.png)
Ecoconcept
PRIVACY POLICY
Introduction
Thank you for taking the time to read our Privacy Policy.
Data protection is an issue that we take very seriously at our company. The visualization and use of the pages of our website is allowed without having to indicate any type of personal data. However, if a data subject wants to use the services made available through our website, personal data of that user may be requested and processed. If there is a need for the processing of personal data and there is no legal basis for such processing, we will ask for your consent.
The processing of personal data, such as the name, address, email address or telephone number of a data subject, as well as electronic identifiers, must always comply with the General Data Protection Regulation (RGPD) and in accordance with country-specific data protection and regulations applicable to our company.
Through this data protection declaration, the organization informs the general public of the nature, intention and purpose of the personal data that is collected, used and processed. In addition, data subjects are informed, through this data protection declaration, of their rights.
As data controller, our company has implemented numerous technical and organizational measures to guarantee the most complete protection of personal data processed through this website. However, data transmissions carried out over the Internet may eventually have security gaps, and absolute protection may not be guaranteed. For this reason, all data subjects are free to transfer personal data via alternative means, e.g. by email.
We suggest that you read the privacy statements of the sites to which links are created from this site, so that you can understand how external sites collect, use and share your information. Our company is not responsible for the privacy statements or other content on external websites.
Cookies
The Internet pages of our website use cookies. Cookies are text files that are stored on a computer system via an Internet browser.
Many Internet sites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier for the cookie. It consists of a series of characters by which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This information allows visited Internet sites and servers to differentiate the user's individual browser from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified using the cookie's unique ID.
Through the use of cookies, we can provide users of this website with friendlier navigation services that would not be possible without the cookie setting. By means of a cookie, the information and offers on our website can be optimized with the user in mind. Cookies allow us, as mentioned above, to recognize website users. The purpose of this recognition is to make it easier for users to navigate the website. The user of the website that uses cookies, for example, does not need to enter access data every time the website is visited, this information is directly assumed by the website, and the cookie is therefore stored on the user's computer system. Another example is a shopping cart cookie in an online store. The online store saves the information of the items that a user has placed in the virtual shopping cart through a cookie.
The data subject can, at any time, prevent the configuration of cookies through the website, using a corresponding configuration in the Internet browser used, thus being able to permanently deny the configuration of cookies. In addition, already set cookies can be deleted at any time via an Internet browser or other programs. This is possible on most popular Internet browsers. If the data subject deactivates the configuration of cookies in the Internet browser used, some functions of the website may not be fully available.
Data collection and general information
Our website collects a series of data and general information when a data subject or automated system accesses the website. This general data and information is stored in the server's log files.
Obtaining data can be:
(1) the types of browsers and versions used;
(2) the operating system used by the access system;
(3) the website from which an accessing system arrives at our website (so-called referrers);
(4) sub-sites;
(5) date and time of access to the Internet site;
(6) Internet address (IP address);
(7) access system Internet access provider;
(8) any other data and information that may be used in the event of attacks on our information technology systems.
By using these general data and information, we do not obtain specific information about the data subject. Rather, this information is needed to:
(1) present the website content correctly;
(2) optimize the content of the website, as well as the targeted advertising displayed (if applicable);
(3) ensure the long-term viability of our information technology systems and website technology;
provide authorities with information necessary for criminal prosecution in the event of a cyber attack.
Therefore, the organization statistically analyzes data and information collected anonymously, with the aim of increasing our company's data protection and data security, and guaranteeing an excellent level of protection for the personal data we process.
Anonymous data from server log files is stored separately from all personal data provided by the user.
Registration on the website
Although it is not yet available, there may be the possibility for the user (data subject) to register some personal data on the indicated website. The personal data transmitted to us is determined by the form used for registration.
The personal data entered by you are registered and stored exclusively for internal use by our company and for the purpose described in that same form.
When registering on our website, the IP address – assigned by the Internet Service Provider (ISP) as well as the date and time of registration will be stored. The storage of this data occurs as a safeguard that this is the only way to prevent misuse of our services and, if necessary, to enable the investigation of crimes committed.
You are then aware that the storage of this data is necessary for our protection as data controllers.
Data is not passed on to third parties, unless there is an issued obligation to transmit data, or if the transfer serves the purpose of criminal prosecution.
The registration of the user (data subject), with the voluntary indication of personal data, is intended to allow our website to offer the user contents or services that can only be offered to registered users due to the nature of the subject in question.
Registered persons are free to change or delete the personal data transmitted during registration at any time.
Website contact requests
Our website contains several communication methods that allow a quick contact with our company. This direct communication includes, for example, a general so-called electronic mail address (email address). If a data subject contacts the data controller by email or through a contact form, the personal data transmitted by the user will be automatically stored. The personal data voluntarily transmitted by the data subject to the data controller are stored for the purpose of subsequent communication. There is no transfer of this personal data to third parties.
Personal data deletion and blocking routines
Our company, as data controller, will process and store the user's personal data only for the period necessary to achieve the purpose for which the storage was carried out, or, to the extent authorized by the European legislator or other legislators in laws or regulations to which the data controller is subject.
If the storage purpose is not applicable, or if the storage period defined by the European legislator or another competent legislator expires, the personal data will be blocked or erased in accordance with legal requirements.
Data protection for applications and their treatment – Recruitment Forms
The data controller will collect and process the personal data of applications made by the user. This action may also be carried out electronically; an “application made electronically” is considered if a candidate sends the corresponding application documents by email or using a form on the data controller's website.
If the data controller enters into an employment contract with a candidate, the data sent will be stored for the purpose of processing the employment contract in accordance with legal requirements.
If no employment contract is concluded with the applicant, the application documents will be automatically deleted two months after notification of the refusal decision, provided that no other legitimate interest of the controller opposes the deletion of the data. Legitimate interest in this case may be, among others, a burden of proof in proceedings under the General Law on Equal Treatment (AGG).
Legal basis for treatment
Art. 6 (1) of the GDPR serves as the legal basis for data processing operations for which the user has consented. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case, for example, when processing operations are necessary for the supply of goods or to provide any other service, processing is authorized on the basis of Article 6(1)b GDPR. The same applies to such processing operations that are necessary for carrying out pre-contractual measures, for example in the case of queries regarding products or services.
Our company is subject to a legal obligation for which the processing of personal data is necessary, such as for example to comply with tax obligations, treatment based on art. 6 (1) lit. c GDPR. In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor was injured at the company and his name, age, health insurance details or other vital information had to be transmitted to a doctor, hospital or other. This action and respective treatment would be based on art. 6 (1) lit. of the GDPR.
Finally, data processing operations may be based on Article 6(1) of the GDPR code. This legal basis is used for processing operations not covered by any of the aforementioned legal bases, if the processing is necessary for the legitimate purposes pursued by the entity or a third party, unless these interests are overridden by the interests or fundamental rights and freedoms of the data subject requiring protection of personal data. Such processing operations are particularly admissible because they have been specifically mentioned by the European legislator. An assumed legitimate interest is considered if the data subject is a customer of the controller (recital 47, sentence 2, GDPR).
Legitimate interests in the company and third parties
Based on article 6.º, nº 1, of the RGPD, the legitimate interest is to carry out business, current and future, in favor of the well-being of all its employees and shareholders.
Personal data storage period
The criterion used to determine the period of storage of personal data is the respective legal retention period. After the end of this period, the corresponding data is deleted, provided that it is not necessary for the initiation or fulfillment of the contract.
Examples:
● Provision of personal data as a mandatory or contractual requirement;
● Necessary requirement to enter into a contract;
● Data subject's obligation to provide personal data.
We clarify that the provision of personal data is partially required by law (eg tax regulations) or may also result from contractual clauses (eg information about the contractual partner). Sometimes, in order to finalize a contract, it may be necessary for the user to provide us with personal data, which must be subsequently processed by our company.
The user (or our customer) is, for example, obliged to provide personal data when our company signs a contract with him.
Failure to provide personal data will result in the non-completion of the contract. Before personal data is provided by the user, the data subject must contact any employee. The employee clarifies to the data subject if the provision of personal data is required by law or contract or if it is necessary for the conclusion of the contract, if there is an obligation to provide the personal data and the consequences of the failure to transfer data to carry out the contract.
automatic decision makers
As a responsible entity, we do not use automatic decision makers or automatic profiling.
Changes to this statement
We will occasionally update this Privacy Policy in light of company and customer feedback. We encourage you to periodically review this statement so that you are up to date on how our company protects your information.
contact information
Our company appreciates your comments regarding this Privacy Policy. If you believe that our company has not complied with this declaration, please contact us, see the tab: contacts on our website.