Privacy FAQ

Data protection and data security FAQ

Here you will find the most important questions and answers regarding data protection in our company.

Where is the data stored?

Our server location is located in Austria in the computer centre of eww ITandTEL.

eww ag
Stelzhamerstrasse 27
4600 Catfish
T.: 07242 493-0
F.: 07242 493-138
info@eww.at

Advantages:

  • 24×7 availability
  • Redundant high-speed fiber optic connection
  • provider independent
  • Highly available electricity connection (99.9%)
  • Redundant UPS system with battery and generator
  • Energy-efficient, redundant air conditioning concept
  • Early fire detection and fire extinguishing system
  • Monitoring by network management and building management system
  • Logged access system
  • Certification according to ISO/IEC 27001
  • Green IT: environmentally friendly and economical

How is the data backed up and how long are the backup copies kept?

We create daily backups for our customers for six weeks. This means that the last 42 days are backed up daily for you. Restoring the data is possible according to the fair-use principle, which means that we do not in principle demand anything for a restore.

Who has access to my data and will the data be passed on to third parties?

Our employees only access customer data if the customer has made an inquiry to customer support or if data access is necessary to provide the services or to avoid or handle service or technical problems, or if KundenMeister is obligated to do so under a mandatory legal regulation.

KundenMeister declares with legally binding effect that all persons entrusted with data processing have been obliged to maintain confidentiality before commencing their activities. In particular, the obligation of confidentiality of the persons entrusted with data traffic shall remain in force even after termination of their activities and after leaving the service provider. The obligation of secrecy must also be observed for data of legal entities and partnerships under commercial law. There are also separate confidentiality agreements with our partners (Brunner Webhosting, ITandTEL).

Insofar as KundenMeister is obliged to disclose customer data under mandatory legal regulations, KundenMeister will not review customer data, pass it on to third parties or refer to it.

We will only provide third parties with data that goes beyond the data you have provided, in particular data that you have made available to us for internal purposes for the pure purpose of contract processing, if we are required to do so by law or if we have legitimate interests.

How long does the deletion of my data take?

A deletion requested by you is usually carried out within 2 working days.

It is also possible to delete individual data records, but we must point out to you that the deletion of individual data records, unless it is precisely defined what is to be deleted, causes costs which we must claim from our customers.

If a recovery of data should be necessary, we take care that deleted data is not recovered.

What do I have to enter as a customer in the data protection declaration regarding the Körbler company?

If data is collected on your website via Typo3, WordPress or our software KundenMeister (e.g. via newsletter or contact form), the data protection declaration must contain a note that Körbler GmbH is a processor and that data is collected, processed and used on your behalf.

What mandatory information must be provided for newsletter registrations?

Due to the principle of data economy and data avoidance, only the e-mail address may be required for registration.

Already at the time of registration, it must be clear to the respective user what the content of the newsletter is. In addition, the user must be informed that it is possible to unsubscribe at any time.

As soon as you also collect personal data by means of a newsletter/contact form (e.g. name, address, email), the visitor must be informed in the privacy policy about how this data will be used. For this reason, each form must be equipped with a checkbox, which only allows the input to be sent after the user has activated/accepted it.

The text for the declaration of consent, as well as for the data protection declaration, can easily be stored in the KundenMeister.

Is it necessary to obtain an additional “permission” for existing contacts to continue receiving newsletters?

No, even previously validly obtained consent does not lose its validity. However, you must have proof of consent (e.g.: in written form or by means of digital recordings).

For example, if you do not have valid consent from interested parties, you may no longer send e-mails to them. Since every data processing must be based on a valid legal basis, data must be deleted immediately if no valid consent is available.

How can I store a consent text and a data protection declaration for forms in the KundenMeister?

To store the necessary data protection settings in KundenMeister, click on Master Data – Data Protection. Here you must first activate the application in general and enter the name of your data protection settings (e.g. name of the form for which you are creating the consent text). Then you can either define an individual consent text for your checkbox yourself or adapt the variant we suggest accordingly (e.g.: addition of the company name, newsletter topic, etc.).

In a further step, the data protection declaration must be filed. You can insert this as text in the KundenMeister or – if there is already an existing page with your data protection regulation – link it externally. On request, we will also be happy to create a suitable data protection declaration for you.

Finally, you have to activate the checkbox and specify the forms for which the consent and privacy policy should apply.

How can I create a processing directory in KundenMeister?

It is recommended that every company has a processing directory, i.e. a directory of all processing operations in the company. This processing directory should provide information about the data processing processes in the company and should be created in writing, at best electronically. Information such as the purpose of the data processing, the recipients, the intended storage period etc. should be defined for all data in the company.

In the KundenMeister you can store all necessary information for your contact groups under Master Data – Data Protection – Processing Directory. To do so, double-click on the respective column and add your details or, in the case of personal data transferred to third countries, activate the corresponding checkbox. Then select the storage period and enter a general description of the technical and organizational measures for data processing security.

In addition to the processing operations in KundenMeister, you can also add further lines to this processing directory yourself in order to record processing operations of your company that take place outside of it.