount of data is transferred to you, a message as to whether the request was successful, identification data of the browser and operating system used, as well as the website from which access was made (should access be via a link).

For web analysis, Matomo uses so-called counting pixels in addition to server logs. These are small image files that are integrated on our website and enable an analysis of your user behaviour. The use of counting pixels only takes place if you have consented to the analysis within the framework of the cookie banner.

Legal basis of processing: The processing of this data is based on your consent.

Recipients of the data: The evaluation of the determined data is carried out exclusively by us, the data is not transmitted to third parties.

Further information: Your data is stored for a maximum of 90 days.

3. Data processing for the newsletter

Purpose of processing: If you have subscribed to our newsletter, you will receive regular information from us by e-mail about us and our range of services. If you no longer wish to be contacted by us, no problem. Simply contact us at office@apocrat.at or use the unsubscribe link in the newsletter.

Legal basis of processing: Your data is processed on the basis of your consent.

Recipients of the data: A transfer of your data to third parties takes place to the following recipient:

-      "Sendinblue", an email marketing platform of the provider Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin. This company acts as an order processor for us and may only use your data to process the specific orders and is contractually obligated to us to comply with the legal regulations on data protection.

Further information: We process your data until you revoke your consent or unsubscribe from the newsletter (you will find a corresponding link for this in the newsletter).

4. Data processing within the scope of business operations

4.1. Data processing in connection with establishment of contact:

Purpose of processing: If you contact us (e.g. by e-mail, contact form or telephone), we will process the data you provide when contacting us only insofar as this is necessary to process the enquiry.

Legal basis of processing: The processing of your data is carried out for the execution of pre-contractual measures respectively for the fulfilment of a contractual relationship or is based on our legitimate interest, namely for the organisation of the enquiry response.

Recipients of the data: A transfer of this data only takes place on the condition that the transfer is necessary for the enquiry response.

Further information: We will process your data for as long as it is necessary to process the enquiry and, in addition, for a further seven years after the last contact with you in the event of a follow-up enquiry.

 

4.2. Data processing in connection with our service „APOCRATConsent Management Plattform für das Internet der Dinge (IoT)“:

Purpose of processing: As soon as we have activated you for the use of our website, your data will be processed for the performance of our service and the formal handling of the business cases to be handled by us within the scope of the business relationship.

Legal basis of processing: Your data is processed for the fulfilment of a contractual relationship respectively is based on a legal basis within the scope of a business relationship (respectively for the processing of such).

Recipients of the data: If the transfer of your data relevant in the respective individual case is necessary for the fulfilment of the contractual relationship or based on a legal basis, this is carried out to the following categories of recipients:

§ Banks
§ Legal representatives
§ Auditors, accountants and tax advisors
§ courts
§ competent administrative authorities
§ Collection agencies
§ Third-party financiers
§ Contractual and business partners
§ Insurances
§ Statistics Austria
§ Transport companies
§ Suppliers

Further information: We only process your data for as long as is necessary for the fulfilment of the contractual relationship or due to legal obligations (for example, according to tax and company law retention obligations). Usually, we keep data for seven years.

4.3. Data processing in connection with the business relationship:

Purpose of processing: When you register our application on our website, we process your data for the purpose of establishing the business relationship. Once we have activated you for the use of our application, the processing of your data takes place for the performance of our service and the formal handling of the business cases to be handled by us within the scope of the business relationship.

Legal basis of processing: The processing of your data is carried out for the implementation of pre-contractual measures or for the fulfilment of a contractual relationship and for the fulfilment of a legal obligation in the context of a business relationship (or for the handling of such).

Recipients of the data: If a transfer of your data relevant in the respective individual case is necessary for the fulfilment of the contractual relationship or on the basis of a legal basis, this is carried out to the following categories of recipients:

§ Banks
§ Legal representatives
§ Auditors, accountants and tax advisors
§ courts
§ competent administrative authorities
§ Collection agencies
§ Third-party financiers
§ Contractual and business partners
§ Insurances
§ Statistics Austria
§ Transport companies
§ Suppliers

 

Further information: We only process your data for as long as is necessary for the fulfilment of the contractual relationship or due to legal obligations (for example, according to tax and company law retention obligations). Usually, we keep data for seven years.

4.4. Data processing for the purposes of carrying out administrative activities

Purpose of processing: We operate a customer relationship management system and process your data in order to document and improve our customer relations with you (documentation of the content of the communication between our employees and you).

Legal basis of processing: Your data is processed on the basis of our legitimate interest in optimising customer-specific communication with you.

Recipients of the data: Your data will not be transferred to third parties pursuing their own purposes.

Further information: We store your data until the end of the third year after the last contact with you.

5. Your rights

5.1. Right of access by the data subject according to Art 15 GDPR

You have the right to request information about whether we are processing personal data about you. If this is the case, you have the right to be informed about this personal data as well as other information related to the processing.

5.2. Right to rectification of inaccurate data according to Art 16 GDPR

In the case that personal data that we process about you is not (or is no longer) accurate or incomplete, you may request that this data be corrected and, if necessary, completed.

5.3. Right to erasure personal data according to Art 17 GDPR

If the legal requirements are met, you can request the erasure of your personal data.

5.4. Right to restriction of data processing according to Art 18 GDPR

If the legal requirements are met, you may request the restriction of the processing of the data concerning you.

5.5. Right to data portability according to Art 20 GDPR

If the legal requirements are met, you can request that your data be transferred in a structured, common and machine-readable format.

5.6. Right to object to unreasonable data processing according to Art 21 GDPR

For reasons arising from your particular situation, you may object at any time to the processing of data relating to you that we process on the basis of a legitimate interest according to Art 6 (1) f GDPR.

5.7. Right to withdraw a given consent

If the processing is based on a declaration of consent, you have the possibility to withdraw this at any time without affecting the lawfulness of the processing carried out based on the consent until withdrawal.

5.8. Right to lodge a complaint with a supervisory authority

If you are of the opinion that the processing of your personal data by us violates the applicable data protection law or that your data protection rights have been violated in any other way, you have the possibility to complain to the competent supervisory authority (Austrian Data Protection Authority). The address is:

Österreichische Datenschutzbehörde
Barichgasse 40-42
1030 Wien
Telefon: +43 1 52 152-0
E-Mail: dsb@dsb.gv.at

 

6. Further information:

We need the data we ask you to provide for the processing of the sale of our goods and the provision of our services within the framework of the contractual relationship or for the provision of information you have asked us for or for the sending of our newsletter and other information.

If you do not provide the data, we will not be able to provide our services.

We do not use automated decision making including profiling. If we process your personal data for a purpose other than the one for which we collected it, we will disclose this fact to you and inform you of this other purpose.