Offices


Let's talk and drink coffee.

Get in touch

Privacy

NDA GmbH operates this website to provide its services under the “New Defined Archetype” brand, and to disseminate information on digital marketing in the form of whitepapers and document downloads. We also offer comprehensive career opportunities, which we can use to collect information about applicants directly on the website. In the course of these purposes, personal data are collected for the specific purpose and to the extent necessary, including some personal data, which are processed as follows:

 

Responsible company & Contact regarding GDPR

NDA GmbH, Flugfeldgürtel 3, 2700 Wiener Neustadt, Austria, CEO: Ing. Andreas Kraus, MSc. , Commercial and District Court Wiener Neustadt

GDPR – What is that?

The GDPR (General Data Protection Regulation) is a new EU regulation which replaces the EU data protection directive dating from 1995. The new regulation aims to significantly improve the protection of personal data of EU citizens and to make businesses and public authorities subject to stricter requirements regarding the collection and processing of personal data. The GDPR will be published on 25. This will enter into force on 1 May 2018. The Regulation incorporates many of the requirements of the 1995 EU Data Protection Directive with regard to data protection and security, or further developed. In addition, several new provisions have been added, which strengthen the rights of data subjects and provide for more severe sanctions for violations.

Whenever a data subject is about to provide personal data, data controllers (usually a company) must ensure that the data subject has given his/her prior consent. The GDPR also redefines the disclosure standards for obtaining consent. These must be expressed & voluntarily, for the specific case, in an informed and unambiguous manner”;. The persons responsible must address the data subjects in a “clear and simple”; legal language which & must be clearly distinguished from the other facts”;. Those responsible must also provide evidence that their processes are compliant with the rules and are always followed. Under the previous EU Data Protection Directive, the consent of a data subject could be inferred if his or her actions or omissions left no doubt as to his or her willingness to consent. The Directive thus allowed for the possibility of opt-out mechanisms. This will change with the GDPR, because now the person concerned must give his or her consent „in the form of a declaration or other clear affirmative act“.

Your customers must therefore not be forced to give their consent or be kept in ignorance of their consent to the processing of their personal data. In addition, your customers must know exactly what they are giving their consent for and they must be informed in advance of their right to withdraw their consent. Obtaining consent presupposes a clear sign of consent – silence, already ticked boxes or inactivity on the part of the persons concerned do not constitute consent. In the future, it is therefore important that you inform your users sufficiently during the consent process.

The Regulation also provides for two new rights for data subjects: a “right to be forgotten”/em>”, which obliges data controllers to inform recipients of requests for erasure, and a “right to data transferability”/em>”;, which allows data subjects to request a copy of their data in a standard format. These two rights make it easier for users to request the deletion of any information stored about them or the transmission of any information collected.

Data subjects have already had the right to request access to their data. The DSGVO extends these rights. In most cases you will not be able to charge a fee for a request for information unless you can prove that the costs involved are excessive. There is also a significant change in the deadline for processing an application for information. The currently applicable period of 40 days will be significantly shortened. In certain cases, undertakings may refuse to process a request for information, for example if the request is considered manifestly unfounded or unreasonable. However, in order to be able to admissibly reject an application, companies need clear guidelines and procedures, and they must be able to justify why a particular application meets the criteria laid down. (Vgl. https://www.hubspot.de/data-privacy/gdpr, 2020)

Collection, processing and use of personal data.

You can visit our site without providing any personal information. We store – even if the visit may be via newsletter links – only access data without personal reference such as e. g.- the name of your internet service provider – the page from which you are visiting us – the name of the requested file This data is evaluated exclusively for the improvement of our offer and does not allow any conclusion about your person.

When do we collect data?

We collect data exclusively for the purpose of carrying out our business purposes or to provide information with the prior consent of our website visitors. It is generally possible to use the website without disclosing personal data. If personal data is collected, it will only be collected, queried and processed to the extent necessary to provide the services.

Collection of information.

General information is automatically collected when you access our website. In principle, this information does not allow any conclusions to be drawn about the person. This data includes the device used, the web browser used, the operating system or other similar operating data.

Processing of personal data.

When using certain services on our website, data such as first and last name, address, telephone number or even the email address can be collected. This is particularly necessary for enquiries regarding our services in order to be able to establish contact through our employees. This data is protected against misuse by using all necessary organizational and technical security measures. This requires, among other things, the use of up-to-date software, the use of pseudonymisation measures or also encryption during data transfer via HTTPS (SSL certificate). Only those employees who need it have access to the data. All employees are instructed once and repeatedly in the necessities of observing the GDPR.

Revocation, amendments, corrections and updates.

The user has the right to request information free of charge about the personal data stored about him/her. In addition, the user has the right to correct incorrect data, block and delete his or her personal data, provided that this does not conflict with any legal retention obligation.

Contact details in business transactions.

In the course of the business initiation and business processing with our customers we store contact data, contract data, order data, billing data and correspondence. Legal basis: For existing customers, the processing is necessary to fulfil the contract or pre-contractual measures. In the case of potential clients, we refer to the legal basis of the legitimate interest in the business initiation. In the context of the invoicing of services, we are obliged by the Federal Fiscal Code (FFC), the Business Code (CC) and the Value Added Tax Act (VATA) to store the data for the purpose of calculating and adjusting taxes and for our accounting obligations. Without the provision of your data, we cannot meet our obligations. Deletion periods: We store the data of existing customers as long as the business relationship is maintained. After termination we will keep the contact data for a maximum of three years. All billing data will be retained in accordance with the legally required retention data (usually for 7 years) and then deleted or anonymised. Recipients: Beyond our internal authorized employees, only the billing data is passed on to our tax consultants (and thus to third parties).

Applicants to jobs.

We sometimes receive personal data from applicants in letters of application or other documents that are sent to us in the course of an application. This may include name, address, telephone number, hobbies and interests, and qualifications related to the profession. The processing of this data serves as a pre-contractual measure and is only kept evident for a maximum of 6 months in order to be able to react to any legal claims of both parties. If the applicant or we are interested in a longer period of evidence, we will obtain consent for this measure. Personal data collected in this process is only accessible to a few administrative staff members, as well as employees of the management level.

Access data and log files (Server).

Our website is hosted by World4You, which also provides our email server. With each access to our website the provider of the service collects so-called server log files. This includes the name of the website called up, date, time and file of the call. The amount of data transferred, the browser type, the operating system and the URL of the previously visited page are also logged. The data will be processed for statistical analysis only, whereby the right is reserved to subsequently check log data in case of suspected illegal use. You can find out more about the use of the data by the provider at https://w4yfaq.world4you.com/.

Albacross – Pixel

By using a tracking code from Albacross Nordic AB “Albacross”; we improve our service in lead management for companies visiting our website and who are interested in our offer. By using this code a cookie is set on your device, which is processed by Albacross. In particular, their IP address is collected as part of the anonymisation already carried out by Google Analytics and used in combination with technical parameters to fundamentally differentiate visitors. Albacross acts in accordance with the GDPR, since it is mainly companies and not persons who have visited the website that are identified. More detailed information can be obtained from
https://albacross.com/privacy-policy/, and http://help.albacross.com/gdpr/gdpr-introduction.

HubSpot – CRM,

We use HubSpot to connect with our users via LiveChat and thus offer a possibility to ask questions quickly. Additionally, HubSpot offers the possibility to leave contact information which will appear as a notification to our support team. We consider such a measure as consent to contact you or Contract initiation. HubSpot, Inc. has a Privacy Shield certification issued by the U. S. Department of Commerce to ensure appropriate security measures for the transfer of personal data between the EU and the United States. Information about our privacy shield certification can be found in our customer terms of use (see section F. 2) as well as in our privacy policy. On request, we can provide certain customers in the EU or other countries in the EEA also provides for a data processing agreement (which includes the standard contractual clauses recognised by the EU). Incidentally, the DSGVO does not change the regulations governing the transfer of personal data outside the EU. So here you will not be faced with any changes. For more information about how HubSpot Inc. uses the data, please see the following:
https://www.hubspot.de/data-privacy/gdpr.

The Trade Desk – Pixel

Our website uses technology from The Trade Desk, Inc, 42 N. Chestnut St, Ventura, CA 93001, USA (“The Trade Desk”;) for the purposes of behavioral advertising, technical targeting and retargeting (= the re-targeting on the Internet of www.da-agentur.at). Banner ads, video ads, and image/text combinations (= Native Advertising) are used. For this purpose, information about the surfing behaviour of the website visitors is collected in anonymous form and cookies are set. No personal data is collected or processed in the process. For more information on data protection at The Trade Desk, please visit https://www.thetradedesk.com/general/privacy-policy. If you wish to object to processing by The Trade Desk, you can do so here:
https://www.adsrvr.org/.

Facebook – Pixel

By accepting our cookies, we set the “visitor action pixel”; of Facebook Inc. 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”;). This allows us to track the behavior of users after they have been directed to our site by clicking on a Facebook advertisement. This is used to evaluate the effectiveness of Facebook Ads for statistical and market research purposes. By using this pixel, we can optimize our advertising commitments. All data collected through this is anonymous for us as the operator of the website. If you accept the cookie, however, you consent to Facebook storing and processing your data. This data can then be used by Facebook for its own advertising purposes.

Google Ads – Pixel

We use the remarketing function of Google Inc. on our site, which serves to address visitors within the Google Inc. advertising network again by means of advertisements and thus draw attention to certain contents. If you still do not wish to use Google’s remarketing function, you can deactivate it. Alternatively, you can disable the use of cookies for interest-based advertising through the ad network initiative by following the instructions at
http://www.networkadvertising.org/managing/opt_out.asp. Further information on Google Remarketing and the Google privacy policy can be found at http://www.google.com/privacy/ads/.

Newsletter and Informations service

In case you agree to receive our newsletter, you will be informed about current topics and offers of our agency. When you register for the newsletter, your personal data such as name and email address are stored and stored in our CRM and mail system. The consent can be revoked at any time. This cancellation can be made in the newsletter itself or by informing our support team.

Integration of third party services and content

It can happen that within this online offer third party content, such as videos from YouTube, map material from Google Maps, RSS feeds or graphics from other websites are integrated. This always assumes that the providers of such content (hereinafter referred to as “third party providers”;) are aware of the IP address of the users. This is because without the IP address they would not be able to send the content to the browser of the respective user. The IP address is therefore required for the display of this content. We make every effort to use only such content whose respective providers use the IP address only to deliver this content. However, we have no influence on this if the third party providers have changed the IP address e.g. for statistical purposes. As far as this is known to us, we inform the users about it.

Cookies

Cookies are small files that enable the storage of specific information related to the device on the user’s access device. On the one hand, they serve the user-friendliness of websites and thus the users (e. g. B. Storage of login data). On the other hand, they serve to record statistical data on website use and to be able to analyse it for the purpose of improving the offer. Users can influence the use of cookies. Most browsers have an option to restrict or completely prevent the storage of cookies. However, it is pointed out that the use and in particular the comfort of use are restricted without cookies. You can find further information under: http://www.google.com/privacy/.

Google Analytics

This website uses Google Analytics, a web analysis service of Google Inc (“Google”;). Google Analytics uses so-called ” Cookies”;, text files which are stored on your computer and which enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. Google Analytics uses the following target-oriented cookies: – _ga – _gid – _gat_gtag_UA<property-id> However, in the event that IP anonymisation is activated on this website, your IP address will be shortened by Google within member states of the European Union or in other states which are parties to the Agreement on the European Economic Area before this happens. Only in exceptional cases is the full IP address transferred to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on the website activities and to provide further services to the website operator in connection with the use of the website and the Internet. The IP address transmitted by your browser within the framework of Google Analytics is not merged with other data from Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You may also request the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link http://tools. google. com/dlpage/gaoptout?hl=de;. You can prevent Google Analytics from collecting the data by clicking on the following link. You can prevent Google Analytics from collecting the data by clicking on the following link. An opt-out cookie will be set to prevent future collection of your data when you visit this website: Deactivate Google Analytics; For more information on terms of use and data protection, see <a href=”http://www. google. com/analytics/terms/de. html”>http://www. google. com/analytics/terms/de. html; or at https://www. google. de/intl/de/policies/;. We would like to point out that on this website Google Analytics has been extended by the code “anonymizeIp”; in order to enable an anonymized collection of IP addresses (so-called IP-Masking) must be guaranteed. We also use Google Analytics to evaluate data from AdWords for statistical purposes.

Use of social plugins from Facebook

So-called social plugins (“plugins”;) from the social networks Facebook and Google+ are used on our website. These services are offered by the companies Facebook Inc. and Google Inc. (“Provider”;). Facebook is operated by Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”;). Google+ is operated by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”;). An overview of the plugins and their appearance can be found here: http://developers. facebook. com/plugins; or https://developers. google. com/+/plugins; When you call up a page of our website that contains such a plugin, your browser establishes a direct connection to the servers of Google or Facebook. The content of the plugin is transmitted by the respective provider directly to your browser and integrated into the page. By integrating the plugins, the providers receive the information that your browser has called up the corresponding page of our website, even if you do not have a profile with the corresponding social network or are not logged in at the moment. This information (including your IP address) is transmitted by your browser directly to a server of the respective provider in the USA and stored there. If you are logged in to one of the social networks, the providers can assign your visit to our website to your profile on Facebook or Assign Google+ directly. When you interact with the plugins, for example by clicking the “Like”; or “+1”; button, the corresponding information is also sent directly to a server of the providers and stored there. The information is also published in the social network and displayed to your contacts. The purpose and scope of data collection and the further processing and use of data by the providers as well as your rights and settings options for the protection of your privacy can be found in the data protection information of the providers. Privacy policy from Facebook: http://www.facebook.com/policy.php Privacy policy from Google: http://www.google.com/intl/de/+/policy/+1button.html If you do not want Google or Facebook to associate the data collected through our website directly with your profile on the respective social network, you must log out of the respective network before visiting our website. You can also completely prevent the loading of the plugins with add-ons for your browser, e. g. B. the Facebook plugins with the “Facebook Blocker”;(http://webgraph.com/resources/facebookblocker/).

Right of appeal – contact details of the appeal body

Austrian Data Protection Authority
Wickenburggasse 8, 1080 Vienna – Austria
Phone: +43 1 52 152-0
dsb@dsb.gv.at
www.dsb.gv.at
§43 Abs 1 Z 4 DSG; Art. 13 Abs 2 lit d DSGVO

Any more questions about your data?

We got procedures, registers and documentation on demand.

Get in touch
2020_01_17_Agenturbu1ro_06