Privacy policy

We take the protection of your personal data very seriously. When processing data, we comply with the provisions of the Austrian Data Protection Act (DSG), the EU General Data Protection Regulation (GDPR) and the Telecommunications Act 2021 (TKG 2021). Appropriate data security measures are taken to ensure the security of the processed data and to ensure that it is properly processed and not made accessible to unauthorized persons. The manner in which we process your personal data is described below.

Who is responsible for processing your data?

Responsible for the processing of your data is 4conform GmbH, Feldkirchner Straße 136, 9020 Klagenfurt am Wörthersee. You can reach us by e-mail at hello@4conform.com.

Necessity of providing personal information

In many cases, the processing of your data is based on a legal obligation or is necessary for the fulfillment of a contract or as part of pre-contractual measures. In addition, personal data is processed on the basis of declarations of consent.

When you contact us (e.g. by e-mail or telephone), we process your data as follows:

We process the data you provide when contacting us exclusively for the purpose of responding to your inquiry. We refer to Article 6 (1) (b) GDPR as the legal basis for processing. This means that we assume that when you use the contact form, you are enquiring about our services or already have a customer relationship with us. The data you send to hello@4conform.com will be forwarded to our IT service provider in Austria, which hosts our mailboxes. Beyond this, no data will be passed on to other third parties, third countries or international organizations.

We only store your data for the period required to fulfill the purpose; beyond that, only the data that is absolutely necessary is stored due to the applicable legal provisions and retention obligations (UGB, ABGB, etc.). The collection of your data is necessary in order to process your request. You provide us with this data voluntarily. We do not use any automated decision-making or profiling when processing your data.

If contact is made via the contact form, we use Google reCaptcha technology to prevent misuse. The Google privacy policy and terms of use therefore apply.

If you give us your contact details (e.g. verbally or as a business card), we process your data as follows:

We process the data you provide when you contact us in order to contact you. We refer to Article 6 (1) (b) GDPR as the legal basis for processing. This means that we assume that if you send us your contact information, you are interested in information about us and our services or already have a customer relationship with us. The data you provide or mention will be forwarded to our IT service provider in Austria if we contact you by email. Furthermore, your company, name and address will be forwarded to the Austrian Post for the purpose of order fulfillment when sending correspondence/letters. Beyond this, we do not forward your data to other third parties, third countries or international organizations.

We only store your data for the period required to fulfill the purpose; beyond that, only the data that is absolutely necessary is stored due to the applicable legal provisions and retention obligations (UGB, ABGB, etc.). The collection of your data is necessary in order to process your request. You provide us with this data voluntarily. We do not use any automated decision-making or profiling when processing your data.

If you make use of our services as a customer, we process your data as follows:

As part of customer administration, we process the data transmitted by you for the purpose of contract processing in accordance with Art. 6 para. 1 lit. b GDPR

If you use our services as a customer, we process your data as follows:
We process the data transmitted by you within the scope of customer administration for the purpose of contract processing in accordance with Art 6 para 1 lit b GDPR (“necessary for the performance of the contract”). This includes in particular Master and contact data (e.g. name, e-mail address, telephone number, function, department) as well as order data and financial data on the invoice recipient. The personal data provided by you is required for the fulfillment of the contract or for the implementation of pre-contractual measures.

Within 4conform GmbH, those departments and employees receive your data that need it to fulfill contractual, legal and regulatory obligations and to protect legitimate interests. Data is transferred to our tax advisor, insurance companies, banks, debt collection companies, authorities and, in certain cases, to legal representatives and courts. In addition, processors commissioned by us (in particular IT service providers) will receive your data if they require it for the purpose of fulfilling the contract. The processors used are contractually obliged to process your data only within the scope of the service provision and to treat it confidentially.

Your personal data will be stored for the duration of the entire business relationship (from the initiation and execution to the termination of a contract) and beyond in accordance with the statutory retention and documentation obligations. These result, among other things, from: the Austrian Commercial Code (UGB), the Federal Fiscal Code (BAO). In addition, the statutory limitation periods, which can be up to 30 years in certain cases (the general limitation period is 3 years) according to the General Civil Code (ABGB), for example, must be taken into account for the storage period.

If no assignment is made, the stored personal data will be processed for a maximum of one year to determine conflicts of interest in future assignments.

If you attend courses or training sessions with us:

We process your personal data that we collect when you register for a course, training or seminar. Your data (name data; address data; contact and communication data such as e-mail; billing data; professional information on position, company) will be processed for the purpose of event management (handling, organization and documentation of the course) and, if necessary, passed on to supporting service providers (hotel, event room provider, IT service provider or service provider, tax consultancy).

In addition to 4conform GmbH, lecturers also receive the personal data from you as a participant that is necessary for the course.

We base the processing of your data on the implementation of pre-contractual measures in accordance with Art. 6 para. 1 lit. b GDPR and the legitimate interest in processing a course event (webinar) in accordance with Art. 6 para. 1 lit. f GDPR. The processing of your data is necessary in connection with the contract to be concluded with us; course participation is not possible without the provision of the necessary data.

We will store your personal data until the end of the event. In addition, we will only store the data that is absolutely necessary on the basis of the applicable statutory provisions or retention periods for up to 3 years after the end of the event, unless there are longer statutory retention obligations.

If you send us application documents, we process your data as follows:

In the context of applications, we process the data transmitted by you for the purpose of processing your (unsolicited) application and checking your suitability for an advertised position as well as for establishing contact and keeping records. If you are accepted into an employment relationship, you will of course also be informed about the associated processing of your data. The processing of your personal data is generally based on the implementation of pre-contractual measures (Art. 6 para. 1 lit. b GDPR). If you send us photos (image data) as part of the assessment, this data will only be processed for the purposes of identification at the interview and for the allocation of the applicant documents. Processing for other purposes is excluded.

The data required to process your application will be stored for a period of six months after completion of the application process in accordance with the applicable legal provisions (GlBG, BEinstG). Your (express) consent will be obtained in advance for any longer retention of your application. You can revoke your (express) consent at any time by sending an email to hello@4conform.com.

If you subscribe to our newsletter, we process your data as follows:

If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter.

We use the so-called double opt-in procedure to ensure that the newsletter is sent by mutual agreement. This involves the potential recipient being added to a mailing list. The user then receives a confirmation e-mail to confirm the registration in a legally secure manner. The address will only be actively included in the mailing list if confirmation is given.

We use this data exclusively for sending the requested information and offers.

Brevo is used as the newsletter software. Your data will be transmitted to Sendinblue GmbH. Brevo is prohibited from selling your data and using it for purposes other than sending newsletters. Brevo is a German, certified provider that has been selected in accordance with the requirements of the General Data Protection Regulation and the Federal Data Protection Act.

Further information can be found here: https://www.brevo.com/de/legal/privacypolicy/

You can revoke your consent to the storage of the data, the e-mail address and its use for sending the newsletter at any time, for example via the “Unsubscribe” link in the newsletter.

The data protection measures are always subject to technical updates. For this reason, we ask you to inform yourself about our data protection measures at regular intervals by consulting our privacy policy.

What rights do you have under the General Data Protection Regulation?

According to the GDPR, everyone has the right to information about who processes what data about them, for what purpose, including the legal basis, where this data comes from and, if applicable, to whom it is transmitted. 4conform GmbH processes personal data in order to fulfill contractual and pre-contractual obligations, among other things. Further information on the individual processing operations can be found in our processing directory.

Your data protection rights

You have the right to information, correction of incorrect data, the right to restriction of processing and deletion of inadmissibly processed data as well as the right to data portability.

Furthermore, the GDPR also provides for a right to object to the processing of personal data if this is done to safeguard our overriding legitimate interests. If you have consented to the processing of your data, you can revoke this consent at any time. Please note that the rights under the General Data Protection Regulation may be subject to legal restrictions if the exercise of these rights would impair the fulfillment of legal obligations.

General technical and organizational security measures

Security is the top priority when processing all data. Our measures are based on current information security management standards such as ISO 27001 and BSI basic protection. All persons with access to the systems are subject to corresponding guidelines. Specific measures are adapted to the protection requirements of the respective systems and include, for example, spatial access restrictions and controls, authorization and role concepts for all access to data and program functionalities, securing and monitoring of clients and networks, encryption of communication, databases and storage media, maintenance and updating of components, two- and three-factor authentication, pseudonymization, service redundancies, backup strategies, emergency planning, penetration tests, spot checks of access and periodic review of rights.

The processing of your IP address

The GDPR obliges us and our service providers to protect our IT systems in accordance with Article 32 GDPR. In order to ensure the functionality of our security systems, we must record and process the IP addresses or domain names of visitors to our websites. In addition, the IP address is used to analyze website usage and to improve the website.

Use of cookies

First of all, we do NOT use cookies for analytical marketing purposes.

In general, the use of cookies enables the use of certain functions on websites and makes visiting websites attractive and visitor-friendly. Cookies are text information about visited websites that are stored by the web browser on the hard disk of the computer. If a cookie contains personal data, the user must first actively consent to its use (“opt-in”). The text information usually contains the name of the website accessed, from where the cookie was sent and the user’s personal settings (such as language settings).

Cookies are harmless and can only be read by their sender. They do not contain any viruses or other malware and cannot read any information from your computer. The cookies used on this website are exclusively so-called “session cookies” (technical cookies). These are only used for the duration of the visit to the website and are automatically deleted as soon as the browser is closed. You can set your browser so that you are informed about the setting of cookies and decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or in general.

Use of analysis and tracking tools

Due to the EU regulation on the handling of cookies and their consent, we have discontinued the use of Google Analytics for website analysis. No website analysis is therefore carried out to protect any personal data of our visitors.

Social networks

4conform GmbH enables links to various social networks (e.g. XING, LinkedIn, Facebook). After clicking on the corresponding link, your browser is connected to the relevant network and transmits your IP address and other information, such as cookies, if you have previously visited the platform in question. By clicking on the relevant symbol (e.g. Facebook logo) or text link, you consent to communication with the relevant platform (in this case Facebook) and to the transmission of information about you, such as your IP address. The data collected by social networks is not within the sphere of influence of 4conform GmbH and is not transmitted to us.

How can you exercise your rights under the GDPR?

To assert your rights under the General Data Protection Regulation, please contact us as follows:

by e-mail to hello@4conform.com or by post to 4conform GmbH, Feldkirchner Straße 136, 9020 Klagenfurt am Wörthersee.

Please enclose a copy of an official photo ID to clearly identify yourself.

In order to process your request as efficiently and quickly as possible, please indicate in your request the factual context in which you suspect that your personal data will be used.

How can you withdraw your consent?

If you have given your consent to the processing of your personal data, you can revoke this in writing at any time. If you wish to unsubscribe from a newsletter, please use the link provided in the e-mail. In other cases of revocation, please contact us directly.

However, it should be noted that in the event of revocation, the desired services may no longer be provided or may no longer be provided without restriction.

We would also like to point out that – provided you have given your consent to the publication of your data – this data can also be copied and used by third parties.

Information on the right of appeal

If, contrary to expectations, you are of the opinion that the processing of your data violates data protection law or your data protection claims have otherwise been violated in any way, you can lodge a complaint with the Austrian Data Protection Authority.

Intellectual property

The 4conform GmbH website and its elements are protected by copyright and are therefore the property of 4conform GmbH. The copyrights of third parties, which are listed in the legal notice, are reserved. The consent of 4conform GmbH must be obtained for the reproduction of the website or parts thereof. 4conform GmbH reserves the right to fully enforce its rights in the event of misuse of this website.

Intellectual property

The 4conform GmbH website and its elements are protected by copyright and are therefore the property of 4conform GmbH. The copyrights of third parties, which are listed in the legal notice, are reserved. The consent of 4conform GmbH must be obtained for the reproduction of the website or parts thereof. 4conform GmbH reserves the right to fully enforce its rights in the event of misuse of this website.

This privacy policy applies from May 25, 2018