1. General Information
For grommunio GmbH (hereinafter “grommunio”, “we”, “us”) the protection of the personal data of all website visitors is of great importance. Therefore, we comply with the applicable legal provisions on the protection and processing of personal data, in particular the General Data Protection Regulation (“GDPR”), the Austrian Data Protection Act (“DSG”) and the Austrian Telecommunications Act (“TKG”).
1.2. Contact of the Controller
Name: grommunio GmbH
Location: Donau-City-Straße 7 / Door 2 / 30th floor, DC Tower, A-1220 Vienna, Austria
Register Number: FN 538037g
Tax number: 75763639
Telephone: +43 1 375 0108
2. Processing of Data
2.1. Processing of Personal Data and the Respective Purpose: Website grommunio.com
2.1.1. Get in Contact
When you get in contact with us by e-mail or by phone, we will process your contact data (name, telephone number, email address) as well as the content of your message. If you use the contact form on our website, we will process the provided information: In particular your organizational affiliation, name, position, country of origin, telephone number, email address, purpose of the contact and the content of your message.
The processing is based on pre-contractual obligations according to Art 6 para 1 lit b GDPR.
If you signed up for our newsletter we will process your name, your email address and your preferred language.
The processing is based on your freely given consent according to Art 6 para 1 lit a GDPR. You may withdraw your consent with effect for the future at any time without giving any reasons e.g. by our unsubscribe link, which you can find in every newsletter.
Your consent to our newsletter also includes the use of the Newsletter-Tool “MailChimp” of the US-based provider “Inuit”. We point out, that the USA are no secure third country considering the EU-Data Protection Law (Adequacy decision or other appropriate safeguards according to Art 46 GDPR). There is the risk that your data transmitted in this way may be subject to access by authorities for control and monitoring purposes and that no effective legal remedies are available against this.
2.1.3. Social Media
You can interact with us on our social media platforms “LinkedIn”, “Twitter”, “Mastodon”, “Facebook”, “Instagram”, “GitHub” and “YouTube” as well as on our “Google” company profile by commenting on our posts, reacting to them, sharing a post or sending it to other users. grommunio will process your interaction, your user name, as well as the personal data of invited third parties, if applicable, in doing so.
This data may also be processed by the social media platforms In this case, grommunio and the respective platform act as joint controllers according to Art 26 GDPR. grommunio und die Plattform sind in diesem Fall gemeinsame Verantwortliche gem Art 26 DSGVO. For further information regarding the processing of your personal data please visit the following links:
The data may be processed in order to answer your questions, to comment on your opinion(s) or feedback, to give you the opportunity to express yourself or to promote grommunio and our product range. The processing is based on our legitimate interests according to Art 6 para 1 lit f GDPR or is necessary for the fulfillment of our (pre-)contractual obligations according to Art 6 para 1 lit b GDPR.
2.1.4. Community Forum
If you want to question directly on the website and exchange views with our community, you can simply register in our community forum. grommunio processes your email address and the user name you have chosen. In the forum, we process your entries and comments.
The processing is based on our legitimate interests according to Art 6 para 1 lit f GDPR or is necessary for the fulfillment of our (pre-)contractual obligations according to Art 6 para 1 lit b GDPR.
2.1.5. Job Application
Should you submit your application documents to the e-mail firstname.lastname@example.org for the purpose of applying to grommunio, we will process your email address, your message as well as the content of your application documents in order to determine whether a suitable position is available for you at grommunio. The processing is based on our precontractual obligations according to Art 6 para 1 lit b GDPR.
2.1.7. Security and Error Logs
To maintain the security and functionality of our website, we also process security and error logs. Logs are digital records of events related to our website. They enable us to react quickly to security breaches, errors or malfunctions and to identify their origin. This enables us to restore the usual usability of the homepage more quickly. The processing is based on our legitimate interests pursuant to Art 6 para 1 lit f GDPR.
2.2. 2.2. Processing of Personal Data and Purpose of Processing: Use of the Software by End Users
In general, our customers themselves or our sales partners host the grommunio software. Please contact them to be informed about the processing of your personal data in course of using our software. grommunio does not process any of your personal data in this case.
2.3. Processing of Personal Data and Purpose of Processing: grommunio Sales Partners
2.3.1. Registration on the Website
When you use our registration form for potential sales partners on our website (https://grommunio.com/de/partner-programm/), the information you enter in the form is processed. This includes your organisation affiliation, your website, your name, your address and the corresponding postcode, city and country, your email address and your telephone number.
The processing is based on our precontractual measures according to Art 6 para 1 lit b GDPR.
In order to provide visitors to our website with an overview of all partners, the Partner-Portal discloses the company name and contact details (email address and telephone number) of each of our partners. The processing is based on pre-contractual obligations according to Art 6 para 1 lit b GDPR.
2.4. Transfer of Personal Data
Personal data relevant for the respective above-mentioned purposes can be transferred to the following recipients:
- to external third parties to a necessary extent based on our legitimate interest (e.g. personnel consultants and service providers, auditors, insurers, legal representatives, labor market service, other third parties involved in the fulfillment of the contract with the data subject or the provision of services by the controller to the data subject and other third parties involved in the employment relationship, e.g. insurance companies, tax consultants, operators of the IT infrastructure);
- to courts, authorities and other public bodies to the extent required by law (e.g. Chamber of Labor, Data Protection Authority).
In addition, we work together with external service providers (processors) and transmit your personal data to them to the extent necessary to provide our service. Our processors are manly supplier of IT-services and services for contract administration:
- Software and service provider (supply of IT applications) for email as well as for administrative tasks;
- General IT administration (including support, software and maintenance, data centers and cloud services).
If your personal data is transferred to a third country to which no adequacy decision as defined in Article 45 of the GDPR applies, the protection of your data will be ensured by means of suitable safeguards as defined in Article 46 of the GDPR. In the absence of such, we will inform you of this and a transfer will only take place with your explicit consent as defined in Art 49 (1) lit a DSGVO.
2.5. Storage period
grommunio processes your personal data only for the time necessary to fulfill the respective purpose. In certain circumstances we retain the data for a longer period until the end of business relations, court proceedings, warranty periods or general limitation periods. This is necessary in the case of claims for compensation or copyright claims.
We store the data from your contact requests for six months to respond in case of inquiries.
The data from your interaction with our social media pages will be stored, as long as our content is available online. Prior to this you can request the deletion or simply delete your post on your own.
Security and error logs will be stored by our hosting provider only for a few days.
3. Data Subject Rights
You have the right to access your personal data, right to rectification, erasure, restriction of processing and data portability. If the processing is based on your consent, you can withdraw it at any time with the effect for the future, e.g. by email to email@example.com. In addition, you can object to data processing if it is based on our legitimate interests on grounds relating to your particular situation. In this case will no longer process your personal data unless we can demonstrate compelling legitimate grounds. These grounds must override your interests and rights or the processing is necessary for the establishment, exercise or defense of our legal rights.
If you feel that the processing of your data is unlawful or that your data subject rights are infringed in any other manner, you are entitled to file a complaint at the Data Protection Authority. In Austria this is the Austrian Data Protection Authority, Barichgasse 40-42, 1030 Vienna, Austria. Prior to your formal complaint or if you need any help exercising your rights, kindly contact us under firstname.lastname@example.org.