Privacy Policy

Provision of information for the website https://ehconsulting.at/ (“website”) in accordance with Art. 13 of the EU General Data Protection Regulation (“GDPR”) concerning data processing operations in connection with access to and use of the website.

Thank you for your interest in our website. The protection of your personal data is very important to us. We therefore process your data exclusively on the basis of the legal requirements of the GDPR in conjunction with the Austrian Data Protection Act (DSG), the Austrian Telecommunications Act 2021 (TKG) and other relevant legal provisions.

With certain exceptions, data protection regulations apply to the processing of personal data. For the scope of this privacy policy, reference is made to the definition of terms in the GDPR. Thus, the “processing” of personal data essentially encompasses any handling of such data. Insofar as the data processed by us can be related to individuals and make you identifiable as a person, it is generally personal data, which means that you are considered a data subject within the meaning of Art. 4 (1) GDPR.

You are not obliged to provide data. Data processed automatically when accessing the website is not personal data or is only stored for very short periods (see in particular section 2.1).

1. Information about the data controller, contacts

1.1 Responsible for the processing of user data and contact

EH Immobiliengesellschaft m.b.H,
Ulrike-Gschwandtner-Straße 7a, 5020 Salzburg, Austria
Email: eh@ehconsulting.at
Phone: +43 664 325 02 77

1.2 Contact for data protection inquiries

Eva Hammertinger Rechtsanwalts GmbH
Freyung 6/12/3-4
1010 Vienna

eh@evahammertinger.legal
+ 43 676 37 33 946

2. Data processing operations

2.1 Processing of access data when visiting the website

Type and scope of data processing: You can visit our website without having to provide any personal information. When you visit our website, only general access data is stored automatically in so-called server log files. The following data in particular is processed: (i) name of the website visited; (ii) browser type/version used; (iii) operating system used by the user; (iv) previously visited website (referrer URL); (v) time of server request; (vi) amount of data transferred; (vii) host name of the accessing computer (abbreviated IP address used). This information does not allow us to draw any conclusions about your person; however, IP addresses are considered personal data within the meaning of the GDPR.
Legal basis and purpose: The purpose of this data processing is to establish and maintain the technical security of our website, to improve its quality, and to generate statistical information. Processing is based on our legitimate interest (Art. 6 (1) (f) GDPR), which consists of achieving the aforementioned purposes.
Storage period: Server log files are generally deleted automatically within fourteen (14) days, provided that they are no longer required for the purpose for which they were collected in individual cases.

2.2 Establishing contact

Type and scope of data processing: When you contact us using one of the contact options listed in this privacy policy or on our website, the information you provide will be processed for the purpose of handling your contact request and processing it. The processing of your data is necessary for handling and responding to your request, as we would otherwise have no way of contacting you.
Legal basis and purpose: The purpose of this data processing is to enable us to communicate with users of the website. We respond to your inquiries on the basis of our legitimate interest (Art. 6 (1) (f) GDPR) in a functioning contact system as a prerequisite for the provision of any services. In the case of recurring contact inquiries or the establishment of a client relationship (see point 2.3), your data may also be processed for other purposes, about which you will be informed separately if necessary.
Storage period: We will delete your request(s) and your contact details once your request has been answered conclusively. Your data will generally be stored for six (6) months and deleted after this period has expired, unless you send us follow-up requests or we need to process the data for other purposes.

2.3 Establishment of a contractual relationship

Type and scope of data processing: If you contact us to make use of our brokerage or consulting services, we will provide you with the relevant information regarding the processing of personal data within the framework of a contractual relationship separately, if necessary. In general, it may also be necessary for us to process personal data of third parties in order to provide our services in the course of handling an order; we will determine the relevant data protection requirements on a case-by-case basis and provide the relevant information where necessary.

Legal basis and purpose: We process data within the scope of a contractual relationship primarily for the purpose of fulfilling the contract concluded in this regard (Art. 6 (1) (b) GDPR) and for the purpose of fulfilling our associated legal obligations (Art. 6 (1) (c) GDPR). Any necessary processing of third-party personal data in this context is usually based on the pursuit of legitimate interests by us or our contractual partners following a corresponding balancing of interests (Art. 6 (1) (f) GDPR).
Storage period: We will provide more detailed information on the storage period in connection with contractual relationships separately when necessary.

3. Cookies and other storage technologies

3.1 Cookies

Our website uses cookies if you give us your consent in accordance with Art. 6 (1) (a) GDPR (you can revoke your consent to the use of cookies at any time [see “Right of revocation” under point 8]); If you refuse to give your consent, we will limit the use of cookies to those that are technically necessary to maintain the functionality of our website (see below) and which we use on the basis of our legitimate interest in this regard (Art. 6 (1) (f) GDPR), insofar as this involves the processing of personal data.

Cookies are small data files that are managed and stored on your device by your browser. They are initially placed by a web server and sent back to it as soon as a new connection is established in order to recognize the user and their settings. Your device is assigned a specific identity consisting of numbers and letters.

Cookies can serve various purposes and, for example, help to maintain the functionality of a website in terms of features and user experience in line with the latest technology. The actual content of a specific cookie is always determined by the website that created it.

Cookies always contain the following information:

Name of the cookie;
Name of the server from which the cookie originates;
ID number of the cookie;
an end date, after which the cookie is automatically deleted.

Cookies can be classified according to their type and purpose as follows:

Technically necessary cookies: Technically necessary (also: essential) cookies help to make a website usable by enabling basic functions such as page navigation and access to secure areas of the website. Without these cookies, a website may often not function properly. Technically necessary cookies are always first-party cookies. These cookies can only be deactivated in your browser settings by rejecting all cookies without exception (see below), and are also used on our website in a legally permissible manner without obtaining consent.
Preference cookies: Preference cookies allow a website to remember information that affects the way a website behaves or looks, such as your preferred language or the region you are in.
Statistics cookies: Statistics cookies help website operators understand how visitors interact with websites by collecting and evaluating information anonymously. Such cookies are therefore used to collect information about user behavior. The following information may be stored, for example: subpages accessed (duration and frequency); order of pages visited; search terms used that led to a visit to our website; mouse movements (scrolling and clicks); country and region of access. Cookies enable us to determine what the user is interested in and thus tailor the content and functionality of our website to individual user needs.
Tracking cookies: Tracking cookies are used to track visitors to websites. The intention is to display advertisements that are relevant and appealing to the individual user and therefore more valuable to publishers and third-party advertisers. This is made possible by analyzing your usage behavior, which allows for the personalization of advertising based on the interests identified.
Social media content: These cookies originate from video or social media platforms and are necessary to retrieve content from the respective platform that is integrated into a website. They may be used by the respective third-party provider for certain analysis and tracking purposes.

Depending on the storage period, a distinction is also made between:

Session cookies: These cookies are deleted automatically as soon as you end your current browser session.
Persistent cookies: These cookies (e.g., for storing your language settings) remain stored on your device until a predefined expiration date or until you manually delete them.

Depending on the subject of attribution, a further distinction can be made as follows:

First-party cookies: These cookies are used by us and set directly by our website. They are generally not made accessible across domains by browsers, which means that the user can only be recognized by the site from which the cookie originates.
Third-party cookies: These cookies (also known as third-party cookies) are not set by us, but by third parties, in particular for advertising purposes (e.g., to track surfing behavior) when you visit our website. This includes, for example, information about various page views and their frequency.

Most browsers automatically accept cookies. However, you have the option of adjusting your browser settings so that cookies are either generally rejected or only certain types are allowed (e.g., restricting the rejection to third-party cookies). If you change your browser’s cookie settings, however, you may no longer be able to use our website to its full extent. You can also use your browser settings to delete all cookies already stored on your device. This also constitutes a revocation of your consent.

3.2 Local Storage; Session Storage

If you give us your consent within the meaning of Art. 6 (1) (a) GDPR, we will use the storage capacity of your browser software, for example, to improve the usability of our website, its user-friendliness, and our offering in general (e.g., to save your language settings). For this purpose, we use local storage or session storage to store certain data on your device, whereby your browser creates local storage or session storage separately for different domains. Apart from yourself, only we can access the data processed in this context. If it’s technically necessary to keep our website working, certain info might be stored in your browser’s local storage or session storage without your consent. Uninvolved third parties can’t access this info, but it might be stored on your device by our partners (third-party providers) on our behalf for specific purposes. Unlike cookies, this method is faster and more secure, as data is not automatically transferred to the respective server with every HTTP request, but is only stored by your browser software; in addition, local storage or session storage offers up to 5 megabytes of storage space, while a single cookie can only contain a maximum of 4096 bytes.

Since the functionalities are similar to cookies, the information provided in section 3.1 applies accordingly. Please note that information in local storage does not have an expiration date (it is comparable to persistent cookies). Information in session storage, on the other hand, is only stored for the duration of the respective browser session (it is comparable to session cookies).

Manually removing data from local storage or session storage works in the same way as manually removing cookies in most browser settings, as cookies are usually grouped together with other website data within this option (e.g., “cookies and other website data”); in this respect, please refer to the explanations under point 3.1. If the browser software you use combines cookies and other website data in this sense, blocking cookies will also block access to local storage or session storage (which may also lead to restrictions on the use of our website). If you deactivate JavaScript, we will also no longer be able to use local storage or session storage, but this can generally lead to significant restrictions on use.

3.3 Truendo – Cookie-Management-Tool

In order to obtain consent for the use of cookies and third-party services on our website in accordance with data protection regulations, we use the consent tool provided by TRUENDO Technologies GmbH, Leonard-Bernstein-Straße 10, 1220 Vienna, Austria (“TRUENDO”). For more information about this company, please visit www.truendo.com.

The consent tool records and stores the decision of each user of our website regarding the use of cookies. This ensures that cookies and social media content that are not technically necessary are only permitted once the user has given their express consent to their use.

The extent to which the user has confirmed the use of cookies is stored; this decision can be revoked at any time. Revocation is done by calling up the cookie settings at the bottom left of the website and adjusting the settings there.

Cookies set up to that point will be deleted after any revocation. A cookie is also set or local/session storage is accessed to store the user’s consent status. When the service is accessed, the IP address of the respective user is sent to TRUENDO’s servers, but is not stored or linked to other data. The use of the service is based on our legitimate interest in the legally compliant design of our website in accordance with Art. 6 (1) lit. f GDPR. In this context, TRUENDO acts as our processor within the meaning of Art. 28 GDPR.

Further information can be found in TRUENDO’s privacy policy at https://www.truendo.com/privacy.

4. Links to third-party sites

We may use links to third-party websites on our website. If you click on one of these links, you will be redirected directly to the respective website. The website operators can only see that you have accessed their website via our website. Accordingly, we generally refer to the separate privacy policies of these websites.

5. Transfer of your data; recipients

Um den in dieser Datenschutzerklärung angeführten Verarbeitungstätigkeiten nachkommen zu können, werden Ihre personenbezogenen Daten an die folgenden Empfänger übertragen oder diesen offengelegt:

Within our organization, only those employees who absolutely need access to your data in order to fulfill their or our respective duties have access to it.

Furthermore, (external) processors commissioned by us will receive your data if they need it to perform their respective services (whereby access to personal data is sufficient). All processors are contractually obliged to process your data in strict compliance with the requirements of the GDPR and exclusively in accordance with our instructions.

Within the scope of our website, the following processors employed by us may have access to your data:

the provider of our cookie management tool, TRUENDO Technologies GmbH, Leonard-Bernstein-Straße 10, 1220 Vienna, Austria (see section 3.3).

In addition, we transfer your data to independent controllers if this is necessary or if we are legally obliged to do so. In addition to the providers listed in section 5, this may include courts or authorities within the scope of their legal jurisdiction.

6. Rights of the data subject

You have the following rights at any time with regard to your personal data processed by us, which can be exercised free of charge by notifying one of the contact options listed in section 1.1 (please note the relevant information in section 1.2) and will be answered as soon as possible, but in any case within one month one month (restrictions are possible in certain exceptional cases, such as when the rights of third parties are at risk):

Access to and further information about specific personal data processed (right of access, Art. 15 GDPR);
Correction of incomplete or incorrectly recorded or changed data (right to rectification, Art. 16 GDPR);
Deletion of data that (i) are not necessary for the purposes stated, (ii) are processed unlawfully, (iii) must be deleted due to a legal obligation or objection (right to erasure, Art. 17 GDPR);
temporary restriction of processing under certain conditions (right to restriction, Art. 18 GDPR);
Revocation at any time of consent once given to the processing of your data; please note, however, that revocation does not retroactively invalidate past processing activities based on the consent in question—it only has effect for the future (right of revocation, Art. 7(3) GDPR);
Objection to the processing of your data on the basis of our legitimate interest (Art. 6 (1) (f) GDPR) for reasons arising from your particular situation, as well as objection at any time to the processing of your data for direct marketing purposes (right to object; Art. 21 (1–2) GDPR);
Transfer of your personal data, which we process for the performance of a contract with you, for the implementation of pre-contractual measures at your request, or on the basis of your consent, to you or directly to another controller in a commonly used machine-readable format (right to data portability, Art. 20 GDPR);
Right to lodge a complaint about our processing of your personal data with a national supervisory authority; a complaint in Austria must comply with the requirements of Section 24 of the Data Protection Act and must be addressed to the Austrian Data Protection Authority, Barichgasse 40–42, 1030 Vienna, (email) dsb@dsb.gv.at, (phone) +43 1 52 152-0 (to simplify the process, the Austrian Data Protection Authority provides forms: https://www.dsb.gv.at/dokumente).