ERA is a non-profit organization based in Graz, Austria.
Privacy
Information on data protection
With this data protection notice, we inform you about our handling of your personal data and about your rights under the European General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG). The data controller is the European Repair Alliance (hereinafter referred to as "we" or "us"). Data protection information in accordance with Art. 13 GDPR.
This Privacy Policy was last updated in May 2024.
Name and address of the controller
The responsible body within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations is:
European Repair Alliance
Maria-Stromberger-Gasse 20,
8020 Graz, Austria
E-mail:
privacy@repairalliance.org
1. General information on data processing
Legal basis for processing personal data
In accordance with Art. 13 GDPR, we will inform you of the legal basis for our data processing. If you have consented to the data processing, we process your personal data on the basis of Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, provided that special categories of data pursuant to Art. 9 para. 1 GDPR. In the case of explicit consent to the transfer of personal data to third countries, the data processing is also carried out on the basis of Art. 49 para. 1 lit. a GDPR. If you have consented to the storage of cookies or access to information in your device (e.g. via device fingerprinting), the data processing is also carried out on the basis of § 25 para. 1 TTDSG. The consent can be revoked at any time. If your data is required for the performance of a contract or for the implementation of pre-contractual measures, we process your data on the basis of Art. 6 para. 1 lit. b GDPR. Furthermore, we process your data if it is necessary to comply with a legal obligation on the basis of Art. 6 para. 1 lit. c GDPR. Furthermore, the data processing may be carried out on the basis of our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR.
Data deletion and storage period
We adhere to the principles of data minimization acc. Art. 5 para. 1 lit. c GDPR and storage limitation acc. Art. 5 para. 1 lit. e GDPR. We will only store your personal data for as long as is necessary to achieve the purposes stated here or as long as the retention periods provided for by the legislator provide. After the respective purpose has ceased to exist or after these retention periods have expired, the corresponding data will be deleted as soon as possible.
Note on the transfer of data to third countries
Tools from companies based in third countries are also integrated into our website. If these tools are active, your personal data may be transmitted to the servers of the respective companies. As a rule, the level of data protection in third countries does not correspond to EU data protection law. This means that there is a risk that your data will be passed on to the authorities of these countries. We have no influence on these processing activities.
External links
This website may contain links to third party websites or to other websites under our responsibility. If you follow a link to one of the websites outside of our control, please note that these websites have their own privacy information. We assume no responsibility or liability for these third-party websites and their data protection information. Therefore, before using these websites, check whether you agree with the privacy policies there.
You can recognize external links either by the fact that they are displayed in color slightly different from the rest of the text or underlined. Your cursor will show you external links when you move it over such a link. Only when you click on an external link will your personal data be transferred to the destination of the link. In particular, the operator of the other website receives your IP address, the time when you clicked on the link, the page on which you clicked on the link, as well as other information that you can find in the privacy policy of the respective provider.
Please also note that individual links may lead to a data transfer outside the European Economic Area. This could give foreign authorities access to your data. You may not have any legal remedies against this data access. If you do not want your personal data to be transferred to the link destination or even undesirable exposure to access by foreign authorities, please do not click on any links.
Rights of the data subject
As a data subject within the meaning of the GDPR, you have the opportunity to assert various rights. The rights of data subjects arising from the GDPR are the right of access (Article 15), the right to rectification (Article 16), the right to erasure (Article 17), the right to restriction of processing (Article 18), the right to object (Article 21), the right to lodge a complaint with a supervisory authority and the right to data portability (Article 20). If you believe that the processing of your data violates data protection law or that your data protection rights have been violated in any other way, you can complain to the supervisory authority. In Austria, this is the data protection authority.
2. Provision of the website (web host)
Our website is hosted at:
netcup GmbH
Daimlerstraße 25
76185 Karlsruhe
Germany
When you visit our website, information is automatically collected and stored in server log files. Your browser transmits this information to our hosting provider, netcup.de. The data collected includes:
- IP address of the end device
- Device used and operating system
- Hostname of the accessing computer
- Browser type and version
- Name of the retrieved file
- Time of server request
- Amount of data transferred
- Success of data retrieval
This data will not be merged with other sources.
Our website is hosted on netcup.de’s servers, where the personal data collected is also stored. In addition to the information mentioned, the web host stores contact requests, contact details, names, website access data, meta and communication data as well as contract data.
The legal basis for data processing is Art. 6 para. 1 lit. f GDPR, based on our legitimate interest in the technically error-free presentation and optimization of the website. If the website is visited in order to enter into contract negotiations with us or to conclude a contract, Art. 6 para. 1 lit. b GDPR as a further legal basis. If a hosting company is commissioned, there is a contract for order processing with the service provider.
3. Telephone contact
or e-mail contact
In accordance with the legal requirements, we have provided an e-mail address on our website. The data transmitted in this way is automatically stored by us in order to be able to process corresponding inquiries or contact the person making the request. We will not pass on this data to third parties without consent. If contact is made by telephone or via our e-mail address for pre-contractual or contractual purposes, the processing of personal data is based on the legal basis of Art. 6 para. 1 lit. b GDPR. In the case of all other contacts on your part, the processing of personal data by us is based on our legitimate interest pursuant to Art. Art. 6 para. 1 lit. f GDPR.
4. Use of external services
External services are used on our website. External services are third-party services that are used on our website. This can be done for a variety of reasons, such as embedding videos or website security. When using these services, personal data is also passed on to the respective providers of these external services. If we do not have a legitimate interest in using these services, we will obtain your consent as a visitor to our website, which can be revoked at any time, before using them (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG).
Analytics
For website analysis, we use the open-source and privacy-friendly software "Independent Analytics". The data collected is stored exclusively on our server in Germany and no personal data is collected or tracked, which is why no cookies are used. For this reason, the use of Independent Analytics is in line with the provisions of the General Data Protection Regulation (GDPR). As a visitor to our website, you agree to the use of the Independent Analytics software. For more information on the privacy of the Independent Analytics software, see
www.independentwp.com/features/gdpr-analytics.
5. Social media
We do NOT use any social media plugins on our site. All links to social media are independent and simple links to the respective pages. Personal data is transferred by the provider of the platforms itself as soon as the respective social media website is accessed. Processed data are, for example: name, address, e-mail address, telephone number, access time, device information, IP address. ERA does not process, store or share data with an external social media provider.
Although we do not process data, we leave the following section on this page for security reasons :
The processing of the data is based on the legal basis of consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG). As a website visitor, you have consented to the processing of your personal data with your voluntary, explicit and prior consent. Without separate consent, the personal data will be processed on the condition that there is no other legal basis within the meaning of Art. 6 para. 1 GDPR, on which we base the processing, is not processed by us in the manner described above. We will proceed in the same way if you revoke your consent. The lawfulness of the processing carried out up to the revocation remains unaffected. If anyone reads this text, we will give away a bottle of wine from the Graz area for the first person who contacts us.
When you visit our Instagram page, through which we present our company or individual products from our range, certain information is processed. The sole controller for this processing of personal data is Meta Platforms Ireland Ltd (Ireland/EU – Meta). You can find further information about the processing of personal data by Meta at
https://www.facebook.com/privacy/explanation
. Meta offers the possibility to object to certain data processing; you can find information and opt-out options in this regard under
https://www.facebook.com/settings?tab=ads
.
Vimeo
Vimeo LLC (New York/USA) is the sole controller for the processing of personal data when visiting our Vimeo channel. Further information about the processing of personal data by Vimeo or Vimeo LLC can be found at
https://vimeo.com/privacy
.