Data Protection Declaration
We, GPN GmbH, Greinerstraße 18, A-4542 Nußbach, operate this website as an information platform as well as a contact initiation conduit for various topics such as information regarding our products and services, job applications, or of a general nature and are pleased to have you visit us.
We wish to structure our services for you in an efficient and user-friendly manner as well as to continuously improve them. At the same time we want you, as the user, to be fully informed and to feel secure.
Accordingly, we are committed to respect your privacy, personality and data protection rights, to treat your data in a confidential manner as well as to not collect or analyze any of your data in a covert manner.
This Data Protection Declaration is currently valid and dated May 2018. Improvements to this Declaration shall be published here and are valid as of the respective date of publication.
- Compliance with this Data Protection Declaration is continuously monitored.
- We provide for the necessary transparency in data processing.
- We secure your visit to our web pages in accordance with the current state of technology.
- We collect, process and use your data only if permitted by law, if a legitimate interest exists or if you have declared your consent.
- We do not disclose your personal data to third parties outside of the Group unless we are required to do so by law or you have granted us your prior consent.
- Our websites do not create personal user profiles.
Declaration on information obligation
We use your personal data only in compliance with national and European data protection regulations and only within the scope and for the purpose for which you have provided us the data, and for no other purpose.
Erasure of stored personal data occurs when the user of the website revokes his or her consent to storage, when its knowledge is no longer necessary for performance of the purpose pursued by storage or when storage is not permitted on other statutory grounds. Data for purposes of settling accounts and bookkeeping purposes are not affected by a request for erasure.
IP addresses and Server logs
A record is made of the server logs (IP address and additional data such as date, time of the request, name and URL of the requested file, volume of transferred data, notification of whether the request was successful, identification data of the browser used and of the operating system, as well as in the event of access via a link, the website from which access occurred) in order to test the system security, for defense against and traceability of hacking attacks, for technical system administration as well as for optimization of the website. An inspection of the server logs occurs only if required or in suspicious cases. A disclosure of data to law enforcement authorities occurs only in the event of a hacker attack. No further disclosure to third parties occurs. Data are not permanently stored and are erased after a period of 6 months.
Sharing of contents on social networks
From our website, you can share contents on social networks. When sharing contents by clicking the button, no codes are downloaded from the social networks.
We take the current discussion about data protection in social networks very seriously, as we ourselves operate appearances in social networks in order to inform the active users there about our range of services. The specific social media we use for this purpose are represented on our website by logos. In this regard, we would like to point out that, on the basis of current case law, we have a joint controllership within the meaning of Art 26 GDPR with the respective operator of the social network. We have taken the necessary precautions for this as far as the provider has made this possible for us. The primary responsibility according to GDPR for the processing of personal data in the respective social network lies with the respective provider of the social network. In the case of the assertion of rights of persons affected, we state that these are best asserted with the social networks themselves. We as operators do not make any decisions regarding the processing of data in the social network. Only the respective provider has access to the data of the users and can therefore only take direct measures.
User data can be processed in social networks for advertising and market research purposes. Among other things, users can create their own user profiles based on their various interests. The user profiles can then be used, for example, to place targeted advertisements within and outside the social media. For these purposes, cookies are also used by the social medium in which the user behaviour and interests of the users are stored. Furthermore, these user profiles may also contain data on the users as members of the respective social media, provided that they are logged in to these.
For a detailed description of the respective processing operations and the possibilities for objection or revocation, please refer to the data protection declaration of the respective social network.
A selection of the most important providers of social media including additional information can be found here:
Provider: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland
Additional information: https://www.facebook.com/legal/terms/information_about_page_insights_data
Joint Controllership: https://www.facebook.com/legal/terms/page_controller_addendum
Provider: whatchado GmbH, Möllwaldplatz 4/39, 1040 Wien, Österreich
Additional information: https://www.whatchado.com/en/about-us, https://www.whatchado.com/en/terms/users/
Contact initiation via E-Mail
Service providers / Contract processors / Cooperation partners
Contact (Information and rectification rights)
We wish to further inform you that at all times you
- have the right to obtain information on which of your data is processed by us (for details see Art 15 GDPR);
- have the right to have your data rectified or erased (for details see Art 16 GDPR);
- have the right to restrict the processing of your data (for details see Art 18 GDPR);
- have the right to object to data processing (for details see Art 21 GDPR);
- have the right to assert data portability (for details see Art 20 GDPR).
If contrary to expectations a violation of your rights in regard to data occurs, you have the right to lodge a complaint with the data protection authorities, (for Austria: Österreichische Datenschutzbehörde, Wickenburggasse 8, 1080 Vienna, Email: email@example.com).
Withdrawal of your consent
With regard to your personal data which we use on the basis of your consent, you have the right to withdraw your consent to the use of your data at any time, without affecting the lawfulness of the processing based on consent before its withdrawal.
Please contact us at the following address if you
- have questions regarding the processing, disclosure, use or protection and security of your data.
- wish to withdraw your consent,
- wish to assert your rights and demands in association with data protection (e.g. a request for information),
- have suggestions or potential data protection complaints
Telephone: +43 505 41-45 0
Information Letter for Business Partners
Click here to see our information letter for business partners.