Privacy Policy
Data Controller pursuant to Art. 4 (7) GDPR
ROBIA GmbH & Co KG
Blumauweg 32, 8530 Deutschlandsberg
E-Mail: robia@robia-boeden.at
The protection of your personal data is important to us.
We process your data exclusively on the basis of the legal provisions (GDPR, DSG 2018, TKG
2003). This data protection declaration provides information about the processing of your personal data within the framework of our website www.robia-boeden.at (“Website”).
1. Personal Data
Personal data is any information relating to an identified or identifiable natural person. This includes, for example, name, address, email address, IP address or user behavior.
Data Minimization:
We observe the principle of data minimization and only collect the data that is absolutely necessary for the respective processing purposes.
2. Processing of Personal Data When Visiting the Website
When you visit our website, access data is stored in so-called web server log files. This includes:
• IP address
• Date and time of access
• Browser type and version
• Operating system
• Referrer URL
• Internet service provider
• Name of the accessed website/file
• Data volume transferred
• Status of the retrieval
Purpose of Data Processing:
This data is used to analyze and improve the website, to troubleshoot errors and to ensure server capacity. If there is a concrete suspicion of unlawful use, the data will be used for legal prosecution.
Legal Basis:
Art. 6 Paragraph 1 Letter f GDPR (legitimate interest in ensuring the online offering and data security).
Storage Duration:
The log files are stored for a maximum of 14 days and then automatically deleted, unless a security-relevant event requires longer storage.
3. Cookies
Technical Cookies
Our website uses cookies to provide certain functions and to increase user-friendliness.
Legal Basis for Cookies:
The use of cookies is based on Art. 6(1)(f) GDPR (legitimate interest in enhancing functionality and ensuring data security) and Art. 6(1)(c) GDPR (legal obligation).
Cookie Management
We use the Real Cookie Banner tool to manage cookies. Details can be found at: https://devowl.io/de/rcb/datenverfahren.
Legal Basis:
Art. 6 Paragraph 1 Letter c GDPR (legal obligation) and Article 6 Paragraph 1 Letter f GDPR
(legitimate interest).
Consent Management
Your consent to the use of cookies will be documented and stored.
This documentation serves to demonstrate our GDPR compliance and is used for the legally required purposes stored for a period of time. You can change or revoke your consent at any time.
Opt-Out Options
You can manage your preferences for data collection by using the following opt-out tools:
• Google Opt-Out Add-on: https://tools.google.com/dlpage/gaoptout/
• Facebook Opt-Out: https://www.facebook.com/settings?tab=ads
Cookie Settings
You can manage your cookie preferences at any time via the "Cookie Settings" button at the bottom of the website. Options include essential, functional, and marketing cookies.
Additional Information
A detailed overview of the cookies we use, their purposes, and retention periods is provided in our Cookie Policy, available on our website.
4. Voluntary Nature of Providing Personal Data
Voluntariness of the provision:
The provision of your personal data is generally voluntary. However, without providing certain information (e.g. contact details for inquiries), we may not be able to provide all of the functions of our website or process your inquiries.
5. Right to Object to Direct Marketing
Right to object:
You can object to the processing of your personal data for direct advertising purposes at any time. This also applies to profiling insofar as it is connected to such direct advertising. You can send your objection by email to robia@robia-boeden.at.
6. Newsletter
To register for our newsletter we need your email address as well as your first and last name.
Purpose:
To send newsletters.
Legal Basis:
Art. 6(1)(a) GDPR (consent). You may withdraw your consent at any time, e.g., via the unsubscribe link in the newsletter.
Storage Duration:
Your data is retained until you unsubscribe from the newsletter, unless otherwise required by law.
7. Third-Party Services and External Data Processing
Google Analytics & Tag Manager
We use Google Analytics and Google Tag Manager to optimize the website. Data collected includes:
• IP address (anonymized)
• Usage behavior (e.g. pages visited, length of stay)
• Device type, operating system, browser
• Origin of the visitor (e.g. B. search engine or link)
Legal Basis:
Art. 6 Paragraph 1 Letter a GDPR (consent).
Storage Duration:
Anonymized user data is deleted after 14 months. For more information, visit the Google Privacy Policy: https://policies.google.com/privacy.
Facebook Pixel
Our website uses Facebook Pixel to display targeted advertising and to measure the effectiveness of these advertisements. Data collected:
• IP address
• User behavior on the website (e.g. clicks)
• Browser and device information
Legal Basis:
Art. 6 Paragraph 1 Letter a GDPR (consent).
Storage Duration:
Data collected via Facebook Pixel is stored for up to 90 days. Further information can be found at https://www.facebook.com/about/privacy.
8. Automated Decision-Making and Profiling
Profiling and automated decision-making:
As part of our marketing efforts, we use profiling to provide you with personalized content or advertising. This is done based on your interactions with our website.
However, there is no automated decision-making that brings you legal or similar significant consequences.
Legal Basis:
Art. 6 Paragraph 1 Letter a GDPR (consent).
9. Storage Duration
We store personal data only as long as necessary to fulfill the respective purposes or as legally required. Key retention periods include:
• Access data (log files): 14 days
• Data from contact requests: 6 months after processing the request, provided there are no statutory retention periods
• Data for sending newsletters: Until revoked Consent
• Data for marketing purposes (e.g. Facebook Pixel): 90 days (unless otherwise stated by the provider)
10. Protection of Minors
Our services are not intended for individuals under 16 years of age. We do not knowingly collect personal data from minors. If such data is discovered, it will be promptly deleted.
11. Security Measures
We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, loss, or destruction. These measures are regularly reviewed and updated to align with technological advancements.
SSL/TLS Encryption:
Our website uses SSL or TLS encryption to protect your data during transmission. You can recognize this by the “https://” address and the lock symbol in the browser bar.
12. Rights of the Data Subject
You have the following rights with regard to your personal data:
• Information: You can request information at any time about whether and which personal data we process about you (Article 15 GDPR ).
• Correction: If your data is incorrect or incomplete, you can request that it be corrected (Art. 16 GDPR).
• Deletion: You have the right to request the deletion of your data, unless legally required or contractual retention periods (Art. 17 GDPR).
• Restriction of processing: In certain cases you can request the restriction of the processing of your data (Art. 18 GDPR).
• Data portability: You have the right to your to receive data in a machine-readable format or to have it transferred to a third party (Art. 20 GDPR).
• Objection: You can object to the processing of your data if this is based on legitimate interests (Art. 21 GDPR).
• Revocation of consent: If the data processing is based on your consent, you can revoke this at any time with future effect (Art. 7
Para. 3 GDPR).
Exercising your rights:
To assert your rights, please contact us at robia@robia-boeden.at.
We will process your inquiries in the Usually within 30 days. In exceptional cases, e.g. B. for complex requests, the processing time can be extended. In such a case, we will inform you in good time.
13. Complaints
If you believe your data is being processed unlawfully, you can file a complaint with:
Austrian Data Protection Authority
Barichgasse 40-42, 1030 Vienna
Telephone: +43 1 52 152-0
Email: dsb@dsb.gv.at
14. Transfer of Data to Countries outside the EU
Data Transfer to Third Countries:
When you use certain services (e.g. Google services), your data will be transferred to USA or other third countries. According to the European Court of Justice, the USA is considered a country without an adequate level of data protection.
We use standard contractual clauses approved by the European Commission. These ensure that an appropriate level of data protection is guaranteed even when your data is transferred to countries outside the EU. However, there is a risk that US authorities may gain access to your data without effective legal remedies being available to you as an EU citizen.
Legal Basis:
Art. 49 Para. 1 lit. a GDPR (consent) or Art. 6 Para. 1 lit. f GDPR (legitimate interest).
15. Updates to this Privacy Policy
We reserve the right to adapt this privacy policy as necessary to comply with legal requirements or to implement changes to our services. This privacy policy will be reviewed and updated regularly, particularly if we introduce new technologies or services that require changes to the way we process your personal data. We will inform you of any significant changes on our website in a timely manner.
Last updated: November 2024
Contact for Data Protection questions
If you have any questions or comments about this data protection declaration, or if you would like to assert your rights as a data subject, you can contact us at any time at robia@robia-boeden.at. We always strive to resolve your concerns as quickly as possible.
Detailed overview of cookies and data in the browser
Essential Services:
Essential services are required for the basic functionality of the website. They only contain technically necessary services. These services cannot be refused.
Elementor:
This website uses Elementor to create a responsive and create a user-friendly layout. The data collected is not used for analysis purposes, but is simply used to ensure that, for example, hidden items do not reappear during multiple active sessions. Cookies or cookie-like technologies can be stored and read. These are used to store the number of page views and active sessions of the user. The legitimate interest in using this service lies in the simple and user-friendly implementation of the layouts used.
Use on a legal basis by: Legitimate interest
WordPress:
WordPress is the content management system this website and allows registered users to log in to the system. Cookies or cookie-like technologies can be stored and read. These can store a session hash, login status, user ID and user-related settings for the WordPress backend. This data can be used to allow the browser to recognize you as a logged in user.
Use on a legal basis by: Legitimate interest
Real Cookie Banner:
Real Cookie Banner asks website visitors to consent to the storage of cookies and the processing of personal data. For this purpose, each website visitor is assigned a UUID (pseudonymous identification of the user), which remains valid until the cookie expires in order to store consent. Cookies are used to check whether cookies can be set, to store references to documented consent, to record which services from which service groups the visitor has consented to, and - if consent is given in accordance with the Transparency & Consent Framework (TCF). – to store consents to TCF partners, purposes, special purposes, functions and special functions.
As part of the disclosure obligation under the GDPR, the consent given is fully documented. This includes, in addition to the services and service groups to which the visitor has consented and, if consent has been given in accordance with the TCF standard, the TCF partners, purposes and functions to which has been consented, all cookie banner settings at the time of consent as well as the technical circumstances (e.g. size of the displayed area when giving consent) and the user interactions (e.g. clicking on buttons) that led to consent. Consent is obtained once per language.
Use on a legal basis by: Fulfillment of a legal obligation.
Functional services:
Functional services are necessary to provide features beyond basic functionality, such as: E.g. nicer fonts, video playback or interactive Web 2.0 functions. Contents of e.g. B. Video platforms and social media are blocked by default and can be consented. If the service is consented, this content will be loaded automatically without the need for further manual consent.
Vimeo:
Vimeo allows you to embed content published on vimeo.com into websites to enrich them with videos. This requires the processing of the user's IP address and other metadata. Cookies or similar technologies can be stored and read. This may include personal data as well as technical data such as user IDs, consents, security tokens, language, video player settings, interactions with the service and the account used. This data may be used to record websites visited and detailed statistics on user behavior and to improve Vimeo's services. Vimeo may associate this data with the data of users logged into Vimeo websites (e.g. vimeo.com). The data can also be used for profiling, e.g. B. to offer personalized services, such as interest-based advertising or recommendations. Vimeo shares personal information with authorized service providers, advertisers, analytics providers, affiliates and consultants and uses reasonable efforts to review the privacy and data security practices of the providers.
Use on a legal basis by: Consent
Statistical services:
Statistical services are required to collect pseudonymous data about website visitors. This data allows us to better understand visitors and optimize the website.
Google Analytics:
Google Analytics creates detailed statistics about user behavior on the website in order to obtain analytical information. This requires processing a user's IP address and metadata that can be used to determine a user's country, city and language. Cookies or cookie-like technologies can be stored and read. This may include personal data and technical data such as user ID, which may provide the following additional information:
– Time information about when and how long a user was or is on the various pages of the website
– Device category (desktop, mobile and tablet), platform (web, iOS app or Android app), browser and screen resolution a user used
– where a user came from (e.g. website of origin, search engine including the searched term, social media platform, newsletter, organic video, paid search or campaign)
– whether a user belongs to a target group or not
– what a user did on the website and what events were triggered by the user's actions (e.g. page views, user engagement, scrolling behavior, clicks, added payment information and custom events such as e-commerce tracking)
– Conversions (e.g. whether a user purchased something and what was purchased)
– Gender, age and interests, if an assignment is possible
This data could also be used by Google to record the websites visited and to improve Google's services. They can be linked to other Google products (e.g. Google AdSense, Google Ads, BigQuery, Google Play) that the website operator uses via several domains operated by this website operator. They can also be linked by Google to the data of users who are logged in to Google's websites (e.g. google.com). Google shares personal data with its affiliates and other trusted companies or individuals who process this data on their behalf based on Google's instructions and in accordance with Google's privacy policy. They can also be used for profiling by the website operator and Google, e.g. B. to offer a user personalized services, such as: B. Ads based on a user's interests or recommendations.
Use on a legal basis by: Consent
Marketing services:
Marketing services are used by us and third parties to track the behavior of individual visitors (across multiple pages), analyze the data collected and, for example, display personalized advertisements. These services allow us to track visitors across multiple websites.
Facebook Pixel:
Facebook Pixel helps to determine whether you are the target audience for presenting ads within the Facebook advertising network. The Facebook Pixel also allows to track the effectiveness of Facebook Ads. With the additional "extended comparison" feature, information stored in your Facebook account, such as email addresses or Facebook IDs of users, is used in encrypted form to target audiences. Cookies are used to differentiate users and to record their behavior on the website in detail and to link this data with advertising data from the Facebook advertising network. This data can be linked to the data of users registered on facebook.com with their Facebook accounts. Your behavior may also be tracked via server-to-server communication, for example, if you purchase a product from the online store, our server may report back to Facebook which ad you clicked on to start the purchase process.
Use on a legal basis by: Consent
Google Ads:
Google Ads Conversation Tracking tracks the conversion rate and success of Google Ads campaigns. Cookies are used to differentiate users and track their behavior on the site in detail and to link this data with advertising data from the Google Ads advertising network. In addition, the data is used for so-called “remarketing” in order to show targeted advertising again to users who have already clicked on one of our advertisements within the Google Ads network. This data may be linked to data about users logged into their Google Accounts on google.com or a localized version of Google.
Use on a legal basis by: Consent
Google Tag Manager:
Google Tag Manager is a service for managing tags triggered by a specific event that injects a third script or sends data to a third service. No cookies in the technical sense are set on the client of the user, but technical and personal data such as the IP address will be transmitted from the client to the server of the service provider to make the use of the service possible. Google Tag Manager makes it possible to configure and manage tags (e.g. integration of third-party services, tracking of events, forwarding of collected data between different services and similar actions). This requires processing the user’s IP-address and metadata. The data is processed to provide the functionalities of the Google Tag Manager and to improve Google's services. Google provides personal information to their affiliates and other trusted businesses or persons to process it for them, based on Google's instructions and in compliance with Google's privacy policy.
Use on a legal basis by: Consent
