The protection of your personal data is of particular concern to us, which is why we strictly adhere to the legal requirements of the Data Protection Act and the GDPR when collecting and processing your personal data.
A. Processing of personal data on our homepage
1. Personal data
Our website can generally be used without providing personal data. However, different rules may apply to the use of individual services, which we will point out to you separately.
Therefore, besides the cookies described in detail below, we only collect and save data that you provide to us yourself by entering it into our input fields or actively interacting with our website in any other way.
Personal data is deemed to be all information that relates to an identified or identifiable natural person. This includes, for example, your name, your address, your telephone number, or your date of birth, but also your IP address or geolocation data that can be used to identify you.
a. If you only use our website for information purposes, i.e. if you do not register for a service or otherwise provide us with information - for example via a contact form - we will only collect the personal data that your browser transmits to our server. If you want to visit our website, we collect the data listed below, which is technically necessary for us to display the website to you, and to ensure its stability and security in accordance with Art. 6 para. 1 sentence 1 letter of of the EU-GDPR:
Date and time of the request
Time zone difference from Greenwich Mean Time (GMT)
Content of the request
Access status / http status code
Amount of data transferred in each instance
Website from which the request originated
Operating system and its interface
Language and version of the browser software
b. In addition to the aforementioned data, first party and third party cookies are stored on your computer when you use our website. These are small text files that are stored on your hard drive and related to the browser you are using. The party that sets a cookie (here this is done by us and the third parties listed below) receives certain information. These cookies can be used to identify the user of the website, and their use of our services can be determined. Cookies may also be used for marketing purposes, usage analysis, and for targeted advertising.
A basic distinction can be made between first party cookies, third party cookies and third party requests.
First party cookies
First party cookies are stored in your browser by us or our website in order to offer you the best possible user experience. These are, specifically, functional cookies, such as shopping cart cookies.
Third party cookies
Third party cookies are stored in your browser by a third party provider. These are mostly tracking or marketing tools that, on the one hand, evaluate your user behavior and, on the other, offer the third-party provider the opportunity to recognize your use of other websites that you have visited. In principle, re-targeted marketing, for example, is based on the function of such cookies.
Third party requests
3. Collection and processing of personal data
Personal data that goes beyond the information stored by cookies is only processed by us if you voluntarily provide it to us, for example, when you register with us, enter into a contractual relationship with us, or otherwise contact us. This only concerns contact details and information on the issues about which you contact us.
We only use the personal data that you provide to the extent that is necessary in the context of fulfilling the respective purpose of processing (e.g., registering an account, processing an order, sending informational material and advertising, answering a question, enabling access for certain information) and that is legally permissible (in particular in accordance with Art. 6 of the EU-GDPR) (e.g., sending out advertising and informational material to existing customers).
The purpose of processing your data is to facilitate the operation of our website and the targeted provision of company-specific information, including the presentation of our range of goods and services (marketing). Any further use of your data will only take place to the extent for which you have given your express prior consent. You can revoke your consent - as explained in detail below - at any time in the future.
4. Storage period
We generally store data that you have provided to us exclusively for customer service or for marketing and information purposes for up to three years after our last direct contact. However, if you wish, we will delete your data before this period has expired, provided that there is no legal obstacle to this.
In the event that a contract is initiated or concluded, we process your personal data after the contract has been fully concluded until the expiry of the guarantee, warranty, statute of limitations, and statutory retention periods that apply to us, and furthermore until the end of any legal disputes in which the data may eventually be needed as evidence.
5. Tools and applications used
Google uses this information on our behalf to evaluate your use of our website, to compile reports on website activity, and to provide the website operator with other services relating to website activity and internet usage. The IP address your browser transmits in the context of Google Analytics is not merged with other Google data.
You can prevent the storage of the cookies required by Google Analytics by rejecting the storage of cookies when entering our website or by setting your browser software accordingly, which may, however, mean that you will not be able to use all the functions of this website to their full extent. You can also prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) and its transmission and processing by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en.
If you would like further information on the types, scope, and purposes of the data collected by Google, we recommend that you read their data protection provisions: https://support.google.com/analytics/answer/6004245?hl=en.
Google also processes your data in the USA. However, we have agreed so-called standard contractual clauses with Google in order to provide suitable guarantees to ensure that Google processes your data in the USA in accordance with the law.
c. We use the Klarna service provided by Klarna Bank AB (publ), Sveavägen 46, 111 34 Stockholm, Sweden as a payment service provider for our online shop.
If you make a payment on our website via this payment service provider, a connection to the respective Klarna server is established and the payment data is transmitted.
Further information about Klarna and the data protection measures taken by Klarna can be found at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/en/privacy.
6. Data transfer
Your data will only be transferred to third parties if we are legally obliged to do so, if the transfer of data is necessary for the implementation of a contractual relationship between us, or if you have expressly consented to the transfer of your data beforehand. External processors or other cooperation partners will only receive your data if this is necessary for the execution of the contract or if we have a legitimate interest vested in this, which we will always give separate notification of when it is necessary. If one of our contract processors has access to your personal data, we ensure that they comply with the provisions of data protection laws in the same way as we do.
We do not sell or otherwise market your personal data to third parties outside the group. If our contractual partners or processors are based in a third country, i.e., a country outside the European Economic Area (EEA), we will inform you of the consequences of this fact in the description of the offer.
In any case, the recipients of your personal data are:
SIWA Online GmbH
eworx Network & Internet GmbH
our logistics partners and online payment services
We use numerous technical and organizational security measures to protect your data against manipulation, loss, destruction, and access by third parties. Our security measures are continuously improved in line with the technological developments on the internet. If you would like to receive further information on the type and scope of the technical and organizational measures that we have taken, please contact us in writing.
8. Your rights
In accordance with the General Data Protection Regulation and the Data Protection Act, you as the data subject of our data processing have the following rights and legal remedies:
Right to information (Art. 15 of the EU-GDPR)
As the data subject of the above-described and other data processing, you have the right to request information on whether personal data about you is being processed and, if so, which data is being processed. For your own protection - in order to ensure that no unauthorized person receives information about your data - we will check your identity in a suitable manner before providing information.
Right to correction (Art. 16) and deletion (Art. 17 of the EU-GDPR)
You have the right to immediately request the correction of incorrect personal data concerning you or - taking into account the purposes of the data processing - the completion of incomplete personal data and the deletion of your data, provided that the criteria of Art. 17 of the EU-GDPR are met.
Right to restriction of processing (Art. 18 of the EU-GDPR)
Under the legal provisions, you have the right to restrict the processing of all personal data collected. From the point of the request for restriction, this data will only be processed with your explicit consent or to assert and enforce legal claims.
Right to data portability (Art. 20 of the EU-GDPR)
You can request the unhindered and unrestricted transfer of personal data that you have provided to us to either yourself or a third party.
Right of objection (Art. 21 of the EU-GDPR)
For reasons arising from your particular situation, you may object at any time to the processing of personal data concerning you which is necessary for the protection of our legitimate interests or those of a third party. Your data will no longer be processed after your objection, unless there are compelling legitimate reasons for processing that outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise, or defend legal claims. You can object to the processing of data for the purpose of direct mailings at any time, which will take immediate effect for the future.
Revocation of consent
If you have separately given your consent to the processing of your data, you can revoke this at any time. Such a revocation limits our ability to process your personal data after your revocation.
If you take any measure to enforce your above-listed rights under the GDPR, Rosenbauer must respond to the requested measure or comply with the request immediately, but no later than one month after receipt of your request.
We will respond to all inquiries deemed reasonable within the scope of the legal framework free of charge and as quickly as possible.
The Data Protection Authority is responsible for issues regarding the violation of the right to information and violation of the rights to secrecy, correction, and deletion. Their contact details are as follows:
Austrian Data Protection Authority (Österreichische Datenschutzbehörde)
9. Contact information / contact person
a. Contact information of the data officer
Rosenbauer E-Commerce GmbH
Paschinger Straße 90
4060 Leonding, Austria
+43 (0)732 6794 – 0
b. Contact information for the contact person for data protection-related issues
DI Marinko Kvesic
Paschinger Straße 90
+43 732 6794-551
10. Final provisions
As of: September 2021