Privacy policy

Fundamentals

This data protection declaration explains what information is collected and stored when you use the RiskSafe ESG Management GmbH website and how this data is subsequently protected.

The protection of personal data is a major concern for us. Data processing is carried out on the basis of the legal provisions of the GDPR, Section 96 TKG and Section 8 DSG.

Person responsible

RiskSafe ESG Management GmbH (owner Dipl.-Ing. Hans Kitzweger, MBA), based in 2325 Himberg, Krautfeldgasse 16, Tür 1, Tel: +43-664-5289908, E-Mail: office@rsiksafe-esg.com, is responsible for the website and data protection.

Hosting & Server Logs

The hosting services on which this website is based are provided by easyname GmbH, Canettistraße 5/10, A-1100 Vienna. No server logs are collected by default. easyname GmbH reserves the right to automatically store server log files with information that your browser transmits to us in the event of suspicion of illegal activities and justifies this with the legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR. 1 sentence 1 letter f GDPR. This may include the following: Browser type, operating system, referrer URL (previously visited page), host name (IP address).

The data will be deleted after 4 weeks at the latest. We reserve the right to trace any unlawful use or cyberattack. Further information can be found in the privacy policy of easyname GmbH. These can be viewed here. We have also concluded a contract for order data processing (AV). This contract regulates the scope, type and purpose of easyname GmbH’s access to data. The access options are limited only to necessary accesses that are required to fulfill the hosting services.

Cookies

This website uses cookies. These are small text files that are stored on your end device. Your browser accesses these files. The use of cookies increases the user-friendliness and security of this website. Some cookies may remain stored on your device until you delete them. Common browsers offer the setting option of not allowing cookies. Note: There is no guarantee that you will be able to access all functions of this website without restrictions if you make the appropriate settings. Here you can see which cookies are used and make your personal settings: View cookie information and edit settings

Processing and use of personal data

This privacy policy applies to websites and services that belong to RiskSafe ESG Management GmbH and are operated by us or on our behalf. We have no influence on links that originate from our services. If you contact us and/or transmit data to us, we will process it exclusively in compliance with the above-mentioned rights. You can visit our website without providing any personal information. Other personal data is collected on this website – apart from your possible explicit consent to Google Analytics (see below) – exclusively through electronic forms in which you can provide data.

Your data will be deleted after your request has been processed (within 3 months at the latest), unless you have expressly consented to the further use of your data. Personal data will not be transmitted to third parties without your specific consent. In order to provide our services that require the processing of data, we use various processors (e.g. mailing and processing companies, etc.) who have a contractual relationship with us that regulates, among other things, the obligation to protect data.

Your rights

According to the provisions of the GDPR and the Austrian Data Protection Act (DSG), you have the following rights:

  • Right to rectification (Article 16 GDPR)
  • Right to erasure (“right to be forgotten”) (Article 17 GDPR)
  • Right to restriction of processing (Article 18 GDPR)
  • Right to notification – notification obligation in connection with the rectification or erasure of personal data or the restriction of processing (Article 19 GDPR)
  • Right to data portability (Article 20 GDPR)
  • Right to object (Article 21 GDPR)
  • Right not to be subject to a decision based solely on automated processing, including profiling (Article 22 GDPR)

Google Analytics

If you consent to the creation of statistics, we use Google Analytics to analyze the use of our online offer on the basis of a pseudonymous user identification number. This identification number does not contain any unique data, such as names or e-mail addresses. This is only used to assign analysis information to an end device in order to recognize which content the users have called up during their usage processes, which search terms they have used, which they have called up again or which they have interacted with our online offer. The time of use and its duration are also stored, as well as the sources of the users who refer to our online offer and technical aspects of their end devices and browsers. Pseudonymous profiles of users are created with information from the use of various devices, whereby cookies can be used. Google Analytics does not log or store individual IP addresses for EU users. However, Analytics provides rough geographic location data by deriving the following metadata from IP addresses: City (and the city’s inferred latitude and longitude), Continent, Country, Region, Subcontinent (and ID-based counterparts). In the case of EU data traffic, the IP address data is used exclusively for this derivation of geolocation data before it is immediately deleted. They are not logged, are not accessible and are not used for other purposes. When Google Analytics collects measurement data, all IP queries are performed on EU-based servers before the traffic is forwarded to Analytics servers for processing; these services are offered by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; the legal basis is: Consent (Art. 6 para. 1 sentence 1 lit. a) GDPR).

Further information: https://marketingplatform.google.com/intl/de/about/analytics/; Privacy policy: https://policies.google.com/privacy; Data processing: https://business.safety.google/adsprocessorterms; Basis for third country transfers: EU-US Data Privacy Framework (DPF), Standard Contractual Clauses(https://business.safety.google/adsprocessorterms); Opt-out option: Opt-out plugin: https://tools.google.com/dlpage/gaoptout?hl=de

Firewall

To protect ourselves from illegal activities and access, we use a firewall from https://nintechnet.com. To identify illegal activities, IP addresses of accessing users are stored in anonymized form (IP anonymization by deleting the last digits) and evaluated using network analysis. These logs are then deleted from our server after 5 days. We justify this with the legitimate interest according to Art. 6 para. 1 sentence 1 letter f GDPR.