Search
Close this search box.
Search
Close this search box.

Privacy

1. basic information
Based on our legal obligation and because the protection of personal data is an important concern for us, we provide the following data protection information.

We would like to point out in advance that this information does not necessarily represent a comprehensive description of all our data processing activities. It is possible that we may use other data protection declarations, special
data protection notices or similar documents for specific constellations.

This data protection information may be subject to change. Therefore, only the current version on our homepage is valid.

2. Responsibility and contact
Stahl- und Walzwerk Marienhütte GmbH
Südbahnstra.e 11; 8020 Graz
Tel.: 0316/59750
Mail: datenschutz@marienhuette.at

3. Data sources
We process personal data that we receive from our customers, suppliers, other business partners and from individuals in the context of business relationships with them or their employers. To the extent necessary for the management of our company, we also process personal data that we receive from publicly accessible sources (e.g. debt registers, commercial and association registers, press, internet), from authorities or from third parties in accordance with the law (e.g. event organizers, network partners, etc.). In addition, we also process data in connection with the use of our website.

4. Data categories

  • Data from business relationships:
    Contact details of (potential) business partners; data from application documents
  • Data from public registers/administrative or court proceedings:Name; address; identification numbers, etc.
  • Data in connection with the use of our website: IP address, information about the device and settings, cookies, date and time of the visit, websites and content accessed, applications used (browser, etc.), referring website, localization data


5. legal basis and purposes of processing

We process personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the Austrian Data Protection Act and all other applicable legal standards. Our company has the following purposes for processing personal data

  • Fulfillment of contractual obligations
    First and foremost, personal data is processed in order to carry out our business activities, i.e. to conclude and implement contracts and to carry out pre-contractual measures.

  • Balancing of interests
    Beyond the actual fulfillment of the contract, we process personal data only insofar as this is necessary to protect our legitimate interests or the legitimate interests of third parties. Examples of this are

  • Data exchange with third parties (e.g. authorities, enforcement register to determine creditworthiness or default risks)
  • Processing of personal data in connection with an activity as an employee of one of our customers, business partners or suppliers
  • Cooperation with business partners and suppliers in the context of joint projects (organizational, process and project management)
  • Measures for business management (e.g. customer and supplier relationships), business development
  • Assertion of legal claims and defense in legal disputes and official proceedings
  • Ensuring IT security and IT operations (incl. access rights management);
  • Video surveillance of our factory premises

  • Consent of the data subject
    If consent has been given for the processing of personal data for specific purposes (e.g. storage of applicant data), the processing takes place primarily within the scope of the consent. Once consent has been given, it can be withdrawn at any time, but this does not affect the lawfulness of data processing up to the point of withdrawal.

  • Compliance with legal obligations
    As a company, we are subject to various legal obligations, the fulfillment of which may require the processing of personal data (e.g. from tax obligations).


6. data transfer to third parties
As part of our business activities and in accordance with the above-mentioned purposes, the transfer of personal data to third parties is permitted. In particular, the following categories of recipients may be involved:

  • Affiliated companies
  • Service providers (e.g. banks, insurance companies, consultants, IT providers, logistics service providers, telecommunications providers)
  • Dealers, suppliers, subcontractors and other business partners
  • Customers (e.g. joint projects)
  • Domestic and foreign authorities or courts


7. data transfer to an EU third country or to an international organization
There is currently no transfer of personal data to other EU countries or to an international organization.

8. security of processing
Taking into account the state of the art and the different probabilities of occurrence and risks to the rights and freedoms of natural persons, we make every reasonable effort to protect personal data. We strive to ensure that personal data is used properly and protected from unauthorized access, use or disclosure. To do this, we use a combination of process, technology and physical security controls. In addition, access to personal data is limited to employees, contractors and agents who need this data to perform their assigned functions to conduct our business activities.

9. Storage period
We process and store personal data as long as it is necessary for the fulfillment of the above-mentioned purposes. After these purposes cease to apply, the data concerned will be deleted or anonymized as far as possible, unless their - temporary - further processing is necessary on the basis of the following reasons:

  • Fulfillment of retention obligations under commercial and tax law
  • Retention of data for the period during which claims can be asserted against our company
  • Legitimate business interests require further storage (e.g. for evidence and documentation purposes)

 

With regard to the duration of the aforementioned purposes, it should be noted that our business relationships are generally continuing obligations that are designed to last for years.

10. Data protection rights
In accordance with and to the extent provided for by applicable law, the following data subject rights exist:

  • Right of access (Article 15 GDPR)
  • Right to rectification (Article 16 GDPR)
  • Right to erasure (Article 17 GDPR)
  • Right to object (Article 21 GDPR)
  • Right to data portability (Article 20 GDPR)


Proof of identity is required in order to exercise the aforementioned rights. Requests should be sent to the contact options listed under point 2. We would like to point out that the exercise of data subject rights may, under certain circumstances, conflict with the fulfillment of contractual obligations and may consequently result in the termination of contractual relationships.

In the event of a breach of the law, it is also possible to lodge a complaint with the Austrian data protection authority (Article 77 GDPR).

Contact
Barichgasse 40-42
1030 Vienna
Phone: +43 1 52 152-0
Email: dsb@dsb.gv.at