Data Protection Declaration

We process data that various people provide to us through their own information, for example in the context of an inquiry by email, for the initiation and conclusion of a contract or a business relationship.

In addition, we process data of persons who may be part of a contractual relationship, which we have lawfully received as part of information from third parties (e.g. managing directors send us the data of their employees).

We process the following data from interested parties: Company, name of contact person and professional contact details and address data.

We process the following data from customers: Company, titles and names of contact persons, professional address details and contact details, bank details, contract details.

We process the following data from tenants, suppliers and business partners: Company, titles and names of contact persons, professional address details and contact details, bank details, contract details.

We will only pass on personal data to third parties if this is necessary for the purpose of contract processing and contract fulfillment or if it is required by law.

1. Expiration of contractual obligations: If there are contractual provisions prescribing how long personal data must be retained, the controller shall ensure that these periods are respected. As soon as these deadlines have expired, the data will be deleted or anonymized by the controller.
2. Revocation of consent: If a person withdraws their consent to the processing of their personal data, the controller shall delete this data unless there is another legal basis for the processing.
3. Expiration of legal obligations: In some cases, there may be exceptions that not only allow but even oblige the controller to continue to store personal data even after the expiry of contractual deadlines or after the withdrawal of consent. This may be the case if there are statutory retention periods that require personal data to be retained for a defined period of time, such as the storage of tax or accounting records. After these statutory deadlines have expired, the controller shall also ensure that the data is anonymized or deleted.

When you contact us by email, the data you provide will be stored by us based on your consent in order to answer your questions. We delete the data collected in this context after processing is no longer necessary or restrict processing if there are statutory retention periods.

Legal basis: Art. 6 (1) (f) GDPR (legitimate interest)

We are legally obliged to disclose the names of authors of image data (photos or videos) whenever image data is published. We will automatically delete this personal data as soon as we stop using the image data.

The legal basis for data processing is

• the initiation and fulfilment of the contract pursuant to Art. 6 (1) (b) GDPR.
• legal obligations pursuant to Art. 6 (1) (c) GDPR, (e.g. statutory retention and documentation obligations, publication obligations under copyright law).
• legitimate interests of our company within the meaning of Art. 6 (1) (f) GDPR (e.g. use of software)

Art. 6 (1) (a) GDPR when obtaining consent (for example when processing image data or for advertising purposes).

If you have asked us to contact you via our web form or you have sent us a message, we will store the data necessary to contact you. Depending on the contact form, this includes your company, name of the contact person, email address and telephone number. We will delete the data as soon as storage is no longer necessary or you object to processing.

Legal basis: Art. 6 (1) (f) GDPR (legitimate interest)

We offer you the opportunity to make inquiries about used products on our website. For this we need your company name, the contact details of the contact person, your email address and your telephone number. We store the data necessary to contact you. The data will be deleted as soon as storage is no longer necessary or you object to processing.

Legal basis: Art. 6 (1) (b) GDPR (contract initiation and performance)

As an existing customer, you have the option of logging in using your login details, consisting of your user name or email address and password.

If you do not have an account yet, you can set up a new account. For this we need your email address, your password and your VAT number.

If you no longer wish to use these services of Ascendum Baumaschinen Österreich GmbH, you can request deletion of your customer account by email at any time.

We will store your data as long as you have an account with us and will delete it unless it is subject to statutory retention periods.

Legal basis: Art. 6 (1) (b) GDPR (contract initiation and performance)

People who are interested in working for our company have the opportunity to apply directly on our website using a form provided there. For this we need your first and last name, your email address and your telephone number. As the application process progresses, you will have the opportunity to upload your application documents (e.g. cover letter, CV, references). In the event of a rejection, we will delete your documents no later than 7 months after the rejection has been sent to you.

Legal basis: Art. 6 (1) (b) GDPR (contract initiation and performance)

If we would like to keep you on file for contact at a later date, we will contact you with a separate request for consent. If you explicitly give us this consent, we will save your application documents. If there is no further opportunity to fill a position with us within one year, we will delete all your applicant data one year after you have given us your consent.

Legal basis: Art. 6 (1) (a) GDPR (consent)

We have set up a whistleblower system (whistleblowing online portal) on our website. The whistleblower system makes it possible to contact us and report information about compliance and legal violations without fear of reprisal. If this is legally permissible, the report can in principle also be made without providing personal data. We process personal data, if disclosed to us, in order to review the report made through the reporting office and to investigate suspected compliance and legal violations. It may happen that we have follow-up questions. For this purpose, we use communication via this whistleblower system.

We process the data that the whistleblower provides to us through their own information as part of the report.

In addition, we process data of persons named by the whistleblower when reporting violations (e.g. names or functions of the persons who caused the violation, names or functions of the persons who are also affected by a violation, description of behaviors or actions of the person concerned in connection with the reported misconduct that could help to identify them).

In principle, the whistleblower system can be used – as far as legally permissible – without providing personal data. However, personal data may be disclosed voluntarily as part of the whistleblower process, in particular information about identity, first and last name, country of residence, telephone number or email address.

When using anonymous communication with us, your IP address and current machine location are never stored. After submitting a tip, the person submitting the tip will receive access data to the online portal’s mailbox so that they can continue to communicate with us in a secure manner.

In order to fulfil the stated purpose, it may also be necessary for us to transmit personal data to external bodies such as law firms, criminal or competition authorities, inside or outside the European Union.

We process personal data, provided we have received it, insofar as this is necessary to fulfil legal obligations in the sense of whistleblower protection on the basis of Art. 6 (1) (c) GDPR and local data protection laws.

The data controller responsible for the processing of personal data is Ascendum Baumaschinen Österreich GmbH, which can be contacted using the contact details provided.

The whistleblower online portal is used by all subsidiaries of Ascendum Central Europe GmbH.

The whistleblower system is operated by the management consultants we have commissioned, who act as independent controllers within the meaning of the EU General Data Protection Regulation. This is VMCON OG, Opernring 2, 8010 Graz.

If you have any data protection questions regarding VMCON OG, please contact “[email protected]”.

The whistleblower system (.LOUPE) is provided by our processor, the software provider .fobi solutions GmbH, Steinsiedlung 11, 4222 St. Georgen an der Gusen, Austria, with whom a corresponding processor contract has been concluded.

We only store personal data for as long as it is necessary to process your request or if we have a legitimate interest in storing your personal data. Storage may also take place if this has been provided for by national or European legislators to fulfil legal obligations, such as retention periods.

We neither collect nor store personal data that is not required to process a tip. This data will be deleted immediately if necessary.

After completion of the investigation, all reports and associated data will be archived for a period of 5 years. After this period has expired, we guarantee the irretrievable deletion or anonymization of all data. In addition, the data will be stored for as long as is necessary for administrative or judicial proceedings that have already been initiated.

Rights of data subjects pursuant to Art. 13 to 21 GDPR do not apply to persons affected by whistleblowing pursuant to Section 8 Para. 9 HSchG if this is necessary to protect the whistleblower or to investigate tips (e.g. Right to information, right to disclosure, right to erasure, right to objection). For reports outside the scope of the HSchG, the general data protection regulations apply.

If you believe that we have violated Austrian or European data protection law when processing your data and have thereby violated your rights, you have the right to lodge a complaint with the Austrian Data Protection Authority, Barichgasse 40 – 42, 1030 Vienna, telephone: +43 1 52 152-0, email: [email protected]

If you use the website for purely informational purposes, we only collect the personal data that your browser transmits to our server (server log files). If you wish to view our website, we will only collect the data that is technically necessary for us to display our website to you and to ensure stability and security:

• IP address
• Date and time of the request
• Time zone difference to Coordinated Universal Time (UTC)
• Content of the request (specific page)
• Access status/HTTP status code
• Website from which the request comes
• Browser
• Operating system and its interface
• Language and version of the browser software.

This data will not be merged with personal data sources. We reserve the right to subsequently review this data if we become aware of concrete evidence of illegal use and to pass the data on to the law enforcement authorities should there have been a hacking attack. Any further transfer to third parties will not take place.

Legal basis: Art. 6 (1) (f) GDPR (legitimate interest)

When you use our website, cookies are stored on your computer. Cookies are small text files that are stored on your hard disk and associated with the browser you use; they allow certain information to be sent to the location that placed the cookies (here, this is us or a third party). Cookies cannot run programs or transmit viruses to your computer.

The cookie allows you to be recognized when you visit the website without having to re-enter data that you have already entered before.

The information contained in the cookies is used, for example, to determine whether you are logged in or what data you have already entered, or to recognize you as a user when a connection is established between our web server and your browser.

We differentiate between technical cookies, which serve exclusively to ensure the operation of a website, and other cookies that are set by us or third parties for the purposes of statistical analysis, tracking or advertising/marketing.

Legal basis: Art. 6 (1) (f) GDPR (legitimate interest; for technical cookies), Art. 6 (1) (a) GDPR (consent; for all other cookies)

We have integrated Google Analytics on our website, a web analysis service from Google, which enables us to analyze visitor flows and the length of time spent on our website.

This website uses the “Activation of IP anonymization” function (i.e. Google Analytics has been extended by the code “gat._anonymizeIp();“ to ensure anonymous collection of IP addresses (IP masking)). As a result, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.

According to Google, Google will use the information obtained to evaluate your use of the website, to compile reports on website activity and to provide us with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data held by Google. However, Google may transfer this information to third parties where required to do so by law, or where such third parties process the data on Google’s behalf. You can prevent the storage of cookies by setting your browser software accordingly. However, we would like to point out that in this case you may not be able to use all functions of the website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your anonymized IP address) and from processing this data by downloading and installing the browser plug-in available under the following link (https://tools.google.com/dlpage/gaoptout?hl=de).

Further information on terms of use and data protection can be found at https://www.google.com/analytics/terms/de.html or at https://support.google.com/analytics/answer/6004245?hl=de .

Legal basis: Art. 6 (1) (a) GDPR (consent)

This website also uses Google Conversion Tracking to promote our products and services. Google Ads will place a cookie on your computer if you accessed our website via a Google ad. These cookies expire after 30 days and are not used for personal identification. If the user visits certain pages of the Ads customer’s website and the cookie has not yet expired, Google and the customer can recognize that the user clicked on the ad and was redirected to that page. Each Ads customer receives a different cookie. Cookies cannot therefore be tracked across the websites of Ads customers. The information collected using the conversion cookie is used to create conversion statistics for Ads customers who have opted for conversion tracking. Ads customers learn the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, you will not receive any information that can be used to personally identify users. If you do not wish to participate in the tracking process, you can also refuse the setting of a cookie required for this purpose – for example, by using a browser setting that generally deactivates the automatic setting of cookies. You can also deactivate cookies for conversion tracking by setting your browser to block cookies from the domain “www.googleadservices.com”. You can find Google’s privacy policy here: https://policies.google.com/privacy?hl=de

When you use SSL search, Google’s encrypted search feature, most of the time the search terms are not sent as part of the URL in the referring URL. However, there are some exceptions, for example if you use certain, less common browsers. For more information about SSL search, see https://support.google.com/websearch/answer/173733?hl=en. Search queries or information in the referring URL may also be viewed via Google Analytics or an Application Programming Interface (API). Advertisers may also receive information about the exact search terms that triggered a click on an ad.

For more information, please see Google’s FAQ: https://policies.google.com/faq?hl=de

Legal basis: Art. 6 (1) (a) GDPR (consent)

The website uses the online marketing tool DoubleClick. To help AdWords advertisers and publishers serve and manage ads on the web, the Google advertising network and certain Google services may be used. DoubleClick uses cookies to deliver ads that are relevant to users, to improve campaign performance reporting, or to prevent a user from seeing the same ads multiple times. Google uses a cookie ID to record which ads are displayed in which browser and can thus prevent them from being displayed multiple times. In addition, DoubleClick can use cookie IDs to record conversions that are related to ad requests. This is the case, for example, when a user sees a DoubleClick ad and later uses the same browser to visit the advertiser’s website and makes a purchase there. According to Google, DoubleClick cookies do not contain any personal information. Due to the marketing tools used, your browser automatically establishes a direct connection to the Google server. We have no influence on the scope and further use of the data collected through the use of this tool by Google and therefore inform you according to our current knowledge: Through the integration of DoubleClick, Google receives the information that you have accessed the corresponding part of our website or clicked on one of our advertisements. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, there is a possibility that the provider will find out and store your IP address.

Legal basis: Art. 6 (1) (a) GDPR (consent)

For a user-friendly experience, we use the cloud-based storage service Google Photos. When you view images on our website, your browser establishes a connection to Google’s servers. For this purpose, your IP address will be transmitted to Google. In order to display the images correctly, the required pages are loaded into your browser cache.

You can find more detailed information here: https://www.google.com/photos/
The privacy policy and terms of use can be found here: https://policies.google.com/

Legal basis: Art. 6 (1) (a) GDPR (consent)

We use Google Tag Manager to recognize your user behavior. Google Tag Manager is a solution that allows marketers to manage website tags through one interface. The tool itself processes the following personal data: User’s IP address. The tool triggers other tags, which in turn may collect data. Google Tag Manager does not access this data.  The Google Tag Manager can set cookies, at least in the administrator’s preview and debug mode, but also outside of this. If deactivation has been carried out at domain or cookie level, this will remain in place for all tracking tags implemented with Google Tag Manager.

You can find more detailed information here: https://www.google.com/intl/de/tagmanager/faq.html.

Legal basis: Art. 6 (1) (a) GDPR (consent)