As at January 2023
Thank you for your interest in our website.
In this privacy policy we inform you about how your data and activities are processed on our website.
The protection of your personal data and your privacy is of particular concern to us. We therefore process your data exclusively in accordance with legal provisions [Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data, on the free movement of such data and repealing Directive 95/46/EC (DSGVO), Data Protection Act 2018 (GDPR-Datenschutzgrundverordnung 2018), Telecommunications Act 2003 (TA-Telekommunikationsgesetz 2003)].
Privacy settings
1. Responsible person and data protection officer:
According to Art. 4 Z 7 GDPR the UFP Austria GmbH (hereinafter referred to as UFP Austria), Walter-Simmer-Straße 9, A-5310 Mondsee, companies register number 58382g. is responsible in terms of data protection for the websites www.ufp.at and https://webshop.ufp.at.
If you have any questions regarding the processing of your data, please feel free to contact our data protection officer:
2B Advice GmbH
Joseph-Schumpeter-Allee 25
53227 Bonn
Germany
Phone: +49 228 926 165 120
E-mail: ufp_at@2b-advice.com
Website: www.2b-advice.com
1. Processing of personal data when visiting our website
1.1. Processing of login data
1.2. Cookies
1.2.1. Use of technical cookies
In order to make visiting our website more attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your device. They enable us to recognize your browser on your next visit. The cookies are set in accordance with EU and Austrian law (Art. 5 para. 3 E-Privacy Directive and § 96 para. 3 TA 2003).
Your individual browser settings allow you to be informed about the setting of cookies and you can decide individually about their acceptance or exclude the acceptance of cookies for certain cases or in general. However, deactivating cookies may limit the functionality of our website.
Legal basis
The legal basis for the setting of technical cookies is the legitimate interest (online service offer & data security) according to Art. 6 para. 1 f GDPR (Datenschutzgrundverordnung).
Category: Essential
Name: PHP Session ID
Provider: On this website
Purpose: Cookie from PHP, PHP data identifier. Contains only a reference to the current session. No information is stored in the user's browser and this cookie can only be used by the current website. This cookie is mainly used in forms to increase usability. Data entered in forms is stored briefly, for example, if there is an input error and the user receives an error message.
Technical name: PHPSESSID
Name: Contao CSRF Token
Provider: On this website
Purpose: Used to protect the website from cross-site request forgery attacks. After closing the browser, the cookie is deleted.
Technical name: csrf_https-contao_csrf_token
Runtime: Session
1.2.2. Use of third-party cookies
In order to make visiting our website more attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your device. They enable us to recognize your browser on your next visit. Cookies are set in accordance with EU and Austrian law (Art. 5 Para. 3 E-Privacy Directive and § 96 Para. 3 TA 2003).
Your browser/cookie settings can be adjusted. They allow information about the use of cookies and you can decide individually about their acceptance or exclude the acceptance of cookies for certain cases or in general. However, deactivating cookies may limit the functionality of our website.
Legal basis
The legal basis for the setting of technical cookies is the legitimate interest (online service offer & data security) according to Art. 6 para. 1 f GDPR.
Category: Marketing
Name: Google Analytics
Provider: Google LLC
Purpose: Cookie from Google for website analysis. Generates anonymous statistical data about how the visitor uses the website. Privacy policy: https://policies.google.com/privacy
Technical name: _ga, _gat, _gid
Runtime: 730
Name: LinkedIn Insight Tag
Provider: LinkedIn Ireland Unlimited Company
Purpose: The LinkedIn insight tag enables the collection of data about visits to this website. LinkedIn does not share any personally identifiable information with the owner of this website, but only provides summary reports about website audience and ad performance.
Privacy policy: https://www.linkedin.com/legal/privacy-policy
Host(s): px.ads.linkedin.com, snap.licdn.com, www.linkedin.com
Technical name: _ga, _gat; _lipt, bcookie, lang, lidc,
Runtime: 90
Category: Marketing (https://webshop.ufp.at)
Name: Hotjar
Provider: Hotjar Ltd.
Purpose: Hotjar cookie that is set once a user interacts with an external link survey invitation modal. It is used to ensure that the same invite does not reappear if it has already been shown.
Data type: Boolean true/false
Technical name: _hjClosedSurveyInvites
Runtime: 365 days
Name: Hotjar
Provider: Hotjar Ltd.
Purpose: Hotjar cookie that is set once a user completes a survey using the on-site survey widget. It is used to ensure that the same survey does not reappear if it has already been filled in.
Data type: Boolean true/false
Technical name: _hjDonePolls
Runtime: 365 days
Name: Hotjar
Provider: Hotjar Ltd.
Purpose: Hotjar cookie that is set once a user minimizes an on-site survey widget. It is used to ensure that the widget stays minimized when the user navigates through your site.
Data type: Boolean true/false
Technical name: _hjMinimizedPolls
Runtime: 365 days
Name: Hotjar
Provider: Hotjar Ltd.
Purpose: Hotjar cookie that is set when a user minimizes or completes incoming feedback. This is done so that the incoming feedback will load as minimized immediately if the user navigates to another page where it is set to show.
Data type: Boolean true/false
Technical name: _hjShownFeedbackMessage
Runtime: 365 days
Name: Hotjar
Provider: Hotjar Ltd.
Purpose: Causes Hotjar to stop collecting data if a session becomes too large. This is determined automatically by a signal from the WebSocket server if the session size exceeds the limit.
Data type: Boolean true/false
Technical name: _hjSessionTooLarge
Runtime: Session
Name: Hotjar
Provider: Hotjar Ltd.
Purpose: If present, this cookie will be set to '1' for the duration of a user's session, if Hotjar rejected the session from connecting to our WebSocket due to server overload. This cookie is only applied in extremely rare situations to prevent severe performance issues.
Data type: Boolean true/false
Technical name: _hjSessionRejected
Runtime: Session
Name: Hotjar
Provider: Hotjar Ltd.
Purpose: A cookie that is set when a session/recording is reconnected to Hotjar servers after a break in connection.
Data type: Boolean true/false
Technical name: _hjSessionResumed
Runtime: Session
Name: Hotjar
Provider: Hotjar Ltd.
Purpose: Hotjar cookie that is set when the customer first lands on a page with the Hotjar script. It is used to persist the Hotjar user ID, unique to that site on the browser. This ensures that behaviour in subsequent visits to the same site will be attributed to the same user ID.
Data type: UUID
Technical name: _hjid
Runtime: Session
Name: Hotjar
Provider: Hotjar Ltd.
Purpose: This should be found in session storage (as opposed to cookies). This gets updated when a user recording starts and when data is sent through the WebSocket (the user performs an action that Hotjar records).
Data type: Numerical Value (Timestamp)
Technical name: _hjRecordingLastActivity
Runtime: 365 days
Name: Hotjar
Provider: Hotjar Ltd.
Purpose: When the Hotjar script executes we try to determine the most generic cookie path we should use, instead of the page hostname. This is done so that cookies can be shared across subdomains (where applicable). To determine this, we try to store the _hjTLDTest cookie for different URL substring alternatives until it fails. After this check, the cookie is removed.
Data type: Boolean true/false
Technical name: _hjTLDTest
Runtime: Session
Name: Hotjar
Provider: Hotjar Ltd.
Purpose: User attributes sent through the Hotjar Identify API are cached for the duration of the session in order to know when an attribute has changed and needs to be updated.
Data type: Hash
Technical name: _hjUserAttributesHash
Runtime: Session
Name: Hotjar
Provider: Hotjar Ltd.
Purpose: This cookie stores user attributes which are sent through the Hotjar Identify API, whenever the user is not in the sample. Collected attributes will only be saved to Hotjar servers if the user interacts with a Hotjar Feedback tool, but the cookie will be used regardless of whether a feedback tool is present.
Data type: JSON
Technical name: _hjCachedUserAttributes
Runtime: Session
Name: Hotjar
Provider: Hotjar Ltd.
Purpose: This cookie is used to check if the Hotjar tracking script can use local storage. If it can, a value of 1 is set in this cookie. The data stored in_hjLocalStorageTest has no expiration time, but it is deleted almost immediately after it is created.
Data type: Boolean true/false
Technical name: _hjLocalStorageTest
Runtime: < 100ms
Name: Hotjar
Provider: Hotjar Ltd.
Purpose: This cookie is set to let Hotjar know whether that user is included in the data sampling defined by your site's pageview limit.
Data type: Boolean true/false
Technical name: _hjIncludedInPageviewSample
Runtime: 30 minutes
Name: Hotjar
Provider: Hotjar Ltd.
Purpose: This cookie is set to let Hotjar know whether that user is included in the data sampling defined by your site's daily session limit.
Data type: Boolean true/false
Technical name: _hjIncludedInSessionSample
Runtime: 30 minutes
Name: Hotjar
Provider: Hotjar Ltd.
Purpose: This cookie is used to detect the first pageview session of a user. This is a True/False flag set by the cookie.
Data type: Boolean true/false
Technical name: _hjAbsoluteSessionInProgress
Runtime: 30 minutes
Name: Hotjar
Provider: Hotjar Ltd.
Purpose: This is set to identify a new user’s first session. It stores a true/false value, indicating whether this was the first time Hotjar saw this user. It is used by recording filters to identify new user sessions.
Data type: Boolean true/false
Technical name: _hjFirstSeen
Runtime: Session
Name: Hotjar
Provider: Hotjar Ltd.
Purpose: This stores information about the user viewport such as size and dimensions.
Data type: UUID
Technical name: _hjViewportId
Runtime: Session
Name: Hotjar
Provider: Hotjar Ltd.
Purpose: This is added when a recording starts and is read when the recording module is initialized to see if the user is already in a recording in a particular session.
Data type: Boolean true/false
Technical name: _hjRecordingEnabled
Runtime: Session
Category: External media
Name: iFrames [Youtube]
Provider: Google LLC
Purpose: Allows the use of Youtube video players.
Privacy policy: https://policies.google.com/privacy
Runtime: 0
Name: iFrames [Google Maps]
Provider: Google LLC
Purpose: Allows/enables the use of Google Maps.
Privacy policy: https://policies.google.com/privacy
Technical name: NID, VISITOR_INFO1_LIVE
Runtime: 6 months
1.2.3. Google analytics
UFP Austria uses Google Analytics, a web analytics service provided by Google LLC ("Google"), 1600 Amphitheatre Parkway Mountain View, CA 94043, USA (third country). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the websites www.ufp.at and https://webshop.ufp.at. The information generated by the cookie about your use of www.ufp.at and https://webshop.ufp.at (including your IP addresses) will be transmitted to and stored on a Google server in the USA.
However, due to the activation of IP anonymization on www.ufp.at and https://webshop.ufp.at, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states of the agreement on the European Economic Area. Only in exceptional cases the full IP address is transmitted to a Google server in the USA and shortened there.
Google will use this information to evaluate your use of www.ufp.at and https://webshop.ufp.at, to compile reports on website activity for website operators and provide other services related to website activity and internet usage. Google may also transfer this information to third parties whenever it is legally required or third parties process the information on Google's behalf.
Legal basis
The legal basis for the use of Google Analytics is your consent (Art. 6 para. 1 lit. a. GDPR, § 96 para 3 TA), which you grant in our cookie banner. You can revoke your consent at any time by deleting the consent cookie.
Recipients of the data
This data will be forwarded to Google for the purposes indicated.
Storage period
Personal data is stored for a period of 14 months and then deleted.
Data processing
We have concluded a data processing contract with Google.
1.2.4. Hotjar
We use Hotjar, an analysis software of Hotjar Ltd, Level 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julian's STJ 1000, Malta ("Hotjar").
The information that is collected is analyzed anonymously. No conclusions can be drawn about individual persons. Hotjar is only used to improve the usability of our online shop and to offer our existing customers the best possible service. With Hotjar, we can measure and evaluate the user behavior (mouse movements, clicks, scrolling down, etc.) on our website. The information that is collected with the Hotjar code is transmitted to the Hotjar servers in Ireland, stored there and not disclosed to third parties.
The following information is stored for randomly selected individual visitors:
- Visited domain
- Screen size
- Date & time of website use
- The IP address of the device (anonymized)
- Device type & browser used
- Location (country only)
A detailed and always up-to-date overview of the cookies used and their application can be found on the provider's website: https://www.hotjar.com/cookies. Hotjar also offers the option of using a "Do Not Track header" to prohibit the use of the tool. If you use our website with different browsers, you must set up the "Do Not Track Header" separately for each of these browsers/computers.
Detailed information & options for settings can be found at:
https://www.hotjar.com/opt-out
The privacy policy of Hotjar Ltd. can be found at:
https://www.hotjar.com/privacy
The legal basis for the use of Hotjar is your consent (Art. 6 para. 1 lit. a. DSGVO/GDPR General Data Protection Regulation, § 96 para. 3 TKG/TA Telecommunications Act). You can give your consent in the cookie banner or revoke it at any time by deleting the consent cookie.
1.2.5. LinkedIn Insight Tag
The so-called LinkedIn (social network) Insight Tag is used on our web pages. It is offered by the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (hereinafter "LinkedIn"). The LinkedIn Insight tag is a small JavaScript code snippet that we have added to our website. The LinkedIn Insight tag enables the collection of data about visits to our website, including URL, referrer URL, IP address, device and browser properties, timestamps, and views. This data is encrypted, anonymized within seven days, and the anonymized data is deleted within 90 days. LinkedIn does not share any personally identifiable information with us, but only provides aggregate reports on website audience and ad performance. LinkedIn also provides retargeting for website visitors, so we can use this data to display targeted ads outside of our website without identifying the member.
Purpose of data processing
The LinkedIn Insight tag is used to enable detailed campaign reports and to gain information about our website visitors for our advertising and marketing activities. As a customer of LinkedIn Marketing Solutions, we use the LinkedIn Insight tag to track conversions, retarget our website visitors, and gain additional information about LinkedIn members who view our advertisements. Details on data collection (purpose, scope, further processing, use) as well as your rights and options for settings can be found in LinkedIn's privacy policy at https://www.linkedin.com/legal/privacy-policy.
Legal basis for data processing
The legal basis for the processing of personal data is your consent (Art. 6 para. 1 lit. a DSGVO/GDPR General Data Protection Regulation, § 96 para. 3 TKG /TATelecommunications Act), which you grant in our cookie banner. You can revoke your consent at any time by deleting the consent cookie.
Duration of storage
The data is encrypted, anonymized within seven days and the anonymized data is deleted within 90 days. At any time, users can decide in their browser settings about the execution of the JavaScript code required for the tool. By changing the settings in your internet browser, you can deactivate or restrict the execution of Java-Script and also prevent data storage. Note: If the execution of Java-Script is deactivated, you may no longer be able to fully use all the website functions.
Objection and removal option / Opting-Out
If you are a LinkedIn member and do not want LinkedIn to collect data about you while visiting our website and link it to your personal member data that is stored at LinkedIn, you can object in the cookie banner or alternatively log out of LinkedIn before visiting our website.
1.3. Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us.
These are:
- Browser type und browser version
- Operating system that is used
- Referrer URL
- Host name of the computer that is accessing
- Time of the server request
- IP address
This data is not merged with other data sources. The basis for the data processing is Art. 6 para. 1 lit. f DSGVO/GDPR General Data Protection Regulation, which allows the processing of data for the fulfillment of a contract or pre-contractual measures. The collected data is overwritten after 6 months.
2. Links
The website contains links to other websites. These external links to other internet websites are a service to provide users with further information. UFP Austria has no influence on the external content. UFP Austria does not assume any liability for these contents. The respective operator of the linked website is solely responsible for the content and accuracy of the information provided there.
3. Data processing for our online services
3.1. Contact form
The contact form on our homepage www.ufp.at and https://webshop.ufp.at can be used to contact us or for inquiries.
If you send us inquiries via the contact form, the complete data/contact data you filled in the contact form will be stored by us to process the inquiry and in case of follow-up questions.
3.1.1. Personal data
To contact us you have to enter your data. We process and store the following personal data:
- E-mail address (mandatory item)
- Name (first and last name) (mandatory item)
- Company name
- Company address
- Company phone number
- Company fax number
- Delivery addresses of your end customers
3.1.2. Purpose of data processing
The data is used to process your inquiry and to be able to contact you on that.
3.1.3. Legal basis
The legal basis for the data processing of your inquiry is the legitimate interest (relevant relationship with contact person) of UFP Austria according to Art. 6 para. 1 lit. f DSGVO-GDPR. The inquiry might also be understood as a pre-contractual measure or have to do with a contract (Art. 6 para. 1 lit. b DSGVO-GDPR).
3.1.4. Storage period
The data you enter in the contact form will be stored until you request us to delete it, revoke your consent to store it or the purpose of the data storage no longer applies. The data you enter will be stored in accordance with legal provisions or the obligation to preserve records.
3.1.5. Recipient of data
We transfer your data to OEM partners (e.g. Canon, HP, Kyocera, Oki, etc.) for the purpose of sellout reporting. The recipients will process your personal data on their own responsibility. The recipients are responsible for compliance with the provisions of the GDPR.
3.2. Newsletters
On www.ufp.at and https://webshop.ufp.at you can give your consent to receive current newsletters.
3.2.1. Personal data
When you subscribe to our newsletter, we collect the following personal data:
- E-mail address (required)
3.2.3. Legal basis
Your consent to receive newsletters is the legal basis for the data processing (see Art. 6 para. 1 lit. a DSGVO/GDPR). By submitting the form (click on the "Subscribe" button), you give your consent to the processing of the data you have entered for the stated purposes.
Unsubscribe/revocation
To unsubscribe from the newsletter mailing list click on the "unsubscribe link" we provide in each of our press releases. You can also email to office@ufp.at to revoke your decision or enter your email address in the registration form and then click on the unsubscribe button. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation. As soon as your revocation message is processed you will no longer receive any newsletters.
3.2.4. Storage period
The data you enter in the contact form is stored from the initiation of the business relationship. We use the data to process your inquiry, respond to it and in case of follow-up questions. Beyond that, only the data that is absolutely necessary is stored for a maximum of 7 years after contract execution or the end of the business relationship on the basis of the applicable legal provisions or obligations to preserve records.
3.2.5. Recipient of data
This website uses the services of mailworx for mailing newsletters. The provider is EWORX NETWORK & INTERNET GMBH, Hafenstraße 2a, A-4020 Linz, Austria. mailworx is a service that can be used, among other things, to organize and analyze the mailing of newsletters. When you enter your data (e.g. email address) to receive newsletters, this data is stored on mailworx's servers in Austria. With the help of mailworx, we can analyze our newsletter campaigns. When you open an email that was sent with mailworx, a file contained in the email (a so-called web-beacon) connects to the servers of mailworx in Austria. So, it can be determined whether a newsletter message has been opened and which links, if any, have been clicked on. Additionally, technical information is recorded (e.g. time of retrieval, IP address, browser type and operating system). This information cannot be associated with the respective newsletter recipient. It is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to align future newsletters with the interests of the recipients. For detailed information on the functions of mailworx, please refer to the following link: https://mailworx.info/de/e-mail-marketing
If you do not want any analysis by mailworx, you must unsubscribe from the newsletter. We provide an unsubscribe link in every newsletter. You can also unsubscribe from the newsletter directly on the website.
The data processing is based on your consent (Art. 6 para. 1 lit. a DSGVO-GDPR). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations that have already been carried out remains unaffected by the revocation. The data you entered to receive the newsletter will be stored until you unsubscribe from the newsletter. When you unsubscribe from the newsletter your data will be deleted from our servers and the servers of mailworx. Data that has been stored by us for other purposes (e.g. email addresses for the member area) remains unaffected.
For more details, please refer to the privacy policy of mailworx at: https://mailworx.info/de/impressum/datenschutz
3.2.6.Commissioned data processing
We have concluded a contract with mailworx to make sure that mailworx protects our customers' data and does not disclose it on to third parties.
3.3. Online shop
On www.ufp.at and www.webshop.ufp.at you can log in to our online store and order our products online.
3.3.1. Personal data
If you are authorized to use our online shop, we process the following personal data:
- E-mail address (mandatory item)
- Name (first and last name) (mandatory item)
- Company name
- Company address
- Company phone number
- Company fax number
- Delivery addresses of your end customers
3.3.2. Purpose of data processing
The data is used to process your orders and to manage your user account.
3.3.3. Legal basis
The legal basis to process your data for orders and the administration of your user account is, according to Art. 6 para. 1 lit. b DSGVO-GDPR, the business relationship between UFP Austria associated with the service.
3.3.4. Storage period
The data that is processed for the above-mentioned purposes is generally stored until your order is processed. Beyond that, only the data that is absolutely necessary is stored for a maximum of 7 years after contract execution on the basis of the applicable legal provisions or obligations to preserve records.
3.3.5. Recipient of data
This website uses the services of Sana Commerce EMEA B.V. for the provision, operation and maintenance (remote access) of the online store.
We only pass on personal data to third parties if this is necessary for contract execution or for technical problem solving, such as to the companies entrusted with the delivery of the goods, the bank entrusted with the payment transaction or IT service providers.
3.3.6. Order data processing
We have concluded a contract with Sana Commerce EMEA B.V. to make sure Sana protects our customers' data and does not to disclose it to third parties.
3.4. Data processing for Simple-Print retailer functions
We provide a separate area for retailers on www.simple-print.at. There you can administrate offers to your customers.
3.4.1. Personal data
If you are authorized to use the Simple-Print retailer features, we process the following personal data from you:
- Email address of the retailer’s authorized contacts
- Name of the authorized contact persons of the retailer
- Company name of the retailer
- Company address of the retailer
- Company telephone number (of the retailer or the authorized contact persons of the retailer)
- Company fax number (of the retailer or the authorized contact persons of the retailer)
- Logfiles about the input and change of end customer data
- Delivery addresses and order histories of your end customers
3.4.2. Purpose of data processing
The data is used to process your offers to your customers in Simple-Print and to manage your user account as well as to contact you if necessary.
The logfiles are only used to detect and fix technical errors and problems as well as external attacks.
3.4.3. Legal basis
The legal basis for data processing to process your orders or your offers to your customers in Simple-Print and to administrate your user account and, if necessary, to contact you is the necessity of data processing to provide the contractual services we agreed on in the contract that was concluded between UFP Austria and you or your company in accordance with Art. 6 para. 1 lit. b DSGVO/GRPR.
The legal basis for the processing of log data is our legitimate interest in accordance with Art. 6 para. 1 lit f DSGVO/GDPR to detect, fix or prevent technical errors and problems as well as external attacks in order to protect your data and the data of end customers, to prevent errors in the system, to protect our infrastructure and thus to be able to provide you with our services in the best possible way.
3.4.4. Storage period
The data processed for the above-mentioned purposes will be stored as long as your Simple-Print customer account or customer access is active. Beyond that, only the data that is absolutely necessary is stored for a maximum of 7 years after deletion of the account/access on the basis of the applicable legal provisions or obligations to preserve records. Log data is stored for 1 year and then deleted automatically. We will keep your data longer than this period if and as long as we need it to enforce or avert specific legal claims.
3.4.5. Recipient of data
We also use SendGrid, a service of Twilio Inc., as a processor for sending e-mail messages (SMTP server). For this purpose, SendGrid receives access to the messages sent via Simple-Print and possibly also to your e-mail address and the e-mail addresses of your customers. Please note that SendGrid may tag emails sent to recipients via the SendGrid platform with web beacons. These web beacons track whether you have read the emails sent by SendGrid. This allows SendGrid to measure the performance of email campaigns and provide analytical information to enable us to align our mailings with your interests.
For this purpose, SendGrid also processes your personal data on servers in the USA. The legal basis for this data transfer to the USA are standard contractual clauses in accordance with Article 46 (2) lit c DSGVO/GDPR. For more information on how SendGrid processes your data and on these standard contractual clauses, please visit https://www.twilio.com/legal/data-protection-addendum.
The legal basis for these transfers is our legitimate interest to involve a specialized service provider to support the technical operation of our online store, our legitimate interest to involve an emailing provider to simplify the sending of emails and make them more successful, as well as our legitimate interest to analyze the effectiveness of our emails (Art 6 para 1 lit f DSGVO/GDPR).
We only transfer personal data to third parties if this is necessary for contract execution or for technical troubleshooting, such as to IT service providers except for the above-mentioned transfers.
3.4.6. Microsoft Application Insights:
We use the analytics tool Application Insights, a web analytics service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA ("Microsoft "), on the Simple-Print retailer administration pages.
Application Insights places cookies in your browser to help us analyze how you use our website. The information generated by the cookie about how you use our website will be transmitted to and stored by Microsoft on servers within the European Economic Area (EEA). Microsoft will use this information to evaluate your use of our website, compile reports on website activities and to provide other services to us as the website operator related to website activity and internet usage.
By using Application Insights the following data is collected:
- Operating system
- Browser + version
- Screen resolution
- Approximate location of the user
- IP address
We have the ability to analyze this data through various reports. These reports are anonymous aggregations of statistical data. The data in these reports cannot be related to specific individuals. The analyses are only used for troubleshooting and to optimize the website and its use.
For more information on how Microsoft processes your data in this context, please visit https://docs.microsoft.com/de-de/azure/azure-monitor/app/data-retention-privacy.
Legal basis for data processing
The legal basis for the processing of personal data within the scope of Application Insight is your consent (Art. 6 para. 1 lit. a DSGVO/GDPR, § 96 para. 3 TKG/TA), that you grant in our cookie banner. You can revoke your consent at any time by deleting the consent cookie.
Storage period
Individual-related data is stored for a maximum of one year and then deleted or is only stored as part of aggregated reports that do not allow any reference to your person.
Cookies used
We use the following cookies as part of Application Insight:
Name: Microsoft Application Insight
Provider: Microsoft Corporation
Purpose: To analyze your use of the website
Privacy policy: https://docs.microsoft.com/de-de/azure/azure-monitor/app/data-retention-privacy
Technical name and duration: ai_session: 30 minutes; ai_user: 1 year
4. Data security
The security of your personal data is a matter of particular concern to us.
UFP Austria takes appropriate technical and organizational measures to protect the rights and freedoms of individual persons in accordance with Article 32 DSGV/GDPR. The company considers the best available technology, implementation costs and type, scope, circumstances and purpose of data processing, as well as the likelihood and severity of risks.
The following measures are taken to protect and secure your data against loss, destruction, access, alteration and dissemination by unauthorized persons:
We ensure
- confidentiality, integrity, availability and capacity of the systems and services related to the processing;
- rapid recovery of the availability of personal data in the event of a physical or technical incident;
- implementation of procedures to periodically review, assess and evaluate the effectiveness of the technical and organizational measure for processing security.
- www.ufp.at and https://webshop.ufp.at use SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the website operator. The change from "http://" to “https://” and the lock symbol in the browser address bar indicate an encrypted connection. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Please note that we do not accept any liability for the disclosure of information due to errors in data transmission not caused by us or attributable to us and/or unauthorized access by third parties.
5. Your rights
As a user of our website, you have the following rights:
- Right to information (Art. 15 DSGVO/GDPR): You have the right to request a confirmation from UFP Austria if your personal data is processed. Furthermore, you have the right to request information about the specific processing purposes, categories of personal data, recipients or categories of recipients of personal data, storage period, the existence of a right to erasure or rectification of your personal data or to a processing restriction and the right to object, the existence of a right of complaint and regarding any available information about the origin of your data.
- Right to rectification (Art. 16 DSGVO/GDPR): You have the right to request UFP Austria to immediately correct your personal data. This right includes the correction of incorrect data and the completion of incomplete personal data. Right to erasure (Art. 17 DSGVO/GDPR): You have the right to request UFP Austria to immediately delete your personal data, provided that the reasons set out in Art. 17 (1) (a) to (f) DSGVO/GDPR (e.g. the purpose for processing no longer applies) apply and the processing of your personal data is no longer necessary.
- Right to erasure (Art. 17 DSGVO/GDPR): You have the right to request UFP Austria to immediately delete your personal data, provided that the reasons set out in Art. 17 (1) (a) to (f) DSGVO/GDPR (e.g. the purpose for processing no longer applies) apply and the processing of your personal data is no longer necessary.
- Right to restrict processing (Art. 18 DSGVO/GDPR): In the cases mentioned in Art. 18 DSGVO/GDPR (e.g. inaccuracy of the personal data processed, unlawfulness of the processing, etc.), you can demand a restriction of data processing from UFP Austrai.
- Right to data portability (Art. 20 DSGVO/GDPR): You have the right to receive the personal data concerning you that you have provided to UFP Austria in a structured, commonly used format and to demand that UFP Austria transmits this data to another controller (e.g. to another law firm).
- Right to object (Art. 21 DSGVO/GDPR): You have the right to object at any time to the processing of your personal data on this website.
- Revocation of declarations of consent (Art. 7 DSGVO/GDPR): You have the option to withdraw consent once granted to UFP Austria at any time.
- Right of complaint. You can lodge a complaint with the Austrian Data Protection Authority at any time:
Österreichische Datenschutzbehörde
Barichgasse 40-42
A-1030 Wien
Austria
Phone: +43 1 52 152-0
E Mail address: dsb@dsb.gv.at
You can assert your rights - with the exception of the right to lodge a complaint with the Austrian Data Protection Authority - against UFP Austria at the following address:
UFP Austria GmbH
Walter-Simmer-Straße 9
A-5310 Mondsee
Austria
We are happy to help!
Phone
+43 6232 33 99 0
verkauf@ufp.at