Privacy policy

Personal data (hereinafter mostly referred to as “data”) is processed by us only to the extent necessary and for the purpose of providing a functional and user-friendly website, including its content and the services offered there.

According to Article 4(1) of Regulation (EU) 2016/679, i.e. the General Data Protection Regulation (hereinafter referred to as “GDPR”), “processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

With the following privacy policy, we inform you in particular about the type, scope, purpose, duration and legal basis of the processing of personal data, insofar as we decide either alone or together with others on the purposes and means of processing.
In addition, we inform you below about the third-party components we use for optimization purposes and to increase the quality of use, insofar as third parties process data under their own responsibility.

Our privacy policy is structured as follows:

I. Information about us as the controller
II. Rights of users and data subjects
III. Information on data processing

I. Information about us as the controller

The responsible provider of this website in terms of data protection law is

RoM-Solution e.U.
Robert Mücklich
Josef-Fritsch-Weg 5/533
AT-1020 Vienna

Phone: +43 676 / 64 00 459
E-Mail: info@rom-solution.at

II Rights of users and data subjects

With regard to the data processing described in more detail below, users and data subjects have the right to

• to confirmation as to whether data concerning them is being processed, to information about the processed data, to further information about the data processing and to copies of the data (cf. also Art. 15 GDPR);
• to rectification or completion of incorrect or incomplete data (see also Art. 16 GDPR);
• to the immediate erasure of the data concerning them (see also Art. 17 GDPR), or, alternatively, if further processing is required pursuant to Art. 17 para.
  3 GDPR is required, to restriction of processing in accordance with Art. 18 GDPR;
• to receive the data concerning them and provided by them and to transfer this data to other providers/controllers (cf. also Art. 20 GDPR);
• to lodge a complaint with the supervisory authority if they are of the opinion that the data concerning them is being processed by the provider in breach of data protection regulations (see also Art. 77 GDPR).

In addition, the provider is obliged to inform all recipients to whom data has been disclosed by the provider of any rectification or erasure of data or restriction of processing carried out on the basis of Articles 16, 17 para.
1, 18 GDPR takes place.
However, this obligation does not apply if this notification is impossible or involves a disproportionate effort.
Notwithstanding this, the user has a right to information about these recipients.

Likewise, users and data subjects have the right to object to the future processing of data concerning them in accordance with Art. 21 GDPR, provided that the data is processed by the provider in accordance with Art. 6 para.
1 lit.
f) GDPR are processed.
In particular, an objection to data processing for the purpose of direct advertising is permitted.

III. Information on data processing

Your data processed when using our website will be deleted or blocked as soon as the purpose of storage no longer applies, the deletion of the data does not conflict with any statutory retention obligations and no other information is provided below on individual processing procedures.

Cookie Manager

The provider uses the cookie manager Complianz to obtain consent for the use of technically unnecessary cookies on the website.
When the website is accessed, a cookie with the settings information is stored on the user’s end device so that the query regarding consent does not have to be made on a subsequent visit.

The cookie is required to obtain the user’s legally compliant consent.
The user can prevent or terminate the installation of cookies by changing the settings in their browser.

The provider of the plugin is the company Complianz B.V., Kalmarweg 14-5, 9723JG Groningen, Netherlands.
Complianz provides further information on the processing of data in its privacy policy
https://complianz.io/legal/privacy-statement/

Cookies

a) Session cookies/session cookies

We use so-called cookies on our website.
Cookies are small text files or other storage technologies that are placed and stored on your end device by the Internet browser you use.
These cookies process certain information from you, such as your browser or location data or your IP address, to an individual extent.

This processing makes our website more user-friendly, effective and secure, as the processing enables, for example
processing enables us, for example, to display our website in different languages or to offer a shopping cart function.

The legal basis for this processing is Art. 6 para. 1 lit. b.) GDPR, insofar as these cookies are processed for contract initiation or contract processing.

If the processing does not serve to initiate or execute a contract, our legitimate interest lies in improving the functionality of our website.
The legal basis in this case is Art. 6 para.
1 lit.
f) GDPR.

These session cookies are deleted when you close your Internet browser.

b) Third-party cookies

Our website may also use cookies from partner companies with whom we cooperate for the purposes of advertising, analysis or the functionalities of our website.

Please refer to the following information for details, in particular the purposes and legal basis for processing such third-party cookies.

c) Possibility of elimination

You can prevent or restrict the installation of cookies by changing the settings of your Internet browser.
You can also delete cookies that have already been saved at any time.
However, the steps and measures required for this depend on the specific Internet browser you are using.
If you have any questions, please use the help function or documentation of your Internet browser or contact its manufacturer or support.
In the case of so-called Flash cookies, however, processing cannot be prevented via the browser settings.
Instead, you must change the settings of your Flash player.
The steps and measures required for this also depend on the specific Flash player you are using.
If you have any questions, please also use the help function or documentation of your Flash player or contact the manufacturer or user support.

However, if you prevent or restrict the installation of cookies, this may mean that not all functions of our website can be used to their full extent.

Contact requests / contact option

If you contact us via contact form or e-mail, the data you provide will be used to process your request.
The provision of the data is necessary for processing and answering your inquiry – without it we cannot answer your inquiry or can only answer it to a limited extent.

The legal basis for this processing is Art. 6 para.
1 lit.
b) GDPR.

Your data will be deleted if your request has been conclusively answered and the deletion does not conflict with any statutory retention obligations, such as, for example
in the event of any subsequent contract processing.

Server data

The Austrian provider World4You Internet Services GmbH, Hafenstraße 35, 4020 Linz is responsible for hosting the website.
Further information can be found in the provider’s privacy policy:
https://www.world4you.com/de/unternehmen/datenschutzerklaerung.html

For technical reasons, in particular to ensure a secure and stable Internet presence, data is transmitted to us or to our website hoster World4You via your Internet browser.
With these so-called server log files, the type and version of your Internet browser, the operating system, the website from which you have switched to our Internet presence (referrer URL), the website(s) of our Internet presence that you visit, the date and time of the respective access and the IP address of the Internet connection from which the use of our Internet presence takes place are collected, among other things.

The data collected in this way is stored temporarily, but not together with other data about you.
This storage takes place on the legal basis of Art. 6 para.
1 lit.
f) GDPR.
Our legitimate interest lies in the improvement, stability, functionality and security of our website.

The data will be deleted after fourteen days at the latest, unless further storage is required for evidence purposes.
Otherwise, the data is exempt from deletion in whole or in part until the incident has been finally clarified.

Wordfence

We use the Wordfence security plugin to protect the website from spam and cyber attacks. This constitutes a legitimate interest on the legal basis of Art. 6, para. 1 lit. f) GDPR. The provider of the Wordfence plugin is Defiant Inc, 1700 Westlake Ave N Sie 200, Seattle, WA 98109, USA. Your data will also be forwarded to the USA for processing.

In the opinion of the ECJ, there is currently no adequate level of protection for data transfer.
Security is therefore ensured via standard contractual clauses.
This means that the company undertakes to comply with European levels of protection.
If these are not sufficient, acknowledgement of the privacy policy is deemed to be consent in accordance with Art. 49 para. 1 lit.
a) GDPR.

Wordfence provides further information on the processing of data in the privacy policy
https://www.wordfence.com/privacy-policy/
and the data processing conditions
https://www.wordfence.com/help/general-data-protection-regulation/

Contract processing

The data transmitted by you to make use of our range of goods and/or services is processed by us for the purpose of processing the contract and is necessary in this respect.
Conclusion and processing of the contract are not possible without the provision of your data.

The legal basis for the processing is Art. 6 para.
1 lit.
b) GDPR.

We delete the data once the contract has been fully processed, but must observe the retention periods under tax and commercial law.

As part of the contract processing, we pass on your data to the transport company commissioned with the delivery of goods or to the financial service provider, insofar as the transfer is necessary for the delivery of goods or for payment purposes.

The legal basis for the transfer of data is then Art. 6 para.
1 lit.
b) GDPR.

LinkedIn

We maintain an online presence on LinkedIn to present our company and our services and to communicate with customers/prospects.
LinkedIn is a service of LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland, a subsidiary of LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA.

In this respect, we would like to point out that there is a possibility that user data may be processed outside the European Union, in particular in the USA.
This may result in increased risks for users in that, for example, subsequent access to user data may be made more difficult.
We also have no access to this user data.
The access option lies exclusively with LinkedIn.

You can find LinkedIn’s privacy policy at
https://www.linkedin.com/legal/privacy-policy

 

Sample data protection declaration of the law firm Weiß & Partner