Who is Quality Austria - Trainings, Zertifizierungs und Begutachtungs GmbH (Quality Austria Training, Certification and Evaluation Ltd.)?
Quality Austria - Trainings, Zertifizierungs und Begutachtungs GmbH (Quality Austria Training, Certification and Evaluation Ltd.) (briefly referred to as “Quality Austria”) is the leading partner for system and product certifications, verifications and validations, assessments, trainings and individuals’ certifications as well as the Austria Quality Seal (following also referred to as “qualityaustria services”). The basis is formed by accreditations at BMDW (“Bundesministerium für Digitalisierung und Wirtschaftsstandort” - “Federal Ministry for Digital and Economic Affairs”). Furthermore, the company has, since 1996, presented the Austrian Excellence Award in cooperation with BMDW. Quality Austria’s key asset is its competence as a national market leader for the integrated management system, which helps to secure and increase business excellence. Thus Quality Austria is an important driver and trendsetter for the economic site of Austria and for “Succeed with quality”.
Who is responsible for data processing, and whom can I contact?
Quality Austria - Trainings, Zertifizierungs und Begutachtungs GmbH
(Quality Austria Training, Certification and Evaluation Ltd.)
1010 Vienna, Austria, Europe
Tel: (+43 1) 274 87 47
Fax: (+43 1) 274 87 47-100
What sources and data do we use?
When providing our services in the fields of system certification, verification and validation, the presentation of the Austrian Excellence Award as well as individuals’ certification and training and further training, we process personal data that the customer (the party ordering the qualityaustria service, including its contact person, or a person participating in a qualityaustria service) makes available to us just as much as data that we acquire ourselves when providing the qualityaustria services (e.g. in the course of an audit or an examination). As a rule, Quality Austria cannot provide the desired services without this data.
Relevant personal data includes particulars (e.g. name, address and other contact data, day and place of birth), legitimization data, contract data (e.g. audit documentation, documentation of events, data about Certificates, accounting data, bank data).
What do we process your data for (purpose of data processing)? And on what legal basis?
The personal data that we acquire on the occasion of the qualityaustria service will be processed for purposes of performing contracts according to the most important contractual documents and our Terms and Conditions as well as for the required documentation in conformity to the normative requirements (above all ISO/IEC 17021, ISO/IEC 17024, ISO/IEC 17065 and possible additional requirements from models to be audited by order of the customer), for bookkeeping and accounting, for establishing and defending legal claims as well as for Customer Relationship Management, including drawing up of offers for further qualityaustria services (e.g. re-certifications and add-on certifications or relevant trainings). The legal basis for these types of processing is formed by Art. 6 (1) lit. b of the General Data Protection Regulation (GDPR) (performance of a contract and steps prior to entering into a contract) (as far as the person concerned is a contracting party himself or herself) and Art. 6 (1) lit. f of the GDPR (legitimate interests in the provision of the agreed qualityaustria services serving to increase business excellence, which are pursued by Quality Austria and the customer) and Art. 9 (2) lit. f of the GDPR (establishment, exercise or defence of legal claims). Partly processing also is prescribed by law (e.g. fiscal rules, bookkeeping and accounting; legal requirements placed by the Accreditation Act).
For maintaining our legitimate interests in direct advertising for our range of services, we use the customer’s personal data (name, title, address, contact data, details of the order, past orders) for our own advertising and marketing purposes in order to send the customer information and advertisements about their services and products, news and other customer information that might be interesting for the customer as long as the customer has not objected to processing for purposes of direct advertising.
If you have given us a consent to our processing personal data for definite purposes (e.g. participation in events, passing on of information), the lawfulness of this processing will be given on the basis of your consent. Consent that has been given can be revoked, at any time. This also applies to the revocation of declarations of consent that were made before the GDPR entered into force.
Who will receive my data?
Within Quality Austria, only Departments and Divisions that need your data for fulfilling the contractual and legal obligations or for processing due to legitimate interest will be granted access to your data.
It is for purposes of providing the qualityaustria service desired by the customer that Quality Austria will pass data on to the external qualityaustria auditors, trainers, assessors and technical experts acting as Quality Austria’s contract processors. Moreover, Quality Austria avails of services provided by external IT providers.
Acc. to the Accreditation Act and the relevant Standards (in particular ISO/IEC 17021 and ISO/IEC 17024), Quality Austria shall be obliged to provide a publicly accessible list of certifications conducted. In the list, which is accessible on Quality Austria’s website, the respectively applicable Certificates and their holders are listed.
Based on normative requirements, Quality Austria shall further be obliged to make information on the qualityaustria services available to the Accreditation and Certification Bodies and/or grant these bodies access upon their request. In this process, it also is personal data that can be passed on to the Accreditation and Certification Bodies. Furthermore, Quality Austria can transmit personal data to additional recipients (e.g. public authorities) in order to fulfil legal reporting duties.
Is data transmitted into a third country or to an international organization?
Data will be transmitted into countries outside the European Union to the extent as this is necessary for Quality Austria carrying out the orders (e.g. if the auditee is based in a third country), prescribed by law or you have given an explicit consent.
How long will my data be saved?
The data will be saved for the period in which this is necessary for enabling Quality Austria to fulfil its contractual and legal obligations. Master data about the customer (including organs that have general powers of representation and contact persons at the customer’s) as well as the order history will be archived until the end of the business relationship and, beyond this, until the expiration of the warranty periods, limitation periods and legal retention periods. Application documents, audit and verification reports as well as other documents relating to certification will basically be retained for 12 years as far as normative or legal requirements do not require a longer retention period. Civil-law limitation periods can, in the single case, amount to up to 30 years.
What data protection rights do I have?
Acc. to the General Data Protection Regulation (GDPR), each person concerned shall have the right to be informed of the personal data that we process about him or her as well as the rights to rectification, to erasure, to restriction of processing and to data portability. Furthermore, persons concerned can, for reasons resulting from their special situation, object to our processing of personal data that refer to them for the future on the basis of a legitimate interest, at any time. Moreover, they can, at any time, object to future use of their personal data for purposes of direct advertising free of charge and without giving reasons. If you object to processing for purposes of direct advertising, we will thus no longer use your personal data for these purposes.
Besides, there is a right to lodge a complaint with the competent data protection authority. A consent that has been given can be revoked, at any time.
For exercising their rights as persons concerned and in case of questions about data protection guaranteed by Quality Austria, persons concerned can contact datenschutz(at)qualityaustria.com.
To what extent are decisions taken in an automated manner?
Not at all!
Does profiling take place?
In order to be capable of specifically informing and consulting you in terms of products, we use evaluation tools. These tools enable needs-oriented communication and advertising, including market and opinion research. You can object to profiling used for direct advertising, at any time.
Is the user behaviour on the website analyzed?
This website uses the service “Google Analytics”, which is offered by Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA), to analyze the way users use the website. The service uses “cookies”, i.e. text files saved on your end device. As a rule, information collected by the cookies will be sent to a Google Server in the USA and saved there.
On this website, IP anonymization is applied. Within the Member States of the European Union, the users’ IP (Internet Protocol) Addresses will be shortened. Thanks to this shortening, your IP Address will lose its connection to you as a person. In line with the agreement about contract data processing, which the website operators have concluded with Google Inc., Google Inc. will use information collected to evaluate use of the website and the website activity and provide services relating to use of the internet.
You have the opportunity of preventing saving of the cookies on your device by adequately configuring your browser settings. It is not guaranteed that you can access all functions of this website without restrictions if your browser does not admit any cookies.
Furthermore, you can use a browser plug-in in order to prevent information collected by cookies (including your IP Address) from being sent to Google Inc. and used by Google Inc. The following link will take you to the corresponding plug-in: https://tools.google.com/dlpage/gaoptout?hl=en
Alternatively you can click on this link in order to prevent Google Analytics from acquiring data about you within this website. By clicking on the link above, you can download an “opt-out cookie”. This means that your browser basically needs to permit saving of cookies. If you erase your cookies periodically, it will be necessary to click on the link again at each visit of the website.
Here you can find additional information on data use by Google Inc.: https://support.google.com/analytics/answer/6004245?hl=en
(a) ”Session Cookies”, which will , depending on the setting of your browser program, automatically be erased again when the browser operations are finished
(b) “Permanent Cookies”, which are provided with an expiration period and will persist when the browser operations are finished
On our website, we also use so-called “Session-Cookies” in order to make it easier for you to use our websites and guarantee fundamental functions of the websites.
These cookies will not call any information about you that is saved on your hard disk and will not impair your PC or your files. Most browsers have been set as to accept cookies automatically. However, you can deactivate saving of cookies or set your browser as to make sure that it hints you at cookies being sent.
You can erase cookies that already are on your computer, at any time. The way to do this depends on the browser. Please have a look at the instructions for your browser (at “Help” in the browser menu).