1. Scope

This Privacy Policy applies to ZELLNER Personal Lösungen and all affiliated companies of ZELLNER Personal Lösungen.

2. Purpose of processing

ZELLNER Personal Lösungen processes personal data of employees, partners, customers and suppliers for the purpose of performing its business activities and fulfilling related legal and contractual requirements.
2.1 Processing of customer, partner and supplier data

ZELLNER Personal Lösungen stores and processes the personal data provided by interested parties, customers, partners and suppliers for the purpose of preparing offers and enquiries, processing orders and for fulfilling related contractual and legal obligations. In order to fulfil legal obligations, the data is also forwarded to authorities and public bodies.

2.2 Candidates

The contact data and application documents submitted as part of an application are electronically processed by us for the purpose of selecting suitable candidates for an employment relationship and forwarded to our customers for the purpose of hiring or staff recruitment.

2.3 Website & Cookies

2.3.1 IP address
When you visit our website, information is automatically stored on the web server. This includes the browser used, the operating system used, which page referred you to our website, the IP address, the time of access and other information. These data are pseudonymised from the view of ZELLNER Personal Lösungen and cannot be assigned to unique persons without additional sources of data.
ZELLNER Personal Lösungen does not analyse these data as long as there is no unlawful use of the website.

2.3.2 Google-Analytics
Our website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to enable analysis of how you use the website. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activities for website operators and providing them other services relating to website activity and internet usage. Google may also transfer this information to third parties where legally required to do so or where such third parties process the information on Google’s behalf. Under no circumstances will Google associate your IP address with other Google data. You may refuse the installation of cookies by selecting the appropriate settings in your browser, however please note that if you do this you may not be able to use the full functionality of this website. By using our website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

3. Principles of processing personal data

The processing of personal data is based on strict principles which consider the protection and security of data and the rights of data subjects as the highest priority.

Lawfulness & transparency
Data processing is carried out in a lawful manner, in good faith. When the data are collected, the data subject is informed about the planned processing and handling of the data. This means that data subjects are at minimum informed about the following:
• Controller of processing
• Purpose of processing
• Legal basis of processing

Purpose limitation
Data is collected and processed for specified, clear and legitimate purposes. The data will not be processed in a manner incompatible with these purposes.

Data minimisation
Only those data are collected and processed that are absolutely necessary for the stated purposes. If it is possible to achieve the purpose and the effort is reasonable, only anonymous data will be processed.

Storage limit and deletion
Personal data is deleted as soon as the purpose for which it was originally collected expires and legal retention periods do not prevent deletion.
If in individual cases there are interests worthy of protection in these data, they will continue to be stored until the interest worthy of protection has been legally clarified.

Data security
Data secrecy applies to personal data. The data is to be treated confidentially and is protected by appropriate organisational and technical measures against unauthorised access, unlawful manipulation or disclosure as well as loss and destruction.

Factual correctness
Personal data must be kept correct, complete and up-to-date. Appropriate measures are taken to correct outdated, incorrect or incomplete data.

4. Obligation to observer data secrecy

All ZELLNER Personal Lösungen employees and the employees of affiliated companies are contractually bound to maintain confidentiality and are regularly informed and trained in the secure handling of personal and other critical data.

5. Data security

The protection of confidentiality, availability and integrity of data is an essential task of ZELLNER Personal Lösungen. This applies in equal measure to trade secrets, customer data, personal data and other critical information. To this end, technical and organisational security measures are established and continuously improved in accordance with the state of the art and internationally recognised best practices and security standards.

6. Contact person

ZELLNER Personal Lösungen is not required to appoint a data protection officer, since Article 37, para. 1 of the GDPR is not applicable.

In accordance with the importance of data protection, ZELLNER Personal Lösungen has decided to voluntarily appoint a contact person to deal with any enquiries on this subject. This person is available to data subjects and the data protection authority as a point of contact and deals with data protection issues within the group of companies.
The contact person for ZELLNER Personal Lösungen and all affiliated companies is:

Andrea Berger
ZELLNER Personal Lösungen GmbH
Franz-Josefs-Kai 53/2-3, 1010 Vienna
E-mail: datenschutz@personal-zellner.at

7. Rights of the data subject

Every data subject whose personal data is processed by ZELLNER Personal Lösungen has the option at any time to invoke the data subject’s individual rights and to assert them with ZELLNER Personal Lösungen’s contact data protection officer.

To exercise your rights as a data subject, you may contact us at any time by writing to  datenschutz@personal-zellner.at 

Information
Data subjects may at any time request information as to which personal data relating to them are being processed and the purposes of such processing.

Rectification
Data subjects have the right to request the immediate rectification of incorrect personal data relating to them.

Restriction
Data subjects have the right to have processing restricted if the accuracy of the data relating to them is disputed, if processing is unlawful, if the data are no longer needed for processing or if the data subjects have objected to processing.

Revocation
Data subjects have the right to object at any time to the processing of personal data relating to them.

Portability
Data subjects have the right to receive the personal data relating to them, which they have provided to ZELLNER Personal Lösungen, in a structured, commonly used and machine-readable format. They also have the right to request the transfer of this data to another responsible person, if technically feasible.
Portability applies only to personal data processed using automated procedures.

Erasure – the right to be forgotten
Data subjects have the right to request the immediate erasure of personal data relating to them if the legal basis for processing the data is missing or has ceased to exist, if data processing is objected to, if data processing is unlawful and if no legal retention periods make erasure impossible. Data security also has a high priority with regard to the rights of data subjects, which is why the assertion of data subject rights is only possible after the data subject has been identified beyond doubt.
They also have the right to lodge a complaint with the data protection authority at any time.

8. Data transfer

Personal data will only be transferred to recipients outside the group of companies and recipients in third-party EU countries in accordance with applicable laws and on a lawful basis and in compliance with the highest level of confidentiality and data security.
An exchange of personal data between the companies of ZELLNER Personal Lösungen takes place within the scope of group-wide processing. These exchanges are governed by contracts for joint processing and by contract processing agreements.
For processing, ZELLNER Personal Lösungen also makes use of a variety of data processors. All data processors are contractually bound by a data processor agreement to comply with the legally applicable data protection regulations.

9. Continuous control and improvement

The continuous improvement of quality and processes has a very high priority at ZELLNER Personal Lösungen.

Compliance with data protection guidelines and applicable legislation and the effectiveness of data protection and data security measures are continuously measured and improved in order to ensure that data protection measures are carried out in the most efficient manner.

Link to the Austrian Data Protection Authority – https://www.dsb.gv.at/