Skip to content

Privacy Policy

We take the protection of your personal data very seriously and treat the data confidentially and according to the legal data protection regulations.

Personal data is information that identifies you, such as your name, address, e-mail address and telephone number.

You can use our website without providing personal data. Insofar as personal data is collected, this is always done on a voluntary basis. Without your express consent, your data will not be disclosed to third parties.

The personal data will be used for the execution of our services, services and user services.

Unfortunately, data transmission on the Internet (e.g. e-mail communication) can also have security gaps, so complete protection of data is not possible. We always strive to keep data transmission as secure as possible.

Cookies

Cookies are used on our website. Cookies are small text files that your web browser saves and that are stored on your terminal device. They do not cause any damage and are virus-free.

Their purpose is to make our offer user-friendly and effective.

After your visit, so-called “session cookies” are automatically deleted. Other cookies remain stored on your terminal device until you delete them. These help us to recognize your web browser the next time you visit our website.

You can also disable cookies in your web browser, but this may limit the functionality of our website. You can also set your web browser so that you are informed when cookies are set and also allow cookies only in individual cases.

Server log files

Server log files are information that your browser automatically sends to us and that are stored by us and the data can not be assigned to specific persons. If a concrete suspicion of illegal use becomes known, we reserve the right to check the data subsequently.

Server log files are: the operating system used, the browser type and browser version, the referrer URL, the host name of the accessing computer and the time of the server request.

SSL encryption

We use SSL encryption on our website. For security reasons and to protect the transmission of confidential data, such as requests you send to us. You can recognize SSL encryption by the fact that “https://” appears in front of “www” instead of “http://” in the address line of your browser and by the green lock symbol in your browser line.

The SSL encryption is used to ensure that your transmitted data is safer from unauthorized access by third parties.

Web analysis

With your consent, we use the open source software Matomo to analyze and statistically evaluate the use of the website. Cookies are used for this purpose. The information about website usage obtained in this way is transmitted exclusively to our servers and summarized in pseudonymous usage profiles. We use the data to evaluate the use of the website. The data collected is not passed on to third parties.

The IP addresses are anonymized (IP masking), so that an assignment to individual users is not possible.

The processing of the data is based on Art. 6 para. 1 p. 1 lit. a DSGVO. We thereby pursue our legitimate interest in optimizing our website for our external presentation.

You can revoke your consent at any time by deleting the cookies in your browser or changing your privacy settings.

Data storage in M365 (cloud storage):
Microsoft Corporation: One Microsoft Way, Redmond, WA 98052-6399, USA, website: www.microsoft.com/, privacy policy: https://privacy.microsoft.com/de-de/privacystatement

a) Type and scope of data processing
M365 applications such as SharePoint, OneDrive or Teams make it possible to store data and share it with other users. This makes it possible to work together on documents and exchange ideas using the comment function. For example, OneDrive can store files, share them with others, and access them from any device connected to the Internet.

The scope of data processing depends on which data contained in the documents is shared and processed.

b) Legal basis for data processing:
If the data processing mentioned is related to the establishment, implementation or termination of an employment relationship, Section 53 KDG serves as the legal basis. When processing your personal data that is necessary to fulfill a contract concluded with us or an existing contractual relationship, Section 6 Paragraph 1 Letter c KDG serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.

If personal data is processed when sharing/editing documents that is not necessary for the establishment, implementation or termination of the employment relationship, but is nevertheless an essential part of its use, Section 6 (1) (g) KDG is the legal basis for the processing of your data. In these cases, our interest is in the effective storage and joint processing of documents that are relevant for the joint collaboration.

c) Storage period
We generally delete your personal data if there is no need for further storage. A requirement may exist in particular if the data is still needed to fulfill contractual services, to check and grant or ward off warranty and, if applicable, guarantee claims. In the case of statutory retention obligations, deletion will only be considered after the respective retention obligation has expired.

Amazon Web Services (cloud storage), Inc.: 410 Terry Avenue North, Seattle WA 98109 United States; Website: https://aws.amazon.com/; Privacy Policy: https://aws.amazon.com/privacy/

CleverReach / Newsletter provider

This website uses CleverReach to send bimail. The provider is CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede. CleverReach is a service with which the bimail dispatch is organized and analyzed. The data you enter for the purpose of receiving newsletters (e.g. e-mail address) is stored on CleverReach’s servers in Germany or Ireland.

Our bimails sent with CleverReach allow us to analyze the behavior of newsletter recipients. Among other things, we can analyze how many recipients have opened the newsletter message and how often which link in the newsletter was clicked. With the help of so-called conversion tracking, it can also be analyzed whether a predefined action (e.g. opening the link) has taken place after clicking on the link in the newsletter. Further information on data analysis by.

If you do not want any analysis by CleverReach, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in each newsletter message.

The processing of the data entered in the newsletter registration form is based exclusively on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the “unsubscribe” link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.

The data you provide for the purpose of receiving the newsletter, except for your e-mail address, will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and will be deleted after you unsubscribe from the newsletter. Data stored by us for other purposes remains unaffected.

Data protection information from CleverReach: https://www.cleverreach.com/en-de/privacy-policy/

Use of PayPal as a payment method

Should you decide to pay with the online payment service provider PayPal as part of your donation/purchase, your contact details will be transmitted to PayPal as part of the order triggered in this way. PayPal is an offer of PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg. PayPal assumes the function of an online payment service provider as well as a trustee and offers buyer protection services.

The personal data transmitted to PayPal are mostly first name, last name, address, telephone number, IP address, e-mail address, or other data required for the processing of donations, as well as data related to the donation.
This transmission is necessary for the processing of your donation with the payment method selected by you, in particular for the confirmation of your identity, the administration of your payment and the customer relationship.

Please note, however, that PayPal may also disclose personal data to service providers, subcontractors or other affiliated companies if this is necessary to fulfill the contractual obligations arising from your order or if the personal data is to be processed on your behalf.

Depending on the payment method selected via PayPal, e.g. invoice or direct debit, the personal data transmitted to PayPal will be transmitted by PayPal to credit agencies. This transmission serves to check your identity and creditworthiness in relation to the donation you have made. Which credit agencies are involved and which data is generally collected, processed, stored and passed on by PayPal can be found in PayPal’s privacy policy at https://www.paypal.com/de/webapps/mpp/ua/privacy-full.

Use of invoice with Klarna as payment method

If you choose to pay by invoice with Klarna as part of your purchase, your contact information will be transmitted to Klarna as part of the order triggered in this way. Invoice with Klarna is an offer of Klarna Bank AB, Sveavägen 46, 111 34 Stockholm, Sweden, hereinafter referred to only as “Klarna”.

As soon as you complete the order in our online store, the data you enter in the input fields will be processed by Klarna on its own responsibility to process the payment.

In the case of the offered payment method purchase on account, the following personal data in particular will be processed by Klarna for the purpose of payment processing as well as for identity and creditworthiness checks:

– Contact information, such as names, addresses, date of birth, gender, email address, phone number, mobile phone number, IP address, etc.
– Order processing information, such as product type, product number, price, etc.
– Payment information, such as debit and credit card details (card number, expiry date and CCV code), billing details, account number, etc.

In case you select the payment method purchase on account with Klarna, Klarna collects and uses personal data and information about your previous payment behavior to decide whether to grant you the desired payment method. In addition, probability values for your future payment behavior (so-called scoring) are used. The scoring is calculated on the basis of scientifically recognized mathematical-statistical methods.

Klarna provides further information about the aforementioned processing as well as the applicable data protection provisions at https://cdn.klarna.com/1.0/shared/content/legal/terms/0/en_gb/privacy.

Use of credit card as payment method

Should you decide to pay by credit card as part of your donation/purchase, your contact details will be transmitted to Card Complete as part of the order triggered in this way. Card Complete is an offer of card complete Service Bank AG, Lassallestraße 3, 1020 Vienna, Austria. Card Complete assumes the function of an online payment service provider that enables cashless payment for products and services on the Internet.

The personal data transmitted to Card Complete is mostly first name, last name, address, telephone number, IP address, e-mail address, or other data required for the processing of donations, as well as data related to the donation.

This transmission is necessary for the processing of your donation with the payment method you have selected, in particular for the confirmation of your identity, the administration of your payment and the customer relationship.

However, please note: Card Complete may also disclose personal data to service providers, subcontractors or other affiliated companies to the extent necessary to fulfill the contractual obligations arising from your order or to process the personal data on your behalf.
Under certain circumstances, the personal data transmitted to Card Complete will be transmitted by Card Complete to credit reporting agencies. This transmission serves to check your identity and creditworthiness in relation to the donation you have made.

You can find out which data protection principles Card Complete uses as a basis for processing your data in the data protection notices displayed to you by Card Complete during the payment process.
You can find out which data is generally collected, processed, stored and passed on by Card Complete in the data protection declaration of Card Complete at https://www.cardcomplete.com/en/private-customers/data-protection/?set_language=en.

Use of EPS bank transfer as payment method

Should you decide to pay with EPS-Überweisung in the course of your donation/purchase, your contact details will be transmitted to PSA in the course of the order triggered in this way.

EPS-Überweisung is an offer of PSA Payment Services Austria GmbH, Handelskai 92, Gate 2, 1200 Vienna, Austria. PSA Payment Services Austria GmbH assumes the function of an online payment service provider, which enables cashless payment of products and services on the Internet.

The personal data transmitted to PSA is mostly first name, last name, address, telephone number, IP address, e-mail address, or other data required for the processing of donations, as well as data related to the donation.

This transmission is necessary for the processing of your donation with the payment method you have selected, in particular to confirm your identity, to administer your payment and the customer relationship.

Please note, however: Personal data may also be transferred by PSA to service providers, subcontractors or other affiliated companies to the extent necessary to fulfill the contractual obligations arising from your order or to process the personal data on your behalf.

Under certain circumstances, the personal data submitted to PSA will be transmitted by PSA to credit agencies. This transmission serves to check your identity and creditworthiness in relation to the donation you have made.

You can find out which data protection principles PSA uses as a basis for processing your data in the data protection notices displayed to you by PSA during the payment process.
You can find out which data is generally collected, processed, stored and passed on by PSA in Card Complete’s data protection declaration at https://eps-ueberweisung.at.

Presence in social media

We maintain online presences within social networks and process user data in this context in order to communicate with users active there or to offer information about us.

We would like to point out that user data may be processed outside the European Union. This may result in risks for the users because, for example, it could make it more difficult to enforce the rights of the users.

Furthermore, user data is usually processed within social networks for market research and advertising purposes. For example, usage profiles can be created based on the usage behavior and resulting interests of the users. The usage profiles can in turn be used, for example, to place advertisements within and outside the networks that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the users’ computers, in which the usage behavior and interests of the users are stored. Furthermore, data independent of the devices used by the users may also be stored in the usage profiles (especially if the users are members of the respective platforms and are logged in to them).

For a detailed presentation of the respective forms of processing and the options to object (opt-out), we refer to the data protection declarations and information provided by the operators of the respective networks.

In the case of requests for information and the assertion of data subject rights, we also point out that these can be asserted most effectively with the providers. Only the providers have access to the users’ data and can take appropriate measures and provide information directly. If you still need help, then you can contact us.

Facebook: We are jointly responsible with Meta for collecting (but not further processing) data from visitors to our Facebook page (so-called “fan page”).

This data includes information about the types of content users view or interact with, or the actions they take (see under “Things You and Others Do and Provide” in the Meta Data Policy: https://www.facebook.com/policy), as well as information about the devices users use (e.g., IP addresses, operating system, browser type, language settings, cookie data; see under “Device Information” in the Meta Data Policy: https://www.facebook.com/policy). As explained in the Meta Data Policy under “How do we use this information?”, Meta also collects and uses information to provide analytics services, called “page insights,” to page operators to provide them with insights into how people interact with their pages and with content associated with them.

Types of data processed: contact data (e.g., email, phone numbers), content data (e.g., input in online forms), usage data (e.g., web pages visited, interest in content, access times), meta/communication data (e.g., device information, IP addresses).
Data subjects: Users (e.g., website visitors, users of online services).
Purposes of processing: contact requests and communication, feedback (e.g. collecting feedback via online form), marketing.
Legal basis: Legitimate interests (Art. 6 para. 1 p. 1 lit. f. DSGVO).

Services used and service providers:

Instagram: social network; parent company: Meta Platforms, Inc, 1 Hacker Way, Menlo Park, CA 94025, USA; website: https://www.instagram.com; Privacy Policy: https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect.
Facebook: Social network; parent company: Meta Platforms, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA; Privacy Policy: https://www.facebook.com; Policy policy: https://www.facebook.com (login to Facebook is required).
YouTube: Social network and video platform; service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Privacy Policy: https://policies.google.com.

Your rights

You have the rights to erasure, information, rectification, restriction, data portability, revocation and objection. If you believe that the processing of your data violates data protection law, or your data protection rights have been violated in any way, you can complain to the data protection authority.

We strive to make the privacy policy as simple and understandable as possible.

Contact details

As there is no legal requirement, no data protection officer has been appointed. To exercise your rights, please contact:

ELIJAH. P. Georg Sporschill SJ. Soziale Werke
Lagergasse 1/4, 1030 Vienna, Austria
Tel: +43 1 952 60 00
E-Mail: office.wien@elijah.ro