Data protection
Privacy policy
Data protection declaration in accordance with Art. 13, 14 GDPR – fulfillment of information obligations
Thank you for visiting our website. We attach great importance to the protection of your data and inform you here in detail about the extent to which your data is processed when you visit our website.
This statement applies both to data processing within Saubermacher Outsourcing GmbH and to the use of our website. The legal basis for this data processing is the General Data Protection Regulation (GDPR) and the Austrian Data Protection Act (DSG).
All personal designations always refer to all genders. The use of the masculine form is for ease of reading only.
The controller pursuant to Art. 4 (7) of the EU General Data Protection Regulation (GDPR) is
Saubermacher Outsourcing GmbH
Hans-Roth-Straße 1
8073 Feldkirchen bei Graz
Tel: +43 59800 7000
E-Mail: outsourcing@saubermacher.at
The company has appointed a data protection officer. Birgit von Maurnböck, VMCON OG, Opernring 2, 8010 Graz can be reached at: datenschutz@saubermacher.at
2.1 Data processing in accordance with Art. 13 GDPR
We process the data that various people provide to us through their own information, for example in the context of an inquiry by e-mail, for the initiation and conclusion of a contract or a business relationship.
2.2 Data processing in accordance with Art. 14 GDPR
In addition, we process data of persons who may be part of a contractual relationship, which we have legitimately received in the context of information from third parties (e.g. managing directors provide us with the data of their employees).
2.3 Persons concerned
We process the following data from interested parties: Company, name of contact person and professional contact and address data.
We process the following customer data: Company, title and names of contact persons, professional address data and contact details, bank details, contract data.
We collect the following data from suppliers and business partners: Company, title and names of contact persons, professional address data and contact details, bank details, contract data.
2.4 Forwarding of data
We only pass on personal data to third parties if this is necessary for the purpose of contract processing and fulfillment or due to legal regulations.
2.5 Storage/deletion of data
– Contractual storage obligations: After termination of a contractual relationship or after the end of contractually agreed periods, personal data will be deleted or anonymised as soon as there are no legal obligations to retain it.
– Revocation of consent: If consent to the processing of personal data is revoked, the data will be deleted or anonymised unless there is another legal basis for processing.
– Statutory retention obligations: The controller is subject to various statutory retention obligations. After expiry of these statutory retention obligations, personal data will be automatically deleted. It may happen that personal data must be retained for legal reasons despite the revocation of consent or the expiry of contractually agreed periods and will only be deleted at a later date (after the expiry of the respective legal periods). The EU regulations and laws to be observed by the controller are listed below (without any claim to completeness):
- Federal Tax Code (BAO)
- Commercial Code (UGB)
- Trade Regulation Act (GewO)
- General Civil Code (ABGB)
- Value Added Tax Act (UStG)
- Whistleblower Protection Act (HSchG)
- Data Protection Act (DSG)
- General Data Protection Regulation (GDPR)
2.6 Contact by e-mail
When you contact us by e-mail, the data you provide will be stored by us on the basis of your consent in order to answer your questions. We delete the data arising in this context after processing is no longer necessary, or restrict processing if there are statutory retention obligations.
2.7 Publication of the names of authors
We are legally obliged to disclose the names of the authors of image data (photos or videos) each time image data is published. We automatically delete this personal data as soon as we stop using the image data.
2.8 Legal basis
The legal basis for data processing is
contract initiation and fulfillment pursuant to Art. 6 para. 1 lit. b GDPR.
legal obligations pursuant to Art. 6 para. 1 lit. c GDPR, (e.g. legally prescribed storage and documentation obligations, publication obligations under copyright law).
legitimate interests of our company within the meaning of Art. 6 para. 1 lit. f GDPR (e.g. use of software)
6 para. 1 lit. a GDPR when obtaining consent (e.g. when processing image data or for advertising purposes).
Please note that national data protection regulations may also apply in addition to the provisions of the GDPR.
3.1 Making contact
If you have asked us to contact you via our web form or if you have sent us a message, we will store the data required to contact you. This is your name, your e-mail address and, on a voluntary basis, your telephone number and additional information if personal. The data will be deleted by us as soon as storage is no longer necessary or you object to the processing.
Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest)
3.2 Applicants
General: When you send us your application documents, we process the personal data contained therein for the purpose of personnel selection and job placement.
Legal basis: Art. 6 para. 1 lit. b GDPR (contract initiation and fulfilment)
Deletion: In the event of rejection, we will delete your documents 7 months after sending you the rejection.
Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest)
Record keeping: If we wish to keep your details on file in order to contact you at a later date, we will send you a separate request for your consent. If you give us your explicit consent, we will store your application documents. If no further job opportunities arise at our company within one year of receiving your consent, we will delete all your application documents.
Legal basis: Art. 6 para. 1 lit. a GDPR (consent)
Applicant portal: All applications are processed via our application portal. People who are interested in working for our company can apply directly on our website via the applicant portal. The application process is handled by BITE, a service provided by BITE GmbH, Magirus-Deutz-Straße 12, 89077 Ulm, Germany. You will be informed of this in a separate privacy policy for applicants, which you can view at the beginning of each application under ‘Privacy Policy’ or download as a PDF file. During the application process, you will have the opportunity to upload your application documents (e.g. CV).
Persons who submit their application in paper form directly to one of our locations will receive a confirmation of receipt and the data protection declaration by email. If the application form is completed on site, the data protection declaration will be handed out immediately. These applications will also be entered into the BITE applicant management system by the HR department so that the entire application process – regardless of how it was submitted – is handled centrally via the tool.
For further information, please visit https://www.saubermacher-outsourcing.com/de-at/karriere/.
We may use your address to send you information about our offers and services and to enclose promotional items by post. Please note that this notice refers exclusively to postal advertising. Electronic advertising (e.g. by email) will not be sent without your express consent.
Legal basis: Art. 6 para. 1 lit. b GDPR (contract initiation and fulfilment)
Our company premises are located in the Saubermacher Dienstleistungs AG headquarters (Ecoport), where, as part of the security measures implemented by Saubermacher Dienstleistung AG (SDAG), all entrances and exits as well as the access and exit to the Ecoport underground car park are monitored by video surveillance to ensure the safety of persons and the protection of property.
The surveillance serves to enforce house rules and to investigate criminal offences and security-related incidents. Monitored areas are marked with appropriate signs. The recordings are stored for a period of 72 hours and then deleted, unless they are required to clarify incidents or initiate legal action.
Access to the recordings is restricted to authorised SDAG personnel. The data will only be passed on to law enforcement authorities in the event of a criminal investigation.
Further information can be found in the privacy policy of Saubermacher Dienstleistungs AG at https://saubermacher.at/datenschutz/.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest)
6.1 Informational use of the website
When using the website for information purposes only, we only collect the personal data that your browser transmits to our server (server log files). If you wish to view our website, we collect at most the data that is technically necessary for us to display our website to you and to ensure stability and security:
- IP address
- Date and time of the request
- Time zone difference to Coordinated Universal Time (UTC)
- Content of the request (specific page)
- Access status/HTTP status code
- Website from which the request originates
- Browser
- Operating system and its interface
- Language and version of the browser software.
This data is not merged with personal data sources. We reserve the right to check this data retrospectively if we become aware of specific indications of unlawful use and – if there has been a hacking attack – to pass the data on to the law enforcement authorities. The data will not be passed on to third parties beyond this.
Legal basis: Art. 6 para. 1 lit. f GDPR
6.2 Cookies
Cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard disk assigned to the browser you are using and through which certain information flows to the place that sets the cookie (here by us or third-party providers). Cookies cannot execute programs or transmit viruses to your computer.
The cookie allows you to be recognized when you visit the website without having to re-enter data that you have already entered.
The information contained in the cookies is used, for example, to determine whether you are logged in or what data you have already entered, or to recognize you as a user when a connection is established between our web server and your browser.
We distinguish between technical cookies that are used exclusively to ensure the operation of a website and other cookies that are set by us or third-party providers for the purposes of statistical analysis, tracking or advertising/marketing.
Legal basis: Art. 6 para. 1 lit. f GDPR (for technical cookies), Art. 6 para. 1 lit. a GDPR (for all other cookies)
6.3 Data processing in the USA
It cannot be ruled out that personal data will be transmitted to the USA when you visit our website. If this is the case, we will point this out separately in this privacy policy.
The GDPR requires so-called appropriate safeguards in accordance with Art. 46 GDPR for data transfers to a third country or an international organization.
The European Commission has adopted an adequacy decision for the exchange of data between European and US companies. This decision stipulates that American companies that have submitted to the EU-US Privacy Framework guarantee an adequate level of protection for personal data. Personal data may be exchanged with these companies without additional guarantees.
In the case of data processing by US data recipients who have not submitted to the regulations of the EU-US Data Privacy Framework, the following risks in particular cannot currently be ruled out for you as the data subject:
- Your personal data could possibly be passed on to other third parties (e.g. US authorities) by the respective service provider beyond the actual purpose of fulfilling the order.
You may not be able to assert or enforce your rights to information against the respective service provider in the long term. - There may be a higher probability that incorrect data processing may occur, as the technical and organizational measures for the protection of personal data do not fully meet the requirements of the GDPR in terms of quantity and quality.
- By consenting to the processing of (advertising and marketing) cookies, you explicitly consent to the transfer of data to the USA. You can remove cookies stored on your PC yourself at any time by deleting the temporary internet files.
Legal basis: Art. 6 para. 1 lit. a GDPR
We have set up a whistleblowing system (Saubermacher Group online whistleblowing portal) on our website. The whistleblowing system enables you to contact us and report compliance and legal violations without fear of reprisals. Further information is available at https://saubermacher.at/en/whistleblower//.
Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest).
Our website uses the consent management tool “Borlabs Cookie” from Borlabs GmbH, Hamburger Str. 11, 22083 Hamburg, Germany.
The service uses a technically necessary cookie (borlabs-cookie) to store your cookie consent. The consent management tool collects and stores the cookie preferences of each user of our website. With the express consent of the website visitor, statistical and marketing cookies are only set.
By integrating Borlabs Cookie on our own server, we guarantee that no data will be passed on to third parties.
For further information, please refer to Borlabs’ privacy policy at: https://de.borlabs.io/datenschutz/.
Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest)
We use services provided by Google Ireland Limited (“Google”), a company registered and operating under Irish law with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland, on our website.
Further information can be found in Google’s privacy policy at https://policies.google.com/privacy?hl=de.
9.1 Google Analytics
We have integrated Google Analytics on our website, a web analysis service from Google, which enables us to analyze visitor flows and the time spent on our website.
This website uses the function “Activation of IP anonymization” (i.e. Google Analytics has been extended by the code “gat._anonymizeIp();” to ensure an anonymized collection of IP addresses (so-called IP masking)). As a result, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there.
According to Google, Google will use the information obtained to evaluate your use of the website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. However, Google may transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. You can prevent the storage of cookies by selecting the appropriate settings in your browser software. However, we would like to point out that in this case you may not be able to use all functions of the website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the websites (including your anonymized IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link(https://tools.google.com/dlpage/gaoptout?hl=de).
Further information on terms of use and data protection can be found at https://www.google.com/analytics/terms/de.html or at https://support.google.com/analytics/answer/6004245?hl=de.
Legal basis: Art. 6 para. 1 lit. a GDPR (consent)
9.2 Google Tag Manager
We use Google Tag Manager to recognize your user behavior. Google Tag Manager is a solution that allows marketers to manage website tags via an interface. The tool itself processes the following personal data IP address of the user. The tool triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. Google Tag Manager can set cookies, at least in the administrator’s preview and debug mode, but also outside of it. If deactivation has been carried out at domain or cookie level, this remains in place for all tracking tags that are implemented with Google Tag Manager.
You can find more detailed information here: https://www.google.com/intl/de/tagmanager/faq.html.
Legal basis: Art. 6 para. 1 lit. a GDPR (consent)
You have the following rights vis-à-vis us with regard to your personal data:
- Right of access, rectification and erasure
- Right to restriction of processing
- Right to object to processing
- Right to data portability
- Right to lodge a complaint with the Austrian Data Protection Authority
Barichgasse 40 – 42, 1030 Vienna, phone: +43 1 52 152-0, E-mail: dsb@dsb.gv.at
If you are of the opinion that we have violated Austrian or European data protection law in the processing of your data and thereby infringed your rights, please contact us so that we can clarify any questions you may have.
Please send your inquiries and concerns by e-mail to datenschutz@saubermacher.at or contact us using the contact details provided.
We reserve the right to make changes to our privacy policy from time to time. We will publish all changes to the privacy policy on this page. Please refer to the latest version of our privacy policy in this regard.
