Cotton Classics

Data Privacy Statement pursuant to the GDPR

A. Recitals
B. Recording personal data
C. Earmarking, legal basis, storage duration and data recipient
D. Data security
E. Website
F. Your rights
G. Withdrawal
H. Contact
I. Amendments to the Data Privacy Agreement

Last revised 23 May 2018


A. Recitals

The EU General Data Protection Regulation and the Data Protection Amendment Act 2018 serve your right to protect your personal data. We process your data on the exclusive basis of statutory provisions.


B. Recording personal data

We process your personal data, which comprises the following data categories:

•    Name or company name
•    Address
•    Contact data
•    Commercial register data
•    Data regarding creditworthiness, including data on dunning and complaints
•    Bank details
•    VAT Number
•    Name of the contact person
•    Contact data for the contact person (tel., e-mail, fax, address)
•    Business correspondence (order data, service requests)

 

C. Earmarking, legal basis, storage duration and data recipient

We need the collected personal data for contract execution, invoicing, asserting contractual claims, and advertising. The data are stored, processed and used for those purposes.
The legal bases for processing your personal data are contract fulfilment, legitimate interests, fulfilling legal or contractual obligations, as well as your consent (newsletter, cookies).
We process your personal data as needed as long as the business relationship lasts (from contract initiation to development to termination) and, beyond that, for statutory retention and documentation obligations, as well as any ongoing legal disputes or warranty and guarantee periods, etc.
To fulfil a contract, it might be necessary to forward your data to third parties (such as authorities, courts, tax advisors, banks, IT service providers, etc.).
Your data will be forwarded exclusively under the framework conditions of the GDPR, especially to fulfil the contract or based on your prior consent.


D. Data Security

We use technical and organisational security measures to ensure that the stored data is protected against accidental or intentional manipulation, loss, destruction and unauthorised access. Our security measures are continually improved to keep up with technological advancements.


E. Website

E.1.    Cookies

Our website uses so-called “cookies”. These are small text files which are placed on your end device by your browser. They cause no damage.
We use cookies to make our services more user-friendly. Some cookies remain stored on your end device until you delete them. They allow us to recognise your browser during your next visit.
If you wish to prevent this, you can adjust your browser to inform you when cookies are being placed and to allow them to be placed only on a case-by-case basis.
Please note: Deactivating cookies can limit our website’s functionality.

E.2. Web analysis

We use Sentry, a tool for error recording and management, for our website. The service is provided by Functional Software, Inc. based in 45 Fremont Street, 8th Floor, San Francisco, CA 94105, USA.

https://sentry.io/privacy/?tid=131256531#what-does-sentry-do 

Functional Software also processes data in the USA. The company is an active participant in the EU-US Data Privacy Framework, which guarantees the secure and legally compliant transfer of personal data from EU citizens to the USA. You can find more information on this at: https://commission.europa.eu/document/download/e5a39b3c-6e7c-4c89-9dc7-016d719e3d12_en?filename=Draft%20adequacy%20decision%20on%20EU-US%20Data%20Privacy%20Framework_0.pdf
In addition, Functional Software uses so-called standard contractual clauses in accordance with Art. 46 para. 2 and 3 GDPR. Through the combination of the EU-US Data Privacy Framework and the standard contractual clauses, Functional Software undertakes to comply with the European level of data protection when processing your data - regardless of whether the storage and processing takes place in the USA. The corresponding clauses are based on an implementing decision of the EU Commission, which you can view here: https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

The conditions applicable to data processing, including the standard contractual clauses, can be found in the Data Processing Addendum: https://sentry.io/legal/dpa/

Detailed information on the processing of personal data by Sentry can be found in the privacy policy: https://sentry.io/privacy/


F. Your rights

You have the rights of access, rectification, erasure, restriction, data portability and objection. To assert these rights, please contact us. If you believe that the processing of your data breaches data protection laws or your claims under those laws are otherwise being violated, you can complain to the supervisory authority. In Austria, this is the Data Protection Authority (https://www.dsb.gv.at).


G. Withdrawal

You may withdraw this consent at any time. If you do so, from that time forward we will no longer process your data for the aforementioned purposes.

To withdraw your consent, please contact our customer service:
Email: [email protected]
Telephone: +43 2230 2204
Telefax: +43 2230 3103


H. Contact

You can reach our data protection officer under:
Email: [email protected]
Telephone: + 43 2230 2204 666


I. Amendments to the data privacy agreement

We reserve the right to amend our data privacy agreement. We will announce such changes promptly on our website. If a certain type of data use depends on your consent and will be affected by an amendment to our data privacy agreement, we will re-obtain your consent as required by law if such an amendment is made.