Data privacy of Neuroth International AG
Submit data protection requestStatus: 27th of December 2024
1. General information
The protection of your personal data is of particular concern to us. We process your personal data exclusively on the basis of the statutory provisions (GDPR, DSG, TKG 2003).
We process information about you in order to provide our website, process the sale of our goods and provide our services.
We are happy to inform you about the processing of your personal data and the claims and rights to which you are entitled under the data protection regulations in the context of the data protection declaration.
The masculine form used in this declaration for better readability always refers to both genders.
Responsible for the processing of your personal data is
Neuroth International AG Paula-Neuroth-Straße 1 AT-8403 Lebring-St. Margarethen E-mail: [email protected] Phone no.: 00800 8001 8001
If you have any complaints, questions or suggestions on the subject of data protection, please do not hesitate to contact us at any time at the e-mail address [email protected]. You can also reach our data protection officer at this e-mail address.
2. Data processing in the context of the use of our website
2.1 General information
When you visit our website, we collect data about the use of our website through logs, cookies and pixels. We need some of this data to make our website available to you, while other data is used to improve this website and your user experience. We always collect data that we use to improve our website on a voluntary basis, i.e. only after you have consented to its use.
The web server for the operation of our website is technically operated by azedo IT Consulting & Services KG, Am Köberlgrund 27, 8054 Seiersberg-Pirka as a processor.
Please read the following data protection information. Please note that you can prevent the storage of cookies yourself and delete cookies that have already been set at any time if you wish. If necessary, you can also make use of your options to prevent or restrict the use of data and data processing by third parties.
a) Logs
Our web server collects so-called server logs, i.e. log files that are automatically created by a web server and document access to our website. The user data collected in this way can be used to prevent and analyse attacks.
b) Cookies
You can view and change your data protection/cookie settings at any time by clicking on the round button at the bottom right of this page.
A cookie is a data file that - if your browser settings allow it - is stored by us on your computer when you visit our website or perform certain actions. The cookie contains information that we have sent to your computer and stores certain settings and data for exchange with our system via your browser.
We use so-called session cookies, which are stored during your visit to our website and are deleted when you end your browser session. We also use permanent cookies, which remain on your computer or end device even after the end of a browser session. The permanent cookie contains an identification number with which we can identify your computer. This enables us to improve our services if you visit our website repeatedly. It is not possible for us to assign personal data to this identification number.
We also use cookies from us (first-party cookies) or from third-party providers (third-party cookies).
We process data via our cookies on the following legal bases and for the following purposes:
Cookies that are absolutely necessary for the functioning of our website are used on the basis of our legitimate interest (operation of the service and improvement of the website). We use all other cookies (e.g. for marketing purposes) on the basis of your consent (see sections 2.3, 2.4, 2.5).
The cookies that are absolutely necessary for the functioning of our website (technically essential cookies) can be found in the data protection settings in the ‘Essential’ category.
If you do not wish to use cookies, please set the cookie handling in the security settings of your browser accordingly. You will find the setting option in the most common browsers in the ‘Tools’ menu under ‘Settings’ or ‘Internet options’ and the ‘Privacy’ tab. You can also use these settings to delete cookies that have already been set.
To prevent third-party cookies from being set, you can block third-party cookies in your browser. Here you will find instructions for the most common browsers:
Firefox: here Chrome: here Internet Explorer: here Safari: In Apple's Safari, third-party cookies are blocked by default.
You can also go to http://www.youronlinechoices.com/uk/your-ad-choices to analyse which cookies are used on your computer and deactivate them individually or as a whole. This is an offer from the European Interactive Digital Advertising Alliance.
Withdrawing your consent does not affect the lawfulness of the processing of data that took place before you withdrew your consent.
Please note that certain cookies are necessary to ensure basic website functions. Some pages of our website may not function properly if you do not accept cookies.
You can find more information on the individual cookies below from the providers we use.
c) Counting pixels
Tracking pixels are small image files that are integrated into our website and enable us to analyse your user behaviour. The use of tracking pixels is based on your consent.
2.2. Data Processing for the Operation and Security of Our Website:
a) Server Logs
Purpose of Processing: When you access our website, the web server collects usage data (so-called server logs). The collection of this data is necessary to technically enable the connection to our server and the use of the website. Additionally, this data is used to prevent and analyse attacks.
The following server logs are collected: The IP address of the requesting device, along with the date, time, request, which file is requested (name and URL), the amount of data transferred to you, a message indicating whether the request was successful, identification data of the browser used and the operating system used, as well as the website from which the access was made (if the access was made via a link).
Legal Basis of Processing: The processing of your data is based on our legitimate interest in ensuring the operation of the service and system security.
Recipients of the Data: The web server for the operation of our website is technically operated by the IT service centre of azedo IT Consulting & Services KG, Am Köberlgrund 27, 8054 Seiersberg-Pirka as a processor. The data from the server logs will be passed on to law enforcement authorities in the event of a hacker attack. There is no further transfer to third parties.
Further Information: The server logs are stored for a maximum of 7 days.
2.3. Data Processing for the Improvement of Our Services:
a) Web Analysis by Google Analytics
If you have given your consent, we process data about your use of our website via the Google Analytics tool in order to be able to customise it to your interests in the best possible way. Google Analytics is a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (‘Google’).
Purpose of processing: Google Analytics uses tracking pixels and cookies that are stored on your computer to enable us to analyse your use of the website. Tracking pixels are small scripts that are integrated into our website and enable us to analyse your user behaviour. The use of tracking pixels is based on your consent.
Google Analytics stores the cookies in order to recognise you and subsequently create personalised user statistics about your website activities. This means that Google uses the information on our behalf so that we can analyse your user behaviour and your visits to our website.
Additionally, we have activated Google’s “anonymize IP” module. This means that your assigned IP address is anonymised by Google within the European Union. Therefore, your IP address is shortened/anonymised by Google as soon as Google receives your IP address. The IP address transmitted by your browser within the scope of Google Analytics is not merged with other data from Google.
Google Analytics stores cookies on your device. You can find information about the cookies stored by Google Analytics in the data protection settings.
Google Analytics stores cookies on your device. You can find information on the cookies stored by Google Analytics in the privacy settings.
Legal basis for processing: Your data is processed on the basis of your consent. Your consent is collected via the cookie banner on our website. You can revoke your consent at any time revoke here.
Recipient of the data: The information generated by the cookie about your use of the website will generally be transmitted to and stored by Google on servers in the United States. The appropriate level of protection for the transfer results from standard contractual clauses in accordance with Art 46 GDPR, which we have concluded with Google. As the United States is a third country in which there is no adequate level of data protection, there is still a risk to the protection of your data. Further information on the standard contractual clauses and suitable or appropriate safeguards can be found at https://privacy.google.com/businesses/processorterms/
Google acts as a processor for us and may only use the transmitted data to process the specific orders and is contractually obliged to comply with the statutory data protection regulations.
Further information: You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the websites (including your anonymised IP address) and from processing this data by Google by downloading and installing the browser plug-in available at the following link (http://tools.google.com/dlpage/gaoptout?hl=de).
b) Google Conversion Tracking, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (‘Google’).
Purpose of processing: This website uses Google Ads. Ads is an online advertising programme of Google Ireland Ltd, Gordon House, Barrow Street Dublin 4 IE (‘Google’). As part of Google Ads, we use so-called extended conversion tracking. This requires consent, which you can object to.
Extended conversions are a function that supplements existing conversion tags. This allows conversion data collected on the website itself to be sent to Google in encrypted form.
When a conversion is carried out on a website, user data such as a name, an email address or a postal address is collected in most cases. This can be recorded and hashed in your conversion tracking tags. The data is encrypted with a one-way hash algorithm SHA256 for this purpose. The hash values of your user data are then transferred to Google and used to improve your conversion measurement.
If consent mode accepts the cookie banner, the tracking tags work as usual and record the assigned conversions and click information and the above-mentioned service is used on the basis of Art. 6 para. 1 lit. a GDPR. In the event of cookie refusal, the consent mode only sends ping information. The so-called pings work without cookies. They may contain information such as the timestamp and the referrer URL. No personally identifiable information is stored. In addition, Consent Mode can use the pings to compare the opt-in and opt-out rates. This information is then used to model conversions of users who have declined the cookie banner.
This means that if you click on an advert placed by Google, a cookie is set for extended conversion tracking. These cookies lose their validity after 30 days and are not used to personally identify users.
eder Google Ads-Kunde erhält ein anderes Cookie. Die Cookies können nicht über die Websites von Ads-Kunden nachverfolgt werden. Die mithilfe des Conversion-Cookies eingeholten Informationen dienen dazu, Conversion-Statistiken für Ads-Kunden zu erstellen, die sich für Conversion-Tracking entschieden haben. Die Kunden erfahren z.B. die Gesamtanzahl der Nutzer, die auf ihre Anzeige geklickt haben und zu einer mit einem Conversion-Tracking-Tag versehenen Seite weitergeleitet wurden. Sie erhalten jedoch keine Informationen, mit denen sich Nutzer persönlich identifizieren lassen. Wenn Sie nicht am Tracking teilnehmen möchten, können Sie dieser Nutzung widersprechen, indem Sie das Cookie des Google Conversion-Trackings über ihren Internet-Browser unter Nutzereinstellungen leicht deaktivieren. Sie werden sodann nicht in die Conversion-Tracking Statistiken aufgenommen.
Mehr Informationen zu Google Ads und Google enhanced Conversion-Tracking finden Sie in den Datenschutzbestimmungen von Google: https://policies.google.com/privacy?hl=en.
Legal basis for processing: All processing described above, in particular the setting of cookies for reading information on the terminal device used, will only be carried out if you have given us your express consent to do so in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future by deactivating this service in the ‘cookie consent tool’ provided on the website.
Recipient of the data: The information generated by the cookie about your use of the website will generally be transmitted to and stored by Google on servers in the United States. The appropriate level of protection for the transfer results from standard contractual clauses in accordance with Art 46 GDPR. Further information on the standard contractual clauses and suitable or appropriate safeguards can be found at https://policies.google.com/privacy/frameworks und https://privacy.google.com/businesses/controllerterms/mccs/.
c) Re-targeting/remarketing
We use the retargeting/remarketing functions of Google Analytics, a web analysis service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (‘Google’) on our website.
Purpose of processing: Google uses cookies, which are stored on your computer and enable your use of this website to be analysed. Google will use this information for the purpose of analysing your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Third-party providers, including Google, place adverts on websites on the Internet. Third-party providers, including Google, use stored cookies to place adverts based on a user's previous visits to this website. Google will not associate your IP address with any other data held by Google.
Google Analytics / Google Ads stores cookies on your device. You can find information about the cookies that Google Analytics / Google Ads stores in the privacy settings.
Legal basis for processing: Your data is processed on the basis of your consent. Your consent is collected as part of the cookie banner on our website.
Recipient of the data: The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. The IP address is then shortened by Google by the last three digits, so that it is no longer possible to clearly assign the IP address. The appropriate level of protection for the transmission results from standard contractual clauses in accordance with Art 46 GDPR. Further information on the standard contractual clauses and suitable or appropriate safeguards can be found at https://privacy.google.com/businesses/processorterms/ Google acts as a processor for us and may only use the transmitted data to process the specific orders and is contractually obliged to comply with the statutory data protection regulations.
Further information: You can object to the collection and storage of data at any time with effect for the future. You can deactivate the use of cookies by Google by visiting the page for deactivating Google advertising. However, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent. Further information on Google's provisions can be found here.
d) Jentis Tag Manager
Purpose of Processing: Our website uses the Jentis Tag Manager service (a service of Jentis GmbH, Schönbrunner Straße 231, A-1120 Vienna) for the purpose of website optimisation, i.e., simplified and clear integration of analysis and advertising services. The IP address is anonymised by Jentis (by omitting the last octet). Due to the anonymisation, personal reference within the meaning of the GDPR is removed. Jentis also sets a continuous ID that does not establish a personal reference. This information is stored in a browser cookie.
Legal Basis of Processing: The legal basis for the server-side transmission of browser data synthetically generated by the JENTIS server, such as the client ID without IP address, to third-party servers, i.e., the pseudonymous analysis of user behaviour, is Art. 6 para. 1 lit. f GDPR (legitimate interest). For technical reasons, for IT security purposes, to fulfil user interests, and for the economic operation of our online offering, this is absolutely necessary.
Further Information: More information on data processing by Jentis can be found at: https://www.jentis.com/en/privacy-policy/.
e) CrossEngage
Purpose of Processing: As a customer data and engagement platform, we use the CrossEngage service from CrossEngage GmbH, Bertha-Benz-Straße 5, 10557 Berlin, Germany. The service helps us improve our offering.
Legal Basis of Processing: The processing of your data is based on our legitimate interest.
Recipients of the Data: The data is not passed on to third parties. The only exception is the processor. The data centres of the processor are located in the European Union.
CrossEngage GmbH, Bertha-Benz-Straße 5, 10557 Berlin, Germany acts as a processor for us in relation to this data storage. In matters of data protection, their data protection officer can be reached at:
CrossEngage Data Protection Officer Bertha-Benz-Straße 5 10557 Berlin Germany
Storage Duration: Your data will be stored as long as necessary to achieve the purpose or until you withdraw your consent, whichever occurs first.
Further Information: The data protection provisions of the data processor can be found here.
2.4 Data processing in the CRM system Salesforce Sales Cloud (Salesforce)
Purpose of data processing: We process your personal data in our CRM system to respond to your contact enquiries, to maintain our customer and prospective customer relationships (CRM), to manage our business relationships and for marketing and sales purposes. Our group-wide CRM system is intended to improve the results in marketing and sales and to support sales, service, marketing and maintenance of our customer and prospective customer relationships.
We work with the cloud-based CRM solution ‘Salesforce Marketing Cloud’ from the provider SFDC Ireland Ltd, Salesforce Tower Dublin, North Dock, Dublin 1, D01 W2Y3, Ireland (hereinafter referred to as ‘Salesforce’) for the technical provision and hosting of our group-wide CRM system. The order processing agreement required under data protection law was concluded with the provider Salesforce on the basis of the currently valid standard contractual clauses. In addition, Salesforce Inc. is certified in accordance with the Data Privacy Framework. Proof of this can be found in the US Department of Commerce's list of voluntarily certified US companies. Salesforce also has so-called Binding Corporate Rules (BCR), i.e. binding internal company regulations that legitimise internal data transfers to third countries outside the EU/EEA. Details can be found here:
https://www.salesforce.com/de/blog/2020/07/die-binding-corporate-rules-von-salesforce-erfuellen-hoechste-da.html.
For further information on Salesforce, please refer to https://www.salesforce.com/de/.
Neuroth International AG, as a licensee of Salesforce, acts for us as a service provider for the companies of the Neuroth Group (see Annex***) in order to be able to offer the technical solution of the CRM system to its affiliated companies. The respective Neuroth company is free to decide whether to use or utilise the service. On our behalf, all personal data is stored or processed on a certified server of our service provider Salesforce exclusively within the EU / EEA.
The CRM system enables us to manage existing and potential customers and interested parties in order to organise our sales and communication channels with both private and B2B contacts. Our CRM system provides us with semi-automated support in analysing our processes and organising our customer contacts and B2B contacts.
Our CRM system serves as a group-wide central platform for maintaining our customer and supplier master data. The CRM system regularly transfers encrypted master data to other Neuroth Group IT systems via secure interfaces in order to keep the databases in the systems synchronised. However, only the data requested by the receiving system is transferred.
In addition, our CRM system is used to record and manage contacts with potential purchasing interest, i.e. prospective buyers of products from Neuroth Group companies are recorded, qualified, distributed to our employees in the respective local country organisation and followed up using our CRM system.
Information about our contacts is stored centrally in our CRM system and linked to other information (e.g. contacts, opportunities). In addition, contacts and activities (e.g. sending newsletters, offers, discussions with the respective contact, etc.) are stored. ) are stored.
The processed data is collected exclusively directly from you via the following channels: our websites, contact forms offered, at trade fairs and via direct telephone or e-mail contact with us and is stored, analysed, assigned to the responsible employee of a Neuroth Group company and used to contact you for the above-mentioned purposes.
If you provide us with so-called particularly sensitive personal data in our communication with you and in contact forms, we assume that you provide us with such information voluntarily. We understand this action as consent to processing for the purpose of carrying out the customer relationship and that you allow us to store this information in our CRM system.
Access to our CRM system takes place within the framework of the existing authorisation concept following separate registration and authorisation checks. The data in the CRM system can only be read and processed by a strictly limited group of authorised employees throughout the Group. The limited number of authorised users of Neuroth International AG have access to your personal data to the extent necessary to process your data in the CRM system in accordance with the above-mentioned purposes or to be able to answer your contact enquiries. Authorisations are granted on a need-to-know basis. Your data will not be passed on to third parties outside the Neuroth Group.
We would like to point out at this point that some recipients or companies of the Neuroth Group are located in third countries (including Serbia, Bosnia-Herzegovina). Safeguarding takes place via internal group agreements in order to ensure an appropriate level of data protection.
Legal basis for data processing: The use of our group-wide CRM system is based on Art. 6 para. 1 lit. f) GDPR. We have a legitimate interest in targeted and efficient administration and communication with our customers, business partners and interested parties in Neuroth Group products.
The collection of your personal data via contact forms, at events and trade fairs, via online campaigns or through direct contact is regularly based on your consent in accordance with Art. 6 para. 1 lit. a) GDPR.
If the contact by our customers or interested parties is aimed at the conclusion of a contract for the purchase of Neuroth Group products, the legal basis for the processing is Art. 6 para. 1 lit. b) GDPR.
2.5 Data processing in the context of Microsoft Advertising
Purpose of processing: Our website uses the Microsoft Advertising service. Microsoft Advertising is an online advertising programme of Microsoft Ireland Operations Limited (One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521). (‘Microsoft’). We use Universal Event Tracking (UET) within the Microsoft Advertising service to collect and store data on this website for marketing and optimisation purposes. For this purpose, your surfing behaviour on our website is analysed, e.g. which offers you have viewed. Microsoft stores a cookie in your browser for this purpose.
Legal basis for processing: Your data is processed on the basis of your consent. Your consent is obtained via the cookie banner on our website (you will also find a link under 2.b) Cookies). By consenting to the use of cookies in accordance with Article 6(1)(a) GDPR, you also accept Microsoft's privacy policy.
Recipient of the data: Microsoft stores a cookie in your browser while you are browsing. This cookie is used to record your visits. The cookie is used to uniquely identify your web browser and not to identify you personally. Microsoft processes the data collected about you on this website as the sole controller under data protection law. In this context, your data may be transferred to Microsoft's servers in the USA. The appropriate level of protection for the transfer results from standard contractual clauses in accordance with Art 46 GDPR, which we have concluded with Microsoft. Since the United States is a third country in which an adequate level of data protection only exists under special conditions, there is still a risk to the protection of your data, even if Microsoft is a certified participant in the EU-US Privacy Framework. In this respect, the information in section 2.5.2 of this privacy policy also applies.
Further information: Microsoft Ireland Operations Limited (One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521) is responsible for data processing. You can deactivate the use of cookies by Microsoft and thus revoke the consent you have given us for the use of the Microsoft Advertising service under cookie settings in our consent management by deselecting the category ‘Cookies for marketing purposes’ or refuse consent to the use of Microsoft Retargeting by following the following link: http://choice.microsoft.com/de-DE/opt-out. However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.
2.6. Data Processing in the Context of Meta
a) Meta pixel with extended data synchronisation: Within our online offering, we use the ‘Meta Pixel’ service of the following provider in extended data synchronisation mode: Meta Platforms Ireland Limited, 4 Grand Canal Quare, Dublin 2, Ireland (‘Meta’)
Purpose of processing: If a user clicks on an advert placed by us on Facebook or Instagram, ‘Meta Pixel’ is used to add a parameter to the URL of our linked page. This URL parameter is then entered in the user's browser after redirection by a cookie that our linked page sets itself. In addition, this cookie collects specific customer data, such as the email address, which we collect on our website linked to the Facebook or Instagram ad during processes such as purchase transactions, account logins or registrations (‘extended data synchronisation’). The cookie is then read and enables the data, including the specific customer data, to be transmitted to Meta.
We use ‘Meta Pixel’ with advanced data matching to make our adverts (so-called ‘Ads’) on Facebook and/or Instagram more effective and to ensure that they correspond to the interests of users or have certain characteristics (e.g. interests in certain topics or products determined on the basis of the websites visited), which we transmit to Meta (so-called ‘Custom Audiences’).
In addition, we analyse the effectiveness of our advertisements by tracking whether users were redirected to our website after clicking on an advertisement (conversion). Compared to the standard version of ‘Meta Pixel’, the extended data synchronisation function helps us to better measure the effectiveness of our advertising campaigns by recording more associated conversions.
All transmitted data is stored and processed by Meta so that an assignment to the respective user profile is possible and Meta can use the data for its own advertising purposes in accordance with Meta's data usage guidelines (https://www.facebook.com/about/privacy/). The data may enable Meta and its partners to place adverts on and off Facebook.
b) Facebook Custom Audiences, a web analysis service provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Purpose of Processing: We use the Custom Audiences function from Facebook on our website, specifically the “Custom Audiences from File” procedure. In this process, your email address, as a recipient of a newsletter, is uploaded to Meta in an encrypted form. This helps us determine the recipients of our Facebook advertisements and ensure that the ads are only shown to interested parties. We have no influence on the amount, quality, or storage duration of the transmitted data. Meta may pass your data on to third parties. You can deactivate Facebook Custom Audiences by logging into your Facebook account and adjusting the settings at the following link: https://www.facebook.com/settings/?tab=ads#.
c) Facebook Retargeting Functions: We use Facebook retargeting functions on our website. With these functions, we can present you with interest-based advertisements on other websites and evaluate which websites you have visited, which content you were interested in, and which offers you have used.
Meta/Facebook stores cookies on your device. You can find information about the cookies stored by Meta/Facebook in the data protection settings.
Legal Basis of Processing: All processing described above, in particular the setting of cookies for reading information on the terminal device used, will only be carried out if you have given us your express consent to do so in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future by deactivating this service in the ‘cookie consent tool’ provided on the website.
We have concluded an order processing contract with the provider, which ensures the protection of the data of our website visitors and prohibits unauthorised disclosure to third parties.
The information generated by Meta is usually transferred to a Meta server and stored there; in this context, it may also be transferred to servers of Meta Platforms Inc. in the USA.
For data transfers to the USA, the provider has joined the EU-US Data Privacy Framework, which ensures compliance with the European level of data protection on the basis of an adequacy decision by the European Commission.
Recipients of the Data: By using the Facebook Pixel, Meta is informed of your visit to our website so that visitors can see relevant ads on Facebook. If you have a Meta account and are logged in, your visit to this website will be associated with your Meta user account. The transmission of your data occurs based on your consent.
Further Information: You can prevent the use of cookies by adjusting your browser software settings or change your ad settings in Facebook at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen, for which you need to be logged in. You can also disable interest-based advertising on the following sites: http://www.aboutads.info/choices and http://www.youronlinechoices.com/uk/your-ad-choices/.
Additionally, you can prevent the use of cookies for reach measurement and advertising purposes through the Network Advertising Initiative’s offer, which you can access here: http://optout.networkadvertising.org/ or here: http://www.aboutads.info/choices. Alternatively, you can also prevent this via this website: http://www.youronlinechoices.com/uk/your-ad-choices/. Additionally, you have the option to object to the use of cookies via our cookie banner, which is displayed to you when you first visit our website.
Meta Ireland and the site operator are jointly responsible for the processing of your data, which is processed to create page insights in connection with a visit or other interaction with a page or its associated content, within the meaning of Article 26 GDPR. The following applies:
For more information about Facebook Pixel and the exact scope and purpose of data processing, please refer to Meta’s privacy policy at https://www.facebook.com/policies/cookies.
2.5. Data Processing in the Context of Pinterest
We use the marketing tool “Pinterest Tag” from Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland, on our website.
Purpose of Processing: This technology analyses your visit to our website and allows us to measure the effectiveness of our Pinterest ads. With the help of the pixel, information about the browsing behaviour of website visitors can be collected, stored, and evaluated in a pseudonymised form. The information can be assigned to the user with the help of further information that Pinterest has stored about the user, for example, due to the ownership of an account on the social network “Pinterest”.
Recipients of the Data: When you visit our website, data is not automatically transmitted to Pinterest. By using the Pinterest Pixel, Pinterest is informed of your visit to our website so that visitors can see relevant ads on Pinterest. If you have a Pinterest account and are logged in, your visit to this website will be associated with your Pinterest user account. The transmission of your data occurs based on your consent. Pinterest transmits data to recipients outside the EEA in certain cases. The appropriate level of protection for the transfer outside the EEA is ensured by standard contractual clauses pursuant to Art 46 GDPR. Further information on the standard contractual clauses and appropriate or suitable safeguards can be found here.
Legal Basis of Processing: The processing of your data is based on your consent.
Further Information: You can prevent the use of cookies by adjusting your browser software settings or change your ad settings in Pinterest, for which you need to be logged in. Further information on data processing by Pinterest can be found here.
2.8. LinkedIn Insight Tag
Purpose of processing: This website uses the Insight tag from LinkedIn. The provider of this service is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
With the help of the LinkedIn Insight Tag, we receive information about visitors to our website. If a website visitor is registered with LinkedIn, we can, among other things, analyse the key professional data (e.g. career level, company size, country, location, industry and job title) of our website visitors and thus better tailor our site to the respective target groups. We can also use LinkedIn Insight Tags to measure whether visitors to our websites make a purchase or take another action (conversion measurement). Conversion measurement can also be carried out across devices (e.g. from PC to tablet). LinkedIn Insight Tag also offers a retargeting function that we can use to display targeted advertising to visitors to our website outside the website, whereby, according to LinkedIn, no identification of the advertising addressee takes place.
LinkedIn itself also collects log files (URL, referrer URL, IP address, device and browser properties and time of access). The IP addresses are shortened or (if they are used to reach LinkedIn members across devices) hashed (pseudonymised). The direct identifiers of LinkedIn members are deleted by LinkedIn after seven days. The remaining pseudonymised data is then deleted within 180 days.
The data collected by LinkedIn cannot be assigned to specific individuals by us as the website operator. LinkedIn will store the personal data collected from website visitors on its servers in the USA and use it for its own advertising purposes. Details can be found in LinkedIn's privacy policy at https://www.linkedin.com/legal/privacy-policy#choices-oblig
Legal basis: If consent has been given by the user, the above-mentioned service is used exclusively on the basis of Art. 6 para. 1 lit. a GDPR. Consent can be revoked at any time. If consent has not been obtained, this service is used on the basis of Art. 6 para. 1 lit. f GDPR; our company as the website operator has a legitimate interest in effective advertising measures including social media.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://www.linkedin.com/legal/l/dpa
You can object to the analysis of usage behaviour and targeted advertising by LinkedIn at the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
Furthermore, LinkedIn members can control the use of their personal data for advertising purposes in their account settings. To prevent LinkedIn from linking data collected on our website to your LinkedIn account, you must log out of your LinkedIn account before visiting our website.
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract prescribed by data protection law, which guarantees that it processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
2.9. Data Processing in the Context of Our Social Media Activities
2.9.1 We operate social media pages such as YouTube, LinkedIn, Pinterest, etc.
When you visit our social media presence, personal data, including the IP address, is processed by the respective provider, and cookies are used for data collection. Please refer to the privacy policy of the respective service for the exact information transmitted. There you will also find information on contact options and various settings.
2.9.2 Data Processing in the USA
For services with a US connection, the collected data is usually sent to a server in the USA and stored there. If this is the case, we will point this out separately in this privacy policy. We have no influence or control over the type and scope of the data processed by these services, the type of processing and use, or the transfer of this data to third parties. Please refer to the exact descriptions in the privacy policies of the respective providers for options to restrict the processing of this data in the respective settings of these services.
The GDPR requires so-called appropriate safeguards pursuant to Art. 46 GDPR for data transfers to a third country or an international organisation.
The European Commission has adopted an adequacy decision for the EU-US Data Privacy Framework. The decision establishes that the USA ensures an adequate level of protection – comparable to that of the EU – for personal data transferred from the EU to US companies within the new framework. Based on the new adequacy decision, personal data can be safely transferred from the EU to certified US companies without the need for additional data protection safeguards.
For data processing by US data recipients who are not certified under the EU-US Data Privacy Framework or the Privacy Shield, the following risks cannot currently be excluded for you as the data subject:
By consenting to the processing of (advertising and marketing) cookies, you explicitly consent to the transfer of data to the USA. You can remove cookies stored on your PC at any time by deleting the temporary internet files.
Legal Basis: Art. 6 para. 1 lit. a GDPR, consent.
2.10. Other Third-Party Providers
To improve our website, we use the following third-party providers:
a) Typeform, a survey service provided by TYPEFORM S.L., Carrer Bac de Roda, 163, 08018 Barcelona, 1–2, Spain (“Typeform”). We use Typeform to enhance our users’ experience with attractively designed surveys and to collect contact information via the contact form. Typeform collects access data (IP address) and input data. We collect the data you enter into the form and technical data necessary for the technical functioning and maintenance of our service.
The legal basis for the use of Typeform is Art. 6 para. 1 lit. f GDPR (legitimate interest). The processing of your data is based on our legitimate interest in ensuring the operation of this service and its system security and improving the handling of inquiry responses. Typeform acts as a processor for us and may only use the transmitted data to process specific orders and is contractually obliged to comply with legal data protection regulations. The technical infrastructure of Typeform is hosted by Amazon Web Services (AWS). The appropriate level of protection for the transfer of data to the USA is ensured by standard contractual clauses pursuant to Art 46 GDPR.
Further information on Typeform’s data protection provisions and the standard contractual clauses and appropriate or suitable safeguards can be found at https://admin.typeform.com/to/dwk6gt and https://help.typeform.com/hc/en-us/articles/360029259552-Security-at-Typeform. The stored data will be kept on the servers of TYPEFORM S.L. until the purpose for processing ceases to apply.
b) Google Maps, a map service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). By integrating Google Maps, we can display Google’s map service directly on our website and enable you to use the map function. By integrating Google Maps, data can be sent to and possibly used by Google.Google Maps stores cookies on your device. You can find information about the cookies stored by Google Maps in the data protection settings.
Further information on Google Maps and the exact scope and purpose of data processing by Google can be found in the privacy policy of Google Inc. at https://policies.google.com/privacy. The entity responsible for data processing at the recipient is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
2.11. Data Processing for Marketing Purposes:
2.11.1. Data Processing in the Context of Events
Purpose of Processing: If you register for an event with us, we process your data to handle the registration, organise and conduct the event, respond to questions you may have in connection with your registration, and for the formal handling of business transactions within the framework of a business relationship.
Legal Basis of Processing: The processing of your data is carried out to fulfil a contractual relationship or is based on our legitimate interest, namely the handling of the event. In the context of trade fair events, we also offer our visitors tests (quick hearing checks). The processing of test data is based on your consent.
Further Information: We process your data only as long as necessary to fulfil the contractual relationship or to handle the event.
2.11.2. Data Processing in the Context of (Advertising) Mailings and Telephone Calls
Purpose of Processing: If you have consented to us contacting you by post, email, SMS, or telephone, or if you have actively signed up for our newsletter, we process your data to send you (advertising) information about us and our services. If you no longer wish to be contacted by us, no problem. Simply contact us at [email protected] or use the unsubscribe link in the newsletter.
Legal Basis of Processing: The processing of your data is based on your consent.
Recipients of the Data: To create and send informational emails, Neuroth International AG uses Mailjet SAS, 13-13 bis, rue de l’Aubrac, 75012 Paris, France, and the customer data and engagement platform CrossEngage from CrossEngage GmbH, Bertha-Benz-Straße 5, 10557 Berlin, Germany.
Further Information: We process your data until you withdraw your consent or unsubscribe from the newsletter (you will find a corresponding link in the newsletter).
2.11.2.1. Mailjet
Purpose of Processing: As an email service provider for transactional and marketing email campaigns, we use the Mailjet service from Mailjet SAS, 13-13 bis, rue de l’Aubrac, 75012 Paris, France. The service helps us manage the mentioned email campaigns through analysis, customer data history, and personalisation. For this purpose, personal data (browser information, domain name, contact information, content interaction information, login information, and email address) is processed.
Legal Basis of Processing: The processing of your data is based on your consent. You can withdraw your consent at any time.
Recipients of the Data: The data is not passed on to third parties. The only exception is the processor. The data centres of the processor are located in the European Union.
Mailjet SAS, 13-13 bis, rue de l’Aubrac, 75012 Paris, France, acts as a processor for us in relation to this data storage. In matters of data protection, their data protection officer can be reached at [email protected].
Storage Duration: Your data will be stored as long as necessary to achieve the purpose or until you withdraw your consent, whichever occurs first.
Further Information: The data protection provisions of the data processor can be found here.
2.11.4. Data processing in the context of competitions
Purpose of processing: If you take part in a competition with us, we process your data for the purpose of organising the competition. Legal basis for processing: Your data is processed for the fulfilment of a contractual relationship.
Recipient of the data: If it is necessary to transfer your data relevant in the individual case for the fulfilment of the contractual relationship, we will transfer your data to a transport company to send the prize.
Further information: We only process your data for as long as is necessary for the fulfilment of the contractual relationship.
As part of competitions, you also have the option of registering for our newsletter. You can find more information on this in section 2.11.2 (Data processing in the context of promotional mailings and telephone calls) of the privacy policy.
2.11.4. Data Processing in the Context of Participation in Surveys
Purpose of Processing: If you participate in a survey conducted by us, we process your data to evaluate your responses and improve our goods and services.
Legal bases of the processing:
a) Your data is processed for the fulfilment of a contractual relationship. b) In the event of a win, the winner(s) (name and place of residence) may be published in the advertising media used by us (e.g. magazines, websites, social media platforms); processing to safeguard legitimate interests in accordance with Art. 6 para. 1 lit f GDPR).
Further Information: We process your data until you withdraw your consent.
3. Data Processing in the Context of Business Operations:
3.1. Data Processing for Administrative Purposes
Purpose of Processing: We operate a customer relationship management system and process your data to document and improve our customer relationships with you (documentation of the content of communication between our employees and you). For this purpose, we create a separate internal customer account for our customers.
Legal Basis of Processing: The processing of your data is based on our legitimate interest in optimising customer-specific communication with you.
Further Information: We store your data until the end of the third year after the last contact with you.
4. Assertion of Your Rights as a Data Subject
As a data subject, you have the following rights and remedies. To assert your rights and for any questions, please contact [email protected].
If necessary, you may be required to provide proof of your identity in an appropriate form to ensure that no unauthorised third parties are given information about your data and/or unauthorised changes and/or deletions are made.
4.1. Right to Information about Stored Data pursuant to Art 15 GDPR
You have the right to request information about whether we process personal data about you. If this is the case, you have the right to information about this personal data as well as further information related to the processing.
4.2. Right to Rectification of Inaccurate Data pursuant to Art 16 GDPR
If your data processed by us is not correctly recorded, please inform us so that we can promptly correct and/or complete and/or restrict it.
4.3. Right to Erasure of Data pursuant to Art 17 GDPR
If you no longer wish for us to process your data, please inform us. We will, of course, delete your data immediately and inform you of this. If there are compelling legal, particularly statutory reasons against deletion, we will inform you immediately.
4.4. Right to Restriction of Data pursuant to Art 18 GDPR
You can request the restriction of the processing of your data if:
4.5. Right to Data Portability pursuant to Art 20 GDPR
If the legal requirements are met, you can request the transfer of your data in a structured, commonly used, and machine-readable format.
4.6. Right to Object to Unreasonable Data Processing pursuant to Art 21 GDPR
You have the right to object at any time to the processing of your personal data for reasons arising from your particular situation. We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend our legal claims.
In particular, you can object to data processing for direct marketing purposes at any time with effect for the future.
4.7. Right to Withdraw Consent
If the processing is based on a consent declaration, you have the option to withdraw this consent at any time without affecting the lawfulness of the processing carried out based on the consent until the withdrawal.
4.8. Right to Lodge a Complaint with the Data Protection Authority
If you believe that the processing of your personal data by us violates applicable data protection law or your data protection rights have been violated in any other way, you have the option to lodge a complaint with the competent supervisory authority (Austrian Data Protection Authority). The address is: Austrian Data Protection Authority, Barichgasse 40-42, 1030 Vienna.
5. Further Information
The data we request from you is necessary for processing the sale of our goods and providing our services within the framework of the contractual relationship or to provide information you have requested from us or when sending our newsletters and other information.
If you do not provide the data, we cannot deliver our services. Mandatory fields are marked with an asterisk (*). All other information is voluntary. Failure to provide or incomplete provision of your personal data – marked with an asterisk or otherwise as mandatory data – will result in us being unable to provide our service or the desired service.
Automated decision-making, including profiling, does not take place. Should we process your personal data for a purpose other than that for which we collected it, we will inform you of this and provide information about the new purpose.
Our Contact Details
If you have any questions or concerns about the processing of your personal data, please contact us:
Neuroth International AG Schmiedlstraße 1 AT-8042 Graz Email: [email protected]
Alternatively, you can also contact our Data Protection Officer:
Mag. Markus Dörfler c/o Höhne, In der Maur & Partner Rechtsanwälte GmbH & Co KG Mariahilfer Straße 20, 1070 Vienna [email protected]
Applicant Privacy Policy pursuant to Art 13 et seq. GDPR
For us – the Neuroth Group – the trust of customers, business partners, employees, and applicants is of paramount importance, which is why we place great emphasis on the secure and sensitive handling of your data.
Therefore, the following principles apply to the Neuroth Group:
In the case of an application, you will find a separate data protection declaration - depending on the location. The respective company of the Neuroth Group (hereinafter referred to as ‘we’, ‘us’ or ‘Neuroth’) is responsible for the processing of your personal data in the context of an application and for the content of a job advertisement (see separate privacy policy). (Name and contact details as well as the contact details of any appointed data protection officer can be found below under Annex***.
General application (without applicant portal)
If you do not send us your application documents via our applicant portal but by other means, we will process your personal data contained in your documents as well as your CV and references for the purpose of personnel selection and staffing for the duration of the application process. Legal basis: Art. 6 para. 1 lit. b GDPR
If we wish to keep you on record for the purpose of contacting you at a later date, we will approach you with a separate request for your consent. If you explicitly give us this consent, we will store your application documents as stated under point 4. Legal basis: Art. 6 para. 1 lit. a GDPR
Application via online application portal
Neuroth International AG (hereinafter referred to as “we”, “us”) operates, among other things, an online application portal (“application portal”) at https://career.neuroth.com , through which interested individuals can apply electronically for positions at Neuroth International AG and companies affiliated or associated with Neuroth International AG pursuant to § 189a Z 8 and 9 UGB (“our companies”).
Neuroth International AG processes applicant data for the following companies:
As the data controller for data processing within our application portal and the entire application process, we inform you, in addition to our general privacy policy available at www.neuroth.com/datenschutzerklaerung/, about how and which personal data we process during your application.
Information on the person responsible as per Annex***.
1. Purposes of Data Processing
We will process the categories of your personal data mentioned in the annex for the following purposes:
(i) To actively approach potential employees through various channels and possibly commissioned personnel consultants (recruitment); (ii) To conduct personnel planning and management on a global level, including ensuring appropriate staffing; (iii) For investment decisions; (iv) To plan and manage the skills of potential employees; (v) To process applications received by us; (vi) To conduct the application process; (vii) To assert, exercise, or defend legal claims; (viii) To refer to received applications at a later date regarding potential employment.
We obtain this data:
(i) From public sources; (ii) From personnel consultants to whom you have provided the data yourself; (iii) During the application process, by you providing the data to us (e.g., particularly through our application portal by creating a user account) or; (iv) Through interview notes during the application interview.
There is no obligation to provide us with the personal data we request. However, it will not be possible to conduct the application process if you do not provide your personal data. If the provision of your data is legally mandatory in some cases, we will inform you separately.
The application portal is operated by our central Human Resources department in the performance of its group-wide tasks. We process the above-mentioned data exclusively for the above-mentioned purposes.
During the application process, we also transmit your application data to the company to which you have applied for a position. Only the employees responsible for recruiting in the respective personnel and relevant departments, as well as possibly the board or management of our companies, have access to your application data. The persons responsible for recruiting are obliged to maintain confidentiality and comply with data secrecy within the meaning of § 6 DSG.
Automated Decision-Making Including Profiling: There is no automated decision-making, including profiling, in our application procedures.
Further Processing for Other Purposes: Your application data will not be processed for any purposes other than those described above, unless we or one of our companies establish an employment relationship with you. In this case, we will inform you separately about the further processing of your data.
2. Categories of Data Processed and Legal Basis for Processing
We process the categories of your personal data listed in the annex based on our overriding legitimate interest pursuant to Art 6 para 1 lit f GDPR, which is to ensure an efficient application process and optimal staffing. We process and transmit your application data to our company where you have applied for a position, as far as this is necessary for the decision on establishing an employment relationship with you based on your application. The legal basis for this is Art 6 para 1 lit b GDPR (performance of pre-contractual measures at the request of the data subject). Furthermore, we process your application data if this is necessary to assert or exercise legal claims against you and to defend against legal claims you may assert against us, as well as to fulfil internal administrative purposes. The legal basis for this is Art 6 para 1 lit f GDPR (protection of the legitimate interests of the controller or a third party, provided that the interests of the data subject in the protection of their personal data do not override) in conjunction with Art 17 para 3 lit e GDPR and Recital 48 GDPR. We will ask for your consent to process your personal data for the purpose of maintaining records in a separate process. The legal basis for this is Art 6 para 1 lit a GDPR.
3. Transmission of Your Personal Data
If necessary for the above-mentioned purposes, we will transmit your personal data to the following categories of recipients:
(i) IT service providers used by us;
(ii) Companies belonging to the Neuroth Group.
Some of the above-mentioned recipients are located outside your country or process your personal data there. The level of data protection in other countries may not correspond to that of your country. However, we only transmit your personal data to countries for which the EU Commission has decided that they have an adequate level of data protection or we take measures to ensure that all recipients have an adequate level of data protection. For this purpose, we conclude standard contractual clauses (2010/87/EC and/or 2004/915/EC), for example.
4. Storage Duration
We store your personal data either:
(i) For the duration of the application process or
(ii) Until you withdraw your consent (in case you have given your consent for us to keep your application on record).
Regardless of this, we store your data as long as:
(i) Legal retention obligations exist or
(ii) Any legal claims have not yet expired, for the assertion or defence of which the personal data is required.
If you have consented to the retention of your data, we will store your data until you withdraw your consent, but no longer than 18 months from the receipt of your consent.
5. Your Rights in Relation to Personal Data
Under applicable law, you are entitled (if the respective requirements of the applicable law are met) to:
(i) Request confirmation as to whether and which of your personal data we process and receive copies of this data;
(ii) Request the correction or deletion of your personal data;
(iii) Request us to restrict the processing of your personal data;
(iv) Object to the processing of your personal data;
(v) Withdraw any consent previously given for the processing (the withdrawal of your consent does not affect the lawfulness of the processing carried out based on your consent before its withdrawal);
(vi) Request data portability; or
(vii) Lodge a complaint with the data protection authority.
To withdraw a given consent, please contact us by email at [email protected].
Our Contact Details
If you have any questions or concerns regarding the processing of your personal data, please contact us in accordance with Annex***, depending on your location:
Neuroth International AG Schmiedlstraße 1, 8042 Graz [email protected]
Alternatively, you are also welcome to contact our data protection advisor; depending on the location in accordance with Annex***
**Annex
***Annex Locations of the Neuroth Group, responsible person and data protection officer in each case
Neuroth International AG (AT), Paula-Neuroth-Straße 1, 8403 Lebring-St. Margarethen, Firmenbuchnummer: FN 249346 k, Firmenbuchgericht: Landesgericht für ZRS Graz, [email protected] Data protection officer: Mag. Markus Dörfler, p.A. Höhne, In der Maur & Partner Rechtsanwälte GmbH & Co KG, Mariahilfer Straße 20, 1070 Wien, [email protected]
Neuroth GmbH (AT), Paula-Neuroth-Straße 1 A-8403 Lebring, [email protected], Firmenbuchnummer: FN 536391 k, Firmenbuchgericht: LGZ Graz Data protection officer: Mag. Markus Dörfler, p.A. Höhne, In der Maur & Partner Rechtsanwälte GmbH & Co KG, Mariahilfer Straße 20, 1070 Wien, [email protected]
Neuroth Hörcenter GmbH (DE), Albert-Roßhaupter-Straße 43, D-81369 München, HRB-NR. 211129, Registergericht: AG München, [email protected] Data protection officer: Mag. Markus Dörfler, p.A. Höhne, In der Maur & Partner Rechtsanwälte GmbH & Co KG, Mariahilfer Straße 20, 1070 Wien, [email protected]
Neuroth Hörcenter AG (CH ), Alpenstrasse 15, CH-6300 Zug, CHE: 107.418.051, HR-Amt Kanton Zug, [email protected] Data protection officer: NSF Rechtsanwälte AG, Selnaustrasse 6, 8001 Zürich, [email protected]
Neuroth Hörakustik Anstalt (LI), Heiligkreuz 49, LI-9490 Vaduz, FL-0002.067.419-6, [email protected] Data protection officer: [email protected]
Audio lab Austria GmbH (AT), Schmiedlstrasse 1, A-8042 Graz, [email protected], Firmenbuchnummer: FN 156418 b, Firmenbuchgericht: LGZ Graz Data protection officer: Mag. Markus Dörfler, p.A. Höhne, In der Maur & Partner Rechtsanwälte GmbH & Co KG, Mariahilfer Straße 20, 1070 Wien, [email protected]
NEUROTH slušni aparati d.o.o. (Sl), Tbilisijska Ulica 59, 1000 Ljubljana, Commercial Code: 5555213000, [email protected] Data protection: [email protected]
NEUROTH slušna pomagala d.o.o. (HR), Kišpatićeva 12, 10000 Zagreb, OIB 70178250686, [email protected] Data protection: Goran Kapić (DPO), ulica Frana Kesterčaneka 2a, 10000 Zagreb, OIB: 91220986098, [email protected]
NEUROTH slušni aparati d.o.o. Belgrade (SRB), Ulica Baja Pivljanina 39/1/4, 11000 Belgrade, Company ID: 21465844, [email protected] Data protection: Mavrenski & Associates, Kraljice Marije Street 12/III/14, 11000 Belgrade, [email protected]
NEUROTH slušni aparati d.o.o. (BiH), Milana Tepića 1, 78000 Banja Luka, Company ID: 11011985, [email protected] Data protection: [email protected]