2. Responsible Organization
Below you can find the contact information regarding the controllor of processing as well as the data protection manager.
GF Arch. Mag. arch. Stephan Ferenczy / BEHF Ebner Hasenauer Ferenczy ZT GmbH
Kaiserstrasse 41, 1070 Vienna, Austria
T +43 1 524 17 50-0
F +43 1 524 17 50-20
3. Safety Precautions
We take organizational, contractual and technical safety precautions according to the state of the art to make sure to comply with formalities of the data protection laws as well as protection of the data used by us against incindental or deliberate manipulation, loss, destruction or unauthorized access.
The safety measures notably include the encrypted transmission of all data between your browser and our server.
4. Information Disclosure involving third parties
Personal data will only be transferred to third parties if it is necessary – for instance if required for contractual purposes in accordance to DSGVO Art. 6 para1 lit. b, or on the basis of legitimate interests of economic and efficient operations for our business in accordance to DSGVO Art. 6 para. 1 lit. f.
While commissioning subcontractors to provide our services, we take legal precautions as well as technical and organizational measurements to ensure the safety of personal data in accordance with the data protection law.
When contacting us (via mail) the users information regarding the processing of your contact request will be used in accordance to DSGVO Art. 6 para. 1lit.b.
6. Survey of Access Data and Logfiles
We collect data on the basis of legitimate interests in accordance to DSGVO Art. 6 para. 1 lit. f. about every access to the server in service (so-called server log files). The access data include the name of the requested website, data file, date and time of access, transferred amount of data, message about successful call, browser type version, the users` operating system, referrer URL (previously visited page), IP-address as well as the requesting provider.
For safety reasons (f.e. for the purpose of clearing up misuse or fraud in connection with the access) log file informations are stored for a maximum of seven days and deleted afterwards.
Data, for which a storage for evidence is neccessary, is excluded from erasure until clarification of the incident.
7. Cookies & Range-Measurement
Cookies consist of information, which are transferred from our own or a third parties‘ server to the users browser , where they are stored for a later retrieval. Cookies can be small files or similar types of information storage.
We use session-cookies, which are only active for the duration of the current visit on one of our websites (f.e. to save log-in files or basket functions, hence making the use of our online services possible)
In a session cookie a randomly generated and unique identification number is stored, a so-called session-ID. Furthermore the cookie contains information about its origins and storage period – they are not able to secure any other data. The deletion of the session-cookie will take place, when the usage of our online services is completed f.e. a logging-off is performed or the browser is closed.
If the storage via cookie on their computer is not desired by the user, they are asked to deactivate the corresponding option in their browser system settings. Secured cookies can be deleted in their browser system settings. The exclusion of cookies can lead to functional restrictions regarding our online services.
Following cookies are used on the BEHF Architects website:
|Cookie name||Category of data||Purpose of cookie||Storage period|
|_ga||Serves as differentiation between users||Google Analytics||2 years|
|_gid||Serves as differentiation between users||Google Analytics||24 hours|
|_gat||Used to reduce the request rate||Google Analytics||1 minute|
8. Google Analytics
Google is certified in accordance with the privacy-shield agreement which guarantees to abide the European data protection law.
For further details please click here: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
On our account Google will use this information to evaluate the usage of our online services by users, to compile reports about activities within our online services and to perform further services associated with usage of our online services and internet use. Thereby processed data can be used to create user profiles by using pseudonyms.
We only use Google Analytics with activated IP anonymisation. This means, that the user‘s IP adress will be shortened within the Member States of the European Union or in different Contracting States, which are parties to the Agreement on the European Economic Area.
Only in exceptional cases the full IP address will be transmitted and shortened on a Google server in the US.
The user’s transmitted IP address will not be merged with other data from Google. The user can prevent the storage of the cookie through deactivating the corresponding option in their browser system settings. In addition to that, the user has the possibility to prevent data capture through the cookie, so that no data will be processed by Google, by downloading and installing this Browser-Plugin available following this link: http://tools.google.com/dlpage/gaoptout?hl=de.
Further information on data usage by Google, settings and possibility to appeal can be found on the following websites:
Google: https://www.google.com/intl/de/policies/privacy/partners („data usage by Google, when using one of our websites or apps of our partners“, http://www.google.com/policies/technologies/ads („data usage for advertising purposes“), http://www.google.de/settings/ads („administer information used by Google to display ads“).
9. Third Party Services and Content
Based on our legitimate interest (interest of analysis, economic and efficient operations for our online services in accordance to DSGVO Art. 6 para. 1 lit. f.) we use third party content offerings and services to corporate their content offerings and services, for instance corporating videos and fonts (throughout consistently used as content). This assumes that third parties of this content use the user’s IP-address because the content can’t be sent to the browser without an IP-address. Therefore an IP-address is needed for displaying content. We endeavour to only use content, where the provider merely uses an IP-address for delivering content. Third parties can use so called Pixel-Tags (invisible graphics or code, also known as „Web Beacons“) as well for statistical or marketing purposes. With the help of „Pixel-Tags“ information like traffic of visitors can be analyzed on subsites of the website. The pseudonymous data can be stored in cookies on the user’s device and include technical information about the browser and operating system, referring websites, time of access, as well as further information about usage of our online services. This information is used to be connected with other information from different sources.
10. User Rights
Upon request users have the right to receive information on the stored personalised data free of charge.
Further users have the right on rectification of incorrect data, limitations of processing and deletion of personalised data if they assert their rights to data portability and lodge a complaint with the competent regulatory authority in the event of unlawful processing.
Likewise, users can revoke consent generally with implications for the future.
11. Deletion of Data
The deletion of data secured by us takes place, when it is no longer required for its intended purpose and provided that there are no statutory storage obligations objecting to the erasure. If a user’s data is not deleted, because it is needed for other legal purposes, the processing will be limited. This means that the data will be locked and not be used for other purposes, which applies to user data which has to be stored on the basis of commercial or fiscal reasons.
In principle, the storage of the data takes place for up to 10 years.
14. Right of Objection
Users have the right to object future processing of their personalised data at any time according to legal guidelines.
Especially an objection to processing data for direct advertising can be made.