WINTERHELLER management GmbH
(hereafter “Winterheller”, “we” or “us”)
Due to the General Data Protection Regulation (GDPR) of the European Union becoming effective May 25, 2018, we inform you with the following statement about which personal data is collected, processed, used and how this data is being protected by us.
1. (General) data collection and data processing during your visit to our website
In the case of internet access to our website, your internet browser automatically provides data, such as the URL of the referring website, browser type, browser version, date and time of your access, amount of data sent, your IP address, the file you requested and other similar data and information to our web server.
When using this general data and information, we draw no conclusions about the person involved with this access. Rather, this information is needed to (1) properly deliver the contents of our website, (2) to optimize the content of our website, (3) to ensure the continued functioning of our information technology systems and the technology of our website, and (4) to provide the information necessary for prosecution to law enforcement agencies in the case of a cyberattack. This anonymously collected data is statistically evaluated and used to improve data protection and data security and in order to ultimately ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by an affected person.
2. Contacting Us
Due to legal regulations, our website contains information that enables quick electronic contact to our company as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If you contact us by e-mail or via a contact form, the personal data you provide (such as personal data and contact details) will be automatically saved. Such personal data transmitted by you to us on a voluntary basis will be stored to process your request or to contact you.
3. Live Chat
By using cookies the information and offers on our website can be optimized for the user. Cookies allow us, as already mentioned, to recognize the users of our website. The purpose of this recognition is to make it easier for users to use our website. For example, the user of an internet page using cookies does not have to re-enter his credentials every time he visits the internet site because this is done by the cookie and the cookie stored on the user’s computer system.
You can prevent the setting of cookies through our website at any time by means of an appropriate setting of the Internet browser used and thus permanently deny the use and storage of cookies. Furthermore, already set cookies can be deleted at any time via an internet browser or other software programs. This is possible in all common internet browsers. If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of our website may be fully usable.
5. Subscribing to our newsletter
On our website and through our services, users are given the opportunity to subscribe to our newsletter. When ordering the newsletter via our website, the e-mail address, first name and last name are sent to us.
We inform our customers at regular intervals by means of a newsletter about offers of the company. The newsletter of our company can only be received by you if (1) you have a valid e-mail address and (2) you have registered for receiving the newsletter. For legal reasons, a confirmation e-mail will be sent to the e-mail address registered by you for the newsletter dispatch in a double-opt-in procedure. This confirmation email is used to check whether the owner of the e-mail address originally authorized the receipt of the newsletter.
When subscribing to the newsletter, we also store the IP address of the computer system used by the person at the time of registration as assigned by the Internet Service Provider (ISP), as well as the date and time of registration. The collection of this data is necessary in order to be able to understand the (possible) misuse of the data subject’s e-mail address at a later date and therefore serves as a legal safeguard for the data controller.
The personal data collected in the context of registering for the newsletter will be used exclusively to send our newsletter. In addition, subscribers of the newsletter could be informed by e-mail if this is necessary for the operation of the newsletter service. There is no transfer of the personal data collected in the context of the newsletter service to third parties. Subscription to our newsletter may be terminated by you at any time. The consent to the storage of personal data, which you have given us for the newsletter, can be revoked at any time. For the purpose of revoking the consent, there is a corresponding link in each newsletter. It is also possible to unsubscribe from the newsletter at any time in our mobile application in the menu item “Account” or by informing us in a different way.
6. YouTube embeddings
There are embeddings of YouTube videos on our website that have an enhanced privacy mode enabled, so YouTube does not store information about visitors to our website unless the visitor watches a video. If you would like to view the videos from us via a link on our website, a connection to the servers of YouTube (Google Inc.) will be established and shared with the servers which page of our website you visited. If you are logged in to your YouTube account at the same time, YouTube can direct your surfing behavior to your personal profile. By activating one of the YouTube videos youtube.com and doubleclick.net will create different cookies for the collection of user preferences, advertising etc. Additional privacy information is available directly on the YouTube website.
7. Participation in our courses and communication on our IT platform
As part of our range of services, which includes events on topics such as success, mind-management and leadership, we also offer IT-based leadership courses, which can be combined with regular seminar meetings; In addition, students have the opportunity to communicate with each other through our IT platform, sharing their leadership-related questions and experiences.
The communication on our IT platform aims to provide the means to support each other and to receive concrete suggestions (among others also from Prof. Dr. Manfred Winterheller) on various topics around our range of services. The communication within the respective course is visible to all participants and therefore (restricted) publicly accessible. What is being posted on the restricted public part of our IT platform can be viewed directly by all participants of the respective course. In addition, there is the possibility that students send messages to each other and us via a “private channel”.
|If you make personal information “public” on our services to other users or us, you agree that your personal information will be stored, disclosed and used. This includes any personal information that you provide to us voluntarily and that is considered sensitive under applicable law.|
If there are online lectures included in a course, they will be recorded and made available to course participants throughout the course. The recordings are stored with our service provider vimeo.com and explicitly released the respective course and IT platform.
To provide you with the necessary service and communication means on our IT platform, we process the name and the e-mail address of the respective student; the name appears on an individual profile page, alongside all publications of the respective person and is therefore visible to all participants. The e-mail address will be used to send messages to subscribers to inform them about special activities on our IT platform and will not be visible nor made available to other participants.
|By submitting the e-mail address, the student agrees that we will inform him about specific activities on our IT platform via this e-mail address.|
Our courses are booked by (individual) private clients (in smaller and larger groups) as well as by a company for its employees. When a company books a course, the data of the participants is provided to us by the respective company. Individuals usually tell us their own data; If a group of private individuals registers for one of our courses, it may happen that we also receive the data of the other (group) participants from the person submitting the enrollment details. To organize and handle our course enrollments (booking, registration, billing, etc.) we process the supplied contact data (such as last name, first name, address, e-mail address, telephone number, etc.) of the respective customer. Persons enrolled in our courses will therefore become a contractual partner of us.
8. Purposes of data processing
We will process your personal information for the following purposes:
i. to make this website available to you and to further improve and develop this website;
ii. to respond to your request;
iii. to enable you to communicate with other students;
iv. to be able to handle any existing contractual relationship with you;
v. to send you our newsletter – if you have subscribed to it.
The disclosure of your personal data is voluntary but might be necessary for the performance of the respective contractual relationship (participation in our courses, etc.). We only collect your personal data to the extent necessary for the use of our services. If you do not provide us with your personal data, we might not be able to offer you our services (in full) or enter into a contractual relationship with you.
9. Legal basis of data processing
Article 6 (1) (a) GDPR serves our company as the legal basis for data processing operations, in which we obtain consent for a specific processing purpose.
Is the processing of personal data necessary to fulfill a contract of which you are a party, as is the case, for example, in data processing operations that are required for the provision of a service (settlement of a purchase contract for goods offered by us, participation in a contract, or use of our services), the processing is based on Art 6 para 1 lit b GDPR. The same applies to data processing operations that are necessary to carry out pre-contractual measures, such as in cases of inquiries about our products or services offered by us.
If our company is subject to a legal obligation which requires the processing of personal data, such as the fulfillment of tax obligations, the processing is based on Article 6 (a) (c) GDPR.
In the end, processing operations could be based on Art. 6 para 1 lit. f GDPR. On this legal basis, data processing operations that are not covered by any of the above legal bases are required if the processing is necessary to safeguard a legitimate interest of our company or a third party, unless the interests, fundamental rights and fundamental freedoms of the data subject prevail. Such processing operations are particularly permitted because they have been specifically mentioned by the European legislator. In that regard, it is considered that a legitimate interest could be assumed if the data subject is a customer of the controller (recital 47, second sentence, GDPR). The transmission of direct mail to our customers is based on this legal basis.
10. Withdrawl of granted consent
You are entitled to withdraw your consent to data processing at any time; the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
11. Transmission of your personal data
For the above purposes, we will transfer your personal data to IT service providers and service providers we use. Some recipients are located outside your country or process your personal information there. The data protection level in other countries may not be the same as your country’s. The personal information obtained when you use our services might be transferred to and stored in the United States. Such legal transfer is based, among others, on the standard contractual clauses (European Commission decision of February 5., 2010 on standard contractual clauses for the transfer of personal data to processors established in third countries under Directive 95/46/EC of the European Parliament and of the Council), which we negotiate with our IT service provider, Teachable Inc.
|However, you agree that we may transfer, store and use your personal information to our IT service provider, Teachable Inc, in the United States.|
In addition, we are entitled to disclose your personal information if we believe it is appropriate and necessary to comply with laws, regulations and legal procedures or comply with regulatory requests to protect the safety of individuals, to counter fraud, or to resolve security or technology issues or to protect our rights or property or the rights and property of users of our services.
12. Duration of storage
The contents of the respective course and therefore also the personal data, which are announced by course participants on our IT platform, are stored by us for a period of 6 months after the completion of the respective course. The personal master data and contact details of our customers, the personal master data of our course participants, we will save for a period of 7 years after completion of each course. Your general information collected during the visit to our website will be stored for a period of 3 months. A longer storage period will only be used if necessary to investigate detected attacks on our website.
13. Your rights in connection with personal data
You are, among other things, entitled (under the conditions of applicable law),
i. to check if and what personal data we have stored and to obtain copies of this data;
ii. to request the correction, addition or deletion of your personal data that is incorrect or improperly processed;
iii. to require us to limit the processing of your personal data, and
iv. in certain circumstances, to object to the processing of your personal data or to withdraw the prior consent for processing;
v. to require data portability;
vi. to know the identity of third parties to whom your personal data are transmitted and
vii. to file a complaint with the responsible authority.
14. Our contact information
If you have any questions or concerns regarding the processing of your personal data, please contact us:
WINTERHELLER management GmbH
Villefortgasse 13, A-8010 Graz
Fax: + 43/316 / 232132-44
Last Update: May 2018