Sie sehen die Flagge von Österreich

BMD
Österreich

Sie sehen die Flagge von Deutschland

BMD
Deutschland

Sie sehen die Flagge der Schweiz

BMD
Schweiz

Sie sehen die Flagge von Ungarn

BMD
Magyarország

Sie sehen die Flagge der Slowakei

BMD
Slovensko

Sie sehen die Flagge von Tschechien

BMD
Česko

Sie sehen die englische Flagge

BMD
International

Sie sehen die englische Flagge
Suchen

Privacy Statement

1. DATA OF THE PERSON RESPONSIBLE


BMD SYSTEMHAUS GesmbH
Sierningerstreet 190
A–4400 Steyr

Telephone: +43 (0)50 883            
Fax: +43 (0)50 883 66
Email: bmd@bmd.at
Internet: www.bmd.com

Regional court Steyr, FN 118356d
VAT-reg no.: ATU24168102

2. BMD WEBSITE AND NEWSLETTER

2.1. Consent

By using the Website, you consent to the storage and use of your information as described in this statement. Changes to this Privacy policy are made directly on this page, so you are always aware of what data BMD stores and uses. 

2.2. Use and purpose of the data

What information do we collect for what purpose?

2.2.1. IP-addresses

IP addresses are needed for problem diagnostics, website administration, and demographic information. When you visit our website, we only recognize your domain name, not your e-mail address. We will only see your e-mail address if you let us know it by filling out a form or sending an e-mail. 

2.2.2. Cookies

Cookies are used for personalized content, to avoid repeated password entries or to adapt the information offered to user behaviour.  

2.2.3. User registration 

When you register, we will send you the requested information and/or products as well as other product information, news or promotional material. 

2.2.4. E-mail-addresses

If you provide your e-mail address, we will communicate with you via e-mail. We will not share your email address with anyone outside of BMD. If you no longer want to receive e-mails from us, you can unsubscribe at any time. When sending an e-mail to BMD, depending on the setting of your e-mail programme, personal data may be transmitted automatically. BMD will also treat this data as confidential.

2.2.5. Registration for events

Our website contains registration forms that you can fill out to request information, products and services. The data transmitted to BMD will only be used by us for this specific process.  

2.2.6. Webshop

For orders via our webshop (seminars, software requests) your data will be forwarded to the webshop operator. The data is stored within the EEC only. 

2.3. Links on other websites

Our website also contains links to other third-party websites. BMD is not responsible for the privacy practices or the content of other websites.

2.4. Newsletter and opt-out

BMD regularly sends out user and seminar newsletters that you can subscribe to for free, so that you are always well-informed about the latest programme updates and changes, events, seminars and BMD advertising campaigns. If you no longer wish to receive e-mails from BMD, you may unsubscribe at any time. In order to be removed from the BMD e-mail list or BMD web registration database, an e-mail to newsletter@bmd.at is sufficient. Registered users can exercise their right of withdrawal at any time in the BMD user profile. You will also find details on the cancellation of the respective newsletter in each newsletter. 

2.5. Use of Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Inc. ("Google"). Google Analytics uses cookies. The information generated by the cookies about your use of the website (including your IP address) is transmitted to and stored by Google on servers in the United States. Google will use this information to evaluate your use of the website, to compile reports on advertising activities for website operators and to provide other website-related services. Google may also transfer this information to third parties if required by law or as far as third parties process this data on behalf of Google. Google will never associate your IP address with other Google data. You can prevent the installation of cookies by setting your browser software accordingly; However, please note that in this case you will not be able to use all features of this website to the full extent. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

2.6. Use of Google AdWords Remarketing

This website uses cookies for the purpose of targeting visitors to the Google Network through remarketing on online advertising at a later date. To run remarketing ads, third parties such as Google use cookies based on a visit to this site. As a user, you have the option to disable Google's use of cookies by visiting the Google Disable page at www.google.com/ads/preferences.

3. DATA PROTECTION – GENERAL

BMD stores data for the purposes of order fulfilment and subsequent customer service:

3.1. Personal data and processing 

For example, name, company name, address, telephone numbers, e-mail addresses, VAT-reg. number, commercial register number, sector affiliation, contact persons, for SEPA direct debit mandates: bank data, correspondence, license and update information according to the order, contact origin, credentials client info. Further information can be found in the Client Information section of the "Privacy Policy" section to be found on the BMD homepage.  

If no purchase contract is concluded, your data will be saved for advertising purposes. You always have the option of having your data deleted by BMD.

3.2. Transfer of data to third parties

A transfer of data to third parties (e.g. licensors, mail order companies, banks, legal representatives in case of business, public accountants, courts if required, administrative authorities in case of action, participating contract and business partners, providers (IT service providers), insurances if required) only takes place if necessary for the fulfilment of the contract. 

3.3. Confidentiality

BMD commits itself, its employees and vicarious agents, to confidentiality of data according to
§ 6 Data Protection Act (DSG) and art. 28 par. 3 GDPR in the current version. A separate confidentiality declaration can be requested from BMD.

3.4. Order data processing acc. to GDPR 

All information about the processing of personal data can be found in the order processing agreement. Should BMD act as a processor, a contract data processing agreement must be signed.

4. DATA PROTECTION INFORMATION - MAINTENANCE SERVICES

4.1. Information for services included in the maintenance contract

When using services from the maintenance contract, data on the traceability of the questions or problems reported, fault analyses and related support information etc. are electronically stored by BMD (telephone calls, tickets). 

4.2. Information for billable services

For billable services, a work report will be generated and sent to you by e-mail or the designated contact for confirmation of service provision. In addition, you can lodge a general e-mail address for the transmission of job tickets from BMD.

5. DATA PROTECTION INFORMATION - BMD CLOUD SERVICES

For the provision of the services from the BMD Cloud Service contract, it is essential that the following additional data is stored by you:

•    User data (User, password, e-mail-address)
•    IP-addresses used for access to the Cloud-system
•    Names of the computers used to access the Cloud-system
•    Name of the operating system and version used to access the Cloud- system
•    Printer names
•    Data saved as a result of e-mail diagnosis (e-mail recipient, subject, size of emails)

5.1. Your data

BMD is not obliged to check the admissibility of the data processing commissioned by the customer in terms of data privacy regulations. In particular, the customer himself is responsible for obtaining the consent, reporting and / or confidentiality requirements that may be mandatory under the terms of the Data Protection Act (DPA, GDPR) for the use of the services by the customer and his contract partners.

5.2. Storage of your data in the BMD Cloud

If you use the BMD Cloud, your data will be stored on the contractor's hardware, depending on how the order is handled. The data is stored exclusively within the EEC (in accordance with Chapter 5 GDPR). 

DATA PROTECTION INFORMATION - ORDER DATA PROCESSORS
The following services of BMD fall within the meaning of the GDPR under the term Order Data Processing:

5.3. On-site support services at the customer 

This includes training for the implementation of software at the customer and other services that are carried out on site.

5.4. Support with remote access maintenance

To be able to process a request through BMD, you grant direct access to your system.

5.5. Support with remote access via software

To be able to process a request, BMD will create an online session on your workstation. Before performing the service, you must confirm access before transferring the content of the screen.  

5.6. Error analysis with customer data

If your data is required for error analysis or for the performance of services, you should transmit it to BMD via a secure FTP server. If it is not possible to transmit the data online, you can request a password-protected and secure data medium from BMD against reimbursement of costs. 

6. DATA PROTECTION INFORMATION - APPLICATIONS

BMD collects and stores your data for the purpose of processing applications.

6.1. Collection and use of applicant data

In the course of the application (online, by e-mail, post or in person) BMD collects personal data such as: name, address, date of birth or data you have voluntarily provided to us. This data is used exclusively for the application process and is only accessible to a limited group of people at BMD. 

6.2. External recruiters

In exceptional cases, BMD works together with external HR recruiters. If so, you would be informed of this separately.

6.3. Conclusion of employment contract

If an employment contract is established, the data stored in the course of the application process will be used for pre-contractual measures (preparation of employment contract).

6.4. Online application

As part of the online application, all data and files you have entered and uploaded will be temporarily stored. Should you finish your online application without consent to the privacy policy and completing it, all your data and files will be deleted immediately.    

6.5. Your data at the end of the application process

After the application process, you will be informed about the status of your application. If your application is negative, your data will be kept in evidence and you will be notified of future job offers that match your application profile. If you do not want this, your data will of course be completely deleted.

6.6. Deleting your application data

If you would like to have your application data deleted, please send an e-mail to jobs@bmd.at. 

7. OBLIGATIONS OF BMD

7.1. Data and processing results

BMD undertakes to process data and processing results only in the context of a written order or contract. If BMD is obliged by an authority to release your data, BMD is obliged to inform you at once.

7.2. Confidentiality

All employees of the BMD are required to observe confidentiality pursuant to Art. 28 par. 3 GDPR and § 6 DPA in the current version.  

7.3. Notification and reporting duties

In the event of a breach of data protection, BMD will inform you immediately, at the latest within 24 hours of the breach becoming known. BMD will promptly notify of any inspections or measures by the supervisory authorities, insofar as these relate to your data. 

7.4. Security measures

BMD declares that sufficient technical and organizational security measures have been taken in accordance with Art. 32 GDPR and that they must always be kept up to date with the latest technology. In addition, ISO 27001 certification was successfully carried out. 

7.4.1. Access and admission control

The server rooms of the contractor are guarded by access control and can only be entered by authorized employees.

7.4.2. Access control

All systems are secured by extensive password protection and are subject to an authorization concept, which ensures that only authorized persons have access to data.

7.4.3. Transfer control

Data is transferred via secure routes (e.g. a VPN-connection). 

7.4.4. Entry control

Personal data can only be collected, altered and deleted by authorized persons. Entries in the customer master data of BMD are logged.

7.4.5. Order control

The contractor shall act to the extent agreed upon with the customer (software order, service requests, maintenance contract etc.).

7.4.6. Availability control

BMD confirms regular data backups and the monitoring of operating conditions. If necessary, emergency plans are available in order to minimize any possible failure of the operating requirements. 

8. YOUR RIGHTS

You are entitled to check compliance with the data protection regulations at BMD to an appropriate extent yourself or have this done by a third party.

8.1. Information requirements (Art. 13 and 14 GDPR)

8.1.1. Interested persons

Any joint responsible persons
The processing of the interested party data is done by BMD. If interested party data is transmitted to BMD by third parties (partners, etc.), the third party is responsible for obtaining the consent of the interested party regarding the disclosure of personal data. 

Processing purposes / legal bases
The processing takes place to create the offer requested by the Storage period: Until the termination of the business relationship or until expiry of the statute of limitations and statutory retention periods applicable to the person responsible; in addition, until the termination of any legal disputes in which the data is required as proof about products and services of BMD and to the transmission of information and advertising material.
The data provided serves as the basis for the preparation of a purchase contract. If no purchase contract is concluded, the data of the prospective customer is stored for advertising purposes. 

Categories of persons affected
Current and former interested parties
Data categories 
Storage period: until the termination of the business relationship or until expiry of the statute of limitations and statutory retention periods applicable to the person responsible; in addition, until the termination of any legal disputes in which the data is required as proof. 
•    Master data of the interested party
•    Contact persons of the interested party 
•    Data and information required to draw up an offer 

Data recipients
For example licensors, shipping companies, banks, legal representatives in the case of business, accountants, courts if required, administrative authorities if required, participating contract and business partners, providers (IT service providers), insurances if required 

Description of the technical and organizational security measures
See ''security measures''.

8.1.2. Customers

Any joint responsible persons
The processing of customer data is done by BMD. If customer data are transmitted to BMD by third parties (partners, etc.), the third party is responsible for obtaining the consent for the transfer of personal data from the customer.
Processing purposes / legal bases
The processing takes place for the fulfilment of the order, subsequent customer care and for the transmission of information and advertising material.  

Categories of persons affected
Current and former customers

Data categories 
Storage period: until the termination of the business relationship or until expiry of the statute of limitations and statutory retention periods applicable to the person responsible; in addition, until the termination of any legal disputes in which the data is required as proof. 
•    Master data and BMD licence information of the customer
•    Contact persons of the customer
•    Data and information required for order processing and subsequent customer care
Data recipients
For example licensors, shipping companies, banks, legal representatives in the case of business, accountants, courts if required, administrative authorities if required, participating contract and business partners, providers (IT service providers), insurances if required

Description of the technical and organizational security measures
See ''security measures''

8.1.3. Suppliers

Any joint responsible persons
BMD processes supplier data.

Processing purposes / legal bases
The processing takes place to carry out inquiries and orders with the supplier. 

Categories of persons affected
Current and former suppliers

Data categories 
Storage period: until the termination of the business relationship or until expiry of the statute of limitations and statutory retention periods applicable to the person responsible; in addition, until the termination of any legal disputes in which the data is required as proof. 
•    Master data of the supplier
•    Contact persons of the supplier
•    Data and information required for enquiry processing and orders  

Data recipients
For example licensors, shipping companies, banks, legal representatives in the case of business, accountants, courts if required, administrative authorities if required, participating contract and business partners, providers (IT service providers), insurances if required

Description of the technical and organizational security measures
See ''security measures''

8.1.4. Applicants

Any joint responsible persons
Applicant data is processed by BMD. If applicant data is collected via the online application, the applicant is responsible for the accuracy of the data. If applicant data is collected by third parties, the one who enters data is responsible for ensuring that the applicant agrees to the disclosure of the data. 

Processing purposes / legal bases
The processing takes place in order to be able to carry out the application process or to inform the applicant about further vacancies that correspond to his profile.  

Categories of persons affected
Current and former applicants
Current, former and future employees

Data categories 
Duration of storage: according to the agreed retention period of five years after the last contact with the applicant. 
•    Master data of the applicant
•    Documents of the applicant 
•    Data and information required for the application process  

Data recipients
For example licensors, shipping companies, banks, legal representatives in the case of business, accountants, courts if required, administrative authorities if required, participating contract and business partners, providers (IT service providers), insurances if required

Description of the technical and organizational security measures
See ''security measures''

8.2. Right to information (Art. 15 GDPR)

According to Art. 15 GDPR you have the right at any time to request information about all data stored by BMD about you. In case of doubt, BMD may request additional information to confirm the identity. The e-mail address furnished by BMD is: datenschutz@bmd.at.

8.3. Right to rectification (Art. 16 GDPR)

If BMD processes personal data that is incomplete or incorrect, you may demand that it be corrected or completed.

8.4. Right to delete (Art. 17 GDPR)

You are entitled to request BMD for the deletion of your data if one of the following reasons applies:

a)    The personal data is no longer required for the purposes for which it is collected or processed.
b)    You revoke your consent and there is no longer a legal basis for further processing / storage.
c)    You object to the processing and there are no legitimate grounds for further processing.
d)    Your data has been unlawfully processed.

8.5. Right to restriction (Art. 18 GDPR)

You may require BMD to restrict processing if  
a)    You dispute the correctness of the processing for the duration for which it allows the contractor to verify the accuracy of the data.
b)    The processing of the data is unlawful, but you decline to delete.
c)    The data is no longer needed by BMD for the intended purpose, but you still need this data to assert or defend legal claims.
d)    You have filed an objection against the processing of the data.

8.6. Right to transfer data (Art. 20 GDPR)

You have the right to receive your personal information in a structured, normal and machine-readable format, provided the data has been stored by BMD as a result of your consent or to fulfil a contract, and the processing is done automatically.

8.7. Right to objection (Art. 21 GDPR)

If your personal data is processed by BMD based on art. 6 par. 1 lit. b or f, you have the right to object at any time, provided there is no overriding protecting interest in the data. You may object to receiving unsolicited advertising at any time without any reason.  

8.8. Right to appeal

You have the right to appeal to the designated supervisory authority if you believe that BMD violates Austrian or European data protection law.   
 

© BMD Systemhaus GesmbH | Sierninger Straße 190 | A-4400 Steyr | bmd@bmd.at | +43 (0)50 883 or 0043 7252 883



Join us on Facebook
Join us on Xing
Join us on LinkedIn
Our Videos on Youtube
Join us on kununu
Join us on Instagram
By using our website you accept that our use of cookies. | Data privacy statement