The protection of your privacy and your data is very important to us and is always taken into account in all business transactions.

In principle, you can use our website without providing personal data. However, other regulations may apply to individual services, which we will inform you about separately below.

The purpose of processing your personal data (hereinafter referred to as “data”) is to provide you with information about the products we manufacture for the footwear industry, the orthopaedics industry and the technical industry. In this privacy policy we inform you, among other things, about

– the name and contact details of the controller
– all purposes for which your data are processed
– the legal bases on which the processing activities are based, including our legitimate interest, if applicable
– all recipients of your data
– any transfer of your data to a third country and the presentation of the legal basis for this
– the storage duration of your data or the criteria for determining the duration
– the categories of your data that are processed
– the origin of your data
– the rights of the data subjects

MUCOS Korkproduktions GmbH, A-4925 Pramet 67, Tel: 0043-7754-70198, Email: bssvpr@zhpbf-xbex.ng.

No data protection officer has been appointed, as this is not required by law.

You have the following rights vis-à-vis us with regard to your personal data:

– Right of access
– Right to rectification or erasure
– Right to restriction of processing
– Right to object to processing
– Right to data portability
– Right to withdraw your consent

You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.

You can contact us at any time if you have further questions on the subject of personal data.

Right to information

You have the right to receive free information from us at any time about the personal data stored about you and a copy of this information, including information about

– the purposes of processing
– the categories of personal data that are processed
– the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations
– where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period
– the existence of a right to rectification or erasure of personal data concerning you or to restriction of processing by us or a right to object to such processing
– the existence of a right to lodge a complaint with a supervisory authority
– if the personal data is not collected from the data subject: All available information about the origin of the data
– the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

Furthermore, you have a right to information as to whether personal data has been transferred to a third country or to an international organization. If this is the case, you also have the right to receive information about the appropriate guarantees in connection with the transfer.

Right to rectification

You have the right to demand the immediate correction of incorrect personal data concerning you.

Furthermore, you have the right to request the completion of incomplete personal data – also by means of a supplementary declaration – taking into account the purposes of the processing.

Right to erasure

You have the right to obtain from us the erasure of your personal data without undue delay where one of the following grounds applies and insofar as the processing is not necessary:

– The personal data was collected or otherwise processed for purposes for which it is no longer necessary.
– You revoke your consent on which the processing was based pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR and there is no other legal basis for the processing.
– You object to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) GDPR.
– The personal data was processed unlawfully.
– The deletion of personal data is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject.
– The personal data was collected in relation to information society services offered in accordance with Art. 8 para. 1 GDPR.

Right to be forgotten

If we have made the personal data public and if our company is obliged to erase the personal data as the controller pursuant to Article 17(1) GDPR, we shall take reasonable steps, including technical measures, taking into account the available technology and the cost of implementation, to inform other controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, those personal data, as far as processing is not required.

Right to restriction of processing

You have the right to obtain from us restriction of processing where one of the following applies:

– The accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of the personal data.
– The processing is unlawful, you oppose the erasure of the personal data and request the restriction of the use of the personal data instead.
– We no longer need the personal data for the purposes of the processing, but you need it for the establishment, exercise or defense of legal claims.
– You have lodged an objection to the processing pursuant to Art. 21 para. 1 GDPR and it is not yet clear whether our legitimate reasons outweigh yours.

Right to data portability

You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format.

You also have the right to transmit this data to another controller without hindrance from us, provided that the processing is based on consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR or on a contract pursuant to Art. 6 para. 1 lit. b GDPR and the processing is carried out by automated means, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.

Furthermore, in exercising your right to data portability, you have the right to have the personal data transmitted directly from us to another controller, where technically feasible and provided that this does not adversely affect the rights and freedoms of others.

Right to object

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR. This also applies to profiling based on these provisions.

In the event of an objection, we will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

If we process personal data for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for the purpose of such marketing. This also applies to profiling insofar as it is associated with such direct advertising.

If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes.

You also have the right to object, on grounds relating to your particular situation, to processing of personal data concerning you which is carried out by us for scientific or historical research purposes or statistical purposes pursuant to Article 89(1) GDPR, unless such processing is necessary for the performance of a task carried out for reasons of public interest.

Automated decisions in individual cases including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, provided that the decision (1) is not necessary for entering into, or performance of, a contract between you and us, or (2) is authorized by Union or Member State law to which we are subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or (3) is based on your explicit consent.

Right to withdraw consent under data protection law

You have the right to withdraw your consent to the processing of personal data at any time. However, your revocation does not affect the legality of the data processing carried out until the revocation.

Our Website and Services are not intended for use by minors, and we do not wish to collect information from minors. If a parent or guardian of a minor believes that their child may have provided us with personal information, please write to us at the contact details below and we will delete that personal information, subject to applicable law and this Policy.

We use appropriate technical and organizational measures and security precautions (TOMs) to prevent unauthorized access, unlawful processing and unauthorized or accidental loss of your data.

This includes, for example, the encryption of your communication with us via this website based on the Secure Socket Layer (SSL) encryption protocol.

You can check the quality of our encryption here: https://www.ssllabs.com/ssltest

It is important for us to point out that data transmission on the Internet can have security gaps, as complete protection against access by unauthorized third parties is not possible.

The server on which this website is hosted is located in Germany and is operated by Mittwald CM Service GmbH & Co KG, with which a (sub)processing agreement has been concluded.

For more details, please visit https://www.mittwald.de/datenschutz.

Our website collects a range of general data and information each time you access it via an automated system.

This general data and information is stored in the log files of our server by Mittwald CM Service GmbH & Co KG in Germany.

The following can be recorded

– the browser types and versions used
– the operating system used by the accessing system
– the website from which an accessing system accesses our website (so-called referrer)
– the sub-websites which are accessed via an accessing system on our website
– the date and time of access to the website
– an Internet Protocol address (IP address)
– the Internet service provider of the accessing system
– other similar data and information that serve to avert danger in the event of attacks on our information technology systems.

When using this general data and information, we do not draw any conclusions about you.

This information is required in order to

– to correctly deliver the content of our website
– to optimize the content of our website and the advertising for it
– to ensure the long-term functionality of our information technology systems and the technology of our website
– to provide law enforcement authorities with the information necessary for criminal prosecution in the event of a cyber attack.

We evaluate this anonymously collected data and information both statistically and with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal level of protection for you. In any case, we may process this data on the basis of our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR.

The logs are stored separately from all personal data provided by you and are also deleted after a maximum of 90 days.

You can find information on the use of cookies and information on your corresponding options and rights in our cookie banner.

You can currently send us an email, contact us by telephone, fax, post or in person. Please note that unencrypted emails sent via the Internet are not adequately protected against unauthorized access by third parties.

Website contact form

If you would like to request a callback from us using the appropriate form, it is necessary for you to provide the personal data listed below, which we require to process your request. To prevent unauthorized access to your personal data by third parties, the order process is encrypted using SSL technology.

If you contact us, e.g. simply to obtain information from us, we will process your data for this purpose. If you contact us to conclude a contract, for example, we process your data for this purpose.

Website contact form

We process the data you provide in order to be able to answer your request in the best possible and personalized way and to be able to determine from which country/location a request originates

To process your order or purchase order, including customer support

If you provide your order or order data via e-mail, contact us by telephone, fax, post or in person, the data you provide, including your personal data, will be processed by us and the recipients named below as part of our business relationship with you for (pre-)contract processing, in order to process and manage your contract and to support you as a customer.

Marketing (general)

To initiate business and intensify the business relationship with existing and potential customers.

If you contact us, e.g. simply to obtain information from us, we may process your data on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR or Art. 6 para. 1 lit. f GDPR. If you contact us, e.g. to conclude a contract, we may process your data on the basis of Art. 6 para. 1 lit. b GDPR and, if necessary, store it on the basis of Art. 6 para. 1 lit. c GDPR.

Website contact form

If we receive a request from you for a callback, the legal basis is Art. 6 (1) (a), Art. 6 (1) (b) or Art. 6 (1) (f) GDPR, depending on the content of the message.

Order or purchase order

The processing of your data, including the personal data provided by you, is carried out by us and the recipients listed below on the legal basis of Art. 6 para. 1 sentence 1 lit. b in order to be able to process the service, work or purchase contract in question appropriately, for correspondence with you and to identify you as a customer. The data processing takes place at your request and is necessary for the stated purposes for the appropriate processing of the contract.

Marketing (general)

The legal basis is our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR. The legitimate interest is our interest in initiating business and intensifying the business relationship with existing and potential customers.

In general, we expressly request that you do not disclose any data to us that is likely to be of little or no relevance to the purpose intended by you; this applies in particular to special categories of personal (“sensitive”) data. The provision of information by you is purely voluntary.

Information

If you contact us simply to obtain information from us, we will process the data you provide.

Website contact form

If we receive a request from you for a callback, our web host logs and stores the date/time of registration and the IP address from which the registration was received. This is only for evidence purposes in the event that an e-mail address or telephone number is used by an unauthorized person. The required mandatory information is marked separately. The provision of further information is voluntary.

Order or orders

We process the necessary mandatory information for the processing of contracts; further information is voluntary.

Marketing (general)

Depending on what you have voluntarily provided to us, your data processed by us may include the following:

– Your contact details (name, address, telephone number, e-mail address, etc.)
– Content of previous orders

Your data may be disclosed in whole or in part, but only to the extent and to the extent necessary, to the following controllers:

– Banks (payment transactions – Austria)
– Tax consultants (accounting – Austria)
– Debt collection agencies (debt collection – Austria)
– Legal representatives (law enforcement – Austria)
– Courts (law enforcement – Austria)
– Administrative authorities (Austria)

In addition, your data may be passed on to the following recipients as (sub)processors; a (sub)processing agreement has been concluded with all of them and the appropriate technical and organizational measures (TOMs) have been verified:

– Innpuls Werbeagentur GmbH (marketing agency, Austria)
– Mittwald CM Service GmbH & Co KG, (web hosting, webmail, Germany)

Your data will be stored in a form that allows you to be identified only for as long as is necessary for the purpose for which it is processed.

Information

By providing us with your data via email, contacting us by telephone or in person, you expressly consent to your data, including the personal data you have provided and any unsolicited and voluntarily provided special categories of personal data, being processed by us and the above-mentioned recipients for the duration of the processing of the information in question.

If you contact us merely to obtain information from us, your data will therefore either be deleted immediately or deleted after a reasonable period of time corresponding to the content of the communication, depending on the content of the communication.

If you withdraw your declaration of consent, we will delete (or have deleted) all your data – including cumulative data – from all databases.

Order or purchase order

Due to company and tax law requirements, we are obliged to store your address, payment and order data for a period of 7 years. If you contact us to conclude a contract, the data will be deleted at the end of the 7th year after the last receipt has been posted (§ 132 BAO). If a contract is concluded, all data from the contractual relationship will therefore be stored until the end of this period.

Statutory/legal retention obligations or contractual obligations, e.g. towards customers arising from warranty or compensation or towards contractual partners, are a further basis for continuing to store your data. (Art 6 para 1 lit c GDPR; Art 17 para 3 lit e GDPR).

The data categories name, address, purchased goods and date of purchase are also stored until the expiry of product liability (10 years).

Marketing (general)

Marketing data is stored for 3 years after the last contact.