Data Protection Information
The following companies of the Stiegl group of companies are responsible for data processing:
Stieglbrauerei zu Salzburg GmbH
Stiegl Getränke & Service GmbH & Co. KG
Stiegl-Gut Wildshut GmbH
Stiegl Immobilien GmbH
DATA COLLECTION AND USE
Personal data are data that can be assigned to specific person, for instance: name, address, telephone number, email address, creditworthiness data, date of birth, gender, marital status, bank account details, credit card details, VAT ID, information about the type and content of our contractual relationship, correspondence data (telephone calls, written correspondence, etc.), user ID, customer number, photos.
We collect personal data when you enter it on our website (e.g. when placing an order, contacting us, creating a customer account, making reservations, using personalised services, participating in competitions and promotion campaigns) or disclose it to us by other means, for instance within the scope of a business relationship, or if you book services or contact us in any other way. We may collect specific personal data such as contact details and creditworthiness data from different sources such as, for instance, credit agencies, debtor registers and public sources (e.g. company register, land registry).
We use your personal data to enable you to get the best possible use from our website, to process your enquiries, for contract performance purposes, to enable your participation in surveys, promotion campaigns and competitions and to manage these activities, to carry out market and opinion research, to contact you for customer service purposes, to send you advertising material about our products and services, to improve our products and services and to verify the effectiveness of our campaigns. In addition, we may be required by law to process your personal data (e.g. in relation to tax law).
You are at liberty to refuse to provide your personal data. In this case you will not be able to benefit from our services that require personal data to be processed.
LEGAL BASIS AND RIGHT TO WITHDRAWAL
We process your personal data on the following legal bases: pre-contractual measures and contract performance pursuant to Art 6 Subparagraph 1b GDPR, justified interest pursuant to Art 6 Subparagraph 1f GDPR (e.g. web analyses, call monitoring, advertisements sent by post, creditworthiness checks), fulfilment of our legal obligations pursuant to Art 6 Subparagraph 1c GDPR and your consent pursuant to Art 6 Subparagraph 1a GDPR (e.g. customer account, newsletter, cookies).
You can withdraw your consent at any time with effect for the future by sending a letter or an email to the contact options stated in the preceding text.
Usage data is collected via the user’s internet browser and stored in so-called log files every time a Stiegl website is accessed. The datasets stored during this process contain the following data: date and time of access, name of the accessed page, IP address, referrer URL (the previously visited page), the data quantity transferred and the browser type and version. We evaluate these log file datasets to improve our offering and make it more user-friendly, to detect and rectify errors faster and to control server capacities. We also use the log file datasets for system security reasons, namely to defend against attacks such as so-called Distributed Denial of Service attacks that are aimed at blocking access to our websites through excessive access requests. We store log files for one month.
SENDING INFORMATION AND ADVERTISING
If you subscribe to our newsletter, we will use the necessary data we have collected or that you provide separately to regularly send you our newsletter. You can unsubscribe from our newsletter at any time either by sending an email to the contact option named in the preceding or by clicking on a corresponding link in the newsletter.
Advertising by post
Furthermore, we reserve the right on the basis of our justified interest in direct advertising to store your first name and surname, your postal address – and any other additional data you have provided us with within the scope of our contractual relationship – and to use it for advertising purposes, albeit only in relation to our own products and services, for instance to send you offers and information relating to our customer magazine.
We have a justified interest in monitoring incoming and outgoing telephone calls to improve the quality of our customer service. Incoming and outgoing telephone calls are listed by time and date in a calls log. The contact’s name will also appear if his or her telephone number is entered in the master data. These records are only kept for as long as necessary and are subsequently deleted.
PROVIDING CONTENT TO THE FRIENDS OF “STIEGL-FREUNDESKREIS”
Every registered member of the Friends of Stiegl Association guarantees that the content (submitted ideas, images, links, videos, social media contributions) and activities (comments on any contributions, blogs or responses to surveys) made available by him do not violate any legal regulations with regard to media law, competition law, privacy protection law or any other legal regulations and, in particular, do not contain any content or formats that is morally objectionable or offensive to common decency. Furthermore, the member guarantees that he is the authorised holder of copyrights, brand rights, ancillary copyrights, privacy rights and any other usage rights required for the intended usage and publication of the information, data and documents made available by him. In particular, the member guarantees that persons portrayed in photos and videos have given their irrevocable and unlimited consent to the intended purpose of publication. The member undertakes to fully indemnify and hold Stiegl harmless from all third-party claims with regard to the content made available by him. Furthermore, the member undertakes to demonstrably inform the provider of any such claims asserted by a third party
Every registered member of the Friends of Stiegl Association expressly agrees that his or her name can be published in connection with the uploaded photo, video, link or idea submitted to the ideas workshop or social media contribution on the website and in the print media of Stieglbrauerei zu Salzburg GmbH.
EVALUATION REMINDER BY TRUSTED SHOPS
If you have expressly granted us your consent during or after placing an order by activating a corresponding checkbox or clicking on a button (“Evaluate later”), we will send your email address to Trusted Shops GmbH, Subbelrather Str. 15c, 50823 Cologne (Germany) (http://www.trustedshops.de?live_edit=1&live_edit=1) for the purpose of generating a reminder email to submit an evaluation to remind to submit an evaluation by email. You can withdraw your consent at any time by sending a message to the contact option listed below or directly to Trusted Shops.
We use so-called cookies on various web pages to make visits to our website more attractive and to enable the use of certain functions. Cookies are small text files that are stored on your end device. Some of the cookies we use are deleted at the end of the browser session, i.e. when you close your browser (so-called session cookies). Other cookies remain installed on your end device and enable us to recognise your browser the next time you visit the website (persistent cookies).
We use session cookies to keep the current session active.
We use third-party cookies that help us improve your experience with our content and advertisements.
- View cookies
- Allow cookies
- Deactivate some or all cookies
- Deactivate all cookies when the browser is closed
- Block cookies
- Alert me when a cookie is about to be set
- Object to tracking analysis
You find instructions on how to deactivate cookies for the following browsers on the respective browser provider’s website:
- Internet Explorer
- Chrome (Windows) / Chrome (Mac) / Chrome for iOS / Chrome for Android
- Safari (iOS)
The following web pages use Google Analytics, a web analysis service provided by Google Inc. (http://www.google.de?live_edit=1&live_edit=1):
The following web pages use Google Analytics, a web analysis service provided by Google Inc. (http://www.google.de?live_edit=1&live_edit=1): www.stiegl.at
Furthermore, you can prevent Google from collecting and using data (cookies and IP address) by downloading and installing the browser plug-in available under: http://tools.google.com/dlpage/gaoptout?hl=en. As an alternative to the browser plug-in, and especially if you are using a browser in a mobile end device, click on this link to set an opt-out cookie that will prevent Google Analytics from collecting data on this website in the future. This will install an opt-out cookie that will in future prevent the collection of your data when you visit this website: the opt-out cookie is valid only for this browser and only for our website and will be stored on your end device. You will have to set the cookie again if you delete cookies from this browser.
Our relationship with web analysis provider Google is based on the EU-US Privacy Shield. Data is processed on the basis of Art. 6 Para. 1f (justified interest) of the GDPR. Our justified interest lies in improving our offering and website. User data is stored for a period of 38 months.
GOOGLE TAG MANAGER
We use «Conversation Optimization Technology» to continuously improve targeted communication with our customers. This technology enables us to remind customers of forgotten orders, for instance, or to draw their attention to promotions. Our customers can also use it to have the content of their shopping basket sent to them by email.
USE OF FACEBOOK
Due to our justified interest in the analysis, optimisation and commercial operation of our online offering, the online offerings of the websites named in the preceding make use of the so-called “Facebook Pixel” of social network Facebook that is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or – if you are located in the EU – by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”). The Facebook Pixel is an often invisible, electronic image, usually no larger than one pixel by one pixel, that a commercial website operator can integrate in his website and that tracks how visitors use the website.
The Facebook Pixel enables Facebook to determine visitors to our website as a target group for displaying advertisements, so-called “Facebook Ads”. We use the Facebook Pixel accordingly in order to show our Facebook Ads exclusively to these Facebook users (“Custom Audiences”).
GOOGLE AdWords REMARKETING
Our website uses the functionality of Google AdWords Remarketing, which we use to place advertisements for this website in Google search results and on third-party websites. The service provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). To this end, Google sets a cookie in the browser of your end device that enables automatic interest-based advertising by way of a pseudonymised ID on the basis of the websites you have visited. Data processing is based on our justified interest in optimising the marketing of our website in accordance with Art. 6 Subparagraph 1f GDPR. Any additional processing will only take place if you have granted your consent to Google linking your internet and app browser history to your Google account and that information from your Google account can be used to customise the advertisements you see online. In the event you are logged into Google when you visit our website, Google will use your data in conjunction with Google Analytics data to create and define target group lists for remarketing across various end devices. To this end, Google will temporarily link your personal data with Google Analytics data to create target groups. You can permanently deactivate advertisement cookies from being set by downloading and installing the browser plug-in available from this link: https://www.google.com/settings/ads/onweb/ [google.com]. Alternatively, you can obtain information about how cookies are set from the Digital Advertising Alliance via the internet address www.aboutads.info and adjust your settings accordingly. Finally, you can adjust your browser to inform you when cookies are about to be set so that you can agree to specific cookies being set or reject the setting of cookies from case to case or in general. Rejecting cookies can restrict the functionality of our website. Google LLC based in the USA as a recipient of data is certified in accordance with the EU-US Privacy Shield Framework that guarantees compliance with the data protection level applicable in the EU. You can view additional information and the data protection regulations concerning advertising and Google here: http://www.google.com/policies/technologies/ads/
The company affilinet GmbH, Sapporobogen 6-8, 80637 Munich, Germany, sets a cookie on each visitor’s end device to log concrete sales and/or leads. This cookie is set by the domain partners.webmasterplan.com or banners.webmasterplan.com. The cookies used by affilinet are accepted by browsers with default settings. If you object to these cookies being stored on your end device, please deactivate the acceptance of cookies for each relevant domain in your internet browser. affilinet cookies only store the ID of the referring partner and the allocation number of the advertisement clicked on by the user (banner, text link or similar) that are required for payment processing purposes. The partner ID serves to allocate the commission to be paid to a mediating partner in the event of a transaction. The lawful basis for data processing in this context is Art. 6 Subparagraph 1f GDPR. You can find data protection information here: https://www.affili.net/de/datenschutz [affili.net]
TRANSFER OF DATA BY THE RECIPIENT
Your data will only be shared with other recipients to the extent that is necessary to provide the requested services (e.g.: the shipping company appointed to deliver your order, the bank or institute appointed to process your payment, the advertising agencies appointed to distribute newsletters, the sponsors of competitions, the providers of experiences, hotels and ticket information and creditworthiness agencies [KSV, CRIF] to verify your creditworthiness). Within the Stiegl Group of Companies, only those offices or employees responsible for fulfilling the described purposes will have access to your personal data. Any disclosed data will be kept to the necessary minimum. Any further disclosure to third parties will only occur if we are obligated by law to do so.
We appoint service providers to provide services such as web hosting, web analysis, the provision of IT services and software, payment processing, newsletter dispatch and order processing. These contract processors have access to your personal data during the course of their activities insofar as they require your personal data to provide their specific service (e.g. your address to deliver goods, your email address to send you newsletters). We have concluded data processing contracts with these providers in accordance with Art 28 GDPR, in which the providers undertake to comply with statutory data protection requirements. We only use contract processors outside of the European Union if an adequacy decision of the European Commission for the country in question or appropriate guarantees (e.g. EU-US Privacy Shield) are available or if we refer to the standard contractual clauses of the European Commission.
We store your personal data only for as long as is necessary for customer care and marketing purposes or until such time as you object to the use of your data for these purposes. Data stored for customer care and marketing purposes will be deleted automatically if we have no contact with you as a customer for more than three years.
Customer accounts can be deleted at any time either by sending an email to the contact option named in the preceding or by clicking on a corresponding link in the newsletter.
With regard to contractual relationships, we will retain your data after completion of the contract until the expiry of any warranty, guarantee, limitation and statutory retention periods or for as long as the data are required as evidence within the scope of legal disputes.
For technical reasons data may be anonymised instead of deleted. In this case any personal reference will be irretrievably removed so that the deletion requirements under data protection legislation no longer apply.
Automated individual decision-making
At this moment in time, no automated decisions in the sense of Art. 22 GDPR are made that could impact you from a legal standpoint or otherwise affect you significantly.
Automated individual decision-making
At this moment in time, no automated decisions in the sense of Art. 22 GDPR are made that could impact you from a legal standpoint or otherwise affect you significantly.
Stiegl Group has implemented technological and organisational security measures to protect the data stored by us from unintentional or intentional manipulation, loss or destruction and from unauthorised access. Our security measures are subject to continuous improvement in accordance with technological progress.
Right to information
You have a right to information about whether and what data we process about you.
Right to rectification
You have the right to have incomplete or incorrect data rectified or amended at any time.
Right to erasure
You can submit a request for erasure of your personal data to us if we are processing the data unlawfully, data processing significantly violates your justified interests in data protection, the data are no longer needed for the purpose for which they were originally collected, if you withdraw your consent and there is no other legal basis for processing your data, or if erasure is necessary to fulfil a legal obligation. Please note that there may be reasons that speak against immediate erasure, e.g. statutory retention periods.
Right to restriction of processing
You have a right to restrict processing of your personal data if:
You contest the correctness of your personal data for a period of time that allows us to check the correctness
Processing is unlawful and you reject to having your personal data erased and instead opt for a restriction
We no longer need the data for the original processing purpose but you require them for the purpose of asserting, exercising or defending legal claims, or
You have objected to processing your personal data
Right to data portability
You have the right to receive the personal data concerning you and that you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from us insofar as the processing is based on consent or a contract and the processing is carried out by automated means.
Right to object
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is required to maintain our justified interests or those of a third party. We will then no longer process your personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or if processing serves the establishment, exercise or defence of legal claims. You have the right to object to receiving advertising matter at any time without having to state a reason.
Asserting your rights
To assert your rights please contact: firstname.lastname@example.org or the contact options defined in the preceding. We are entitled to request additional information from you concerning your identity in order to protect your rights and privacy (e.g. official photo ID). We will respond to reasonable questions free of charge and as soon as possible under the observation of statutory time periods.
Right to complain
You have the right to lodge a complaint with a supervisory authority if you are of the opinion that processing your data is in violation of data protection regulations. The competent Austrian authority is the Data Protection Authority.
CHANGES TO OUR DATA PROTECTION STIPULATIONS
We retain the right to adapt this data protection declaration from time to time to ensure it is always in compliance with current legislation or to implement changes affecting our services with regard to our data protection policy, such as the introduction of new services.