Privacy Policy

We, b.zero GmbH, are delighted that you have visited our website www.bzero.at. Protecting your data and privacy is very important to us. The processing of personal data is always carried out in accordance with the General Data Protection Regulation (GDPR) and in compliance with the country-specific data protection regulations applicable to us (in particular the Austrian Data Protection Act, DSG). With this privacy policy, we would like to inform you about the type, scope and purpose of the personal data we process and explain your rights.

1. General

The privacy policy of b.zero GmbH is based on the terminology of the GDPR.

‘Personal data’ is any information relating to an identified or identifiable natural person (hereinafter referred to as ‘data subject’).

‘Non-personal data’ is anonymised and is information that cannot be traced back to data subjects under any circumstances.

‘Data subject’ is any identified or identifiable natural person whose personal data is processed by the controller.

‘Processing’ means any operation or set of operations which is performed on personal data, whether or not by automated means.

‘Controller’ or ‘data controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

‘Third party’ means any natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

‘Consent’ means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

2. Name and address of the controller

b.zero GmbH
BEST RESOURCE RECOVERY TECHNOLOGY
Walter-Simmer-Straße 4
A-5310 Mondsee
info@bzero.at

3. Data protection officer

If you have any questions about data protection or wish to exercise your rights under the GDPR, you can contact our data protection officer at any time:

Email: datenschutz@bwt.com

4. Processing of personal data

4.1. Visiting our website

4.1.1. Description and scope of data processing

When you visit our website, your browser transmits the following data to our server for technical reasons (so-called server log files):

  • IP address
  • Date and time of the request
  • Content of the request (specific page)
  • Operating system and its access status / HTTP status code
  • Amount of data transferred
  • Website from which the request originates (‘referrer URL’)
  • Browser, language and version of the browser software

4.1.2. Purpose of data processing

The storage of this data in log files is necessary for the provision of the website.

4.1.3. Legal basis for processing

We collect this data on the basis of our legitimate interest within the meaning of Art. 6 (1) lit. f) GDPR in order to be able to display our website and ensure its security.

4.1.4. Duration of storage

Information in the log files is stored for security reasons (e.g. to investigate misuse or fraud) for a period of seven days and then deleted.

4.1.5. Right to object and right to erasure

The collection of data for the provision of the website and its storage in log files is essential for technical reasons. Consequently, there is no right to object on the part of the user.

4.2. Contact form and email contact

4.2.1. Scope of data processing

You have the option of sending us an email via our website. If you use this option, the data you provide, such as your name, email address and your message, will be processed. The data will be used exclusively for processing the conversation and handling your request.

4.2.2. Purpose of data processing

The processing of personal data serves solely to handle your contact request.

4.2.3. Disclosure

Your data and your message will be processed by technical service providers outside the European Union with whom an agreement has been concluded in accordance with Art. 28 GDPR or who are subject to the level of protection provided by the EU-US Data Privacy Framework.

Processing by: Microsoft Ireland Lt. One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland.

Your data and your message may also be processed within the BWT Group, whereby the purpose of the processing remains unaffected. The processing is governed by an agreement in accordance with Art. 28 GDPR.

4.2.3. Legal basis for processing

When contacting us, the user’s details are processed for the purpose of handling the contact request and its processing in accordance with Art. 6 (1) lit. b) GDPR (performance of a contract or pre-contractual measures).

4.2.4. Duration of storage

The data will be deleted as soon as it is no longer necessary for the purpose for which it was collected. This is the case when it can be inferred from the circumstances that the matter in question has been conclusively clarified.

4.2.5. Right to object and right to erasure

You have the right to withdraw your consent to the processing of your personal data at any time. If you contact us by e-mail, you can object to the storage of your personal data at any time. In such a case, the conversation cannot be continued. To do so, please send us an e-mail to info@bzero.at

4.3. Web analytics

4.3.1. Web analytics tools Google Analytics

Our website uses Google Analytics 4, a web analytics service provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google Analytics enables us to analyse the behaviour of website visitors and optimise our content.

4.3.2. Type of data collected

During your visit to our website, the following data, among other things, is collected:

  • Pages viewed and interactions (e.g. clicks, scroll depth)
  • Time spent on individual pages
  • Source of your visit (e.g. via search engines or links)
  • Technical information (browser type, operating system, screen resolution)
  • IP address (anonymised)
  • Randomly generated user ID for recognition

4.3.3. IP anonymisation

The IP address is anonymised before being transmitted to Google. This means that it cannot be clearly assigned to your person.

4.3.4. Data processing and transmission

The collected data is processed on Google’s servers, some of which are located in the United States. Google is certified under the EU-US Data Privacy Framework, which ensures an adequate level of data protection.

4.3.5. Storage period

User-related data is automatically deleted after 14 months. Aggregated data may be stored for longer.

4.3.6. Legal basis

Processing is based on your consent in accordance with Art. 6 (1) (a) GDPR, which you can give via our cookie banner.

4.3.7. Right to object

You can object to the collection of your data by Google Analytics at any time:

  • By rejecting it in the cookie banner
  • By installing the browser add-on to deactivate Google Analytics

4.3.8. Order processing

A contract for order processing has been concluded with Google in accordance with Art. 28 GDPR.

5. Data security

In accordance with Art. 32 GDPR, we take technical, contractual and organisational measures to ensure state-of-the-art data processing security in order to guarantee a level of protection appropriate to the risk. These security measures also include the encrypted transmission of data between your browser and our servers (SSL encryption). All information you transmit to us is stored on our servers in the European Union.

6. Cooperation with processors and third parties

Data is only passed on to third parties on the basis of legal permission. Within the framework of data protection-compliant order processing in accordance with Art. 28 GDPR, we use subcontractors for the provision of our services, in particular for the operation, maintenance and hosting of the online offer and IT systems.

7. Your rights

If we process your personal data, you are a data subject within the meaning of the General Data Protection Regulation (GDPR) and you have the following rights vis-à-vis us:

  • Right to information (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object to processing (Art. 21 GDPR)
  • Right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR).

The competent Austrian supervisory authority is the Austrian Data Protection Authority (DSB).

8. Changes to the privacy policy

We reserve the right to change the privacy policy in order to adapt it to changed legal situations or in the event of changes to the service and data processing. Please check our privacy policy regularly.