Privacy Policy

Privacy policy

1. General information

For us as the data controller (“controller”, “we”, “us”), the secure processing and confidentiality of personal data is a high priority. Personal data is collected, stored and used in compliance with data protection regulations, in particular the General Data Protection Regulation (“GDPR”) and all national regulations.

 

2. Person responsible

HNE Logistics GmbH in foundation
c/o SKE Holding GmbH
Gewerbeallee 15d
4221 Steyregg
Austria
Phone: +43 732 641065-0
E-mail: office@ske-holding.com

 

3. Data Protection Coordinator

We are not legally obliged to appoint a data protection officer. Nevertheless, as data protection is very important to us, we have a data protection coordinator. You can reach him under:

SKE Holding GmbH
Attn. Data Protection Coordinator
Gewerbeallee 15d
4221 Steyregg
E-mail: dataprotection@ske-holding.com

 

4. Data processing on our website

Below you will find out what information we collect, process and use when you visit and use our website.

 

4.1 Provision and use of the website

 

4.1.1. Scope and purpose of data processing

We collect and use the personal data of our users only to the extent necessary to provide a functional website and our content and services or information.

When you access and use our website, we collect the personal data that your browser automatically transmits to our server. This information is temporarily stored in a so-called log file.

The following information is collected without any action on your part and stored until it is automatically deleted:

• IP address of the requesting computer,
• Date and time of the enquiry,
• Name and URL of the retrieved file,
• Website from which the access is made (referrer URL),
• the browser used and, if applicable, the operating system of your computer and the name of your access provider.

 

4.1.2. Legal basis

The legal basis for the data processing mentioned under a) is Art. 6 (1)(f) GDPR and § 165 (3) Austrian Telecommunications Act 2021. The processing of the aforementioned data is necessary for the provision of a website and to enable secure and convenient use and thus serves to safeguard a legitimate interest of our company. In addition, there are no overriding interests of the website user, so that the interest of the website operator prevails.

4.1.3. Storage period and data erasure

As soon as the aforementioned data is no longer required to display the website, it is deleted. The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, the user has no option to object. Further storage will take place in individual cases if this is required by law.

For the use of the website, personal data is processed by a processor.

 

4.2. Electronic contact requests via the website

 

4.2.1. Type and scope of data processing

On our website, we offer you the opportunity to contact us via a form provided or by e-mail. If you actively contact us, the following personal data will be processed by you:

• First name
• Surname
• Address
• E-mail address
• Telephone number
• Content of the enquiry

The purpose of providing this data is to process your enquiry.

When using the contact form, your personal data will be processed by a processor.

4.2.2. Affected parties

Website visitors, interested parties, customers and suppliers

4.2.3. Legal basis

The data processing described above for the purpose of establishing contact is carried out in accordance with Art. 6 (1)(a) GDPR on the basis of the declaration of consent voluntarily given by you during the sending process (when using the contact form), in accordance with Art. 6 (1)(b) GDPR for the fulfilment of a contract or for the implementation of pre-contractual measures, in accordance with Art. 6 (1)(f) GDPR on the basis of legitimate interests and in accordance with § 165 (3) Austrian Telecommunications Act 2021.

4.2.4. Storage duration

As soon as your enquiry has been dealt with and the matter in question has been finally clarified, your personal data processed via the contact form will be deleted. Further storage may take place in individual cases if this is required by law.

 

4.3. Customer service and marketing for own purposes

 

4.3.1 Scope and purpose of data processing

Processing of own or purchased customer and prospective customer data for the initiation of business relating to the company’s own range of goods or services and for the implementation of advertising measures and newsletter dispatch; customer relationship management.

The following data will be processed by you:

• Master data

Information on cross-group joint processing activities is provided in section 8.

4.3.2. Affected parties

Customers and interested parties.

4.3.3. Legal basis

The legal basis for the data processing mentioned under a) is legitimate interests (Art. 6 (1)(f) GDPR) and § 174 (4) Austrian Telecommunications Act 2021.

4.3.4. Storage duration

The data may be stored until the end of the third year after the last contact with the client, unless longer contractual or statutory retention periods exist.

Personal data is processed by a processor in order to send the information.

 

4.4. Customer and supplier management, accounting

 

4.4.1. Scope and purpose of data processing

The provision of your personal data is necessary for the fulfilment of the contract or the implementation of pre-contractual measures. Without this data, we cannot conclude a contract with you. The purpose is the processing of personal data in the context of any business relationships with customers and suppliers in the context of a commercial activity, including the systematic recording of all business transactions relating to income and expenditure.

The following data will be processed by you:

• Master data
• Payment information
• Financial data
• Bank details

 

4.4.2. Affected parties

Customers and suppliers.

4.4.3. Legal basis

The data processing described above is carried out in accordance with Art. 6 (1)(a) GDPR on the basis of your consent, in accordance with Art. 6 (1)(b) GDPR to fulfil a contract or to carry out pre-contractual measures, in particular to contact you as part of the business relationship, in accordance with Art. 6 (1)(c) GDPR to fulfil a legal obligation and in accordance with Art. 6 (1)(f) GDPR on the basis of legitimate interests, in particular for the defence, exercise and assertion of legal claims (Art 9 (2)(f) GDPR).

4.4.4. Storage duration

Your personal data will be stored by us for as long as is necessary to fulfil our obligations, depending on necessity until the end of the business relationship or until the expiry of the guarantee, warranty, limitation and statutory retention periods applicable to the client (in particular the tax law retention obligations for business letters, invoices and receipts); in addition, until the end of any legal disputes in which the data is required as evidence.

If necessary for the fulfilment of the contract, your personal data will be passed on to companies in the group of companies or their sales and service partners in the countries concerned so that they can act on our behalf. We will therefore only transfer your data to third parties to fulfil our obligations. These include, in particular, the tax office, courts and authorities, suppliers, mail order companies, debt collection companies, banks involved in the payment to the person concerned or to third parties, legal representatives, chartered accountants.

 

4.5. Services from third-party providers

 

4.5.1. Google Analytics

We use Google Analytics to analyse the use of our website. In the course of this, Google (specifically: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, D04 E5W5, Ireland) processes the following data for us in particular:

• Websites visited
• Activities on the websites, such as the duration of use
• approximate location (city)
• IP address
• Information such as browser, end device, internet provider
• how you arrived at our website, such as previously accessed external websites
• randomly generated client ID or pseudonym

 

Purpose: To analyse website usage and improve our advertising presence.

Further information can be found here: https://support.google.com/analytics/answer/6004245

 

5. Information on data transfers to third countries or international organisations

Except in the cases already mentioned, the data processed by us will not be transferred to recipients in third countries without an adequate level of security or to international organisations.

 

 

6. How do we protect your data?

We take appropriate technical and organisational security measures within the meaning of Art. 5 (1)(f) and Art. 32 GDPR to protect your personal data against accidental or unlawful destruction, alteration, damage or loss and against unauthorised disclosure or access. In addition, we and our employees are obliged to maintain data confidentiality.

 

7. What data protection rights do you have as a data subject?

The GDPR gives you the following rights as a data subject of personal data processing:

• In accordance with Art. 15 GDPR, you can request information about your personal data processed by us. In particular, you can request information about the processing purposes, the categories of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected by us, about a transfer to third countries or to international organisations and about the existence of automated decision-making including profiling and, if applicable, meaningful information about its details.
• In accordance with Art. 16 GDPR, you can immediately request the correction of incorrect or the completion of your personal data stored by us.
• In accordance with Art. 17 GDPR, you can request the erasure of your personal data stored by us, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims. We would like to point out that a request for erasure can only be complied with insofar as there are no statutory retention obligations or other obligations to the contrary.
• In accordance with Art. 18 GDPR, you can request the restriction of the processing of your personal data if the accuracy of the data is disputed by you, the processing is unlawful, we no longer need the data and you refuse to delete it because you need it for the assertion, exercise or defence of legal claims. You also have the right under Art. 18 GDPR if you have objected to the processing pursuant to Art. 21 GDPR.
• In accordance with Art. 20 GDPR, you can request to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format, or you can request that it be transferred to another controller.

If you believe that the processing of your personal data does not comply with data protection regulations, please contact us to clarify your concerns. You will find our full contact details under point 2. In addition, you have the right to submit your concerns in connection with the processing of your personal data to a supervisory authority in the EU.

 

Austrian Data Protection Authority (Datenschutzbehörde)
Barichgasse 40-42
1030 Vienna
Austria
Phone: +43 1 52152-0
E-mail: dsb@dsb.gv.at

 

You can find the data protection authorities of other countries at ec.europa.eu/info/law/law-topic/data-protection/reform/what-are-data-protection-authorities-dpas_en.

7.1. Your right to object

If your personal data is processed on the basis of legitimate interests in accordance with Art. 6 (1) (f) GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from your particular situation. When exercising your right to object, we ask you to explain your reasons why we should not process your personal data as we have done. We will examine the situation and either discontinue or adapt the data processing or show you our compelling legitimate grounds and continue the data processing. We will also continue the data processing if it serves the assertion, exercise or defence of legal claims.

You can object to data processing for the purposes of direct advertising and data analysis at any time. In this case, we will stop processing the data.

7.2. Your right of cancellation

If you have given us your consent to process your personal data, you can revoke your consent at any time. Your revocation does not affect the legality of the data processing carried out until the revocation.

8. Joint processing activities

If companies process personal data jointly, there is joint responsibility if they all jointly determine the purposes and means of processing. The controllers shall specify in a transparent manner in an agreement which of them fulfils which obligation and shall inform the data subjects of the essential content of the agreement.

8.1. Group companies involved

• HNE Logistics GmbH
• SKE Holding GmbH
• SKE Engineering GmbH
• SKE Engineering Ltd.
• SKE Solar Inverters S.R.L.
• HORIZON Technologies GmbH
• creative minds advertisement gmbh

 

8.2. Cross-group processing of applicant data

The purpose of cross-group processing of applicant data is to process it for business initiation with regard to employment relationships and standardised human resource management.

Applicants are affected by cross-group processing.

The following data is processed: Master data and application data.

Storage period: In the case of cross-group vacancies and international job advertisements, we delete the data no later than 6 months after the position has been awarded, unless the data subject has given their consent or there are longer contractual or statutory retention periods. In the case of national job advertisements and vacancies, the retention periods are based on the national legal requirements.

8.3. Group-wide controlling

The purpose of cross-group controlling is the processing of data by all controllers in a common ERP programme. Each controller processes data within this system, taking into account the respective authorisations.

Processing of personal data as part of the business relationship with customers and suppliers, including the systematic recording of all transactions relating to income and expenditure.

Customers and interested parties are affected by this data processing.

The following data is processed: Master data and UID.

Storage period: in accordance with the statutory requirements; until the termination of the business relationship or until the expiry of the applicable guarantee, warranty, limitation and statutory retention periods; furthermore until the termination of legal disputes in which the data is required as evidence.

8.4. Cross-group data protection coordination

If you have any questions about your rights or data processing, you can contact the contact point for data subjects:

SKE Holding GmbH
Gewerbeallee 15d
4221 Steyregg
dataprotection@ske-holding.com

 

8.5. Lead supervisory authority

The joint controllers have appointed the Austrian Data Protection Authority (Barichgasse 40-42, 1030 Vienna, phone: +43 1 52 152-0, e-mail: dsb@dsb.gv.at) as the lead supervisory authority.