The SMATRICS Websites
General Terms and Conditions of Use
GENERAL NOTES ON DATA PROTECTION
As the party responsible for complying with data protection, we process your data for the following purposes: (a) creating and providing advertising and descriptions of our products, (b) responding to your queries and follow-up questions, including creating offers for contracts relating to our products and services as well as contract conclusions, (c) fulfilling existing contracts relating to our products and (d) operating and optimising our website.
Data is processed on the basis of the statutory provisions of Section 96 Par 3 Telecommunications Act and (a) for advertising on the basis of consent in accordance with Art 6 Par 1 lit a GDPR. Data is processed for (b) responding to your queries and follow-up questions, including creating offers for contracts relating to our products (c) and for fulfilling existing contracts relating to our products as well as contract conclusions on the basis of the respective contract or pre-contractual measures with the relevant customer in accordance with Art 6 Par 1 lit b GDPR. Data is processed for operating and optimising our websites (d) on the basis of the legitimate interests of SMATRICS in accordance with Art 6 Par 1 lit f GDPR in optimising our website, whereby the data is anonymised here.
If you have already concluded a contract relating to the use of SMATRICS products and services, or if you want to conclude a contract of this type, your rights and obligations in connection with the provision of your data are regulated in this contract; a conclusion or fulfilment of the respective contract relating to the use of our products and services is not possible if this data is not provided.
If you have not concluded or do not want to conclude a contract with SMATRICS, you are not obligated to provide personal data; however, the consequence of not providing your personal data is that SMATRICS cannot provide the requested services.
The personal data that you entered on our websites is forwarded to only the following persons for the provision of services in accordance with our offers on our websites: IT service providers and web agencies. If our products are used for charging, SMATRICS as the party responsible in the sense of General Data Protection Regulation (EU) 2016/679 ("GDPR") is entitled to process the personal data that was disclosed and obtained in the context of the business relationship and (especially from public SMATRICS charging stations and/or wall boxes and/or charging stations from partners of SMATRICS) for the purpose of performing this contract relating to the product for charging and to transmit this data – wholly or in part– in connection with the fulfilment of this contract to suppliers, IT service providers, customer service, banks, accountants, tax consultant, auditors and if necessary collection agencies, insurance companies and legal representatives. This concerns full name, academic title, postal address, e-mail contact, telephone number, date of birth, billing data, account data, customer ID number, charging location, charging start, charging end, charging station used, roaming partner, ID of the device when using the SMATRICS APP, consumption data, vehicle charging capacity, registration number for the contract vehicle, make, commercial name and year of construction of the contract vehicle. To process the billing of charging processes at the charging stations belonging to the roaming partners of SMATRICS, SMATRICS transmits customer ID numbers in an anonymised format to the roaming partners. The roaming partners do not have any access to the personal data that is stored by SMATRICS as a result. The contract cannot be fulfilled in accordance with this paragraph if this data is not provided.
To pay by credit card, you have to enter your card number, expiry date and the CVC code for the credit card. SMATRICS is entitled to forward this data without storing it to its sales partners (currently Wirecard Central Eastern Europe GmbH). This partner checks the expiry date of the credit card and that the data entered was correct and processes the payment. Contracts with payment by credit card cannot be fulfilled in accordance with this paragraph if this data is not provided.
The personal data that you entered on our website is stored for the purpose of providing the service according to our offers on our websites for as long as this is necessary for fulfilling our reporting obligations and our obligations to furnish proof.
If you use our products for charging, the necessary data is stored for the duration of the contract and afterwards for as long as is necessary for the purpose of fulfilling the contract, in the event of disputes, or for reporting obligations and obligations to furnish proof.
the GDPR you have a right to information from the party responsible for complying with data protection law (SMATRICS) regarding the personal data that was processed and to correct or delete this data or to restrict its processing, a right to object to its processing, and a right to data portability (Art 15 to 21 GDPR). Furthermore, you have the right to appeal to the data protection authorities (Art 77 GDPR). To safeguard their rights from data protection law, each person concerned can turn to the SMATRICS contacts listed above in point 1.
If data is processed on the basis of your consent, you can withdraw your consent to this processing of your data in writing at any time (an e-mail is sufficient) to the SMATRICS contacts listed above in point 1. The further processing of the data is discontinued immediately after receipt of the withdrawal by SMATRICS irrespective of existing statutory obligations. Withdrawal does not affect the lawfulness of consent-based processing carried out up to the point of withdrawal.
Shariff is used on the website instead of social plug-ins. This means that the usage behaviour of social networks cannot be tracked provided the user does not click on the Share button.
Clicking on the Share button creates a link with the respective social network and information about the usage behaviour is forwarded, even if you do not have a profile for the respective social networks, or you are not currently signed in with your profile.
If you are signed in to one of the social networks, the provider can allocate your visit to our website to your profile on the respective social networks. If you interact with the plug-ins, for example by clicking on the "Like" button, the corresponding information is also transmitted directly to a server of the provider of the social networks and stored there. Furthermore, the information is published in the social network on your account and your contacts are displayed there.
10. Web server protocols
The following data, which your Internet browser transmits to us, is automatically recorded on our server and stored in what are called log files:
• Browser type and version
• Operating system used
• Website from which you visit us (referrer URL)
• Website that you call up on our server
• The date and time when you accessed the website
• Your IP address
This data is stored separately from any personal data that you may have provided and so cannot be traced to an individual person. It is assessed on the basis of events for troubleshooting and for statistical purposes so that we can optimise our website, or so that we can obtain additional information in the event of specific indications of possible unlawful use. When they reach a certain size, these log files are automatically rotated and therefore overwritten.
Our website uses what are called cookies. These are small text files that are stored on your device with the help of the browser. They do not cause any damage. The following data is recorded:
- IP addresses
Your IP address is recorded but it is immediately anonymised by deleting the last 8 bits. This means that only a general localisation is possible.
Our website uses what are called session cookies. These are cookies that are active only while you visit the website. Session cookies are therefore valid for a limited period of time and are deleted when you close the browser/tab. A token is saved on the server for a maximum of 30 minutes. Session cookies only store IP addresses.
If you do not want this, you can configure your browser so that it informs you when cookies are set and you can allow this on a case-by-case basis.
Deactivating cookies may restrict the functionality of our website.
In addition to the storage of the data named in point 11, the following data is also stored by us for the purpose of fulfilling the contract with our web shop for purchases: Address, full name or company and contact person, academic title, e-mail contact, telephone number, date of birth, invoice address and delivery address.
Data is not transmitted to third parties with the exception of the transmission of the data to the transport company/shipping company commissioned by us to deliver the goods, IT service providers, our accounting department, to our tax consultants for fulfilling our taxation obligations, our auditors and, if necessary, to collection agencies, insurance companies and legal representatives.
If the purchase process is terminated, the data that is stored by us is deleted.
Our website uses functions of the web analytics services Google Analytics and Facebook.
Cookies are used here that enable analysis of the use of this website. The information that they create is transmitted to the provider’s server where it is stored.
You can prevent this by setting up your browser in such a way that it does not store any cookies.
We have concluded a data processing contract with the provider for this.
The IP addresses that are recorded based on the legal basis of "legitimate interest“ of SMATRICS in accordance with Art 6 Par. 1 lit f GDPR are anonymised by using a code line before they are stored on a server. In other words, the last 8 bits of the IP address are deleted and thus cannot be uniquely allocated to any person.
1600 Amphitheatre Parkway
Mountain View, CA 94043
Data is transmitted to third countries (outside of Austria and the European Economic Area). Google stores and processes personal data in the United States of America or in any other country in which Google or Google’s sub-processors maintain facilities.
When transmitting data outside of the EEA and Switzerland, Google will ensure that:
(a) the parent company of the Google Group, Google LLC, remains certified in accordance with the principles of the Privacy Shield for itself and for its 100% US subsidiaries; and
(b) the scope of the Privacy Shield certification of Google LLC comprises the customer’s personal data.
1 Hacker Way
Facebook Inc. ("Facebook") is certified for the EU-US Privacy Shield Framework and the Swiss-USA Privacy Shield Framework (referred to together as the "Privacy Shield Framework") with the US Department of Commerce.
Facebook can transfer data within the Facebook Group and to third parties including service providers and other partners. In accordance with the principles of the Privacy Shield, Facebook is liable for any processing of personal data by such third parties that is not in line with the principles of the Privacy Shield, unless Facebook was not responsible for the event that was responsible for any alleged damage.
You have the option of subscribing to our newsletters via the website. For this purpose, we require your e-mail address, title, full name and a statement that you agree to receive the newsletter.
So we can provide you with effective information, we also collect and process the following information that is provided voluntarily: in your interest (information for private customers or companies)
Once you have registered for the newsletter, we will send you a confirmation e-mail with a link to confirm your registration.
You can cancel your subscription to the newsletter at any time. Please send your cancellation to the following e-mail address: firstname.lastname@example.org. We will immediately delete your data that is related to the sending of the newsletter.
Your data is hosted by a provider that is located within the European Union. Both SMATRICS and the provider use technical and organizational security measures to protect your data from manipulation, loss, destruction or access by unauthorized persons. Irrespective of the above, we would like to inform you that any transfer of data via the Internet is not secure and there is therefore a risk that it may be intercepted and used by third parties. Our security procedures are continually enhanced as new technology becomes available. Please feel free to contact us via the contact details mentioned above to obtain further information about our security measures.
Last revised: May 2018