Personal Data Protection Policy
Updated on 01/04/2021
ECKES GRANINI Austria GmbH operates the website accessible at www.pago.cc (hereinafter referred to as the "website"). This Statement informs you about the collection of your personal data when you use the website. Personal data is any data that can be linked to you personally, such as your name, address, email addresses and Internet browsing behaviour.
Your data is collected, processed and used in accordance with data protection law, in particular the EU General Data Protection Regulation (GDPR), as described in more detail below:
1. Collection of personal data for informational purposes
(1) If you are using the site for informational purposes only, that is, if you do not log in, register, or otherwise provide information to use the site, we do not collect any personal data, other than the data your browser sends to enable you to visit the website. This data is the following:
- IP address
- Date and time of the request
- Time zone difference from Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Volume of data transmitted
- Site from which the request originates
- Operating system and its interface
- Language and version of the navigation software.
(2) In addition, cookies are stored on your computer when you use the site. Cookies are small text files stored on your hard drive, linked to the browser you are using and through which certain information is sent to the entity placing the cookie (in this case, our website). A cookie typically contains the name of the domain from which it originated, the "lifetime" of the cookie, and a value, usually in the form of a unique randomly generated number. Cookies cannot run any programmes or transmit viruses to your computer. They are used to make the website as a whole more user-friendly and efficient.
Transient cookies (temporary use)
Transient cookies are deleted automatically when you close the browser. They include session cookies. They host an identifier (session ID), through which requests made by your browser can be associated with the shared session. This allows the website to recognise your computer on future visits. Session cookies are deleted when you log out or close your browser.
Persistent cookies (use for a limited time)
Persistent cookies are automatically deleted after a predetermined period, which may vary depending on the cookie. You can delete these cookies at any time by adjusting your browser's security settings.
Third-party cookies (from third-party providers)
You can configure your browser settings as you wish and, for example, refuse to accept third-party cookies or all cookies. Information on managing and deleting cookies, and information specific to common browsers, is also available at www.cnil.fr/fr/cookies-et-traceurs-comment-mettre-mon-site-web-en-conformite. However, please note that in this event, you may no longer be able to access certain features of the site.
Flash cookies (permanent use)
The Flash cookies used are not stored by your browser, but by your Flash plugin. These cookies store the necessary data regardless of the browser you use, and do not have an automatic expiration date. You must install an appropriate add-on if you do not want Flash cookies to be placed on your computer.
(4) This information is stored separately from any data that we may archive. In particular, cookie data is not linked to your other data that may be transmitted.
2. Collection of personal data for personalised use
(1) In addition to using our website for purely informational purposes, we offer a range of services that you can use if you wish. You will usually be required to provide additional personal data for this purpose, which we use to provide the relevant service. Where you have the opportunity to provide additional voluntary information, this is identified accordingly. We collect, process and use only personal data that is necessary for your use of the website or for the performance of a contract with us or that you yourself provide. This applies in particular to master data and user data that may be transmitted via forms on our website:
- Telephone number
- Email address
- Date of birth
- User registration and login data
- User’s bank details
- VAT number (optional)
(2) We use inventory data and user data to the extent necessary to establish or provide content, modify or terminate a contractual relationship with you, fulfil our contractual obligations, connect the user to the website, and contact you if you choose, or if necessary, as part of the contractual relationship or permitted by law.
(3) The processed data is used to contact and process customer requests, suggestions, complaints and quality assurance, including the analysis and evaluation of potential product or packaging defects, as well as the identification of changing consumer needs. The legal basis is therefore our legitimate interest according to Article 6 I, p. 1 lit. f) GDPR. The data processed in this context will be deleted at the latest six months after the completion of the complaint operation, provided that no legal retention obligation prevents deletion.
Personal data is stored and processed within the European Union, with the exception of the data collected by the third-party suppliers mentioned below.
3. Data deletion
Unless otherwise stated in this Data Privacy Statement, we store your data only for as long as is necessary to process a request you send us, for example. Your personal data will therefore be deleted after your request has been processed, unless you agree otherwise. Inventory data is deleted two years after the end of the contractual relationship at the end of the calendar year, unless it must be kept longer and if this is permitted by law.
4. Anonymous statistical analysis of the user data
We have the right to create user profiles using a pseudonym for the purposes of advertising, market research or adapting the website to meet the needs of users, unless you object. In particular, we analyse user data anonymously for statistical purposes in order to adapt the website to meet users' needs. You can object to the use of your personal data by sending us a notification to this effect (see Article 9 on contact details).
(1) When processing personal data, we use subcontractors and conclude contracts with them for the processing of data in accordance with the requirements of Article 28 of the GDPR.
(2) The subcontractor used to host the website is: T-Systems Multimedia Solutions GmbH, Application Management & Cloud Services, Postfach 10 02 24, D-01072 Dresden/Adacor Hosting GmbH, Emmastrasse 70a, D-45130 Essen.
6. Protection of personal data
We take technical and organisational measures in accordance with the requirements of Art. 32 GDPR to protect the user's personal data. All of our employees who are involved in the processing of personal data are under obligation to maintain data secrecy. The user’s personal data will be encrypted by HTTPS when it is transmitted to the website.
7. Legal basis
The legal basis for the collection and processing of data is provided by Article 6 para. 1 letters a) b) and f), and Article 7 of the GDPR.
8. Rights of data subjects
The user and other data subjects may demand the following rights from us with regard to their personal data:
- right to information
- right of rectification
- right to deletion
- right to restrict processing
- right to object to processing
- right to data portability
You also have the right to file a complaint with the competent supervisory authority if you believe that we have violated your data protection rights or if we have not sufficiently enforced your rights as a data subject.
9. Service provider/responsible organisation/contact information
The service provider and responsible body in accordance with Article 4 No. 7 of the GDPR is: Eckes-Granini Austria, Pummerinfeld 1b, 4490 St. Florian
Austria All requests for information, correction and deletion, all objections or revocations of consent, assertions of the right to restrict processing or the right to data portability, as well as all comments or questions from users regarding data protection should be sent to: firstname.lastname@example.org
No Data Protection Officer has been appointed, as the data is not processed to an extent that would require the appointment of such an Officer in accordance with Art. 37 GDPR. However, you can also direct your inquiries to our data protection contact address: email@example.com
10. Data protection supervisory authority and right to complain
The supervisory authority in charge of data protection, to which all complaints concerning a violation of the Data Protection Act may be sent, is:
Landesbeauftragte für den Datenschutz und die Informationsfreiheit Rheinland-Pfalz
Hintere Bleiche 34
Telephone: +49 (0) 6131 208-2449
Fax: +49 (0) 6131 208-2497
11. Updating of this Data Privacy Statement
The contents of this Data Privacy Statement require regular updating. We therefore reserve the right to change this policy at any time. We will email the amended version of the Data Privacy Statement to registered users before it comes into effect and publish it in the same place as this Data Privacy Statement.