TS_logo_RGB
+43 (0) 38 52 / 52 43

Imprint and Privacy...

  • Home
  • /
  • Imprint and Privacy Policy

Sommer GmbH

Industriepark 16
A – 8682 Hönigsberg

Phone: +43 (0) 38 52 / 52 43

Email: office@sommer-gmbh.at

Website: www.sommer-gmbh.at

Legal form:
GmbH
Managing Director:

Thomas Herz

Commercial Register Court:

Regional Court Graz
Commercial Register Number:
FN 16511k

Chamber:
Styrian Economic Chamber

VAT ID:
ATU 44010707

Supervisory authority:


Mürzzuschlag District Authority

Privacy Policy

Introduction and Overview

We have written this privacy policy (version 11.02.2022-111945046) to explain to you, in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679 and applicable national laws, which personal data (hereinafter referred to as data) we as the controller – and the processors commissioned by us (e.g. providers) – process, will process in the future and what legal options you have. The terms used are to be understood as gender-neutral.
In short: We provide you with comprehensive information about data that we process about you.

Privacy policies usually sound very technical and use legal jargon. This privacy policy, on the other hand, is intended to describe the most important things to you as simply and transparently as possible. Insofar as it is beneficial to transparency, technical terms are explained in a reader-friendly manner, links to further information are provided and graphics are used. We thus provide information in clear and simple language that we only process personal data within the scope of our business activities if there is a corresponding legal basis. This is certainly not possible if you provide explanations that are as concise, unclear and legal-technical as possible, as is often standard on the Internet when it comes to data protection. I hope you find the following explanations interesting and informative and perhaps there is one or the other piece of information that you did not already know.
If you still have any questions, please contact the responsible body mentioned below or in the imprint, follow the existing links and view further information on third-party websites. You will of course also find our contact details in the imprint.

Scope

This privacy policy applies to all personal data processed by us in the company and to all personal data processed by companies commissioned by us (processors). Personal data means information within the meaning of Art. 4 No. 1 GDPR, such as a person’s name, e-mail address and postal address. The processing of personal data ensures that we can offer and bill for our services and products, whether online or offline. The scope of this privacy policy includes:

  • all online presences (websites, online shops) that we operate
  • Social media presences and e-mail communication
  • mobile apps for smartphones and other devices

In short: The privacy policy applies to all areas in which personal data is processed in a structured manner within the company via the channels mentioned. Should we enter into legal relationships with you outside of these channels, we will inform you separately if necessary.

Legal Bases

In the following privacy policy, we will provide you with transparent information on the legal principles and regulations, i.e. the legal bases of the General Data Protection Regulation, which enable us to process personal data.
As far as EU law is concerned, we refer to REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016. You can of course read this EU General Data Protection Regulation online on EUR-Lex, the gateway to EU law, at https://eur-lex.europa.eu/legal-content/DE/TXT/?uri=celex%3A32016R0679.

We only process your data if at least one of the following conditions applies:

  1. Consent (Article 6 paragraph 1 lit. a GDPR): You have given us your consent to process data for a specific purpose. An example would be the storage of your entered data from a contact form.
  2. Contract (Article 6 paragraph 1 lit. b GDPR): In order to fulfill a contract or pre-contractual obligations with you, we process your data. For example, if we conclude a purchase agreement with you, we require personal information in advance.
  3. Legal obligation (Article 6 paragraph 1 lit. c GDPR): If we are subject to a legal obligation, we process your data. For example, we are legally obliged to keep invoices for accounting purposes. These usually contain personal data.
  4. Legitimate interests (Article 6 paragraph 1 lit. f GDPR): In the case of legitimate interests that do not restrict your fundamental rights, we reserve the right to process personal data. For example, we need to process certain data in order to operate our website securely and economically efficiently. This processing is therefore a legitimate interest.

Other conditions such as the perception of recordings in the public interest and the exercise of public authority as well as the protection of vital interests do not usually occur with us. If such a legal basis should nevertheless be relevant, it will be identified at the appropriate point.

In addition to the EU regulation, national laws also apply:

  • In Austria, this is the Federal Act on the Protection of Natural Persons when Processing Personal Data (Data Protection Act), in short DSG.
  • In Germany, the Federal Data Protection Act, in short BDSG, applies.

If further regional or national laws apply, we will inform you about this in the following sections.

Contact Details of the Controller

Should you have questions regarding data protection, you will find the contact details of the responsible person or entity below:
Sommer GmbH
Industriepark 16
8682 Hönigsberg
AUSTRIA

Responsible for Data Protection: 

Irene Herz, herzirene@sommer-gmbh.at

Phone: +43 (0) 38 52 / 52 43
Legal Notice: https://www.sommer-gmbh.at/impressum-und-datenschutzerklaerung/

Storage Period

The fact that we only store personal data for as long as is absolutely necessary to provide our services and products is a general criterion for us. This means that we delete personal data as soon as the reason for data processing no longer exists. In some cases, we are legally obliged to store certain data even after the original purpose has ceased to exist, for example for accounting purposes.

If you wish to have your data deleted or revoke your consent to data processing, the data will be deleted as quickly as possible and provided there is no obligation to store it.

We will inform you about the specific duration of the respective data processing further below, provided we have further information on this.

Rights under the General Data Protection Regulation

According to Article 13 GDPR, you have the following rights to ensure fair and transparent data processing:

  • According to Article 15 GDPR, you have the right to information about whether we process data about you. If this is the case, you have the right to receive a copy of the data and to know the following information:
    • for what purpose we carry out the processing;
    • the categories, i.e. the types of data that are processed;
    • who receives this data and, if the data is transferred to third countries, how security can be guaranteed;
    • how long the data will be stored;
    • the existence of the right to rectification, erasure or restriction of processing and the right to object to processing;
    • that you can complain to a supervisory authority (links to these authorities can be found below);
    • the origin of the data if we have not collected it from you;
    • whether profiling is carried out, i.e. whether data is automatically evaluated in order to arrive at a personal profile of you.
  • According to Article 16 GDPR, you have the right to rectification of the data, which means that we must correct data if you find errors.
  • According to Article 17 GDPR, you have the right to erasure (“right to be forgotten”), which specifically means that you may request the erasure of your data.
  • According to Article 18 GDPR, you have the right to restriction of processing, which means that we may only store the data but not use it further.
  • According to Article 19 GDPR, you have the right to data portability, which means that we will provide you with your data in a common format upon request.
  • According to Article 21 GDPR, you have a right to object, which, once enforced, entails a change in processing.
    • If the processing of your data is based on Article 6 para. 1 lit. e (public interest, exercise of official authority) or Article 6 para. 1 lit. f (legitimate interest), you can object to the processing. We will then check as quickly as possible whether we can legally comply with this objection.
    • If data is used to carry out direct advertising, you can object to this type of data processing at any time. We may then no longer use your data for direct marketing.
    • If data is used to carry out profiling, you can object to this type of data processing at any time. We may then no longer use your data for profiling.
  • According to Article 22 GDPR, you may have the right not to be subject to a decision based exclusively on automated processing (for example, profiling).

In short: You have rights – do not hesitate to contact the responsible body listed above!

If you believe that the processing of your data violates data protection law or that your data protection rights have been violated in any other way, you can complain to the supervisory authority. In Austria, this is the Data Protection Authority, whose website can be found at https://www.dsb.gv.at/. In Germany, there is a data protection officer for each federal state. For more information, please contact the Federal Commissioner for Data Protection and Freedom of Information (BfDI). The following local data protection authority is responsible for our company:

Austria Data Protection Authority

Head: Mag. Dr. Andrea Jelinek
Address: Barichgasse 40-42, 1030 Vienna
Phone No.: +43 1 52 152-0
Email address: dsb@dsb.gv.at
Website: https://www.dsb.gv.at/

Data Transfer to Third Countries

We only transfer or process data in countries outside the EU (third countries) if you consent to this processing, if this is required by law or is contractually necessary and in any case only to the extent that this is generally permitted. Your consent is in most cases the most important reason for us to have data processed in third countries. The processing of personal data in third countries such as the USA, where many software manufacturers offer services and have their server locations, may mean that personal data is processed and stored in an unexpected way.

We expressly point out that, in the opinion of the European Court of Justice, there is currently no adequate level of protection for data transfer to the USA. Data processing by US services (such as Google Analytics) may mean that data is not processed and stored anonymously. Furthermore, US government authorities may be able to access individual data. In addition, it may happen that collected data is linked to data from other services of the same provider, provided you have a corresponding user account. Whenever possible, we try to use server locations within the EU, provided this is offered.

We will inform you in more detail about data transfers to third countries at the appropriate points in this privacy policy, if this applies.

Security of Data Processing

In order to protect personal data, we have implemented both technical and organizational measures. Where possible, we encrypt or pseudonymize personal data. In doing so, we make it as difficult as possible within the scope of our possibilities for third parties to infer personal information from our data.

Art. 25 GDPR speaks here of “data protection through technology design and through data protection-friendly default settings” and means that one always thinks about security both in software (e.g. forms) and also hardware (e.g. access to the server room) and takes appropriate measures. In the following, we will go into specific measures if necessary.

Communication

Communication Summary
👥 Affected: All those who communicate with us by phone, e-mail or online form
📓 Processed data: e.g. telephone number, name, e-mail address, entered form data. More details can be found in the respective type of contact used
🤝 Purpose: Processing of communication with customers, business partners, etc.
📅 Storage period: Duration of the business case and the legal regulations
⚖️ Legal bases: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit. b GDPR (contract), Art. 6 para. 1 lit. f GDPR (legitimate interests)

If you contact us and communicate by phone, e-mail or online form, personal data may be processed.

The data is processed for the handling and processing of your question and the associated business transaction. The data is stored for just as long or as long as the law prescribes.

Affected Persons

All those who seek contact with us via the communication channels provided by us are affected by the processes mentioned.

Phone

If you call us, the call data is stored pseudonymized on the respective end device and at the telecommunications provider used. In addition, data such as name and telephone number can then be sent by e-mail and stored to answer the inquiry. The data will be deleted as soon as the business case has been completed and legal requirements allow it.

E-mail

If you communicate with us by e-mail, data may be stored on the respective end device (computer, laptop, smartphone,…) and data is stored on the e-mail server. The data will be deleted as soon as the business case has been completed and legal requirements allow it.

Online Forms

If you communicate with us using an online form, data is stored on our web server and, if necessary, forwarded to one of our e-mail addresses. The data will be deleted as soon as the business case has been completed and legal requirements allow it.

Legal Bases

The processing of the data is based on the following legal bases:

  • Art. 6 para. 1 lit. a GDPR (consent): You give us your consent to store your data and to use it for purposes relating to the business case;
  • Art. 6 para. 1 lit. b GDPR (contract): There is a need for the fulfillment of a contract with you or a processor such as e.g. B. the telephone provider or we must process the data for pre-contractual activities, such as B. the preparation of an offer;
  • Art. 6 para. 1 lit. f GDPR (legitimate interests): We want to operate customer inquiries and business communication in a professional setting. For this purpose, certain technical facilities such as e.g. B. e-mail programs, Exchange servers and mobile operators are necessary in order to be able to operate the communication efficiently.

Cookies

Cookie Summary
👥 Affected: Website visitors
🤝 Purpose: depends on the respective cookie. More details can be found below or from the software manufacturer that sets the cookie.
📓 Data processed: Depends on the cookie used. More details can be found below or from the software manufacturer that sets the cookie.
📅 Storage period: depends on the respective cookie, can vary from hours to years
⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit.f GDPR (legitimate interests)

What are Cookies?

Our website uses HTTP cookies to store user-specific data.
In the following, we explain what cookies are and why they are used so that you can better understand the following privacy policy.

Whenever you surf the Internet, you use a browser. Well-known browsers include Chrome, Safari, Firefox, Internet Explorer, and Microsoft Edge. Most websites store small text files in your browser. These files are called cookies.

One thing is undeniable: cookies are really useful helpers. Almost all websites use cookies. More specifically, they are HTTP cookies, as there are also other cookies for other applications. HTTP cookies are small files that our website stores on your computer. These cookie files are automatically stored in the cookie folder, the “brain” of your browser. A cookie consists of a name and a value. When defining a cookie, one or more attributes must also be specified.

Cookies store certain user data from you, such as language or personal page settings. When you visit our site again, your browser transmits the “user-related” information back to our site. Thanks to cookies, our website knows who you are and offers you the settings you are used to. In some browsers, each cookie has its own file, while in others, such as Firefox, all cookies are stored in a single file.

The following graphic shows a possible interaction between a web browser such as Chrome and the web server. The web browser requests a website and receives a cookie back from the server, which the browser uses again as soon as another page is requested.

HTTP Cookie Interaction between Browser and Web Server

There are both first-party cookies and third-party cookies. First-party cookies are created directly by our site, third-party cookies are created by partner websites (e.g. Google Analytics). Each cookie must be evaluated individually, as each cookie stores different data. The expiration time of a cookie also varies from a few minutes to a few years. Cookies are not software programs and do not contain viruses, Trojans or other “malware”. Cookies also cannot access information on your PC.

For example, cookie data can look like this:

Name: _ga
Value: GA1.2.1326744211.152111945046-9
Purpose: Distinguishing website visitors
Expiry date: after 2 years

These are the minimum sizes a browser should be able to support:

  • At least 4096 bytes per cookie
  • At least 50 cookies per domain
  • At least 3000 cookies in total

What Types of Cookies are there?

The question of which cookies we use in particular depends on the services used and will be clarified in the following sections of the privacy policy. At this point, we would like to briefly discuss the different types of HTTP cookies.

There are 4 types of cookies:

Essential Cookies
These cookies are necessary to ensure the basic functions of the website. For example, these cookies are needed when a user puts a product in the shopping cart, then continues browsing on other pages and only goes to checkout later. These cookies ensure that the shopping cart is not deleted, even if the user closes their browser window.

Functional Cookies
These cookies collect information about user behavior and whether the user receives any error messages. In addition, these cookies are also used to measure the loading time and the behavior of the website on different browsers.

Target-oriented Cookies
These cookies ensure better user-friendliness. For example, entered locations, font sizes or form data are stored.

Advertising Cookies
These cookies are also called targeting cookies. They serve to deliver individually tailored advertising to the user. This can be very practical, but also very annoying.

Usually, when you first visit a website, you will be asked which of these types of cookies you want to allow. And of course, this decision is also stored in a cookie.

If you would like to know more about cookies and do not shy away from technical documentation, we recommend https://datatracker.ietf.org/doc/html/rfc6265, the Request for Comments of the Internet Engineering Task Force (IETF) named “HTTP State Management Mechanism”.

Purpose of Processing via Cookies

The purpose ultimately depends on the respective cookie. More details can be found below or from the software manufacturer that sets the cookie.

Which Data is Processed?

Cookies are small helpers for many different tasks. Unfortunately, it is not possible to generalize which data is stored in cookies, but we will inform you about the processed or stored data in the following privacy policy.

Storage Period of Cookies

The storage period depends on the respective cookie and is specified in more detail below. Some cookies are deleted after less than an hour, others can remain stored on a computer for several years.

You also have influence on the storage period yourself. You can manually delete all cookies at any time via your browser (see also below “Right to object”). Furthermore, cookies that are based on consent will be deleted at the latest after you revoke your consent, whereby the lawfulness of the storage remains unaffected until then.

Right to Object – how Can I Delete Cookies?

You decide for yourself how and whether you want to use cookies. Regardless of which service or website the cookies come from, you always have the option to delete cookies, deactivate them or only allow them partially. For example, you can block cookies from third-party providers, but allow all other cookies.

If you want to find out which cookies have been stored in your browser, if you want to change or delete cookie settings, you can find this in your browser settings:

Chrome: Delete, enable, and manage cookies in Chrome

Safari: Manage cookies and website data with Safari

Firefox: Delete cookies to remove data that websites have stored on your computer

Internet Explorer: Delete and manage cookies

Microsoft Edge: Delete and manage cookies

If you generally do not want to have any cookies, you can set up your browser so that it always informs you when a cookie is to be set. This allows you to decide for each individual cookie whether you allow the cookie or not. The procedure varies depending on the browser. It is best to search for the instructions in Google with the search term “Delete cookies Chrome” or “Deactivate cookies Chrome” in the case of a Chrome browser.

Legal Basis

The so-called “cookie guidelines” have been in place since 2009. They stipulate that the storage of cookies requires consent (Article 6 para. 1 lit. a GDPR) from you. Within the EU countries, however, there are still very different reactions to these guidelines. In Austria, however, this guideline was implemented in § 96 para. 3 of the Telecommunications Act (TKG). In Germany, the cookie guidelines were not implemented as national law. Instead, this guideline was largely implemented in § 15 para. 3 of the Telemedia Act (TMG).

For cookies that are absolutely necessary, even if there is no consent, there are legitimate interests (Article 6 para. 1 lit. f GDPR), which in most cases are of an economic nature. We want to provide visitors to the website with a pleasant user experience and certain cookies are often absolutely necessary for this.

Insofar as cookies that are not absolutely necessary are used, this only happens with your consent. The legal basis in this respect is Art. 6 para. 1 lit. a GDPR.

In the following sections, you will be informed in more detail about the use of cookies, provided that the software used uses cookies.

Webhosting Introduction

Webhosting Summary
👥 Affected: Website visitors
🤝 Purpose: professional hosting of the website and securing the operation
📓 Data processed: IP address, time of website visit, browser used and other data. More details can be found below or from the respective web hosting provider.
📅 Storage period: depends on the respective provider, but usually 2 weeks
⚖️ Legal basis: Art. 6 para. 1 lit.f GDPR (Legitimate Interests)

What is Web Hosting?

When you visit websites these days, certain information – including personal data – is automatically created and stored, including on this website. This data should be processed as sparingly as possible and only with justification. By website, we mean the entirety of all web pages on a domain, i.e. everything from the start page (homepage) to the very last subpage (like this one here). By domain, we mean, for example, example.de or sampleexample.com.

If you want to view a website on a screen, you use a program called a web browser. You probably know some web browsers by name: Google Chrome, Microsoft Edge, Mozilla Firefox and Apple Safari.

This web browser must connect to another computer where the code of the website is stored: the web server. Operating a web server is a complicated and time-consuming task, which is why this is usually taken over by professional providers, the providers. They offer web hosting and thus ensure reliable and error-free storage of website data.

When the browser on your computer (desktop, laptop, smartphone) establishes a connection and during the data transfer to and from the web server, personal data may be processed. On the one hand, your computer stores data, on the other hand, the web server must also store data for a certain period of time in order to ensure proper operation.

For illustration:

Browser and web server

Why Do We Process Personal Data?

The purposes of data processing are:

  1. Professional hosting of the website and securing the operation
  2. to maintain operational and IT security
  3. Anonymous evaluation of access behavior to improve our offer and, if necessary, for criminal prosecution or prosecution of claims

Which Data is Processed?

Even while you are visiting our website right now, our web server, which is the computer on which this website is stored, usually automatically stores data such as

  • the complete internet address (URL) of the accessed website
  • Browser and browser version (e.g. Chrome 87)
  • the operating system used (e.g. Windows 10)
  • the address (URL) of the previously visited page (referrer URL) (e.g. https://www.beispielquellsite.de/vondabinichgekommen.html/)
  • the host name and the IP address of the device from which access is made (e.g. COMPUTERNAME and 194.23.43.121)
  • Date and time
  • in files, the so-called web server log files

How Long Will Data be Stored?

As a rule, the above-mentioned data is stored for two weeks and then automatically deleted. We do not pass on this data, but cannot exclude the possibility that this data may be viewed by authorities in the event of unlawful behavior.

In short: Your visit is logged by our provider (company that runs our website on special computers (servers)), but we do not pass on your data without consent!

Legal Basis

The lawfulness of processing personal data in the context of web hosting results from Art. 6 para. 1 lit. f GDPR (protection of legitimate interests), because the use of professional hosting with a provider is necessary to present the company securely and user-friendly on the Internet and to be able to prosecute attacks and claims arising from this if necessary.

There is usually a contract between us and the hosting provider for order processing in accordance with Art. 28 f. GDPR, which ensures compliance with data protection and guarantees data security.

Cookie Consent Management Platform Introduction

Cookie Consent Management Platform Summary
👥 Affected: Website Visitors
🤝 Purpose: Obtaining and managing consent to certain cookies and thus the use of certain tools
📓 Data processed: Data for managing the set cookie settings such as IP address, time of consent, type of consent, individual consents. More details can be found in the respective tool.
📅 Storage period: Depends on the tool used, one must prepare for periods of several years
⚖️ Legal basis: Art. 6 para. 1 lit. a GDPR (consent), Art. 6 para. 1 lit.f GDPR (legitimate interests)

What is a Cookie Consent Management Platform?

We use a Consent Management Platform (CMP) software on our website, which makes it easier for us and you to handle used scripts and cookies correctly and securely. The software automatically creates a cookie popup, scans and controls all scripts and cookies, offers a data protection-necessary cookie consent for you and helps us and you to keep track of all cookies. With most cookie consent management tools, all existing cookies are identified and categorized. You as a website visitor then decide for yourself whether and which scripts and cookies you allow or do not allow. The following graphic shows the relationship between browser, web server and CMP.

Consent Management Platform Overview

Why Do We Use a Cookie Management Tool?

Our goal is to offer you the best possible transparency in the area of data protection. We are also legally obliged to do so. We want to inform you as well as possible about all tools and all cookies that can store and process data from you. It is also your right to decide for yourself which cookies you accept and which you do not. In order to grant you this right, we must first know exactly which cookies have landed on our website at all. Thanks to a cookie management tool, which regularly scans the website for all existing cookies, we know about all cookies and can provide you with information about them in accordance with the GDPR. You can then accept or reject cookies via the consent system.

Which Data is Processed?

Within the framework of our cookie management tool, you can manage each individual cookie yourself and have complete control over the storage and processing of your data. The declaration of your consent is stored so that we do not have to ask you every time you visit our website and we can also prove your consent if required by law. This is stored either in an opt-in cookie or on a server. The storage period of your cookie consent varies depending on the provider of the cookie management tool. Usually, this data (such as pseudonymous user ID, time of consent, details of the cookie categories or tools, browser, device information) is stored for up to two years.

Duration of Data Processing

We will inform you about the duration of data processing further below, provided that we have further information about it. In general, we only process personal data for as long as it is absolutely necessary for the provision of our services and products. Data stored in cookies is stored for different lengths of time. Some cookies are deleted again after leaving the website, others can be stored in your browser for several years. The exact duration of data processing depends on the tool used, mostly you should prepare for a storage period of several years. In the respective privacy policies of the individual providers, you will usually receive precise information about the duration of data processing.

Right to Object

You also have the right and the option to withdraw your consent to the use of cookies at any time. This can be done either via our cookie management tool or through other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating, or deleting cookies in your browser.

Information on specific cookie management tools can be found – if available – in the following sections.

Legal Basis

If you consent to cookies, your personal data will be processed and stored via these cookies. If we are permitted to use cookies based on your consent (Article 6(1)(a) GDPR), this consent also simultaneously constitutes the legal basis for the use of cookies or the processing of your data. To manage cookie consent and enable you to give consent, a cookie consent management platform software is used. The use of this software enables us to operate the website efficiently and in compliance with the law, which constitutes a legitimate interest (Article 6(1)(f) GDPR).

All texts are protected by copyright.

Source: Created with the Privacy Policy Generator by AdSimple

Web design: Webmando

Sommer GmbH – CNC Werkzeugtechnik
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.