Mandatory information within the framework of the European General Data Protection Regulation (GDPR)
Last updated: June 2021
“Concrefy” (Concrefy B.V., Olivier van Noortweg 10, 5928 LX Venlo, the Netherlands; responsible party pursuant to GDPR) takes the protection of your personal data very seriously. For this reason, Concrefy always processes personal data in accordance with the requirements of current legal provisions, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 concerning the protection of natural persons with regard to the processing of personal data in the context of the free movement of data (“GDPR”).
“Personal data” refers to any information relating to an identified or identifiable natural person, such as name, address, email address and IP address.
II. General processing
Within the framework of data protection regulations, Concrefy is entitled to outsource the processing of your personal data in whole or in part to external service providers who act on our behalf as processors pursuant to Article 4 (8) of the GDPR. The legal basis for using this processor is legitimate interest pursuant to Article 6 (1) point (f) of the GDPR. External service providers assist us in various areas, including the technical operations and support of the website and apps, data management, provision and delivery of services, marketing and analysis of both the website and app. Umdasch Group Ventures GmbH remains responsible for the protection of the transferred data; the subcontracted service providers process your data exclusively in accordance with the instructions given by Umdasch Group Ventures GmbH and the processor contracts that have been concluded. We ensure the safety of your data with the implementation of strict contractual agreements, technical and organisational measures and supplementary controls.
If you use this website exclusively for information purposes, i.e. you do not enter any data, or transfer data in any other way, the only personal data that will be gathered is the data transferred from your browser. The following data is gathered for technical reasons, to enable that the website is displayed correctly, and to ensure its stability and security. IP address and location, date and time of visit, time zone difference to Greenwich Mean Time (GMT), query content (specific pages), access status/HTTP status code, data volume transmitted, the referral website, its operating system and interface, the language and version of your browser software, the number, duration and time of your visits, search engine used and keywords, browser type, screen size and operating system.
III. Storage period
In general, Concrefy only stores your data for as long as is required to fulfil the purpose for which your data was collected.
Personal data that has been transferred by your browser and collected by this Website (in the form of log files) during a visit to this Website solely for information purposes will generally be stored for a period of one year. Beyond this length of time, log files are only stored for the purpose of investigating irregularities or security incidents in our systems.
In all cases, Concrefy will store your data for the duration of the company’s contractual relationship with you and throughout the period of provision of services. If Umdasch Group Ventures GmbH processes the personal data of a customer’s employees, it does so under the legal basis of legitimate interest pursuant to Article 6 (1) lit. f of the GDPR. The legitimate interest in this case is to enable Concrefy and the customer to perform their business activity. Beyond this length of time, your personal data will be stored in compliance with statutory data retention periods (e.g. the 7-year data retention period required under the provisions of current Austrian business and tax laws). If required, data may be stored until potential legal claims against Concrefy become time-barred; for certain claims, the statutory limitation period can be as long as 30 years. The legal basis is Article 6 (1) point (c) of the GDPR. As soon as there are no longer any justified reasons for the continued storage of personal data, the data is either deleted or anonymised.
IV. Specific processing
When a user visits the Website, cookies will be stored on the user’s device. Cookies are small files that enable specific information about the device from which the Website was accessed (PC, smartphone, etc.) to be stored on the device. Cookies are not only used to improve the user-friendliness of websites and to help the user (e.g. by storing access data), but also to collect and evaluate statistical data relating to the use of the website in order to improve the range of services offered. Users are able to manage how cookies are used. Most browsers have an option that allows the user to restrict the storage of cookies or prevent the storage of cookies altogether. However, it should be noted that the functionalities and in particular the user-friendliness of the website are limited if cookies are disabled.
Temporary cookies are automatically deleted when you close your browser. Session cookies are the main type of temporary cookie. These store a ‘session ID’ on your device, which can assign various queries from your browser to the shared session. This allows your computer to be recognised if you visit this Website again. These session cookies are deleted when you log out or close your browser.