Dear visitor, data protection is a matter of trust. Your data is in good hands with OFFORA GmbH. We only process your data if you have given us your express consent to do so or if the relevant laws permit or require data processing.
The following privacy policy covers both the current legal framework under the Data Protection Amendment Act 2018 and the EU-wide requirements of the EU General Data Protection Regulation (GDPR). We will never sell your data. We are happy to provide you with detailed information below about how OFFORA e.U. handles your data. If you have any comments or questions about data protection, you can contact us at any time by email at datenschutz@offora.at. We are always happy to help.
The following privacy policy provides information about the nature and scope of the processing of so-called personal data by OFFORA e.U.. Personal data is information that can be directly or indirectly attributed to you as an individual.
Data processing by OFFORA GmbH can essentially be divided into three categories:
We process the personal data that is necessary for the individual purpose of use. Depending on the purpose of use, we process the following personal data in particular:
There is no obligation to actually provide the data we ask you to provide. However, if you do not do so, you may not be able to use all the functions of our website or our services.
We store your data until the end of the business relationship, and beyond that only for as long as statutory retention periods exist (company and/or tax law retention obligations currently 7 years) or as long as legal claims arising from the contractual relationship can be asserted against us or by us. This may be for a period of 30 years for reasons of compensation law. If we transfer your data to third parties for further processing (such as to an email marketing service provider), we have data processing agreements in place for this purpose. Your personal data will only be processed within the EU/EEA. Under no circumstances will we sell your personal data to third parties.
The responsible body in terms of data protection law is OFFORA GmbH, Freistädter Str. 38, 4040 Linz (hereinafter referred to as "OFFORA"). The company data protection manager at OFFORA GmbH can be contacted at the above address, for the attention of the Data Protection Department, or at datenschutz@offora.at.
When you visit our website, the browser used on your device automatically sends information to our website server and temporarily stores it in a log file. We have no influence on this. The following information is collected without your intervention and stored until it is automatically deleted:
Where the GDPR applies, the processing of the IP address is based on Article 6(1)(f) GDPR. Our legitimate interest arises from the purposes of data collection listed below. At this point, we would like to point out that we cannot draw any direct conclusions about your identity from the data collected, nor do we do so.
We use the IP address of your device and the other data listed above for the following purposes:
The data is stored for a period of 52 days and then automatically deleted. We also use cookies on our website. The data used for this purpose is explained in more detail in section 3.6 below.
When you place an order with us, we process the data necessary for the conclusion, execution, or termination of the contract. In addition to the services you have ordered, this includes your first name, last name, address, and—if available—your telephone number and email address. The legal basis for this is Article 6(1)(b) GDPR, i.e., you provide us with the data on the basis of the contractual relationship between you and us.
After concluding the contract, you will receive a customer number from us. This assignment is based on Article 6(1)(f) GDPR and follows the legitimate interest of ensuring the best possible communication between you and us.
Your data will be stored until we have fulfilled our obligations. In addition, it will be stored for as long as statutory retention periods apply (company and/or tax law retention obligations currently amounting to 7 years) or for as long as legal claims arising from the contractual relationship can be asserted against us or by us. However, data will be stored for a maximum of 30 years if it is required to assert or defend claims for damages.
We only process your telephone or mobile phone number and/or your email address for our own advertising purposes and only if you have given us your express consent in accordance with Article 6(1)(a) of the GDPR. If you provide us with your email address, we will first send you a confirmation link. Please click on this link to be added to the newsletter distribution list. You can revoke your consent at any time, free of charge and separately for each channel. To do so, simply call us or send a message to the contact address given in section 2. In addition, in the case of an email newsletter, you can click on "Unsubscribe" at the end of each email.
We do not store your data longer than we need it for the above-mentioned processing purposes. In any case, this data will be deleted when you unsubscribe from the newsletter or email correspondence.
If you are a supplier or other business partner with whom we have a business relationship, you provide us with your personal data for the purpose of processing a business transaction.
We process the personal data you provide (in particular your master data such as company, contact details including email and telephone number, contact person, your bank details, etc.) for the purpose of contract processing.
We also process other documents created in the course of the business transaction and personal data disclosed (such as, in particular, the number and type of goods purchased, payment amount, receipt data, delivery date, contracts, data on goods inspection, correspondence, etc.).
The legal basis for the processing of your personal data is Art. 6 (1) lit. b GDPR (performance of a contract).
Your personal data will be stored for as long as statutory retention periods apply (company and/or tax law retention obligations currently amounting to 7 years) or for as long as legal claims arising from the contractual relationship can be asserted against us or by us. However, data will be stored for a maximum of 30 years if it is required for the assertion or defense of claims for damages.
When you contact us, we process the personal data you provide that is necessary for the respective purpose, in any case your name, address, contact details, and correspondence.
This means that, in particular, if you are interested in our services, send us a request, ask for information, register for our online services, send us a complaint, or contact us by email, telephone, or via the contact form on our website, the personal data you provide and the data required to process your respective request will be processed.
Data processing is carried out depending on the request for the necessary fulfillment/initiation of a contract within the meaning of Art. 6 (1) (b) GDPR, on the basis of legitimate interests within the meaning of Art. 6 (1) (f) GDPR, or on the basis of a legal obligation within the meaning of Art. 6 (1) (c) GDPR.
The data will be stored until the business transaction has been completed and beyond that for as long as statutory retention periods exist or as long as legal claims arising from the business transaction can be asserted against us or by us, for a maximum period of 30 years.
We use cookies on our website. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. If these cookies contain personal data, their use is based on Article 6(1)(f) of the GDPR. Our interest in optimizing our website is considered legitimate within the meaning of the aforementioned provision. Cookies do not cause any damage to your device and do not contain viruses, Trojans, or other malware. The cookie stores information that is related to the specific device used. However, this does not mean that we immediately gain knowledge of your identity. The use of our website is therefore also possible anonymously. The use of cookies serves, on the one hand, to make the use of our offer more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website or that you have already logged into your customer account. These are automatically deleted after leaving our site. In addition, we also use temporary cookies for the purpose of user-friendliness, which are stored on your device for a specific period of time. If you visit our site again to use our services, it will automatically recognize that you have already been with us and what entries and settings you have made so that you do not have to enter them again.
On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our offer for you. These cookies enable us to automatically recognize that you have already visited our site when you visit it again. These cookies are automatically deleted after a defined period of time. Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or so that a message always appears before a new cookie is created. However, completely deactivating cookies may mean that you cannot use all the functions of our website. The storage period of cookies depends on their intended use and is not the same for all cookies.
The protection of your data is very important to us. Within our company, those departments that need your data for operational or organizational reasons or to fulfill our contractual and legal obligations will have access to it. Due to legal obligations or legitimate interests, it may be necessary to forward your data to external parties, such as public authorities, courts, lawyers, tax advisors, or auditors. In order to fulfill our contractual obligations, we work with other companies, such as those in the categories of IT services, logistics, printing services, sales, and marketing.
Your data is stored and processed by IT service providers, currently at
Taskworld Deutschland GmbH
Friedrichstraße 68
10117 Berlin
Germany
HRB193102
ownCloud GmbH
Rathsbergstraße 17
90411 Nuremberg
Germany
HRB28050
Google Ireland
Gordon House, Barrow Street
Dublin 4
Ireland
Reg. No.: 368047
KM NET e.U,
Gstöttenau 79
4070 Eferding
Austria
FN393554g
clickbits GmbH
Friedrich-Ebert-Straße 61
59425 Unna
Germany
HRB7711
Austrian Automobile, Motorcycle, and Touring Club (ÖAMTC)
Baumgasse 129
1030 Vienna
Austria
Association Registry Authority Federal Police Headquarters Vienna
We pass on the necessary personal data (name, address, telephone number, and possibly contact person) to shipping service providers in order to deliver your purchased products.
The data that is absolutely necessary will also be transferred to the processing banks/payment service providers for the purpose of processing the payment transaction.
When we share your data, we enter into appropriate data processing agreements with the service providers who process your data on our behalf. In such cases, we ensure that third parties only have access to personal data that is necessary for the performance of specific tasks. Your personal data will only be processed within the EU/EEA.
Very important: Under no circumstances do we sell personal data to third parties.
In addition to the right to revoke your consent given to us, you are also entitled to the following additional rights if the respective legal requirements are met:
In addition, under the conditions of Art. 21 (1) GDPR, data processing may be objected to for reasons arising from the particular situation of the data subject.
The above general right to object applies to all processing purposes described in this privacy policy that are processed on the basis of Article 6(1)(f) GDPR. Under the GDPR, we are only obliged to implement such a general objection if you provide us with reasons of overriding importance (e.g., a possible danger to life or health).
All data you submit personally is transmitted using the generally accepted and secure SSL (Secure Socket Layer) standard. SSL is a secure and proven standard that is also used in online banking, for example. You can recognize a secure SSL connection by the s appended to the http (i.e., https://...) in the address bar of your browser or by the lock symbol in your browser.
Do you have any questions? Then simply get in touch with us. We are happy to assist you with advice and support!
Version/Status: July 2019