1. Personal data 

In the course of our business consulting activities, DealWerk GmbH (hereinafter referred to as "we", "us" or "our"), as the responsible party within the meaning of Art 4 no. 7 of the EU General Data Protection Regulation (Datenschutzgrundverordnung) 2016/679 (hereinafter referred to as "GDPR"), processes personal data of you and/or of your employees and/or your bodies (hereinafter collectively also referred to as "you", or "your"). 

We process your personal data in accordance with the applicable data protection laws. This privacy policy informs you about the details of data processing. 

Personal data within the meaning of the GDPR are all data that contain individual information about personal or factual circumstances, e.g. name, address, email address, telephone number, date of birth, age, gender, video recordings, photos, etc.

Generally, we may not be able to fully perform our contractual obligations or even enter into a contract with you, if such data is not provided. 

​​

2. Data use

Within our company employees will have access to your data as required for them to perform their or our contractual and/or legal duties or to protect our legitimate interests.

We process your data for the following purposes and on the basis of the legal grounds: 

Contract performance: 

We process the data of our contractual partners (clients, suppliers, etc.) for the purposes of contract performance - i.e. for the provision of our consulting services or other contractually agreed services. Such processing is carried out on the legal basis of Art 6 para. 1 lit b GDPR (contract performance). 

Fulfillment of legal obligations: 

Moreover, we process personal data in order to fulfill our legal obligations (e.g. obligations of the Federal Fiscal Code) These processing operations are carried out on the legal basis of Art 6 para. 1 lit c GDPR (legal obligation). 

Business Management: 

We also process your data in the context of our administration and management (e.g. accounting, customer database). These processing operations are carried out on the basis of our legitimate interest in proper and efficient management and in managing and optimizing the selection of our contractual partners and thus on the legal basis of Art 6 para. 1 lit f GDPR. 

Client management and marketing: 

Finally, we process personal data of current, former and potential customers and their employees for the purposes of customer management and marketing. This processing is carried out on the basis of our legitimate interest in maintaining and cultivating existing and former customer contacts as well as the acquisition of new customers and thus on the legal basis of Art 6 para. 1 lit f GDPR.
‍

3. Transmission of data to third parties 

In order to fulfill your order, it may be necessary to pass on your data to the varies recipients: e.g. providers of virtual data rooms, law firms, notaries, tax advisors, financial consultants and other advisors.

Your data will be forwarded exclusively on the basis of the GDPR, in particular to fulfil your order or on the basis of your prior consent.

It is possible that some of the above-mentioned recipients of your personal data are located outside of your country or that these recipients process your personal data there. 

‍‍

4. Data security

Your personal data is protected by appropriate organizational and technical safeguards. These safeguards relate in particular to protection against unauthorized, illegal or even accidental access, processing, loss, use and manipulation. 

Notwithstanding our efforts to maintain an appropriately high level of care at all times, it cannot be ruled out that information you disclose to us via the Internet may be viewed and used by other persons. 

Please note that we therefore accept no liability for the disclosure of information due to errors in data transmission not caused by us and/or unauthorized access by third parties (e.g. hacking attack on e-mail account or telephone, interception of faxes).

Disclosure of Data Breaches:

We strive to ensure that data breaches are identified at an early stage and, if necessary, reported to you or the relevant supervisory authority without delay, including the respective categories of data affected.
‍

5. Data retention

We will not retain data longer than necessary to fulfill our contractual or legal obligations and to defend against any liability claims. I.e. we will keep your data until the contractual relationship is fulfilled or terminated. In addition, we are subject to storage obligations, according to which data must also be stored beyond the end of the contractual relationship, such as due to storage periods under tax law. 

Furthermore, we may retain your data as long as legal claims can be asserted in connection with your contract.

In addition, we retain your data beyond the contractual relationship as part of our customer database and for customer management purposes. We will delete your data if you object to such data processing or if there has been no business contact with you for two years. 
‍

6. Cookies, server log files

Our website uses "cookies" to make our services more user-friendly, effective and secure. A "cookie" is a small text file that we transfer via our web server to the cookie file of the browser on the hard drive of your computer. This enables our website to recognize you as a user when a connection is established between our web server and your browser. Cookies help us to determine the frequency of use and the number of users of our web pages. The content of the cookies we use is limited to an identification number that no longer allows any personal reference to the user. The main purpose of a cookie is to recognize visitors to the website. 

Two types of cookies are used on this website:
‍Session cookies: these are temporary cookies that remain in the cookie file of your browser until you leave our website and are automatically deleted at the end of your visit.
Persistent cookies: for a better user experience, cookies remain stored on your terminal device and allow us to recognize your browser the next time you visit.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, as well as activate the automatic deletion of cookies when closing the browser. If you disable cookies, the functionality of this website may be limited. 

Server log files: 

In order to optimize our website in terms of system performance, user-friendliness and provision of useful information about our services, the website provider automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. This includes your Internet Protocol address (IP address), browser and language setting, operating system, referrer URL, your Internet service provider and date/time. 

We do not merge this data with personal data sources. We reserve the right to check this data retrospectively if we become aware of specific indications of unlawful use.

 

‍7. Information and deletion

The GDPR grants you as a data subject certain rights, to which we hereby draw your attention. These rights complement each other, so that you can, for example, only request either the correction or completion of your data or its deletion.

Withdrawal of consent: 

If we process your personal data based on your consent, you are entitled to revoke your consent at any time. However, this does not affect the lawfulness of the processing carried out up to the time of the revocation. 

Right to information: 

You can request information on the origin, categories, storage period, recipients, the purpose of the data we process about you and the nature of its processing. 

Right to rectification and deletion: 

If we process data about you that is inaccurate or incomplete, you may request that it be corrected or completed. You may further request the deletion of unlawfully processed data. 

Right to restriction of processing: 

If it is unclear whether the data processed about you are inaccurate, incomplete or processed unlawfully, you may request the restriction of the processing of your data until the final clarification of this issue. 

Right to object: 

Even if the data relating to your person is correct and complete and is processed by us lawfully, you may object to the processing of this data. However, this will only be the case in special situations to be justified by you. 

Right to data portability: 

You may receive the data processed by us concerning your person, which we have received from you ourselves, in a machine-readable format determined by us or instruct us to transfer this data directly to a third party chosen by you, provided that this recipient enables us to do so from a technical point of view and that the transfer of the data is not prevented by unreasonable expense or by legal or other obligations of secrecy or confidentiality considerations on our part or on the part of third parties. 

Right of complaint: 

Furthermore, you are entitled to file a complaint with the data protection authority if you believe that the processing of your personal data violates the GDPR. 
‍

8. Person responsible for the processing of your data 
The protection of your data is important to us. We can be reached at the contact details below for your questions or request for revocation.

‍

DealWerk GmbH

Address: Fleischmarkt 1/6/12, 1010 Vienna, Austria 

e-mail: office@deal-werk.com

​