0 Items

Privacy Policy

(Status: February 2025)

1. General

At XERNA, responsible handling of personal data is a top priority. We want you to know when we collect which data from you and how we use it. We have implemented technical and organizational measures to ensure that data protection regulations are observed both by us and by our external service providers.

 

2. Data Controller

The operator of this website and the controller within the meaning of the General Data Protection Regulation (“GDPR”) is XERNA GmbH, Steinbach 118, 8462 Gamlitz. For questions about data protection or the processing of your personal data, you can reach us at:

XERNA GmbH
Steinbach 118
8462 Gamlitz, Austria
office@xerna.at

 

3. Processed Data

Depending on whether you visit our website, consent to cookies, subscribe to a newsletter, or contact us in other ways, we process different categories of your personal data.

 

3.1 Data Processed When Accessing Our Website

You can visit our website without providing personal information. We only store initial access data in a log file. Initial access data includes the date and time of access, the IP address in anonymized form (the last three digits are hidden), session ID, pages accessed on our website and the duration of the visit, the name of the referring website, and information about the browser used. We analyze this data solely to improve our website, and no conclusions about your identity are drawn. You can opt out to disable the storage of these anonymized data.

 

3.2 Data Processed Upon Consent to Cookies

If you consent to cookies, each cookie processes different data (e.g., IP address, location, browser language, usage behavior). Detailed information about the cookies we use can be found in section 9 of this privacy policy and in our Cookie Policy.

 

3.3 Data Processed When Subscribing to a Newsletter

If you subscribe to a newsletter, we process your name and email address primarily. To provide you with targeted information, we also collect and process your industry and country if you provide these voluntarily. These data are stored for the duration of your subscription. We also track which newsletter articles you access. You can revoke your subscription and consent to data processing at any time, either via the unsubscribe link in the newsletter or by writing to office@xerna.at. We will then promptly delete all your personal data related to the newsletter.

 

3.4 Data Processed When Contacting Us

If you contact us by email or via an existing or future contact form, we process personal data such as name, salutation, phone and fax number, email address, and correspondence language. These data are stored for at least six months for inquiry processing and follow-up questions. The same applies if you provide your personal data to us for contact purposes (e.g., by phone or business card).

 

3.5 Data Processed When Entering a Business Relationship

If you enter a business relationship with us, we collect the following personal data:

  • Name
  • Title
  • Business and other addresses
  • Phone number
  • Email address
  • Profession/job title
  • Date of birth
  • Company registration number
  • Contact persons
  • Industry
  • Employer
  • Order data
  • Product preferences
  • Internal customer ID
  • Language
  • Gender
  • VAT number

We also assign you an internal customer or supplier number.

 

Your data are stored as long as necessary for contract fulfillment or pre-contractual measures. If your personal data are processed in our accounting system (e.g., after contract conclusion), they are stored according to legal retention periods, typically 7 years under applicable tax law. For product liability purposes, selected data (name, address, goods, date) are stored for 10 years.

 

4. Storage Duration

We generally store your data only as long as necessary. Standard storage durations are stated in the respective sections. In some cases, shorter or longer storage periods may apply due to legal obligations.

 

5. Purpose of Processing

We process your data primarily to fulfill contracts or carry out pre-contractual measures. We also process data to meet legal obligations, such as tax, corporate law, anti-corruption, and anti-money laundering regulations. Data you voluntarily provide (e.g., name, email) are processed based on your consent or our legitimate interest for customer care and our own advertising purposes (e.g., sending offers, brochures, newsletters) and to reference existing or previous customer relationships. Processing is based on legal provisions, your consent, or contract fulfillment.

 

6. Our Principles Regarding Your Personal Data

We strictly comply with all legal data protection regulations. Your data are processed under the GDPR and national laws derived from it. Your data are secure with us. We do not sell, lend, rent, or otherwise share your data with third parties without your explicit consent. However, in some cases, we share data with processors who guarantee lawful and secure data use and contractually commit to compliance with this privacy policy and legal rules. We may transfer your data to another company in the event of restructuring or mergers, provided they comply with our principles and are based in the EU or a country with adequate data protection. We may also share your data if required by law, court order, or authority. Additionally, we reserve the right to share your data to protect or enforce our rights in case of your actions or omissions. We limit data processing to necessary and reasonable extents and explain the reasons for data collection and processing. Data no longer needed are deleted.

 

7. Data Sharing and Processing by Contract

As part of a global group, our subsidiaries, extended group companies, and external service providers may be located inside or outside the European Economic Area (EEA). We may use processors for data processing. We share data with recipients such as tax advisors, legal representatives, banks, subcontractors, suppliers, and group companies. Data may be transferred to countries outside the EU/EEA, notably the USA, India, China, UAE, and the UK. Transfers are based on data processing agreements with these processors. If you actively use social network features on our site, your data may be shared with the respective social network providers.

 

8. Automated Decision-Making and Profiling

We do not use automated decision-making or profiling.

 

9. Cookies

Our website uses cookies to collect personal data and standard internet protocol data and usage patterns when visiting our site. You can configure cookie settings upon visiting the site and decide which categories you accept. Cookies enable better user experience, preference recognition, technical problem diagnosis, analytics, and personalized product recommendations. Most browsers also allow you to block cookies entirely. Blocking cookies may disable some website functions. For more info on cookies, management, and deletion, visit www.allaboutcookies.org. Cookies are text files stored on your device to log and improve functionality. Most cookies are session cookies deleted after the browser session; others are persistent cookies that recognize your device on future visits. We also use third-party cookies. Details about cookies and stored data can be found in our Cookie Policy.

 

10. Your Rights

You have the following rights regarding your personal data:

Right of access (Art. 15 GDPR): Request information on whether and which personal data we process about you, the purposes, origins, recipients, and storage duration.

Right to rectification (Art. 16 GDPR): Request correction of inaccurate or incomplete data.

Right to erasure (Art. 17 GDPR): Request deletion if data processing is no longer necessary, no legal basis exists, or data is unlawfully processed.

Right to restriction of processing (Art. 18 GDPR): Request limiting the use of your data as an alternative to deletion, especially if accuracy is disputed or you objected to processing.

Right to data portability (Art. 20 GDPR): Receive your data in a structured, common, machine-readable format and request direct transmission to another controller.

Right to object (Art. 21 GDPR): Object to data processing based on your particular situation. You always have the right to object to data use for direct marketing.

Right to lodge a complaint (Art. 77 GDPR): File a complaint with a supervisory authority if you believe your data protection rights have been violated. For questions or uncertainties, contact us at: office@xerna.at.

 

11. Data Security

We implement technical and organizational measures to protect your data against loss, destruction, unauthorized access, alteration, and dissemination. These measures are regularly reviewed and updated. Despite extensive safeguards, complete protection of your data cannot be guaranteed.

 

12. Changes to the Privacy Policy

Legal changes or internal company process changes may require updates to this privacy policy, which we reserve the right to make. Please review this privacy policy regularly

0
    0
    Cart
    Cart is emptyBack to the shop
    Continue shopping