top of page

Privacy Policy

(Information obligation pursuant to Art. 13 GDPR)

In accordance with Art. 13 GDPR, we would like to provide you with the following information about the processing of your personal data and your rights in this regard:

Controller

Stevie GmbH

Spitalbergweg 46

9020 Klagenfurt

 

Purposes

Fulfillment of contractual obligations, fulfillment of legal obligations, safeguarding of legitimate interests of the controller, or if you give us your consent.

Organizational data processing

We carry out the following data processing operations:

Contact via email or telephone:

When you send us an email or call us, the personal data you provide will be processed for the purpose of responding to and processing your inquiry or order. Your data will either be further processed in accordance with the following processing operations or (if no offer or order results from it) deleted after 2 years.

The legal basis for the processing of personal data for the purpose of responding to or processing your inquiry is Art. 6 (1) lit. b GDPR.

Preparation of offers:

When we send you an offer, the personal data processed for this purpose, as well as your contact details, will be processed and stored on our systems.

The storage period is 3 years.

The legal basis for processing for the period until our offer is rejected is Art. 6(1)b GDPR.

The legal basis for further processing until the deletion period is Art. 6(1)f GDPR.

Order processing, communication, invoicing:

Your data (name, address, telephone number, email address, or other data provided by you) will be processed for the purpose of fulfilling the order. The documentation of the order and the invoicing (including delivery notes) will be stored for a period of 7 years.

The legal basis for the processing of personal data for the fulfillment of the contract is Art. 6(1)(b) GDPR and Art. 6(1)(c) GDPR with regard to the storage period.

Credit check

In some cases, we carry out a credit check. For this purpose, your data (name, address, possibly date of birth) will be transmitted to our information service provider.

The legal basis for the processing of personal data for the credit check is Art. 6 (1) lit. f GDPR for protection against property offenses.

Collection order to third parties

In rare cases of payment default, we commission a collection agency. For this purpose, we pass on your personal data (company name, name, address, telephone number, email address) to the relevant debt collection agency.

The legal basis for the processing of personal data for debt collection services is Art. 6 (1) (b) or Art. 6 (1) (f) GDPR.

Delivery

To deliver your order, we pass on your name, address, and telephone number to our logistics partner.

The legal basis for the processing of personal data for delivery is Art. 6 (1) lit. b GDPR.

Customer profile/customer account (web shop or customer file)

Your data (name, address, telephone number, email address, payment details, transaction data, discount information, or other data provided by you) will be processed for the purpose of order fulfillment (order, order history, invoicing). The data will be stored until your account is deleted. You can request this deletion. No automated deletion will be carried out.

Deleting your account does not affect the retention obligations in the data processing operations specified above.

The legal basis for the processing of personal data for the fulfillment of the contract is Art. 6 (1) lit. b GDPR.

Newsletter

You have the option of subscribing to our newsletter via our website. To do so, we need your email address and your declaration that you agree to receive the newsletter.

In order to provide you with targeted information or to be able to write to you in a personalized manner, we also collect and process your name and voluntarily provided information on areas of interest (or your birthday).

Once you have registered for the newsletter, we will send you a confirmation email with a link to confirm your registration.

You can cancel your subscription to the newsletter at any time by using the unsubscribe option provided at the bottom of each newsletter email. We will then immediately delete your data in connection with the newsletter dispatch.

The legal basis for the processing of personal data for the receipt of our newsletter is Art. 6 (1) (a) GDPR.

General storage period

If we have a contractual relationship with you, the data we collect will be stored in accordance with our technical and organizational security measures. If the contractual relationship with you is terminated, we undertake to minimize data, whereby our statutory retention and documentation obligations as well as the statutory limitation periods, which, for example, according to the General Civil Code, can be up to 30 years in certain cases, must be observed with regard to the storage period.

The legal basis for the processing of personal data for the duration of storage is Art. 6 (1) lit. b, c, f GDPR or, in the case of consent, Art. 6 (1) lit. a GDPR.

Categories of recipients

We transfer data to the following categories of recipients, some of which correspond to the definition of processors pursuant to Art. 28 (1) GDPR (with corresponding contracts pursuant to Art. 28 (3) GDPR):

Payroll accounting, bookkeeping, tax consulting; IT and system administration; Email, web, and ICT providers; lawyers or debt collection services; insurance companies (liability – claims settlement) or all recipient groups listed and mentioned above in the privacy policy.

Your rights as a “data subject”

As a data subject within the meaning of the GDPR, you have the following rights:

  • Right to information (Article 15 GDPR)

  • Right to rectification (Article 16 GDPR)

  • Right to erasure (Article 17 GDPR)

  • Right to restriction of processing (Article 18 GDPR)

  • Right to notification – obligation to notify in connection with the rectification or erasure of personal data or the restriction of processing (Article 19 GDPR)

  • Right to data portability (Article 20 GDPR)

  • Right to object (Article 21 GDPR)

  • Right not to be subject to a decision based solely on automated processing, including profiling (Article 22 GDPR).

If you believe that the processing of your data violates data protection law or that your data protection rights have been violated in any other way, you can lodge a complaint with the supervisory authority. In Austria, this is the Austrian Data Protection Authority, which can be found at https://www.dsb.gv.at/.

We are of course available at any time to answer your questions and provide information.

Technical operation of our website

Storage of your IP address

The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session.

The following data is collected: the browser type and version used, the user's operating system, the user's Internet service provider, the host name of the accessing computer, the date and time of access, websites from which the user's system accesses our website, and websites that are accessed by the user's system via our website.

The data is stored in log files to ensure the functionality of the website. We also use the data to optimize the website and to ensure the security of our information technology systems. The data is not evaluated for marketing purposes in this context. This data is not merged with other data sources.

The data is stored for a period of 3 months and then automatically deleted.

The legal basis for processing the IP address is Art. 6 (1) (b) GDPR. The storage of data for the above-mentioned period is subject to Art. 6 (1) (f) GDPR.

Use of cookies

Our website uses so-called “cookies”. Cookies do not harm your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective, and secure. Cookies are small text files that are stored on your computer and saved by your browser. For example, your language settings and other user preferences are stored in the cookies so that they can be retained even after you change pages.

Most of the cookies we use are so-called “session cookies.” They are automatically deleted at the end of your visit (the so-called “session”). Some cookies remain stored on your device until you delete them. They enable us to recognize your browser the next time you visit. If you do not want this, you can set your browser to inform you about the setting of cookies and only allow this in individual cases. If you deactivate cookies, the functionality of our website may be limited.

The legal basis for the processing of personal data using the cookies described is Art. 6 (1) lit. f GDPR. Our legitimate interest in data processing lies in the technically error-free and optimized provision of our services.

Cookies for marketing analyses are subject to the legality of Art. 6 (1) (a) (consent), which you give us when you first visit our site and can revoke at any time.

We use the consent tool “Real Cookie Banner” to manage the cookies and similar technologies (tracking pixels, web beacons, etc.) used and the relevant consents. Details on how “Real Cookie Banner” works can be found at <a href="https://devowl.io/de/rcb/datenverarbeitung/" rel="noreferrer" target="_blank">https://devowl.io/de/rcb/datenverarbeitung/</a>.

The legal basis for the processing of personal data in this context is Art. 6 (1) (c) GDPR and Art. 6 (1) (f) GDPR. Our legitimate interest is the management of the cookies and similar technologies used and the related consents.

The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obliged to provide personal data. If you do not provide personal data, we cannot manage your consents.

Protective measures for our website

TLS encryption with https

We use https to transmit data securely over the Internet (data protection through technology design, Article 25(1) of the GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission over the Internet, we can ensure the protection of confidential data. You can recognize the use of this data transmission security by the small lock symbol in the upper left corner of your browser and the use of the https (instead of http) scheme as part of our Internet address.

SSL/TLS encryption of email contact requests

When you use our contact forms, they are also protected by an encrypted connection.

bottom of page