Data privacy statement
Who is responsible for data processing and who can you refer to?
Austria Wirtschaftsservice GmbH
1020 Vienna, Austria
Austrian Research Promotion Agency
1090 Vienna, Austria
Austria Wirtschaftsservice GmbH (“aws”) and the Austrian Research Promotion Agency (“FFG”) – (both together “the cooperation partners”, “we” or “us”) operate the website www.ncp-ip.at (“the website”) together and based on the actual functions and relations are together responsible for the processing, in terms of Art. 26 GDPR.
One of our main priorities is to ensure the adequate protection of your personal data. We therefore comply with the applicable legislation on the protection, legitimate use, and confidentiality of personal data and data security, particularly observing the Austrian Data Protection Act ("DSG"), the EU General Data Protection Regulation ("GDPR") and the Austrian Telecommunications Act ("TKG").
This data privacy statement provides you with information regarding the processing of your personal data by the cooperation partners and your rights in this regard.
What is personal data?
Personal data is information about the data subject (natural persons), which determines their identity or at least makes them identifiable (e.g. name, email address or IP address)
What data do we record from visitors to and users of our website?
When using our website we gather, collate and store the following data:
- IP address
- Referrer URL (the websites you visited before and after ours)
- Number, duration and time of each access (your interaction with the website)
- Search engines and keywords that you used to find us
- Type of browser, device, screen resolution, Internet Service Provider and operating system
We gather these “log files” (access data) automatically using cookies.
Using the website and the aws apps cookies?
Detailed preliminary information about the use of individual cookies (type, functional duration and possible third-party access), as well as your consent prior to the start of data use (“opt-in”) occurs via the cookie banner on our website. Your consent can be amended or revoked via this cookie banner at any time. Consent for the storage of cookies need not be provided if these cookies are essential in the provision of provided content or services.
More information about Matomo can be found here www.matomo.org
What data do we gather from users who register for an event?
In the course of the event registration, we gather, collect and store the following personal data from individuals who register for an event:
- Address (optional)
- Title (optional)
- First name
- Email address
- Organisation type (optional)
- Department and role (optional)
- Telephone number
- Postal address
- Date of registration
- Name and type of event
- Consent to sending information from the NCP-IP (optional)
- Consent to receiving the FFG Newsletter (optional)
In doing this, personal data is gathered by way of a registration form completed by the data subject.
The personal data is electronically processed for the purpose of organising the respective event and, where applicable, passed onto the cooperation partner for the organisation of the respective event.
The legal basis for the legal processing is the consent of the data subject provided within the framework of the event registration, pursuant to Art. 6 (1) lit. a GDPR.
Who is the data disclosed to?
Where you have consented to receiving additional information from NCP-IP, your contact details can sometimes be disclosed to the relevant national contact points within the Austrian ministries for the purpose of sending additional information, for traffic innovation and technology, as well as for education, science and research.
How long will your data be stored?
Your personal data will be stored in accordance with the legal retention requirements and/or as long as they are necessitated for the objective processing. Your data will be promptly deleted as soon as your consent is revoked or an authorised revocation is applied.
How do we protect your data?
We comply with the provisions of Article 32 of the GDPR by taking appropriate technical and organisational security measures and doing our best to ensure the confidentiality and security of your personal data.
What are the data protection rights for data subject?
Revocation of consent
The data subject reserves the right to revoke their consent at any time. By revoking their consent, the legality based on the consent of data processed up to revocation is not affected.
Information, correction, deletion
The data subject reserves the right (i) to request confirmation from aws and/or FFG as to whether they will be processing the data subject’s personal data and, where this is the case, to receive further information about this, (ii) to request rectification of any incorrect personal data concerning them, and (iii) in certain circumstances, to request the erasure of the personal data concerning them.
Furthermore, the data subject reserves the right to lodge an objection to the processing of their personal data. In the event of such an objection, aws and FFG will cease any further processing of data, unless (i) they can provide evidence of compelling legitimate reasons for processing that prevail over the interests, rights and liberties of the data subject or (ii) processing serves to assert, exercise or defend legal claims.
Restriction of processing
Data subjects also have the right to request that aws and FFG restrict processing, if (i) they are contesting the accuracy of the data concerning them, which should be for a period that enables aws to review the accuracy of the data, (ii) processing is unlawful and they refuse erasure, instead requesting a restriction, (iii) aws and FFG no longer require their personal data for the purpose of processing but need the data to assert, exercise or defend legal claims, or (iv) they have objected to processing and the decision regarding the underlying aspects remains outstanding.
Under certain circumstances, data subjects can also request to receive the personal data about them that they have provided to aws and FFG, and to instruct aws or FFG to transmit this data directly to a third party.
Asserting your rights
To exercise your rights, please write to aws or your respective Data Protection Coordinator at firstname.lastname@example.org. Naturally, you can contact the Data Protection Coordinator at any time if you have any other questions regarding the use and security of your data. If you are of the opinion that aws and/or FFG are using your data in an unlawful way, you may lodge a complaint with the Austrian Data Protection Authority.
Based on your consent to receive our newsletter, we will use the personal data (address, title, first name, surname, email address), voluntarily made available by you, to send our newsletter by email. You can revoke this consent at any time with effect for the future (e.g. via the ‘unsubscribe’ link on every newsletter or by emailing the Data Protection Coordinator). After revocation, no further data will be gathered and the email address will be erased from the mailing list.
We use the newsletter software from eyepin GmbH, Billrothstraße 52, 1190 Vienna, Austria.
Newsletters from eyepin GmbH contain so-called tracking pixels. A tracking pixel is a miniature graphic, which is embedded in such emails and are sent in HTML format to enable log-file recording and a log-file analysis. As a result, a statistical assessment of the success or failure of an online marketing campaign can be performed. Using the embedded tracking pixels, eyepin GmbH is able to detect whether and when an email is opened by the data subject. Furthermore, using the newsletter tracking, it is possible to see which links the data subject opens from the email.
Personal data, such as that collected via the tracking pixels contained within the newsletter and the newsletter tracking are stored and assessed by us to optimise the distribution of the newsletter and to better adapt the content of future newsletter to the interests of the data subject. This personal data is not transferred to third parties. Data subjects are able to revoke the consent declaration provided to obtain the subscription to the newsletter via the double-opt-out procedure. More information can be found on the Eyepin website.
As part of their ongoing development, aws and FFG will continue to update this Data Privacy Statement. You should therefore access this statement regularly and always ensure that you are referring to the latest version.