Data Protection Policy

Version May 2023

This website is operated by JAWA Management Software GmbH (FN210280k), hereinafter referred to as "we", "us" and "JAWA", with its registered office in 8041 Graz, Liebenauer Hauptstraße 65. In this privacy policy, we as the responsible party pursuant to Art. 4 (7) EU-DSGVO describe which data we collect when you visit our website and for what purpose we process it (Part A). In addition, we inform you about how we process data of our customers, suppliers and interested parties in general for marketing purposes (Part B) and explain in general what rights and safeguards we offer in the course of data processing (Part C). For all relevant contact details, please refer to section C.4. of this Privacy Policy.

Since the protection of your personal data is of particular concern to us, we strictly adhere to the legal requirements of the DSG and the EU-DSGVO when collecting and processing your personal data.

In the following, we inform you in detail about the scope and purpose of our data processing as well as your rights as a data subject. Therefore, please read our privacy policy carefully before you continue to use our website and, if necessary, give your consent to data processing.

A. Processing of personal data on our website

1. Personal data

The use of our website is generally possible without providing personal data. However, different regulations may apply to the use of individual services, which we will point out to you separately.

Therefore, apart from the cookies described in detail below, we only collect and store the data that you yourself provide to us by entering it in our input masks or otherwise actively interacting with our website.

Personal data is any information relating to an identified or identifiable natural person. This includes, for example, your name, your address, your telephone number or your date of birth, but also your IP address or geolocation data that allow a conclusion to be drawn about you

2. Use of cookies

a. If you use our website for information purposes only, i.e. if you do not register for a service or otherwise send us information - for example, via a contact form - we only collect the personal data that your browser transmits to our server. If you wish to visit our website, we collect the following data, which is technically necessary for us to display the website and to ensure its stability and security in accordance with Art. 6 (1) p. 1 lit. f EU-DSGVO:

IP-address
Date and time of the request
Time zone difference from Greenwich Mean Time (GMT)
Request content
Access status / http-status code
Amount of data transferred in each case
Website from which the request comes
Browser in use
Operating system and its interface
Language and version of the browser software

b. In addition to the aforementioned data, first and third-party cookies are stored on your computer when you use our website; these are small text files that are stored on your hard drive in the browser you are using. The entity that sets a cookie (in this case, this is done by us and the third parties listed below) thereby receives certain information. We need these cookies on the one hand to recognize you as a user:in the website and on the other hand to be able to track the use of our services. Finally, we use cookies for marketing purposes in order to analyze your usage behavior and, if necessary, to send you targeted advertising.

A basic distinction can be made between first party cookies, third party cookies and third party requests.

Erste Partei Cookies

First party cookies are stored by us or our website itself in your browser to provide you with the best possible user experience. These are in particular functional cookies, such as shopping cart cookies.

Third Party Cookies

Third-party cookies are stored in your browser by third-party providers. These are mostly tracking or marketing tools, which on the one hand evaluate your user behavior and on the other hand offer the third party the possibility to recognize you on other visited websites. Basically, retarget marketing, for example, is based on the function of such cookies. You can find out exactly which third-party cookies we use from our cookie banner.

Third Party Requests

Third Party Request sind alle Anfragen, die Sie als Seitenbenutzer:in über unsere Seite an Dritte stellen – also beispielsweise, wenn Sie mit Plugins sozialer Netzwerke agieren oder etwa das Angebot von Bezahlanbieter:innen nutzen. In diesem Fall werden zwar keine Cookies in Ihrem Browser gespeichert, es ist aber nicht auszuschließen, dass durch die Interaktion personenbezogene Daten an diese Drittanbieter:innen gesendet werden. Aus diesem Grund informieren wir Sie auch im Detail in unserer Datenschutzerklärung über die von uns eingesetzten Tools & Applikationen.

3. Collection and processing of personal data

Personal data that goes beyond the information stored by cookies will only be processed by us if you voluntarily provide it to us, for example, when you register with us, enter into a contractual relationship with us or

otherwise get in touch with us. This is exclusively contact data as well as information about the concerns with which you approach us.

We use the personal data you provide only to the extent necessary to fulfill the respective purpose of the processing (e.g. registration, sending newsletters, processing an order, sending information material and advertising, processing a competition, answering a question, enabling access to certain information) and as permitted by law (esp. pursuant to Art. 6 EU-DSGVO) (e.g. sending advertising and information material to existing customers).

We process the data of applicants in the course of contract initiation and for 6 months thereafter in order to be able to defend any claims of an applicant resulting from a rejection. If you give your consent, we will store your application documents for a period of 3 years for record keeping.

The purpose of processing your data as a website visitor is the operation of our website and the targeted provision of company-specific information including the presentation of the range of our goods and services (marketing). Any further use of your data will only take place if you have given your express prior consent. You can revoke your consent - as explained in detail below - at any time for the future.

4. Storage period

Data that you have provided to us exclusively for customer service or for marketing and information purposes will generally be stored until three years after our last contact. However, if you wish, we will also delete your data before this period expires, provided that there is no legal obstacle to this.

In the event that a contract is initiated or concluded, we will process your personal data after the contract has been fully processed until the expiry of the warranty, guarantee, limitation, product liability and compensation periods applicable to us as well as the statutory retention periods, and furthermore until the end of any legal disputes in which the data is required as evidence.

5. Tools and applications used

a. We use Google Analytics, which is a web analytics service provided by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. This service uses cookies, the functionality of which has already been explained in detail before. Thus, if you agree to the use of Google Analytics in our cookie banner, the information generated by these cookies about your use of this website is usually transferred to a Google server and stored there.

On our behalf, Google uses this information to evaluate your use of our website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google by the responsible party.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) as well as its transmission and processing by Google by downloading and installing the browser plugin available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de

Should you require further information on the type, scope and purpose of the data collected by Google, we recommend that you read their privacy policy. https://support.google.com/analytics/answer/6004245?hl=de

Google also processes your data in the USA.

In the event that you consent to the use of Google Analytics, you consent to the use of your data collected via these plugins also in the USA, if applicable (Art 49(1)(a) DSGVO).

This is relevant insofar as, according to recent decisions of the authorities and the case law of the ECJ, the USA is not certified as having an adequate level of data protection (C-311/18, Schrems II). Critically, access by US authorities (FISA 0702) is not comprehensively restricted by law, does not require approval by an independent authority, and no relevant legal remedies are available in the event of such interference. We ask you to take this into account when granting your consent.

b. On our website, we also use the offers of Google Maps. This allows us to display interactive maps directly on our website with your consent and enables you to conveniently use the map function to find our location and facilitate your journey.

By visiting our website, Google receives the information that you have accessed the corresponding subsite of our website and the personal data listed under 2. This occurs regardless of whether you are logged in via a Google account or not. If you are logged in to Google, your data will be directly assigned to your account. If you do not wish this, you must log out of Google before using this service. Google uses your data for purposes of advertising, market research and website design tailored to your needs. You have the right to object to the use of your data in this regard, which you must address directly to Google.

For more information on the purpose and scope of data collection, please refer to Google's privacy policy, which can be found at http://www.google.de/intl/de/policies/privacy. Google also processes your data in the USA.

In the event that you consent to the use of Google Maps, you consent to the use of your data collected via these plugins also in the USA, if applicable (Art 49(1)(a) DSGVO).

c. If you agree, we also use Google Tag Manager on our website. Google Tag Manager is a popular tool for controlling tags on websites. Google Tag Manager can be used to control everything from statistical scripts or marketing tags that collect data for analytics and advertising, such as tracking page views on websites, button clicks, and user scrolling and behavior. Websites use Google Tag Manager to update and optimize their websites and content based on tracking user interactions.

In the event that you consent to the use of Google Tag Manager, you consent to the use of your data collected via these plugins also in the USA, if applicable (Art 49(1)(a) DSGVO).

d. Another tool for marketing purposes - if you agree to it - is Google Ads Remarketing, an advertising system from Google. We can use this tool to place ads that are primarily based on the search results when you use our services.

Google Ads is Google's online advertising tool. With this tool you can create online ads that do targeted marketing based on your personal interests and preferences.

In the event that you consent to the use of Google Ads Remarketing, you consent to the use of your data collected via these plugins also in the USA, if applicable (Art 49(1)(a) DSGVO).

e. We also use the Facebook pixel if you give your consent. The Facebook pixel is an analytics tool that measures the effectiveness of our advertising. It can be used to analyze actions that people take on our website.

The Facebook pixel is a JavaScript code that is embedded on websites. It can link people's behavior on the website to Facebook user profiles. It collects data that helps track conversions, optimize ads, and create audiences.

In the event that you consent to the use of the Facebook Pixel, you consent to the use of your data collected via this feature also in the USA, if applicable (Art 49 (1)(a) DSGVO).

For more information on the purpose and scope of data collection, please refer to Meta's privacy policy, which you can find at https://www.facebook.com/business/gdpr. Meta also processes your data in the USA.

f. On our website, we also set links to other websites; this is done for information purposes only. These websites are not under our control and are therefore not covered by the provisions of this privacy policy. However, should you activate a link, it is possible that the operator of this website will collect data about you and process it in accordance with its privacy policy, which may differ from ours. Please always also inform yourself about the current data protection provisions on the websites linked by us.

g. On our website there is also the possibility to interact with various social networks via plugins. These are:

Linked In, operated by LinkedIn Inc., 2029 Stierlin Court, Mountain View, CA 94043, USA

When you click on a plugin of one of these social networks, it is activated and a connection to the respective server of this network is established as described before.

If you activate these plugins, you consent to the use of your data collected via these plugins also in the USA, if applicable (Art 49(1)(a) DSGVO).

We have no influence on the scope and content of the data that is transmitted to the respective operator of this social network by clicking on the plugin or which may subsequently be subject to access by US authorities.

Should you wish to inform yourself about the nature, scope and purpose of the data collected by the operators of these social networks, we recommend that you read the privacy policy of the respective social network.

h. LinkedIn - Fansite

We operate a LinkedIn - fan page at https://www.linkedin.com/company/jawa-management-software-gmbh/ The purpose of this fan page is to share information about our company's activities, to set marketing activities and to provide another channel of communication with us.

In this context, we are "joint controllers" with LinkedIn, operated by LinkedIn Ireland Unlimited Company (Gardner House, 2 Wilton Pl, Dublin 2, D02 CA30, Ireland, which provides this service to us. In principle, LinkedIn allows you to select in your settings which personal data is shared with us. If you do not wish to do so, we will receive all information regarding the use of our fan page and personal data about visitors in anonymized form.

For this purpose, we have concluded a so-called Art. 26 EU-DSGVO agreement with LinkedIn. You can find more information about this at https://de.linkedin.com/pulse/wie-du-social-media-fanpages-rechtlich-richtig-nutzt-kandelhard. In this context, we also ask you to read LinkedIn's privacy policy, which you can find at https://de.linkedin.com/legal/privacy-policy find.

You can therefore assert your data subject rights both against us in accordance with point C. 3. of this data protection declaration, and against LinkedIn Ireland Unlimited Company (Gardner House, 2 Wilton Pl, Dublin 2, D02 CA30, Ireland).

i. Customer Relationship Management (CRM)

The management of our customer relationships is done with Jira Service Management.

The legal basis for the use of "Customer Relationship Management" is the fulfillment of the contract including pre-contractual measures, legitimate interest of the responsible party or third party, or consent.

The following categories of data are processed: Contact data (from sales data of existing and possible new customers), user data, image and video data, order and delivery, IP address, location, usage behavior (frequency).

In this context, we or Jira Service Management store and process all data provided by registered users. Furthermore, technical data of the registration, such as date, time or IP address, are stored in the background.

Tools used:

Jira Service Management, Atlassian. Pty Ltd Level 6, 341 George Street Sydney NSW 2000 Australien

We have no control over the scope and content of the data that is transmitted to Jira Service Management through use or which may subsequently be subject to access by Australian or US authorities.

Should you wish to inform yourself about the type, scope and purpose of the data collected by the operators, we recommend that you read the privacy policy of Jira Service Management. In the event that you consent to the use of Jira Service Management, you also consent to the use of your collected data in Australia or the USA, as applicable (Art 49(1)(a) DSGVO).

B. Processing of data of our customers, suppliers and interested parties for marketing purposes

We use personal data of our customers and suppliers, e.g. contact persons, their contact details and marketing-relevant information, not only for the purpose of contract processing and within the scope of legal storage obligations (e.g.: accounting), but also beyond that for marketing and customer care purposes.

We also collect personal data from interested parties (e.g. contact persons, their contact details and marketing-relevant information) in the course of our acquisition and sales activities. We are always on the lookout for potential contractual partners on the Internet, at trade fairs and at other events and maintain a marketing database for this purpose in order to enable targeted advertising for our products and services. We carry out all of the measures listed here in the legitimate interest for marketing purposes pursuant to Art. 6 Para. 1 Sentence 1 lit. f EU-DSGVO in conjunction with Recital 47 for a period of three years from the end of a contractual relationship (customers & suppliers) or our initial (fruitless) contact (interested parties), unless there is an additional express consent of the person concerned.

If we do not collect personal data ourselves from the data subject for marketing purposes, we inform the data subject where we have collected his/her data when contacting him/her for the first time.

For a complete list of companies affiliated with us, see www.orasis-industries.com. If, in the context of an ongoing business relationship or as a result of explicit requests from interested parties, we are to supply products and provide services that are offered by other companies affiliated with us, we pass on the interested parties' personal data for marketing purposes to the companies affiliated with us that offer the products and services that are of interest to the specific data subject.

We and each of our affiliated companies store data for marketing purposes and customer support analogous to the duration described in A.4.

C. Processing of personal data for other purposes

Other purposes of the processing may also be the purchase of products, materials and services, the sale of products and services, the rental of real estate and machinery, the maintenance and services after purchase of our products, the optimization of machine services, the provision of communication channels to our distributors, the processing and transmission of data of employees for payroll, remuneration and compliance with record-keeping, information and reporting obligations.

We inform separately about special processing purposes, such as video surveillance measures, photos and videos at events held by us, etc., when the occasion arises. This also concerns the retention and deletion period applicable for this.

If you provide us with personal data (such as name, address, e-mail address, telephone number, company affiliation) outside our website by e-mail, by fax, by post or by handing it over in person (e.g. a business card at trade fairs) in order to obtain information about our company and/or initiate business contacts, we will also process and use this data for these purposes.

D. General information on data protection

1. Data transfer

Eine Übermittlung Ihrer Daten an Dritte findet grundsätzlich nicht statt, es sei denn, wir sind gesetzlich dazu verpflichtet, die Datenweitergabe ist zur Durchführung eines zwischen uns abgeschlossenen Vertragsverhältnisses erforderlich oder Sie haben zuvor ausdrücklich in die Weitergabe Ihrer Daten eingewilligt. Externe Auftragsverarbeiter:innen oder sonstige Kooperationspartner:innen erhalten Ihre Daten nur, soweit dies zur Vertragsabwicklung erforderlich ist oder wir ein berechtigtes Interesse daran haben, das wir stets im Anlassfall gesondert bekannt geben. Soweit eine:r unserer Auftragsverarbeiter:innen mit Ihren personenbezogenen Daten in Berührung kommt, stellen wir sicher, dass diese:r die Vorschriften der Datenschutzgesetze in gleicher Weise einhält wie wir.

Ihre personenbezogenen Daten werden von uns nicht an konzernfremde Dritte veräußert oder anderweitig vermarktet. Sofern unsere Vertragspartner:innen oder Auftragsverarbeiter:innen ihren Sitz in einem Drittland, also einem Staat außerhalb des Europäischen Wirtschaftsraums (EWR) haben, informieren wir Sie über die Folgen dieses Umstands in der Beschreibung des Angebots.

2. Safety

We use numerous technical and organizational security measures to protect your data against manipulation, loss, destruction and against access by third parties. Our security measures are continuously improved in line with technological developments. Should you have more detailed information on the type and scope of the technical and organizational measures we have taken, we will be happy to receive written inquiries in this regard at any time.

3. Your rights

In accordance with the General Data Protection Regulation and the Data Protection Act, you as a data subject of our data processing have the following rights and remedies:

Right of information (Art. 15 EU-DSGVO)

As a data subject of the data processing described above and other data processing, you have the right to request information as to whether and, if so, which personal data about you are being processed. For your own protection - so that no unauthorized person receives information about your data - we will verify your identity in an appropriate form before providing information.

Right to rectification (Art. 16) and deletion (Art. 17 EU-DSGVO)

You have the right to request without undue delay the rectification of inaccurate personal data concerning you or - taking into account the purposes of the data processing - the completion of incomplete personal data as well as the deletion of your data, provided that the criteria of Art. 17 EU-DSGVO are met.

Right to restriction of processing (Art. 18 EU-DSGVO)

You have the right to restrict the processing of all collected personal data under the legal conditions. As of the restriction request, this data will only be processed with your individual consent or for the assertion and enforcement of legal claims.

Right to data portability (Art. 20 EU-DSGVO)

You may request the unimpeded and unrestricted transfer of personal information that you have provided to us to you or to a third party.

Right of objection (Art. 21 EU-DSGVO)

You may object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is necessary for the purposes of protecting our legitimate interests or those of a third party. Your data will no longer be processed after objection, unless there are compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. You may object to data processing for the purpose of direct marketing at any time with effect for the future.

Withdrawal of consent

Falls Sie separat eine Einwilligung zur Verarbeitung Ihrer Daten erteilt haben, können Sie diese jederzeit widerrufen. Ein solcher Widerruf beeinflusst die Zulässigkeit der Verarbeitung Ihrer personenbezogenen Daten, nachdem Sie ihn uns gegenüber ausgesprochen haben.

Ergreifen Sie eine Maßnahme zur Durchsetzung Ihrer oben aufgeführten Rechte aus der DSGVO, so hat JAWA unverzüglich, spätestens aber innerhalb eines Monats nach Eingang Ihres Antrags, zur beantragten Maßnahme Stellung zu nehmen bzw. dem Antrag zu entsprechen.

We will respond to all reasonable requests within the law free of charge and as promptly as possible.

The Data Protection Authority is responsible for requests concerning violation of the right to information, violation of the rights to confidentiality, to rectification or to erasure. Their contact details are:

Austrian Data Protection Agency

Barichgasse 40-42

1030 Wien

dsb@dsb.gv.at

4. Contact information / Contact person

a. Contact information of the responsible person

JAWA Management Software GmbH

Liebenauer Hauptstraße 65 A-

8041 Graz

Tel.: +43 316
403274-0

E-Mail: office@jawa.com

b. Kontaktinformationen der Ansprechperson für Datenschutzangelegenheiten

Sie können sich jederzeit gerne über sämtliche Kanäle an uns wenden, insbesondere auch unter der eigens dafür geschaffenen Emailadresse gdpr@jawa.com

Status: May 2023

Data Protection Policy

Data Protection Policy

A. Processing of personal data on our website

B. Processing of data of our customers, suppliers and interested parties for marketing purposes

C. Processing of personal data for other purposes

D. General information on data protection

Start projects together

Start
projects together