1. General
1.1 It is an important concern of InnoWay („we“, „our“) to provide adequate protection for your personal data. In this data privacy notice, we inform you about the manner, scope and purpose of the collection and use of your personal data in connection with your visit to our website www.innoway.com („website“), your cooperation with InnoWay as well as visiting InnoWay’s events.
1.2 We process your data solely on the basis of the statutory provisions regarding data privacy and data security, in particular the Austrian Data Protection Act („DSG“), the EU General Data Protection Regulation („GDPR“) and the Telecommunications Act 2021 („TKG“).
2. Contact:
2.1 The controller pursuant to the General Data Protection Regulation and other provisions under data privacy law is
InnoWay Gmbh
Grazer Straße 11
8600 Bruck an der Mur
Austria
E-Mail: info@innoway.com
3. Personal data
3.1 Pursuant to Art. 4 Clause 1 GDPR, personal data are all information that refers to an identified or identifiable natural person.
3.2 A natural person is deemed to be identifiable who can be identified directly or indirectly, in particular by classification to an identifier such as a name, a code number, location data, online identifier or to one or several special features which are an expression of the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.
4. Data collected
4.1 In the course of your visit to the website, the following data which are described in more detail in the following will be collected: server log files, cookies, information that you yourself provide by sending the contact form or completing the application form and data that are processed by third parties (e.g. Google, Facebook).
4.2 You are not obligated by law or contract to provide us with your personal data. However, it is possible that certain functions of our webpages depend on the provision of personal data. If you do not provide us with personal data in these cases, this can result in functions of the website not being available or only being available to a limited extent.
5. Server log files
5.1 Description and scope of data processing
The following data are automatically collected when the website is viewed:
- IP address
- Date and time of the request
- Content of the request
- The webpage visited previously and subsequently (referrer URL)
- Operating system and Internet service provider
- Access status
In the following called “server log files”.
5.2 Purpose of the data processing
Server log files are collected to ensure the stability and security of the website, to prevent system errors and system malfunctions, and to detect and prevent unauthorized access to the website.
5.3 Legal basis of data processing
The storage of server log files is based on our legitimate interest in the secure provision of our website in accordance with Art. 6 Para. 1 Letter f GDPR.
6. Cookies
6.1 Description and scope of data processing
Our website uses so-called cookies. These are small text files that are installed on your terminal with the aid of the browser.
Cookies are used to make the services offered more user-friendly. Certain cookies remain on your terminal until you delete them (so-called “persistent cookies”). They make it possible for us to recognise your browser when you visit our website again. In contrast, so-called “session cookies” are deleted automatically after the end of your browser session.
6.2 The cookies used by IF Invest EAST can be classified in 3 categories:
6.2.1 Necessary cookies
These cookies are absolutely necessary to facilitate error-free usage of the website and of certain functions of the website (e.g. login/shopping cart).
6.2.2 Function cookies
These cookies are not absolutely necessary, but increase the user-friendliness of our website (e.g. language settings).
6.2.3 Analysis cookies
These cookies collect information about the behaviour of the users on the website; in this way, the website can be improved in a targeted way (e.g. browser types, loading times, error messages).
6.3 Cookies cannot execute any programs or transmit viruses to your computer. Nor can they access any other data on your computer or read or change them.
6.4 Purpose of the data processing
Data processing by means of cookies is used for range and usage measurement, recognition of visitors to our website and user-friendly presentation of our website.
6.5 Legal basis of data processing
When you visit the website for the first time, you can decide whether you wish to accept all cookies or carry out individual settings. The cookie settings can be adjusted subsequently at any time.
6.6 If you do not wish this, you can set your browser up so that it informs you about the setting of cookies and you only permit this in individual cases. If you require further information with regard to this function, please use the „help function“ of your browser.
6.7 The legal basis for the use of necessary cookies is the exception provision of § 165 Para. 3 TKG.
6.8 For function- and analysis cookies, voluntary consent is required in accordance with § 165 Para. 3 TKG in conjunction with Art. 6 Para. 1 Letter a GDPR by means of the cookie banner.
7. Application
7.1 Description and scope of data processing
In the course of your application, we collect the following personal application data from you that we save and process:
- General data about your person (e.g. name, residential address, contact information)
- Application documents (e.g. letter of application plus attachments)
- Curriculum vitae and the data contained therein
- Information about the position that you have applied for (e.g. position, place of work, salary, required skills and experiences)
- Information about your previous work experience and employment (e.g. company, position, date of entry)
- Information about your professional and vocational training,
referred to as „data“ in the following point.
7.2 We collect these data within the framework of the application process either because you yourself provide them to us (for instance, by sending us your curriculum vitae) or because we collect them ourselves (for instance, by recording notes during the interview). For the rest, we can process job-related information that you have made publicly available, for instance a profile on professional social media networks
7.3 If an employment contract is subsequently concluded between you and IF Invest EAST, we can process the personal data already received further for purposes of the employment contract.
7.4 Your data are saved electronically or stored in paper form by IF Invest EAST. In the event of an interview, parts of your answers are documented and stored in digital and/or paper form.
7.5 After completion of the application procedure, your data will be fundamentally retained for seven months and then deleted. This does not apply if statutory provisions conflict with a deletion or further storage is required for evidence purposes.
7.6 Your data will only be forwarded to the in-house departments responsible for the specific application procedure.
7.7 Purpose of the data processing
We process your personal data for the purpose of your application for a position at IF Invest EAST or a company affiliated with IF Invest EAST if this is necessary for the decision regarding the establishment of an employment relationship.
7.8 Legal basis of data processing
Legal basis is Art. 6 Para. 1 Letter b GDPR.
8. Contact & Business relationship
8.1 Description and scope of data processing
If you contact us (e.g. by e-mail), the personal data transmitted will be saved.
8.2 Purpose of data processing
In order to respond to your requests, it is necessary to process the personal data provided by you.
8.3 Legal basis of data processing
The legal basis for the processing of data is our legitimate interest in responding to your request pursuant to Art. 6 Para. 1 Letter f GDPR.
8.4 Within the framework of the business relationship with our customers, suppliers and other business partners it is necessary to collect personal data both in the initiation of the contract and in the ongoing cooperation. The legal basis for this is Art. 6 Para. 1 Letter b GDPR.
9. Duration of storage and data deletion
9.1 We only save your personal data for as long as we require them to fulfil the aforementioned purposes and our contractual and/or statutory obligations. When we no longer require your personal data, we delete them from our systems and records or anonymise them so that you can no longer be identified.
9.2 Pursuant to the laws, regulations or other legal provisions, it may be necessary to save the personal data for a duration beyond the aforementioned period of time.
10. Security of the data
10.1 In order to guarantee the security and confidentiality of the personal data captured by us on the websites and apps, we use data networks that are protected, amongst other things, by firewalls and password systems that are usual in the industry. When handling your personal data, we take appropriate technical and organisational measures in order to protect your data against loss, misuse, unauthorised access, disclosure, amendment or destruction, and to guarantee availability.
10.2 If you want to send us personal data in electronic form by entering them on our website, your data will be transmitted over the Internet to our web server via a secure connection (SSL) corresponding to the state of the art in encrypted form and saved and backed up. Please note, however, that the sending of data by e-mail is fundamentally not done in encrypted form.
10.3 Data security for the transmission of data within the Internet according to the current state of the art cannot be universally guaranteed. Other users may be technically able to intervene in the network security without authorisation and to control the communication traffic. Please remember this when you contact us.
11. Your rights
11.1 With regard to your personal data, you have the following rights:
- Right of access by the data subject pursuant to Art. 15 GDPR
- Right to rectification pursuant to Art. 16 GDPR
- Right to erasure pursuant to Art. 17 GDPR
- Right to restriction of processing pursuant to Art. 18 GDPR
- Right to data portability pursuant to Art. 20 GDPR
- Right to object pursuant to Art. 21 GDPR
11.2 You also have a right to revocation with regard to your consent to the processing of personal data, which you can make use of at any time.
11.3 You also have the right to appeal to a supervisory authority.