1) Processing of your personal data
For fulfilling our consultancy contract we process personal data you provide us with voluntarily and/or personal data we obtain with your consent (e.g. name, address, contact, phone number, e-mail address, appointments, meeting notes, photos) on the basis of statutory provisions set forth by GDPR.
If you provide us with special categories of personal data in the course of our consultancy agreement, we may also process special categories of personal data. These may include sensitive data concerning your current state of health and/or diagnoses, illnesses and/or medication, as well as confidential data concerning your private and intimate life, your religious, political or ideological beliefs and/or your professional life. These categories of data are not stored electronically.
Our web pages do not use cookies. To optimize loading times we use Google Font, JQuery and bootstrap files from external sources. Data privacy statements of these providers can be found at https://www.google.de/intl/de/policies/privacy/ und js.foundation/about/governance/privacy-policy.
2) Controller
The chairwoman / the chairman
3) Purposes of data processing and legal basis
In the context of fulfilling a consultancy contract, we process your personal data (including electronic documents produced automatically and/or archived documents such as meeting notes and correspondence) in this matter for the purposes of processing and transferring it to clients and other participants/contributors to the consultation.
We process your personal data on the basis of Art 6 para 1 subparas b, c, f GDPR. If we process special categories of personal data, we do so solely for the purposes of consultancy and provision of psychosocial support. Processing of special categories of data is based on Art 9 para 2 subpara h GDPR.
4) Recipient(s) of personal data
We do not transfer personal data to third parties, except for the purpose of fulfilling statutory and tax obligations (e.g. to tax consultants or tax authorities). We do not transfer special categories of data.
5) Period of storage
We store your data for a maximum of ten years after termination of the consultancy contract before we erase it.
6) Necessity of data provision
You are not obliged to provide personal data to us. However, providing personal data (name and address) is necessary if you wish to conclude a contract with the controller. You are not obliged to provide us with special categories of personal data.
7) E-mail communication
All personal data communicated via e-mail is used to reply via e-mail and in accordance with the purpose(s) named in the subject. If e-mail communication is part of an ongoing business relationship (contract or exchange of information based on voluntary consent e.g. a newsletter), data is being processed in accordance with fulfilling the respective purpose. In case of voluntary consent, erasure of personal data is conducted immediately after revocation of consent. Personal data transferred in fulfilment of statutory or contractual obligations is erased six months after expiry of the statutory storage period. In general, we do not transfer personal data, except when required to do so by law.
8) Photograph notice
We take photographs at our events for internet publication on our website www.wirtschaftsmediation.at in order to document our activities. Our legitimate interest in taking photographs at our events and publishing them (Art 6 para 1 subpara f GDPR, §§ 12, 13 DSG [= Austrian Data Protection Law]) is the presentation of activities organized by forum wirtschaftsmediation, aiming to increase its popularity and to further promote the method of commercial mediation in Austria.
9) Right of access by the data subject
You have the right to obtain confirmation as to whether personal data concerning you is being processed; and, where that is the case, you have the right of access to the personal data and the following information:
the purposes of the processing
the categories of personal data concerned
the recipients or categories of recipient to whom the personal data have been or will be
disclosed,
where possible, the envisaged period for which the personal data will be stored, or, if not
possible, the criteria used to determine that period
existence of the right to request rectification or erasure
existence of the right to lodge a complaint with a supervisory authority
In case you exercise your right of access, the controller will provide you with a copy of the personal data undergoing processing.
10) Right of rectification
You have the right to request the correction of incorrect personal data. Taking into account the purposes of the process, you have the right to request the completion of incomplete personal data.
11) Right to erasure
You have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
12) Right to restriction of processing
You have the right to obtain from the controller restriction of processing where one of the following applies:
13) Notification obligation regarding rectification or erasure or restriction
The controller shall communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. The person responsible will inform you of these recipients if that’s what you request.
14) Right to data portability
You have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where:
15) Right to object
You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you that is carried out on the basis of Art 6 GDPR. The controller will no longer process the personal data unless he/she can demonstrate compelling reasons for processing which are worthy of protection and which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. If personal data are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing. If you object to processing for the purposes of direct marketing, your personal data may no longer be processed for those purposes.
16) Right of appeal to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State in which you are domiciled, your place of work or the place where the alleged infringement is committed, if you consider that the processing of personal data relating to you is in breach of the DSGVO or of Section 1 or Article 2. 1 main section DSG 2018. In Austria the competent data protection authority is the Data Protection Authority (Barichgasse 40-42, 1030 Vienna, Tel: +43 1 52152-0, Email: dsb(at)dsb.gv(dot)at).