Timber Across the Generations

Data Protection

I. Name & Address of Data Controller

The data controller within the meaning of the General Data Protection Regulation (GDPR) is:

Alpenholz Metzler Handels-GmbH & Co KG, Konrad-Doppelmayr-Straße 15, 6922 Wolfurt, Austria
Tel. +43 5574 629 66
office@alpenholz-metzler.at

II. General Information on Data Processing

1. Scope of Processing of Personal Data
Our processing of our users’ personal data is limited to the data required to provide a functioning website as well as our content and services. The personal data of our users is only processed for the purposes agreed with them or if there is another legal basis (in the sense of the GDPR). Only such personal data are collected that are actually necessary for the implementation and processing of our tasks and services or that you have made available to us voluntarily.

2. Your Rights (Data Subject Rights)
You have the right to request information about your personal data processed by us. In particular, you can obtain information about the processing purposes, the categories of personal data, the categories of recipients to whom your data was or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, data portability (provided data portability would not constitute a disproportionate effort), the origin of your data, if they were not collected from us, and the existence of automated decision-making including profiling.

You also have the right to revoke any consent you may have given to the use of your personal data at any time.

If you are of the opinion that the processing of your personal data by us contradicts the applicable data protection regulations, you have the option of complaining to the data protection office.

III. Description & Scope of Data Processing

1. Provision of the Website
Each time our website is accessed, our web server automatically records data and information from the computer system of the accessing computer in so-called server log files. The following data is collected here:

Browser type and browser version
Operating system used
Referrer URL
IP address/host name of the accessing computer
Time of server request
This data cannot be assigned to specific persons on our part. We store this information for a maximum period of 30 days. This storage takes place for reasons of data security in order to guarantee the stability and operational security of our system.

2. Cookies
We use cookies on our website to make our offer user-friendly. Cookies are small files that your browser creates automatically and that are stored on your end device (laptop, tablet, smartphone, etc.) when you visit our website. These cookies remain stored until you delete them. This enables us to recognise your browser again on your next visit.

If you do not want this, you may configure your browser to inform you about the setting of cookies so that you may give your consent on a case-by-case basis. However, we would like to point out that a deactivation means that you cannot use all the functions of our website.

The legal basis for the data processed by cookies is Article 6 Paragraph 1 Sentence 1 lit. f GDPR.

The cookies remain valid for an indefinite period and are then deleted by your browser.

In our cookie notice you will find a list of all cookies, sorted by function and explained in detail. You can customise your settings and allow or reject only the necessary cookies or all cookies (including statistics, marketing, etc.).

3. Web Analytics
“Google Analytics”, a web analytics service provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94.043 USA, is used on our website to evaluate website usage. Google Analytics uses cookies (see Point 5.), which are stored on your computer.

The information contained therein about the website and internet use of the visitor can be processed and evaluated by Google. The data collected by Google may be transmitted by Google to countries outside the EU and the EEA, in particular the USA. However, Google has submitted to the Privacy Shield Framework. You can find more information about your rights under http://ec.europa.eu/justice/dataprotection/document/citizens-guide_en.pdf.

We also use “Google Signals”. Google uses so-called “Cross Device Tracking”. This means that website visits by a single visitor with different end devices can be assigned to this one visitor, provided that he has logged into a Google service during the sessions and at the same time has activated the “Personalised Advertising” option in his Google account settings. This does not give us access to any personal data or user profiles. If you do not wish to use “Signals”, you can deactivate the “Personalised Advertising” option in your Google account settings.

In addition, we ensure that your IP address is anonymised before it is transmitted to Google.

The legal basis for the use of Google Analytics is Article 6 Paragraph 1 Sentence 1 lit. f GDPR.

4. Web Tracking
4.1 Google Remarketing
This website uses the remarketing function of Google Inc. The function is used to present interest-based advertisements to website visitors within the Google advertising network. A so-called “cookie” is stored in the browser of the website visitor, which makes it possible to recognise the visitor when they access websites that belong to the Google advertising network. On these pages, the visitor can be presented with advertisements that relate to content that the visitor has previously accessed on websites that use Google’s remarketing function.

According to its own statements, Google does not collect any personal data during this process. If you still do not wish to use Google’s remarketing function, you can always deactivate it by making the appropriate settings at http://www.google.com/settings/ads. Alternatively, you can disable the use of cookies for interest-based advertising through the Ad Network Initiative by following the instructions at networkadvertising.org/managing/opt_out.asp.

5. Forms & email contact
If you fill out a contact form or send us an email or other electronic message, your details will only be saved for processing the request, any further questions related to it, and only used within the scope of the request.

The legal basis for processing your request is Article 6 Paragraph 1 Sentence 1 lit. b GDPR.

We will delete your email address after your request has been processed.

6. Newsletter
If you would like to receive the newsletter offered on the website, we need an email address from you as well as information that allows us to verify that you are the owner of the provided email address and that you agree to receive the newsletter.

We use the so-called double opt-in procedure to ensure that the newsletter is sent in a consensual manner. In the course of this, the potential recipient can be included in a mailing list. The user then receives a confirmation email with the opportunity to confirm the registration in a legally secure manner. The address will only be actively included in the mailing list if the confirmation is received.

We use this data exclusively for sending the requested information and offers.

We use the MailChimp service from Intuit Inc. based in the USA (hereinafter: “MailChimp”) to send our newsletter. MailChimp processes and stores on our behalf, in addition to your email address, the data mentioned here and under “Data Processing on the Website” for the purpose of sending the newsletter and the corresponding evaluation. The data processing by MailChimp takes place on servers in the USA, among other places.

The legal basis for using MailChimp is your consent in accordance with Article 6 Paragraph 1 Sentence 1 lit. a.

MailChimp’s privacy policy can be found at https://mailchimp.com/legal/privacy/. Further information on the GDPR, cookies etc. in connection with MailChimp can be found at https://mailchimp.com/de/gdpr/.

Please note regarding the processing of your data, collected on this website, by MailChimp in the USA: By consenting to the dispatch of our newsletter via the MailChimp service, you also consent to your data being processed in the USA. The USA is rated by the European Court of Justice as a country with an insufficient level of data protection according to EU standards. In particular, there is a risk that your data may be processed by US authorities for control and monitoring purposes, possibly without the possibility of legal redress. If you have not registered for our newsletter, the transmission described above will not take place.

7. Use of Social Media Plugins
No social media plugins are used – there is only a link to the social media presence of Facebook.

IV. Data Security

1. SSL Encryption
While visiting the website, we use the widespread TLS procedure in connection with the highest level of encryption supported by your browser. You can tell whether an individual page of our website is transmitted in encrypted form by the closed representation of the key or lock symbol in the address bar of your browser.

In addition, we use other suitable technical and organisational security protocols to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security protocols are continuously improved in line with technological developments.

2. Emails sent to us
We draw your attention to the fact that – subject to an explicit agreement and configuration – emails are sent to us unencrypted.