1. Controller
Bauboxx GmbH
Am Heumarkt 7/7/93
1030 Vienna, Austria
Managing Directors: Christian Forsterleitner, Bernhard Prokop
E-mail: office@bauboxx.com
The protection of your data is particularly important to us. You can contact us at any time using the contact details above if you have any questions, requests or withdraw your consent. In this document, you can find out more about how we use and process your personal data. We process your data exclusively on the basis of the statutory provisions (GDPR, DSG, TKG 2021).
2. Personal Data
Personal data includes all information that relates to a specific or identifiable person, such as name, address, email address, telephone number, date of birth, age, gender, photos, contract data, and potentially sensitive information like health data. Data collection and processing depend on your interactions with us—whether you visit our website, contact us, subscribe to our newsletter, or act as a customer, business partner, or supplier. Only data necessary for our services or voluntarily provided by you is collected. If you, as a customer, choose not to provide necessary data, we cannot enter into a contractual relationship.
According to Art. 14 GDPR (collection of personal data not directly from the individual), we may also process information obtained from third parties (e.g., business registers, credit agencies). This includes contact information, company roles, and creditworthiness. This processing is based on our legitimate interest in maintaining an up-to-date and complete data set for business relationships.
3. Data Processing / Legal Basis and Purposes
We collect, process, and use your personal data only when there is a legal basis in accordance with the GDPR. Legal bases include:
– Contract (Art. 6(1)(b) GDPR): For contract fulfillment or pre-contractual obligations.
– Consent (Art. 6(1)(a) GDPR): For inquiries via email or newsletter subscriptions.
– Legal obligation (Art. 6(1)(c) GDPR): e.g., tax obligations.
– Legitimate interests (Art. 6(1)(f) GDPR): e.g., ensuring website functionality and security, maintaining accurate records (see section 2), direct marketing (see section 4). Other legal bases such as public interest or vital interests rarely apply and will be stated if relevant.
4. Consent and Right of Withdrawal
Withdrawal If your consent is required for processing, we will process your data only after you have explicitly provided it. You may withdraw your consent at any time by emailing office@bauboxx.com. The legality of data processing before the withdrawal remains unaffected.
For direct marketing (newsletters, customer emails, mail), you can object to the use of your data at any time. If you object, your data will no longer be used for these purposes.
5. Data Disclosure to Third Parties
To process your request or fulfill your order, we may need to share your data with third parties (e.g., partners, lawyers, tax advisors, insurers, authorities, IT support, processors). Data sharing occurs only based on the GDPR, particularly for contract fulfillment or with prior consent. Some recipients may be located outside your country or process data there. We ensure appropriate data protection standards via EU adequacy decisions or safeguards like standard contractual clauses.
6. Cookies
This website uses “cookies” to make it more user-friendly, efficient, and secure. Session cookies are temporary and deleted after your visit. Persistent cookies remain on your device and help recognize your browser during future visits. Necessary cookies are justified by legitimate interests (Art. 6(1)(f) GDPR). Non-essential cookies are used only with your explicit consent (Art. 6(1)(a) GDPR) gathered via the cookie popup. No advertising cookies are used. You can manage cookies through your browser settings.
7. Server-Log-Files
To optimize this website, the provider collects and stores information in server log files automatically transmitted by your browser. This includes your IP address, browser, language settings, OS, referrer URL, ISP, and date/time. No merging with other data occurs. We reserve the right to check logs later if illegal use is suspected.
8. Links
External website links are provided as a service. We are not responsible for the content of these independent websites.
9. Google Analytics
This website uses Google Analytics (Google LLC, USA) to analyze website usage. It uses cookies to collect data like browser, OS, referrer URL, IP address, and timestamp. IP anonymization is active (last 8 bits deleted). Data may be transferred to the USA but only with your consent (Art. 6(1)(a) GDPR). Google LLC is certified under the EU-US Data Privacy Framework. Data is stored for a maximum of 14 months and deleted monthly thereafter.
10. Newsletter
You can subscribe to our newsletter using a double opt-in process. You can unsubscribe anytime via the link at the end of each newsletter or by contacting us via the details in section 1. We use processors for newsletter delivery under Art. 28 GDPR.
11. Data Retention / Storage Duration
We store data only as long as necessary to meet contractual or legal obligations (especially tax law) and defend against legal claims (up to 30 years). Newsletter subscribers remain in the system until they unsubscribe. Applicant data is deleted after 7 months unless permission for future consideration was granted.
12. Your Rights
You have the right to access, correct, transfer, object to, restrict, or delete your data, provided no retention obligation exists. Inform us of any changes to your data. Withdrawal of consent is possible at any time. Contact us using the details in section 1. If you believe your data protection rights are violated, you may lodge a complaint with the Austrian Data Protection Authority (Barichgasse 40-42, 1030 Vienna, dsb@dsb.gv.at).
This translation is provided for informational purposes only. The original document is based on Austrian data protection law and the General Data Protection Regulation (GDPR). In case of legal relevance, the original German version shall prevail.