Welcome to the Checklens GmbH website.
The EU General Data Protection Regulation, and the Data Protection Amendment Act 2018 serve the right to protection of personal data. We process your data exclusively on the basis of the statutory provisions (DSGVO/GDPR, DSG, TKG 2003).
Data protection at a glance
The following notes provide a simple overview of what happens to your personal data when you visit our website. Personal data is any data with which you can be personally identified. For detailed information on the subject of data protection, please refer to our data protection policy listed below.
Data collection on our website
– Who is responsible for data collection on this website?
The data processing on this website is carried out by the website operator Checklens GmbH Strubergasse 26, 5020 Salzburg, email@example.com.
– How do we collect your data?
On the one hand, your data is collected when you provide it to us. This may be data that you enter in a contact form or in an e-mail that you send to us. Other data is automatically collected by our IT systems when you visit the website. These are mainly technical data (e.g. internet browser, operating system or time of the page ID). This data is collected automatically as soon as you enter our website. Additionally, we invite applicants to forward Checklens GmbH their applications: These applications can include First Name, Last Name, E-Mail, Phone number, CV/Portfolio and Images/Additional documents such as cover letters. This data will be stored for a maximum period of four weeks after a final decision and applicants receive further information from Checklens, whether the application process will be continued, the personal data will be deleted, or whether applicants agree that their personal data will be stored for another period of 18 months in case further job openings arise. This will require the individual’s consent in writing or by phone then.
Which data do we collect?
We collect personal data through our newsletter double opt-in form. The information is provided directly by you. With every E-Mail you have the chance to unsubscribe from the newsletter after which your data will be deleted.You can also unsubscribe from our newsletter at any time by sending an e-mail to firstname.lastname@example.org.
User data: When you register on our website or fill out our contact form or e-mail form, we collect the personal data you provide, such as your e-mail address and company name, as well as your request.
Technical data: We record the Internet browser used, the browser language, your operating system, the files requested on our website, your Java settings, screen resolution, colour depth, your clicking behaviour on the website (time of access, clicks) and the website from which you visit us.
For which purposes and according to which legal basis do we process your data?
We process your personal data
- based on the consent you have given (Art. 6 lit a GDPR), for example in connection with the newsletter entry form (double opt-in) or via sending in your application through our website;
- on the basis of our overriding legitimate interest (Art. 6 lit f GDPR) in making our information offering and internal and external communication in these matters efficient, as well as in improving our services and our website and ensuring its operation, security, optimisation and user-friendliness;
- to personalise the services for users of the website by temporarily storing search parameters;
- to arrange appointments and fulfill contracts (Art. 6 lit. b GDPR), for billing purposes and for customer service;
If you contact us by e-mail, telephone or contact form your inquiry including all personal data (name, inquiry, application) resulting from it will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.
We process your personal data, such as name, telephone number, e-mail address and business address, as far as necessary for the duration of the entire business relationship (from the initiation, processing to the termination of a contract) and furthermore in accordance with the legal storage and documentation obligations, which result from the Austrian Enterprise Code (UGB), the Federal Fiscal Code (BAO), among others, as well as until the end of any legal dispute, ongoing warranty and guarantee periods, etc. if no longer periods are provided for by law, your data will be stored for a maximum of 1 year, sometimes much shorter, and then deleted.
Is personal data transmitted to third parties?
Insofar as this is necessary for the above-mentioned purposes, we transmit your data to the following recipients:
- Tax and booking software
- external IT and cloud service providers, mail & web host, newsletter provider Sendinblue
In the event that data is transferred to so-called data processors (mail and web host, IT service provider, etc.), so-called data processing agreements are concluded, which cover the scope of the processing, the storage period, the procedure after the processing has been completed and the technical-organisational measures. If the data processor itself concludes contracts with third parties for the processing of personal data, it also ensures that the contractually stipulated protective measures are taken.
From which other sources do we collect your personal data, if they have not been collected from you (Art 14 GDPR)?
If data is obtained from other sources, it is exclusively publicly accessible information that we obtain from the Internet including social networks. Usually, this is data that we obtain about you from third sources and store in our systems, such as contact information (e-mail address and telephone number, postal address, location of the business license), if this data has not already been disclosed in the communication.
What rights do you have regarding your data?
You have the right to receive information free of charge about the origin, recipient and purpose of your stored personal data at any time. You also have the right to demand the correction, blocking or deletion of this data. For this purpose, as well as for further questions on data protection, you can contact us at any time at the address given in the legal notice / imprint at Checklens GmbH Strubergasse 26, 5020 Salzburg, email@example.com.
Furthermore, you have the right of appeal to the responsible supervisory authority.
When you visit our website, your surfing behaviour can be statistically evaluated. This is done via a specific Java script that starts a hashing mechanism to irreversibly anonymize your IP-address. Your IP address will not be recognized on a revisit. The surfing behavior cannot be traced back to you.
General information, compulsory information and rights of data subjects
We would like to point out that data transmission on the Internet (e.g. communication by e-mail) can have security gaps. A complete protection of data against access by third parties is not possible.
Right of access to information
You are basically entitled to the rights of information, correction, deletion, restriction, data transferability, revocation and objection. You have the right to obtain confirmation from the data controller as to whether your personal data are being processed and the category to which they belong; if this is the case, you have the right to obtain information on these personal data and the information that follows:
- the purposes of the processing;
- the categories of personal data being processed;
- the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular in the case of recipients in third countries or international organisations;
- if possible, the envisaged duration for which the personal data will be stored or, if that is not possible, the criteria for determining that duration;
- we inform you of the existence of a right of rectification or erasure of personal data concerning you or of a right of opposition to or limitation of the processing by the controller;
- about the right to data transferability of your data;
- and the existence of a right of appeal to a supervisory authority.
If you make use of your right of access, the person responsible (contact details again at the end of the document) will provide you with a copy of the personal data that is the subject of the processing. For any further copies that you request, the controller may charge a reasonable fee based on the administrative costs. If you submit the request electronically, the information will be provided in a standard electronic format that you have indicated as secure, unless you indicate otherwise.
Right of rectification
You have the right to ask the data controller to correct any inaccurate personal data concerning you without delay. Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data, including by means of a supplementary declaration.
Right of cancellation / Right to be “forgotten
You have the right to request the controller to delete personal data concerning you without delay and the controller is obliged to delete personal data without delay if one of the following reasons applies:
- the personal data are no longer necessary for the purposes for which they were collected or otherwise processed
- You object (Art. 21 para. 1 or para. 2 GDPR) to the processing and there are no overriding legitimate reasons for processing in the event of an objection pursuant to Art. 21 para. 1 GDPR.
- The personal data were processed unlawfully.
- The deletion of personal data is necessary to comply with a legal obligation under Union law or the law of the Member States to which the controller is subject.
If the data controller has made the personal data public and is obliged to delete them, he shall take reasonable steps to inform other controllers (e.g. processors) who process the personal data that you have requested the deletion of those personal data.
Right to limit processing
You have the right to obtain from the data controller the restriction of the processing if one of the following conditions is met:
- you contest the accuracy of the personal data, for a period of time sufficient to enable the controller to verify the accuracy of the personal data;
- the processing is unlawful, you object to the deletion of the personal data and instead demand the restriction of the use of the personal data;
- the data controller no longer needs the personal data for the purposes of the processing, but you need them for the purpose of asserting, exercising or defending legal claims;
- you have lodged an objection pursuant to Art. 21 para. 1 GDPR, as long as it has not yet been established whether the legitimate reasons of the data controller outweigh yours;
- if you have obtained a restriction on processing, you will be informed by the controller before the restriction is lifted.
Duty to notify in connection with the correction or deletion of personal data or the restriction of processing
The controller shall notify all recipients to whom personal data have been disclosed of any rectification or erasure of personal data or any limitation of processing, except where this proves impossible or involves a disproportionate effort. The data controller shall inform you of these recipients if you so request.
Right to data transferability
You have the right to receive the personal data concerning you that you have provided to the controller in a structured, common and machine-readable format and you have the right to communicate such data to another controller without interference from the controller to whom the personal data has been provided, provided that
- the processing is based on a contract (Art. 6 para. 1 lit b GDPR) and
- the processing is carried out by means of automated procedures.
When exercising your right to data transferability, you have the right to obtain that personal data be transferred directly from one data controller to another data controller, as far as this is technically feasible. Exercising your right to data transferability does not affect your right to request deletion.
Right of objection
You have the right to object at any time to the processing of personal data concerning you, which is carried out on the basis of Art. 6 Paragraph 1 letter e or f GDPR.
The data controller will no longer process the personal data unless he can demonstrate compelling reasons for processing that are worthy of protection, which outweigh your interests, rights and freedoms, or unless the processing serves to assert, exercise or defend legal claims. Where personal data are processed for the purpose of direct marketing, you have the right to object, at any time, to the processing of personal data concerning you for the purpose of such marketing, including profiling, where it is linked to such direct marketing. If you object to processing for the purposes of direct marketing, your personal data may no longer be processed for those purposes.
Responsible body / data controller
The person responsible for data processing on this website is Strubergasse 26, 5020 Salzburg, firstname.lastname@example.org.
Data protection officer
Konstantin Heiller, Gentzgasse 69, 1180 Vienna
The responsible body is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g. names, e-mail addresses or similar).
Right of appeal to the competent supervisory authority
In the event of violations of data protection law, the person concerned has a right of appeal to the competent supervisory authority. The competent supervisory authority in matters of data protection law is the State Data Protection authority in which our company is based. Austrian data protection authority: https://www.dsb.gv.at/
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If the SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.
Objection to advertising mails (SPAM)
We hereby object to the use of contact data published within the scope of the imprint obligation to send advertising and information material not expressly requested. The operators of this website expressly reserve the right to take legal action in the event that unsolicited advertising information is sent, for example by spam e-mails.
Data collection on our website
Provision of the website, creation of log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Visited website
- Time at time of access
- Amount of data sent in bytes
- Source/reference from which you reached the site
- Used Browser
- Operating system in use
- Used IP address
This data is not merged with other data sources. The basis for data processing is Art. 6 para. 1 letter b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures. The storage period of the server log files is 24h weeks. These data are additionally stored in log files. A concrete personal reference cannot therefore be established. This data is not stored together with other personal data.
We process this data for the following purposes:
- to provide you with this website and to further improve and develop this website;
- to be able to create usage statistics;
- to be able to recognise, prevent and investigate attacks on our website.
The legal basis for the temporary storage of this data is Art. 6 para. 1 lit. f GDPR.
The storage of the IP address for the duration of the session is necessary so that the website can be delivered to the calling computer. This data is deleted after the end of the session. Storage in log files takes place after without the collection of your IP address to ensure the functionality of the website. The data also serves us to optimize the website and to ensure the security of our IT systems.
Longer storage is only carried out to the extent necessary to investigate detected attacks on our website and, in addition, only until the end of relevant limitation periods, statutory retention periods or any legal disputes in which the data is required as evidence.
You have the possibility to subscribe to our newsletter via the newsletter provider sendinblue.This service has been checked and certified by TÜV-Rheinland with regard to its technical and organizational measures. An order data processing agreement has been concluded with the dispatch service provider in accordance with Art. 28 GDPR.
With the following information we will inform you about the contents of our newsletter, the registration, dispatch and statistical evaluation procedure as well as your rights. The legal basis for the processing of your personal data is your declaration of consent by means of a documented double-opt-in procedure (By subscribing to our newsletter and clicking the link in the confirmation e-mail, you agree to receive it and to the procedures described. After registration you will receive an e-mail, you agree to receive. After subscribing, you will receive an email asking you to confirm your registration. This confirmation is necessary to ensure that no one else can register with other people’s email addresses).
The registrations for the newsletter are protocolled in order to be able to prove the registration process according to the legal requirements. This includes the storage of the registration and confirmation time, as well as the IP address. Your data is stored exclusively on EU servers and is not stored in third countries. For more information on sendinblue’s data protection measures, you can check this page: https://de.sendinblue.com/datenschutz-uebersicht/
Statistical survey and analyses
The newsletters contain a so-called “web-beacon”, i.e. a pixel-sized file that is retrieved from the server of the dispatch service provider when the newsletter is opened. Within the scope of this retrieval, technical information such as information on the browser and your system, as well as your IP address and time of retrieval are initially collected. This information is used for technical improvement of the services. The statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked.
You can unsubscribe from the newsletter or update your settings at any time. You will find a link to unsubscribe from the newsletter at the end of each newsletter. This also automatically terminates your consent to receive the newsletter.