Privacy statement

Privacy statement Website: KE KELIT Ges.m.b.H.

The term “data processing” means any process carried out in relation to PD (personal data) such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of data (Article 4 GDPR).
The following information provides an overview of data processing by us pursuant to Article 13 et seq of the General Data Protection Regulation (GDPR), setting out details of how your PD are processed by us along with your entitlements and rights under applicable data protection law (GDPR). The manner in which data are processed in specific individual cases is determined essentially in accordance with the services agreed upon, applications and the basis in law.
As regards the website itself, please refer to the specific privacy information by clicking on this link.

Controller

KE KELIT Ges.m.b.H.
FN 79534 m, Ignaz-Mayer-Straße 17, 4020 Linz
+43(0)50 779, datenschutz@kekelit.com, www.kekelit.com

Please submit any queries or requests for information concerning data protection to the address mentioned above using the reference “Data Protection”, or send an email including “Data Protection” in the subject line.

Types and sources of personal data processed

The following PD will be processed (Article 4(1) GDPR):

  • PD received by KE KELIT from its customers within the context of the business relationship.
  • PD received by KE KELIT from its suppliers within the context of the business relationship.
  • data from publicly accessible sources (e.g. land register, register of companies, register of associations, population register, insolvency register, the media), credit reference agencies and registers of debtors (e.g. creditor protection associations).

These include:

  • customer PD (e.g. name, address, contact data, gender, function of the data subject within the customer);
  • supplier PD (e.g. name, address, contact data, gender, function of the data subject within the customer);
  • data relating to the performance of a contractual obligation (e.g. bank details);
  • information relating to financial status (e.g. data relating to creditworthiness, etc.);
  • information obtained from electronic communications with KE KELIT;
  • the results of processing generated by KE KELIT itself;
  • data required in order to comply with statutory and regulatory requirements along with other data comparable to the above-mentioned categories.

Purposes and legal bases for the processing of PD

Consent (Article 6(1)(a) GDPR):
PD are processed if and insofar as KE KELIT is granted consent in order to process PD for specific purposes. Consent may be withdrawn at any time, although the withdrawal of consent will not affect the lawfulness of PD processed prior to withdrawal.

Performance of a contract (Article 6(1)(a) GDPR):
PD are processed for the performance of a contract in relation to an order placed, including all activities necessary for its implementation and management.

Compliance with legal obligations (Article 6(1)(c) GDPR):
PD are also processed for the purpose of compliance with obligations imposed by law towards particular authorities (e.g. tax office, local health insurance fund, etc.) and in relation to the guarantee, warranty, time barring and statutory retention periods applicable to KE KELIT, and thereafter until the termination of any legal disputes in which data are required as evidence.

Balancing of interests (Article 6(1)(a) GDPR):
Where necessary, KE KELIT will process your PD after it has performed the contract in order to uphold the legitimate interests of KE KELIT or of third parties, such as in relation to market communication, training and instruction.

Marketing (Article 6(1)(a) GDPR):
KE KELIT processes your PD for the purpose of advertising its own services or sending newsletters, specialist literature, Christmas greetings and information concerning changes in the law. You have the right to object to the processing of your PD for the purposes of direct advertising.

Recipients of PD

Within KE KELIT your PD may be accessed by the employees required in order to comply with contractual, statutory and/or administrative duties and to uphold its legitimate interests. In addition, your PD may be received by data processors contracted by KE KELIT (including in particular IT and back office service providers, accountants etc.), where these data are required in order to provide the relevant service. All contracted data processors are obliged by law to treat your data in confidence and to process them only in relation to the provision of the service. In the event that a statutory obligation applies, financial authorities, criminal prosecution authorities and similar bodies may receive your PD. Your PD will only be disclosed to other third parties in order to comply with contractual or statutory duties.

Transmission of data to countries outside the EU (third countries)

This occurs if:

  • it is necessary in order to implement the order (e.g. bank transfers within payment transactions);
  • it is required by law (e.g. reporting duties under tax law); or
  • you have granted us your consent.

Duration of storage of PD

KE KELIT will process your PD (where necessary) for the duration of the entire business relationship (from the pre-contractual stage, through order handling to completion of the order) and thereafter in accordance with statutory retention and documentation duties (Austrian Commercial Code, Austrian Tax Code).
In addition, consideration must also be given to the 30-year statutory time barring periods under the Austrian Civil Code (liability, accounting).
If you have applied for a job at KE KELIT, your PD will be retained for six months.

Rights of data subjects

You can request information concerning your PD stored, the rectification, erasure or supplementation of your data, the restriction of data processing and the transfer of your data in accordance with data protection law. Data subjects may exercise all rights by sending an email to or by post. In order to do so it is necessary to identify the data subject in advance, so as to ensure that answers are provided to the actual data subject. You also have the right to complain to the Austrian Datenschutzbehörde [Data Protection Authority] as the supervisory authority should you take the view that your PD have been processed unlawfully (www.dsb.gv.at).

Duty to provide PD

Your PD must be provided within the context of the business relationship insofar as necessary in order to establish and conduct the business relationship and/or where KE KELIT is required to collect them.

Amendment of the Privacy Notice

KE KELIT reserves the right to amend the information contained in this Privacy Notice. The relevant applicable version of this information may be found at any time on our homepage.

Valid from May 2018