Data Protection Declaration
Data Protection Declaration

Protecting your personal data is a particular concern of ours. We therefore process your data exclusively on the basis of legal requirements (GDPR, Austrian Data Protection Act 2018, Austrian Telecommunications Act 2003 and others). With this notice regarding data protection, we are informing you as to how we process your personal data in accordance with Art. 13 GDPR. The person-related processing of your data takes place exclusively in compliance with the applicable legal provisions.

1. GENERAL NOTICE

The data which you have disclosed will be processed and stored exclusively within the framework of our business activity with you, whether this be as our customer, sales partner, trade representative, affiliated company or similar. This applies to all data which is already at our disposal as well as for all data collected in the future. The disclosure of all data takes place on a voluntary basis.

The Controller, who determines the purposes and means of the processing of your personal data, is UNTHA SHREDDING TECHNOLOGY GMBH. UNTHA Shredding Technology GmbH has not employed a Data Protection Officer as, for the moment at least, no legal requirement to do so exists.

2. LEGAL BASIS FOR DATA PROCESSING

The processing of your personal data within the framework of our business activity takes place based on the fulfilment of a contract, with all the accompanying pre-contractual, post-contractual and collateral contractual obligations as well as within the framework of the organisational structure of our company.

3. PURPOSE OF DATA PROCESSING

We process your personal data to establish, manage and process the business relationship, to build up new customer relationships or to approach interested parties as well as to issue all information concerning our range of services (marketing). Reference is made to the additional information regarding the collection of data when visiting our website (see Point 9).

4. CATEGORIES OF DATA PROCESSED

In particular, the categories of data processed include:
•    name, company, other business designation
•    address
•    contact data (telephone, email, fax)
•    bank and transfer details
•    date of birth
•    commercial register data, land register data
•    VAT ID number, commercial register number, ZVR [Austrian Central Register of Associations] number, as well as social security data
•    contact persons and their contact details
•    involved persons (public authorities, involved third parties)
•    recordings of performance and memoranda
•    contractual texts and business correspondence
•    account, payment and booking data
•    data surrounding credit rating, dunning data, opening of bankruptcy

5. DATA RECIPIENTS

In particular, the recipients of this personal data include:
•    business partners, customers
•    sales partners and trade representatives
•    subsidiary companies
•    involved courts and public authorities
•    involved lawyers, notaries and experts
•    IT service providers and IT support
•    all other natural and legal persons to whom your personal data may be transferred as part of the establishment, management and processing of the business relationship in accordance with the valid legal provisions.

6. YOUR RIGHTS

You have the basic right to access, rectification, erasure, restriction, data portability, withdrawal of consent and objection. Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work or in the place of the alleged infringement, if you consider that the processing of your personal data infringes the GDPR.
The supervisory authority with which the complaint has been lodged shall inform the complainant of the progress and the outcome of the complaint, including the possibility of a judicial remedy according to Art. 78 GDPR.

7. RIGHT TO OBJECT

You have the opportunity to object to the collection, processing and use of your data and/or to withdraw consent which you previously gave to us for the collection, processing and forwarding of your personal data with effect for the future at any time. Should you exercise your right to object, we will cease to process the data in question. To do so, please send us an email at info@untha.com or write to UNTHA shredding technology GmbH, Kellau 141, 5431 Kuchl. We do, however, reserve the right to continue processing where we can demonstrate compelling legitimate grounds for this processing which override your interests, fundamental rights and fundamental freedoms, or where the processing serves to establish, exercise or defend legal claims.

8. DURATION OF THE STORAGE OF PERSONAL DATA

The duration of the storage of personal data is measured based on the corresponding statutory retention period (e.g. retention periods under commercial and tax law). After expiry of the period, the corresponding data will be routinely erased, unless it is still required for the fulfilment or initiation of a contract and/or no legitimate interest in the continued storage can be proven to still exist on our part.

9. COLLECTION OF DATA WHEN VISITING OUR WEBSITE

If you only visit our website for informative purposes, i.e. if you do not register or otherwise transfer information to us, we will only collect that data which your browser transfers to our server (“server log files”). When you access our website, we collect the following data, which is technically necessary for us to display the website to you:
•    website visited
•    time of access
•    source/reference from which you entered the website
•    browser used
•    operating system used
•    IP address used
Data is processed according to Art. 6(1) point (f) GDPR based on our legitimate interest to improve the stability and functionality of our website. The data is not disseminated or used otherwise. However, we reserve the right to subsequently check the server log files in case that there are concrete indications for illegal use.

10. COOKIES

Our website uses “cookies”. These are small text files which are stored on your end device using your browser. They do not cause any damage to your device.
We use cookies in order to make our website user-friendly. Some cookies are stored on your end device until you delete them. They enable us to recognise your browser upon your next visit to our website. Insofar as personal data is processed by individual cookies which have been implemented by us, processing takes place in accordance with Art. 6(1) point (f) GDPR to safeguard our legitimate interests in the best possible functionality of the website and in a customer-friendly and effective website design.
If you do not want this to happen, you can adjust your browser settings accordingly so that you are notified of the use of cookies and only allow them in individual cases.
If you choose to deactivate the cookies, the functionality of our website may be limited.

Web analysis - Matomo

For the purpose of pinpointing and analysing errors, for the evaluation of usage and deriving measures for future further development of the website, we process your data with the help of the local analysis software Matomo.

Due to the fact that this service is carried out by a local analysis tool, no personal
data is transmitted to the service provider or any third parties. In addition to this, your personal data is anonymised immediately after collection. No further saving of your personal data takes place beyond the initial processing step.

Legal basis for this data processing is imperative technical necessity for the provision and delivery of the services expressly required by you through your use of the desired service “website” in accordance with Art. 96 Par. 3 of the Telecommunications Act.

11. MyUNTHA: AMAZON WEB SERVICES "AWS"

UNTHA shredding technology and its contractors use the Amazon Web Services ("AWS") service from Amazon Web Services, Inc., P.O. to host the MyUNTHA database and web content (https://myuntha.com). Box 81226, Seattle, WA 98108-1226, USA. The data is generally stored in a German data center (Frankfurt / Main) that is certified according to ISO 27001, 27017 and 2018 and PCI DSS Level 1. However, it cannot be ruled out and UNTHA also assumes no liability for the fact that, due to legal regulations from third countries (e.g. USA), AWS may also have to grant access to this data to authorities from third countries (e.g. US authorities). Of course, we or our contractors have very limited access rights and the data is automatically encrypted.

AWS has signed up to the Privacy Shield Agreement. You can find more information on AWS and data protection at https://aws.amazon.com/de/compliance/eu-data-protection/ and at https://aws.amazon.com/de/privacy/. With reference to the current guidelines on the GDPR and their compliance, you will find more information in this document: https://www.untha.com/files/pdf/legal/AWS_GDPR_DPA.pdf

Data that are processed:

Customer: Company name, street, zip code, city, country, website, telephone, post, fax and customer number

Personal: title, title, first name, last name, telephone, mobile phone and email address

12. Google reCATCHA

What is Google reCAPTCHA?

reCAPTCHA is a free captcha service from Google that protects websites from spam software and misuse by non-human visitors. A captcha service is a tool that is designed to ensure that an action on the Internet is performed by a human being and not a bot. At reCAPTCHA, a JavaScript element is integrated into the source text and analyzes your user behavior. The software calculates a so-called captcha score from these user actions. reCAPTCHA or Captchas in general are always used when bots could manipulate or misuse certain actions (e.g. registrations, surveys, etc.).

Why do we use reCAPTCHA on our website?

We do everything we can to protect ourselves from bots or spam software of all kinds and to offer you the best possible user friendliness. For this reason, we use Google reCAPTCHA to remain a "bot-free" website. By using reCAPTCHA, data is transmitted to Google to determine whether you really are human. reCAPTCHA thus serves the security of our website and subsequently also your security. For example, without reCAPTCHA it would be possible for a bot to register many e-mail addresses when registering in order to "spam" on forums or blogs with unwanted advertising content. With reCAPTCHA such bot attacks can be avoided.

What data does reCAPTCHA store?

reCAPTCHA collects personal data from users to determine whether the actions on our website really come from people. So the IP address and other data that Google needs for the reCAPTCHA service can be sent to Google. Within the member states of the EU or other contracting states of the Agreement on the European Economic Area, IP addresses are almost always shortened before the data ends up on a server in the USA. The IP address will not be combined with other Google data unless you are logged in with your Google account while using reCAPTCHA. First, the reCAPTCHA algorithm checks whether Google cookies from other Google services (YouTube, Gmail, etc.) have already been placed on your browser. Then reCAPTCHA sets an additional cookie in your browser and takes a snapshot of your browser window.

The following list of collected browser and user data is not exhaustive.

Rather, they are examples of data that can be processed by Google:

  • Referrer URL (the address of the page the visitor comes from)

  • IP address (e.g. 256.123.123.1)

  • Information about the operating system

  • Cookies (small text files that save data in your browser)

  • Mouse and keyboard behavior

  • Date and language settings

  • All javascript objects

  • Screen resolution (shows how many pixels the image display consists of) 

The fact is that Google uses and analyzes such data even before you click “Submit”. We have therefore integrated a consent box on our website that notifies you of this special marketing cookie and that only allows you to fill out the contact or product request using the form if you agree to reCAPTCHA being set. 

Further information can be found in the data protection guidelines and the terms and conditions of Google reCAPTCHA.

WiredMinds

Read more about our newest innovationsOur website uses the tracking pixel technology of WiredMinds GmbH (www.wiredminds.de) to analyze visitor behavior. The IP address of a visitor is processed here. The processing is carried out exclusively for the purpose of providing company-relevant information such as B. to collect the company name. IP addresses of natural persons are excluded from further use (whitelist procedure). The IP address is never stored in LeadLab. When processing the data, it is in our particular interest to protect the data protection rights of natural persons. Our interest is based on Article 6 (1) (f) GDPR. The data we collect does not allow any conclusions to be drawn about an identifiable person.

WiredMinds GmbH uses this information to create anonymous user profiles related to visitor behavior on our website. The data obtained in this way are not used to personally identify the visitor to our website.

12. CONTACTING US

Personal data is collected when you get in touch with us using the form on our website or via email. In the case of a contact form, which data is collected is apparent from the corresponding contact form. This data is stored and used exclusively for the purposes of answering your request or for getting in touch and the technical administration which is associated with this. Should you enter into a contract with us, data such as that illustrated in Point 4 will be collected and stored.

The personal data which is collected will be used to answer your enquiry. After processing your enquiry, we will erase this data insofar as it does not need to be retained for a longer period for reasons of verifiability, customer support or statutory retention periods. Should it be necessary to include a subsidiary company or a sales partner for the fulfilment of a contract, personal data shall also be transferred to these.
As an existing customer, we also process data such as your name, address, email and telephone number for marketing purposes, to send you our newsletter or invitations to events/trade fairs/product demonstrations/new products, etc., or to get in contact with you directly. In doing so, our mutual customer relationship with you is reinforced and improved.

Should you have any further questions regarding this notice, please contact:

UNTHA shredding technology GmbH
Kellau 141
5431 Kuchl / Salzburg / Austria

Mr. Thomas Schmid
Head of Marketing and Communication
email: 
thomas.schmid@untha.com