PRIVACY NOTICE REGARDING USE OF THE MAXFIVE GmbH WEBSITE
As data protection is our highest priority, MAXFIVE GmbH (hereafter “MAXFIVE”) fully respects your privacy. This notice tells you how we process your personal data when you use our website, including all subpages and subdomains. MAXFIVE is subject to the EU General Data Protection Regulation (GDPR).
The Controller responsible for data processing is:
IZ NÖ-Süd, Straße 3, Objekt 16
A-2355 Wiener Neudorf
2. DATA PROTECTION OFFICER
You can contact our Data Protection Officer either by email at firstname.lastname@example.org or by post at MAXFIVE GmbH, IZ NÖ-Süd, Strasse 3, Objekt 16, 2355 Wiener Neudorf.
3. WHAT ARE PERSONAL DATA?
‘Personal data’ refers to all data concerning an identified or identifiable natural person (‘data subject’). These include an individual’s name, email address and their behaviour when using electronic media.
4. WEBSITE ANALYSIS/TRACKING
A list of the cookies used on this website is provided below:
A cookie is a small data package (text file) which your browser saves on your device when instructed to do so by websites you visit; this is done in order to “remember” information about you, such as your language settings or login details. We use these kinds of cookies, which are known as first-party cookies. We also use third-party cookies, which originate from a different domain to the website that you visit. We use this type of cookie to support our advertising and marketing activities.
These cookies are essential (from a technical point of view) so that you can navigate the website and use website functions, such as accessing password-protected sections of the site. Without these cookies we are unable to provide some services.
|Cookie-Untergruppe (Domain)||Cookie||Anbieter||Verwendete Cookie||Zweck||Rechtsgrundlage|
|OneTrust||Erstanbieter||Verhindert, dass der Cookie-Banner mehr als einmal angezeigt wird||Art 6 Abs 1 lit f DSGVO|
|myfonts.net||__cf_bm||Myfonts.com||Drittanbieter||Webfont der Website||Art 6 Abs 1 lit f DSGVO|
These cookies help to align advertising more closely to users’ interests. They also limit the number of times an advertisement is displayed, in order to measure the effectiveness of an advertising campaign. Such cookies are often linked to a particular website function that is provided by the company in question. We use marketing cookies in order to link to social media networks, which can then use the information about your visit to tailor their advertising on other websites to your interests. This means that you can be shown advertisements that you could potentially find interesting, based on your browsing behaviour.
|Cookie-Untergruppe (Domain)||Cookie||Anbieter||Verwendete Cookie||Zweck||Rechtsgrundlage|
|youtube-nocookie.com||CONSENT||Youtube||Drittanbieter||Tracking und Personalisierung von Werbung||Art 6 Abs 1 lit a DSGVO|
|youtube.com||CONSENT, VISITOR_INFO1_LIVE, YSC||Youtube||Drittanbieter||Tracking und Personalisierung von Werbung||Art 6 Abs 1 lit a DSGVO|
Cookies from the following providers result in the transfer of data to the USA: youtube.com, youtube-nocookie.com, LinkedIn.com
Managing cookie settings
You can manage your cookie settings either directly on our website or by configuring your browser settings. To manage cookie settings on our website, go to www.maxfive.at and click on “Cookie-Einstellungen ” on the cookie banner; select the categories you would like to allow and then click on “Meine Auswahl bestätigen”. To manage cookies in your browser settings, click on your browser’s help menu to view the available configuration options; these can differ significantly depending on the browser you use. Please note that most browsers are preconfigured to accept cookies as standard. You can also delete stored cookies or view the duration of storage in your browser settings.
Finally, please remember that you might not be able to use certain functions on our website if you deactivate cookies.
5. SOCIAL MEDIA (YOUTUBE, LINKEDIN)
On our website you will find links to the social media platforms YouTube (YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA) and LinkedIn ( LinkedIn Inc, 1000 W Maude Ave, Sunnyvale, Kalifornien, USA) (hereafter also referred to individually as “the Provider” or collectively as “the Providers”). You can identify links to the platforms’ websites by their respective logos. If you click on one of these links, you will be directed to the MAXFIVE page on the respective social media platform. When you click on one of these links, a connection is established to the servers of the platform concerned. As a result, the platform’s servers will be notified that you have visited our website. In addition, data will be transferred to the respective Provider. The following data are transferred:
– Address of the website that contains the activated link
– Date and time of the visit to the website and activation of the link
– Details of the browser and operating system used
– IP address
If you are logged into your account with the respective social media platform at the time the link is activated, the Provider may be able to ascertain your user name and, in some cases, even your real name from the transferred data, and associate this information with your account on the social media platform. You can prevent the association of information with your account by logging out of the account beforehand.
The platforms’ servers are located in the USA, and in other countries outside the European Union/EEA. Consequently, the Providers may also process the data in countries outside the European Union/EEA. Please note that companies in these countries may be subject to data protection legislation that does not generally ensure the protection of personal data to the same degree as that in European Union and EEA member states.
Furthermore, we have no influence over the scope, form and purpose of data processing by the Providers. The Providers’ privacy notices include further details on the use of your data by the social media platforms linked to our site.
Information on data protection for visitors to our corporate LinkedIn page
If you visit our LinkedIn page, we process your personal data in connection with your visit, regardless of whether you are registered with LinkedIn or are logged into your LinkedIn account. The LinkedIn page allows us to present our company to LinkedIn users and visitors to the page, and to communicate with these individuals. Data provided by you and by LinkedIn are used solely for brand management purposes, to increase our company’s visibility, and to communicate with current and potential customers, on the basis of our legitimate interest, in the meaning of Article 6(1)(f) GDPR, in offering you information that you find most interesting.
LinkedIn supplies us with insights into our profile, which in turn provide us with anonymised statistical data on users of and visitors to our fan page. These profile insights are aggregated statistics that are prepared on the basis of certain actions and recorded by LinkedIn when users and visitors interact with our company profile and related content.
If you are logged into your LinkedIn account and visit our LinkedIn page, this can be associated with your profile and consequently with personal data published on your profile (e.g. name, description, number of employees , professional experience, skills, etc.).
These data are collected using cookies, which are small text files saved by LinkedIn in the memory of the device (PC, laptop, tablet, smartphone, etc.) used by the visitor to access the website, by means of the browser. This information is retrieved when the visitor returns to the website and allows the website to recognise the user’s device. The information stored in the cookies is received, stored and processed by LinkedIn in a personalised form.
By setting up our company profile, we play a part in the processing of visitors’ personal data, regardless of whether they are registered with LinkedIn or logged into their LinkedIn account. Although LinkedIn only provides us with anonymised data collected by means of cookies, the generation of these statistics is based on previous processing of personal data. Consequently, as the operator of the profile we are involved in determining the purpose and means of processing the personal data of visitors to our profile, meaning that MAXFIVE and LinkedIn are joint controllers responsible for such processing in the meaning of Article 26 GDPR.
Depending on the action that triggers a protocol, LinkedIn provides us with the following categories of anonymised data:
– Viewing a page, article, video or other content linked with the page
– Following or unfollowing a page
– Visiting a page
– Professional fields
– Liking or unliking a page or article
– Recommending a page in an article or comment
– Commenting on, sharing or responding to an article on a page (including the type of response)
– Clicking on a page, telephone number, ‘Get directions’ button or another button on a page
Information on user actions:
– Date and time of the action
– Country and town/city (approximate location based on the IP address or the profile of the user who is logged in)
– Language code (from the http header in the browser and/or the language settings)
– Websites visited previously (from the http header in the browser)
– Whether the action was carried out on a PC or a mobile device (from the browser’s user agent or the app attributes)
– LinkedIn user ID (only for users who are logged in)
If you are not registered with LinkedIn or logged into your account, it is still possible that LinkedIn will carry out a statistical evaluation of your personal data if you visit a subpage or perform an action within our corporate profile, and transmit anonymised statistics about this to us. If you do not visit our profile or perform an action (e.g. clicking on a photo or video in an article), cookies will not collect any of your personal data.
Cookies set by LinkedIn are stored for up to two years after they are set or updated. Stored cookies can be deleted at any time. You can also prevent the installation of cookies by changing the relevant settings in your browser. LinkedIn expressly takes the ‘Do not track’ setting into account.
If you have any questions about this data protection information, please contact LinkedIn online at https://www.linkedin.com/help/linkedin/ask/ppq, or alternatively you can write to the company by post at LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. You can also submit queries to us and if necessary we will forward them to LinkedIn.
LinkedIn Insight Tag
We use the LinkedIn Insight Tag, a social media tool from LinkedIn Ireland Unlimited Company. The tool sets a cookie in your browser that records personal data, which we use for statistical and market research purposes. It is also possible to take retargeting measures, so that we can provide you with advertisements outside our website, without you being identifiable as a website visitor.
You can manage the use of your personal data by adjusting your LinkedIn account settings. For more information, visit https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Information on data protection for visitors to our YouTube channel
Our YouTube channel is a means for us to present our company to and communicate with users of the platform. Data provided by you and by YouTube are used solely for marketing purposes, e.g. to reach out more effectively to specific target groups, increase our company’s visibility, enhance our image, provide users with information and for employer branding, on the basis of our legitimate interest, in the meaning of Article 6(1)(f) GDPR, in offering you information that you find most interesting.
YouTube is part of the Alphabet/Google Group and shares infrastructure, systems and technologies with Google Ireland and other Google companies.
When you visit our YouTube channel, YouTube and its parent company Google records your IP address and other personal information with the help of cookies. These are small text files saved by YouTube in the memory of the device (PC, laptop, tablet, smartphone, etc.) used by the visitor to access the website, by means of the browser. This information is retrieved when the visitor returns to the website and allows the website to recognise the user’s device.
Cookies are used by Google to improve its advertising systems. Cookies also enable Google to provide us with statistics which allow us to manage and improve our marketing activities.
If you are logged into your YouTube account and visit our YouTube channel, this can be associated with your profile. We have no influence over the collection and processing of data by YouTube, the scope of collection and processing, or the retention period for these data.
By setting up our YouTube channel, we play a part in the processing of visitors’ personal data, regardless of whether they are registered with YouTube or logged into their YouTube account. Although YouTube provides us with certain anonymised data collected by means of cookies or through our videos, the generation of these statistics is based on previous processing of personal data. Consequently, as the operator of the profile we are involved in determining the purpose and means of processing the personal data of visitors to our channel, meaning that MAXFIVE and YouTube (and consequently Google) are joint controllers responsible for such processing in the meaning of Article 26 GDPR.
The main provisions of the agreement between the joint controllers are provided by Google and published at: https://privacy.google.com/businesses/gdprcontrollerterms/
We receive the following categories of data from YouTube in anonymised form:
Data that we process:
Master data (e.g. name and address), contact details (e.g. email address and telephone number)
Content-related data (videos, etc.)
Usage data (e.g. websites visited, interest in content, access times, videos viewed, video likes, comments, purchases, etc.), meta data/communication data (e.g. device information, IP addresses).
– Number of subscribers and changes
– Watch time data (duration, end of watch time, length of visit)
– Demographic data (gender, age, place of origin, devices used, etc.)
– Traffic sources
– Sharing data
– Revenue data
If you post comments on our channel, we are able to see these in connection with your nickname.
8. RETENTION PERIOD
We will only store your personal data for as long as is necessary to fulfil the purpose for which we collected your data.
We store contracts and other documents, as well as correspondence connected with our contractual relationship, for tax reasons (in accordance with section 132 Bundesabgabenordnung [Federal Tax Code]) for seven years. In some cases, e.g. in case of pending official proceedings, the retention period may be longer than seven years.
With regard to direct advertising, your personal data will be stored and processed until you withdraw your consent for us to do so.
Your personal data will be stored on our newsletter mailing list until you unsubscribe from the newsletter.
Data that you provide in connection with your participation in competitions, product testing and similar promotions will be used solely for the purpose of executing the promotion in question and, where applicable, identifying the winners. After this, your data will be deleted. The personal data of winners will be stored for as long as is necessary for the distribution of the relevant prizes.
Personal data processed in connection with our contact form will be deleted within 90 days of completion of processing, unless a longer retention period is necessary on grounds of verifiability, for customer service purposes or due to statutory retention periods.
9. DATA SECURITY
We take technical and organisational security measures to protect your data against unwanted access. In addition to safeguarding the operating environment, we use encryption procedures in connection with some areas of our website (e.g. online job applications, customer accounts and the contact form). The data you provide are then transferred in encrypted form using the Secure Socket Layer (SSL) protocol in order to protect against misuse of your data by third parties. The lock icon displayed in your browser’s status bar and ‘https’ at the start of the address shows that encryption is being used.
10. RIGHTS OF DATA SUBJECTS
In accordance with your right of access (Article 15 GDPR), MAXFIVE will provide you with information on what personal data of yours it stores and how they are used. In order to obtain this information, you can contact MAXFIVE at email@example.com.
Under Article 16 GDPR, you have the right to rectification of inaccurate personal data or completion of incomplete personal data without undue delay.
You are entitled to restrict the processing of your personal data (Article 18 GDPR) and have personal data stored by MAXFIVE erased (Article 17 GDPR). The data are usually erased without delay, and a maximum of one month after you make use of this right as a data subject. If erasure contravenes statutory or contractual retention obligations, or retention obligations under tax law or accounting law, or any other grounds established by law, processing of your personal data can be restricted, as opposed to them being erased. You can request the erasure of your personal data or the restriction of processing by writing to us at firstname.lastname@example.org.
If you would like to receive a copy of the personal data you have provided, MAXFIVE will transfer the data in a structured, commonly used and machine-readable format, in accordance with your right to data portability (Article 20 GDPR).
Where data are processed on the basis of our legitimate interests, you have the right to object to processing (Article 21 GDPR). In accordance with Article 21 GDPR, if we process your data on the basis of your consent (see point 4 above), you have the right to withdraw your consent at any time by writing to us by post at MAXFIVE GmbH Industriezentrum 3, Objekt 16, 2355 Wiener Neudorf, or by email at email@example.com. This does not affect the lawfulness of processing of your data carried out before you withdraw your consent.
11. CONTACT FOR MATTERS RELATED TO DATA PROTECTION LAW AND THE RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY
If you believe that your personal data have not been processed lawfully, please contact us by post at the above address or by email (firstname.lastname@example.org), so that we can address your concerns.
In order to exercise the rights specified in point 8 above in connection with our newsletter, please write to email@example.com.
If you believe that the processing of your personal data violates data protection regulations, you are entitled to lodge a complaint with a supervisory authority in the EU member state where your main place of residence or place of work is located. In Austria, this is the Austrian Data Protection Authority (firstname.lastname@example.org).
We hope that this notice has clearly explained the ways in which we process your personal data and for what purposes. If you have any questions about data protection in connection with our website, you can contact MAXFIVE’s Data Protection Officer at any time either by email at email@example.com or by post at MAXFIVE GmbH, IZ NÖ-Süd, Strasse 3, Objekt 16, 2355 Wiener Neudorf.
Last updated: January 2022