TÜV AUSTRIA Data Protection Declaration, Version 05/2018
TÜV AUSTRIA takes the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations as well as this Data Protection Declaration.
Information about the Collection of Personal Data
In the following, TÜV AUSTRIA informs you about our collection of personal data when you are using our website (www.tuv.at) as well as the services we offer via our website.
Personal data is all data that is personally identifiable to you, such as your name, address, email addresses and user behavior.
The entity responsible pursuant to Art. 4 para. 7 of the EU General Data Protection Regulation (EU GDPR) is TÜV AUSTRIA HOLDING AG, located at TÜV AUSTRIA-Platz 1 2345 Brunn/Gebirge.
If you have any questions concerning data protection, you can contact us by email at datenschutztuvat or at our postal address, adding “ATTN: Data Protection Officer”.
Collection of Personal Data when You Visit Our Website
The website automatically collects a number of pieces of general data and information that is transmitted to our server and stored in log files each time you visit it. When you wish to view our website, we collect the following data:
(1) Information about browser type and version used
(2) The operating system used by the accessing system
(3) The website from which an accessing system reaches the website (the so-called referrer)
(4) The sub-websites which are accessed via an accessing system on the website
(5) The date and time of access to the website
(6) An Internet Protocol (IP) address
(7) The Internet service provider for the accessing system
(8) Other similar data and information used to defend against threats in the event of attacks on our information technology systems
When using this general data and information, TÜV AUSTRIA does not draw any conclusions about your identity. Rather, this information is needed to:
(1) Provide the contents of our website correctly
(2) Ensure the long-term functionality of our information technology systems and of the technology for our website
Hence, this anonymously collected data and information is, on the one hand, evaluated statistically and, on the other, with the aim of increasing data protection and data security, ultimately in order to ensure an optimum level of protection for the personal data that we process. The anonymous data from the server log files is stored separately from all personal data provided by the person concerned.
In addition to the data already mentioned, cookies are stored on your computer when you use the website. Cookies are small text files that are stored on your hard disk in the browser you use, by means of which certain information is sent to the site that sets the cookie (TÜV AUSTRIA HOLDING AG, to be specific here). Cookies cannot run programs or transmit viruses to your computer. They serve to make the Internet offering more user-friendly and effective overall.
How cookies are used:
- This website uses the following types of cookies, the scope and functionality of which are explained below:
- –Transient cookies (see b)
- –Persistent cookies (see c)
- Transient cookies are automatically deleted when you close your browser. These include in particular session cookies. These store a so-called session ID, with which various requests by your browser can be assigned to a common session. This will allow your computer to be recognized when you return to our website. Session cookies are deleted when you log out or close your browser.
- Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete cookies at any time in the security settings for your browser.
Upon consent by the user, a cookie is set with a lifetime of 60 days. After that, the user has to consent again.
Exception: If a user has agreed to the setting of a cookie before May 25, 2018, that cookie has a lifetime of one year – unless the user deletes the stored cookies in his browser on his own.
- You can configure your browser settings according to your wishes and refuse the acceptance of third party cookies or all cookies, for example. Please note that you may then not be able to use all the functions of our website.
- The website uses HTML5 storage objects that are stored on your end device. These objects store the required data independently of your browser and do not have an automatic expiry date. You can prevent the use of HTML5 storage objects by using private mode in your browser. We also recommend that you regularly delete your cookies and your browser history manually.
Use of Google Analytics
(1) This website uses Google Analytics, a web analysis service provided by Google Inc. (“Google”). Google Analytics uses so-called cookies, which are text files placed on your computer, to facilitate analysis of your use of the website. The information generated by the cookie on your use of this website is usually transferred to a Google server in the USA and stored there. However, by activating IP anonymization on this website, Google will first shorten your IP address within member states of the European Union or in other signatory states to the Agreement across the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data.
(2) You can prevent the storage of cookies by selecting the appropriate settings on your browser. However, please note that if you do this, you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and keep Google from processing this data by downloading and installing a browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
(3) This website uses Google Analytics with the extension “_anonymizeIp()”. As a result, IP addresses are further processed in abbreviated form, such that any linking to an identity can be ruled out. If and when the data collected about you amounts to any linking to your identity, it will be excluded immediately, and the personal data will thereby be deleted instantly.
(4) This website uses Google Analytics to analyze and regularly improve the use of the website. The statistics obtained can improve the offering and make it more interesting for you as a user. For the exceptional cases in which personal data is transferred to the USA, Google has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework . The legal basis for the use of Google Analytics is Art. 6 Para. 1 p 1 lit. f of the GDPR.
(5) Information from third-party supplier: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. User conditions: http://www.google.com/analytics/terms/de.html; data protection overview: http://www.google.com/intl/de/analytics/learn/privacy.html, and the Data Protection Declaration: http://www.google.de/intl/de/policies/privacy.
Use of the Google Tag Manager
(1) Google Tag Manager is a solution that allows marketers to manage website tags through a single interface. The Tool Tag Manager itself (which implements the tags) is a cookie-free domain and collects no personal data. The tool triggers other tags, which in turn may capture data. Google Tag Manager does not access this data. If deactivation has been placed on a the domain or cookie level, it will remain in effect for all tracking tags implemented with the Google Tag Manager. http://www.google.de/tagmanager/use-policy.html
Use of Google Remarketing
(1) TÜV AUSTRIA makes use of Google Remarketing Technology, a service of Google Inc. (“Google”). This is a process we would like to use to contact you again. This application allows you to see our advertisements after visiting our website while you continue to use the Internet. This is done by means of cookies stored in your browser, which Google uses to track and evaluate your usage behavior when you visit various websites. In this manner, Google can tell that you have previously visited our website. According to Google’s own statements, Google does not merge the data collected in the context of remarketing with any of your personal data that may be stored by Google. In particular, pseudonymization is used in its remarketing, according to Google.
Use Google Remarketing
TÜV AUSTRIA makes use of Google Remarketing Technology, a service of Google Inc. (“Google”). This is a process we would like to use to contact you again. This application allows you to see our advertisements after visiting our website while you continue to use the Internet. This is done by means of cookies stored in your browser, which Google uses to track and evaluate your usage behavior when you visit various websites. In this manner, Google can tell that you have previously visited our website. According to Google’s own statements, Google does not merge the data collected in the context of remarketing with any of your personal data that may be stored by Google. In particular, pseudonymization is used in its remarketing, according to Google.
Use CloudFlare (Cookie Consent)
Cloudflare Inc, Inc 665 3rd St. 200, San Francisco, CA 94107, USA; https://www.cloudflare.com/security-policy. Cloudflare Inc, Inc has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework
Use of fonts.com
The website licenses web fonts, which are hosted by the online font repository fonts.com operated by Monotype. As required by the license agreement, fonts.com registers the cumulative number of page views per month. Please find further information at https://www.fonts.com/support/faq/how-do-pageviews-work
Use of Social Media Plug-ins
(1) We currently use the following social media plug-ins: Facebook, Twitter and LinkedIn. Here we use the so-called 2-click solution, meaning that when you visit our site, no personal data is initially passed on to the providers of these plug-ins. You can recognize the provider of the plug-in by the label on the box above its initial letter or the logo. We open the opportunity for you to communicate directly with the provider of the plug-in via its button. Only if you click on the selected button and thereby activate it, the plug-in provider is notified about you having accessed the associated website of our online offering. In addition, the general data mentioned at the outset (e.g., browser version) is transmitted when you visit our website. By activating the plug-in, personal data is transferred from you to the respective plug-in provider and stored there (in the USA in the case of US providers).
(2) The plug-ins allow you to interact with social networks and other users. We have no influence on the data collected or the data processing procedures, nor is the full extent of the data collection, the purposes of its processing or the storage periods known to us. We also have no information concerning deletion of the data collected by the plug-in provider.
(3) The plug-ins allow you to interact with social networks and other users.
(4) The data is transferred regardless of whether you have an account with the plug-in provider or are logged in there. If you are logged in with the plug-in provider, your data collected at our website will be directly associated with your existing account with the plug-in provider. If you click the activated button and, for example, hyperlink the page, then the plug-in provider stores this information too in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, especially, however, before activating the button, as this way you can avoid having your profile associated with the plug-in provider.
(5) For more information on the purpose and scope of data collection and its processing by the plug-in provider, please refer to the data protection declarations of these providers given below. They also provide you with further information about your rights in this regard as well as setting options to protect your privacy.
(6) Addresses of the respective plug-in providers and URLs with their data protection information:
a) Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php ; further information concerning data collection: http://www.facebook.com/help/186325668085084 , http://www.facebook.com/about/privacy/your-info-on-other#applications and http://www.facebook.com/about/privacy/your-info#everyoneinfo Facebook has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework
b) Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy . Twitter has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework .
c) LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; http://www.linkedin.com/legal/privacy-policy . LinkedIn has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework
Integration of YouTube-Videos
(1) We have integrated YouTube videos into our online offering, which are stored on http://www.YouTube.com and can be played directly from our website. These are all integrated in “extended data protection mode”, i.e., no data about you as a user will be transmitted to YouTube if you do not play the videos. Only when you play the videos will the data cited in Paragraph 2 be transmitted. We have no influence on this data transmission.
(2) By visiting the website, YouTube receives information that you have accessed the corresponding subpage of our website. In addition, the data specified in § 3 of this Declaration will be transmitted. This happens regardless of whether YouTube provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your information will be directly associated with your account. If you do not wish to be associated with your profile on YouTube, you must log out before activating the button.
(3) For more information on the purpose and scope of data collection and processing by YouTube, please refer to the Data Protection Declaration. There you will also find further information about your rights and setting options to protect your privacy: https://www.google.de/intl/de/policies/privacy . Google also processes your personal data in the USA and has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Contact Form (Inquiry, Complaint/Objection)
There is a contact form on our website that can be used to get in contact via our website. If you as a user take advantage of this option, data entered in the form will be transmitted to us and saved. This data is:
- Nature of inquiry
- Type of customer relationship (private customer or business customer)
- Field of business
- Description of the product or service, type of service expected, known and applicable standards (free-text field)
- Contact details
- Attached documents
When you contact us via the contact form, the data you provide will be stored by us so that we can answer your inquiries. We delete the data arising in this context after its storage is no longer necessary or limit its processing if statutory retention obligations exist.
You can subscribe to a free newsletter on our website. When registering for our newsletter, the data from the form is transmitted to us. This data is:
- Title, first name, last name & email address
For the processing of your data, you will be asked as part of the registration process for your consent to receive information about news, events and services provided by TÜV AUSTRIA Group.
The so-called double opt-in procedure is used to register for our newsletter. This means that after your registration, an email will be sent to the specified email address, in which you will be asked to confirm that you wish to receive our newsletter. If you do not confirm your registration within [24 hours], your information will be blocked and automatically deleted after one month. In addition, your IP addresses used as well as the times of registration and confirmation are stored. The purpose of the procedure is to allow verification of your registration and, if need be, to resolve any possible misuse of your personal data.
No data is passed on to any third parties outside TÜV AUSTRIA Group in connection with the data processing for mailing newsletters. The data will be used solely for mailing our newsletter. I can revoke my consent at any time to TÜV AUSTRIA HOLDING AG by sending an email to revoketuvat
The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. Your email address will therefore be stored for as long as your subscription to our newsletter is active. A subscription to our newsletter can be cancelled by the user concerned at any time. There is a designated link for this purpose in every newsletter.
You have the following rights vis-à-vis us with regard to personal data concerning you:
- The right to information
- The right to correction or deletion
- The right to limitation of processing
- The right to object to processing
- The right to data transferability
Please contact datenschutztuvat if you have any questions regarding the collection, processing or use of your personal data, for provision of information, correction, blocking or deletion of data or for revocation of any consent given or objection to a specific use of data.
Person certificates & EU General Data Protection Regulation (GDPR)
Due to the commencement of the EU General Data Protection Regulation (GDPR) on May 25th, 2018, the automatic request of person certificates via our website will be temporarily disabled as the publication of data specific to individuals without explicit consent of the individual concerned is no longer allowed.
We only publish information on person certificates if the certificate in question is valid and if the certificate owner has agreed via a written request to the publication of certificate information (first, last name, academic degree, certificate number).
Certificate owners may send us their application for publication of certificate information by online form, by email to email@example.com or by mail.
For questions regarding person certification please contact us by email firstname.lastname@example.org.
For further questions regarding data protection, please contact email@example.com.
Quality assurance is very important to us. To check the validity of a person certificate please call Tel.: +43 (0)504 54-8133.
To check the validity of SCC certificates issued before 2015 call Tel.: +43 (0)504 54-6251.