Skip to main content
Search
Toggle Navigation
voestalpine Böhler Welding

Data Protection Notice

It is very important to voestalpine Böhler Welding Group GmbH, Peter-Müller-Straße 14-14a, D-40468 Düsseldorf (hereinafter “we,” “us,” or “our”) to protect your personal data. We comply with the legal requirements applicable to the protection, lawful handling, and confidential treatment of data as well as with those pertaining to data security, specifically the European General Data Protection Regulation (“GDPR”) and pertinent national data privacy rules and regulations.

This Data Protection Notice informs you of the type, scope, and purposes of the collection and use by us of your personal data when you visit and use our website (www.voestalpine.com/welding/) and our social media accounts (e.g., Facebook and Instagram), when you contact us, when you use our online shop, and when you subscribe to our newsletter.

Here you will find separate Data Protection Notices applicable to separate issues:

1. Who is responsible for data processing and who can you contact?

Controller:

voestalpine Böhler Welding Group GmbH

Peter-Müller-Straße 14-14a

 40468 Düsseldorf

Germany.

Email: Datenschutz_BWG@voestalpine.com

2. What is personal data?

The term “personal data” refers to information concerning an identified or identifiable natural person ( “data subject”). For example, this includes the person’s name, email address, or IP address.

3. Processing of data when you use our website

Your data is processed for the following purposes:

3.1 Availability and protection of the website

Purpose: You may visit our website without disclosing your particulars. When you use our website, your end device sends data to our web server. This data is processed by our web servers and automatically stored in so-called “log files.” The processing of your data is necessary in order for us to make our website available to you. We must store the data in log files so that we can ensure the security and functionality of our website.

Categories of data: Network protocol and identification data (IP address, HTTP header fields, browser type, previously visited website (so-called “referrer”), date and time of access, other web traffic data, such as information on the device used, the volume of data sent, etc.)

Legal basis: It is in our legitimate business interest to make a secure, functional, and user-friendly website available. That is why we process data in accordance with Art. 6 (1) (f) of the General Data Protection Regulation (GDPR).

Retention period: We retain your data as long as necessary to process your inquiry. Once your inquiry has been completed, your data will be erased subject to statutory retention periods, unless holding the data is necessary to establish, fend off, or defend legal claims and to enforce them in governmental or court proceedings.

Categories of recipients: Processors (IT service providers); in case of a security-related event, possibly also: law enforcement agencies, attorneys, courts, and administrative agencies.

3.2 Use of cookies and Google Analytics

Please see the [cookie banner] for information on the data protection provisions that apply to the use of cookies and Google Analytics. Among other things, this information explains the type, scope, purposes, data categories, legal basis, retention periods, and categories of recipients of or related to the cookies used.

3.3 How to contact us

Purpose: You may contact us by email, telephone, or fax if you have any questions about our company, our products, and our services. If you do so, we will process your data for the purpose of processing your inquiry; as a result, your data may also be processed in one of our customer management systems.

Categories of data: Personal data (e.g., salutation, title, first and last name); contact information (e.g., address, telephone number, email address); correspondence data (e.g., content of the inquiry); network protocol and identification data (e.g., date and time of the inquiry); as well as all data you make available to us by uploading or attaching documents.

Legal basis: Inquiries are processed either by carrying out (pre-)contractual steps (Art. 6 (1) (b) GDPR) or pursuant to our legitimate business interest (Art. 6 (1) (f) GDPR), specifically, our interest in communicating with our customers and website users.

Retention period: We retain your data as long as necessary to process your inquiry. Once your inquiry has been completed, your data will be erased subject to statutory retention periods, unless holding the data is necessary to establish, fend off, or defend legal claims and to enforce them in governmental or court proceedings.

Categories of recipients: Processors (IT service providers). In order to fulfill the intended purposes, in some cases, we may also have to transfer your data to specific Group companies (www.voestalpine.com/locations) in order to ensure rapid processing of your inquiry.

3.5 Newsletter subscription

Purpose: You have the option of subscribing to our newsletter through our website. If you subscribe to our newsletter, we need to process your data in order to send you our newsletter. As a result, your data may be processed in one of our customer management systems.

Categories of data: Contact information (e.g., email address)

Legal basis: We process your data for the newsletter only if you give us your consent to do so (Art. 6 (1) (a) GDPR). You may revoke your consent at any time (e.g., via email to Datenschutz_BWG@voestalpine.com) or by clicking the unsubscribe link located in the footer of the newsletter that was sent to you).

Retention period: We retain your data for the purpose of sending you the newsletter as long as you do not revoke your consent to receive it.

Categories of recipients: Processors (IT service providers)

 

3.6 Facebook Social Plugins

We have integrated plugins from the social network Facebook.com (company headquarters in the EU: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland) on our website as part of the “two-click solution” from Shariff. You can recognize these by the Facebook logo “f” or the addition “Like”, “Gefällt mir” or “Share”.

Purpose: The temporary storage of the data is necessary for the use of the plugin in order to ensure extensive visibility in social media.

Data categories: The standard social media buttons that are used to transfer user data such as the dynamic IP address, browser type and browser version to Facebook each time a page is accessed, and therefore provide information about the user behavior of the website visitor to these social networks. It is not necessary to be a member of the relevant network or to be logged in.

Legal basis: The use of the Facebook plugins takes place on the basis of point (f) of Article 6 (1) GDPR.

Storage period: The data collected directly by us via the social media profile will be erased from our systems as soon as you ask us to erase it, withdraw your consent to its storage, or the purpose for the data storage no longer applies. Stored cookies remain on your end device until you erase them. Mandatory statutory provisions—in particular retention periods—remain unaffected. We have no influence on the storage period of your data which is stored by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (as provided in their privacy policy, for example).

Categories of recipient: When you visit our websites, the plug-in establishes a direct connection between your browser and the Facebook server. In the event that the data you transfer to us is also or exclusively processed by Facebook, Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland, is the controller which is responsible for the data processing within the meaning of the GDPR, either in addition to us or in our place. In this way, Facebook receives the information that you have visited our website with your IP address. If you click the Facebook “Like button” while you are logged into your Facebook account, you can link the contents of our websites to your Facebook profile. If you do this, Facebook will be able to assign the visit to our websites to your user account. Please note that we, the website provider, do not have access to the content of the data transferred or its use by Facebook. For more information, please refer to the privacy policy of Facebook at: https://de-de.facebook.com/privacy/explanation. If you do not want Facebook to be able to assign the visit to our websites to your Facebook user account, please log out of your Facebook user account. The parent company of Facebook, Meta Platforms Inc., is based in the USA. A transfer of data to the USA and access by public authorities in the US to the data stored by Meta cannot be ruled out. Meta Platforms Inc., which is based in the USA, is, however, certified for the US-European data protection agreement, the “EU-U.S. Data Privacy Framework”, which guarantees compliance with the level of data protection that applies in the EU.

4. Data transfers to third countries

Given the complexity of prevailing data processing processes, we engage so-called processors to process your data. To the extent possible in this connection, we only engage processors that are domiciled within the European Union (EU) or the European Economic Area (EEA) and are thus subject to the GDPR.

There are scenarios, however, where we process data in third countries (i.e. outside the EU and/or the EEA) or where the processing takes place in connection with the use of service providers domiciled outside of the EU and/or the EEA. The level of data protection in some of these third countries may not correspond to EU standards. For example, the processing of personal data by law enforcement agencies may not be restricted to that which is absolutely necessary, and data subjects may only have limited rights of legal recourse.

We do, however, always ensure that European data protection and data security standards are maintained.

  • First of all, under certain circumstances, we may be able to transfer data to those third countries that the European Commission has certified, pursuant to an adequacy decision under Art. 45 GDPR, as possessing an adequate level of data protection.
  • If the European Commission has not adopted an adequacy decision regarding a specific third country, we only transfer data subject to appropriate safeguards pursuant to Art. 46 GDPR. In particular, we then apply the standard contractual data protection clauses approved by the European Commission or binding internal data protection regulations; we may also ensure by other means that an adequate level of data protection is put in place (e.g., recipient’s participation in an approved certification system).
  • In individual cases, the aforementioned appropriate guarantees pursuant to Art. 46 GDPR as well as the additional measures taken may not be effective enough, thus leaving gaps in legal protections. In cases like these, we process your data in accordance with the exemption under Art. 49 GDPR. Depending on the case at hand, therefore, and to legitimize data transfers we rely on a variety of factors, including (i) your express consent (Art. 49 (1) (a) GDPR); (ii) the need to fulfill the contract (Art. 49 (1) (b) GDPR); or (iii) the need to establish, exercise, or defend our legal claims (Art. 49 (1) (e) GDPR).

You may use the contact information provided to obtain further information as well as a copy of the implemented measures.

5. Rights of data subjects and option to file a complaint

  • Article 15 GDPR gives you the right to request confirmation as to whether your data is processed by the controller and the right to access information regarding this data.
  • Article 16 GDPR gives you the right to request immediate rectification of inaccurate data concerning your person and/or completion of incomplete data.
  • Article 17 GDPR gives you the right to have your data erased.
  • Article 18 GDPR gives you the right to restrict the processing of your data.
  • Article 20 GDPR gives you the right to data portability.
  • Article 21 GDPR gives you the right to object to the processing of your data.

Finally, you also have the option of filing a complaint with the competent regulatory authority.

If your data is processed pursuant to your consent thereto, you have the right to withdraw your consent at any time; doing so, however, does not affect the legality of the processing carried out until you withdrew your consent.

6. Contact information

If you have any questions regarding issue of data protection and the assertion of your rights as enumerated in the foregoing, you may contact our data protection organization at Datenschutz_BWG@voestalpine.com or by postal mail to voestalpine Böhler Welding Group GmbH, Peter-Müller-Straße 14-14a, D-40468 Düsseldorf, Germany

 

This Data Protection Notice is amended from time to time.