zum Inhalt zur Navigation zum Footer

Data Protection Declaration

Protection of personal data

The Austrian Energy Agency respects the privacy of its users. All information is treated confidentially in accordance with the applicable data protection regulations (General Data Protection Regulation, Austrian Federal Data Protection Act, Austrian Federal Telecommunications Act). Data will not be passed on to third parties without your consent. Data processing is carried out in any case and according to the applicable legal situation on the basis of the legal provisions of § 165 para. 3of the Austrian Federal Telecommunications Act (TKG) as well as Art. 6 para. 1 lit. a (consent) and/or f (legitimate interest) of the General Data Protection Regulation (GDPR).

The Austrian Energy Agency collects personal data only to the extent necessary for a specific purpose. The information will not be further used for a purpose incompatible with this purpose. Although you can view most Internet pages without providing any personal information, in some cases personal information is required in order to provide the online services you have requested.

For all privacy related inquiries please contact datenschutz(at)energyagency.at.

 

Vimeo:

On this website, we have embedded Links to Vimeo. When you click on the Vimeo links, your browser connects to the Vimeo servers. Once the video streaming platform service is opened, the Austrian Energy Agency does not influence the use of cookies or access to the data collected there. Your data (IP address, End device used, operating system, browser type) may be transmitted by clicking on the Vimeo Links. The video portal is operated by Vimeo LLC, 555 West 18th Street, New York, New York 10011, USA. The company uses computer systems, databases, and servers in the USA and other countries. Your data can, therefore, also be stored and processed on servers in America. In addition, Vimeo can track and store actions using cookies and similar technologies. Learn more about how Vimeo uses Cookies here. Information on data protection at Vimeo can be found here. Vimeo is an active participant in the EU-U.S. Privacy Shield Framework, which regulates the correct and secure transfer of personal information.

The sharing of the recording serves the legitimate interests of AEA to make all required information accessible to all participating experts of the CA-RES4. The video is available latest until the end of the project 1.3.2026. After that, it will be deleted.

For more details regarding the data protection agreement of  Vimeo: https://vimeo.com/privacy/ 

 

Matomo:

In order to be able to evaluate user behavior on the websites, we uses an open source web application for web analytics called Matomo. We use Matomo to obtain information about the use of the individual component of the website. The legal basis for the processing is Art. 6 para. 1 lit. f GDPR.

Matomo processes these data:

  • IP address, so that the last two numbers of your IP address are encrypted (2-bit encryption).
  • city, region, country, longitude/latitude,
  • browser, browser version, device type, operating system,
  • user agent, pages visited files clicked and downloaded
  • links to an outside domain that were clicked
  • screen resolution
  • session recording storing the HTML page, and all mouse events (movements, scrolls, locations and clicks), and keypresses
  • search terms used on an internal mobile’s or web properties’ search engine
  • custom dimensions and custom variables (any personal or non personal data the controller wishes to process)
  • custom events
  • content pieces
  • JavaScript errors
  • User ID
  • ecommerce order ID, order dDate
  • ecommerce abandoned carts
  • media titles and URLs
  • participation in A/B tests.

Data processed by Matomo is subject to the GDPR and does not leave the EU. The data will be saved for 24 months and 14 days. In the browser settings, you can delete your cookies-settings at any time. We have concluded an DPA with Matomo. The Matomo privacy policy can be found here: https://matomo.org/privacy-policy/

 

Cookies Policy:

We use cookies on our website to make our Internet presence more user-friendly and functional.

Cookies are small data packets that are exchanged between your browser and the/our web server when you visit our website. They do not cause any damage and only serve to recognize the website visitor. Cookies can only store information supplied by your browser, i.e. information that you yourself have entered into the browser or that is present on the website. Cookies cannot execute code and cannot be used to access your terminal device.

The next time you visit our website with the same terminal device, the information stored in cookies may subsequently be sent back either to us ("first-party cookie") or to a third-party web application to which the cookie belongs ("third-party cookie"). Through the stored and returned information, the respective web application recognizes that you have already called up and visited the website with the browser of your end device.

The legal basis for the use of technically necessary cookies is based on our legitimate interest in the technically flawless operation and smooth functionality of our website in accordance with Art 6 (1) lit. f DSGVO. Our website cannot function properly without these cookies. The use of statistics and marketing cookies requires your consent pursuant to Art 6 (1) lit. a DSGVO. You can revoke your consent to the use of cookies in accordance with Art 7 (3) DSGVO at any time for the future. The consent is voluntary. If it is not given, no disadvantages will arise. You can find more information about the cookies we actually use (in particular, their purpose and storage period) in this privacy policy and in the information about the cookies we use in our cookie banner.

 

Lamapoll:

Lamapoll is operated by Lamano GmbH & Co. KG. We use Lamapoll for online surveys. The following data is processed: Your IP address, as well as browser data. Lamapoll stores your data for 7 days.

We have concluded a DPA with Lamapoll.

You can find Lamapoll's privacy policy here/only available in German: https://www.lamapoll.de/Support/Datenschutz 

 

Mentimeter:

Mentimeter AB is a Swedish company. We use Mentimeter for online surveys. Mentimeter stores the following personal data: IP address, email address, browser.

It is not possible to conclude a DPA with Mentimeter. The IP address of the presenter is stored permanently until revoked. The IP address of survey participants is stored for 12 months,

Mentimeter is hosted in the EU, there are also servers in the USA. There is a risk that your personal data, will be stored in servers in the USA. The USA does not have a level of data protection that corresponds to the standards of the EU. In particular, US intelligence agencies can access your data without you being informed and without you being able to take legal action against them.

You can find Mentimeter's privacy statement here: https://www.mentimeter.com/privacy

 

 

X (formerly Twitter):

Only when you click on the appropriate buttons will contact be made with the X server and your data (IP address, device used, browser type) will be transmitted.

Once the social media service is opened, The Austrian Energy Agency has no influence on the use of cookies or access to the data collected there.

By clicking on the X icon, data is sent to X. X is subject to the US Cloud Act. In the event of a government request to X, data must be released. Click for X privacy statement: https://x.com/en/privacy 

 

Zoom:

We may use Zoom to host and record online Sessions of Plenary Meeting of the Concerted Action on the EU Directive Renewable Energy Sources (CA-RES4). This Tool is hosted by Zoom Video Communication Inc, 55 Almaden Blvd, 6th Floor, San José, 95113 CA (click here for Zoom privacy policy). The following personal data will be processed: User data: Name (o. Alias), e-mail address, password.; Meta Data: Host, meeting ID, meeting title, scheduled time, scheduled duration, list of participants, e-mail addresses of the participants (if registered participants), IP addresses of the Participants. The video will be recorded - If you do not want to be recorded, please turn off the camera. The fact of recording is indicated to participants in the Zoom app by a red record icon. The recording serves the legitimate interests on the part of AEA to make all required information accessible to all participating experts of the CA-RES4.  Responsible for the processing is the Austrian Energy Agency.  For questions or if you want to exercise your right of access, please contact ca-res@energyagency.at. We put the recordings on the CA-RES.eu website and only in the secure part of the website. (Access only for registered users). The video is available for the entire duration of the project 1.3.2026 after that it will be deleted.

 

MS Teams:

We may use MS Teams to host and record online Sessions of Plenary Meeting of the Concerted Action on the EU Directive Renewable Energy Sources (CA-RES4). This Tool is hosted by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (click here for Microsoft privacy statement). The following personal data will be processed: User data: Name (o. Alias), e-mail address, password.; Meta Data: Host, meeting ID, meeting title, scheduled time, scheduled duration, list of participants, e-mail addresses of the participants (if registered participants), IP addresses of the Participants. The video will be recorded - If you do not want to be recorded, please turn off the camera. The recording serves the legitimate interests on the part of AEA to make all required information accessible to all participating experts of the CA-RES4.  Responsible for the processing is the Austrian Energy Agency.  For questions or if you want to exercise your right of access, please contact ca-res@energyagency.at. We put the recordings on the CA-RES.eu website and only in the secure part of the website. (Access only for registered users). The video is available for the entire duration of the project 1.3.2026 after that it will be deleted.

 

Newsletter (Brevo):

The sending of newsletters with current information, notice of events etc. is based on your registration in the list of recipients. In each newsletter, you have the option of withdrawing this consent for the future to the processing of your personal data by "opting out" of the list of recipients.

By subscribing to the newsletter, the following data is collected: First name, last name, e-mail. The data is transmitted to our order processor Brevo GmbH. The Austrian Energy Agency has concluded a data processing agreement with Brevo. Click for Brevo privacy statement: https://www.brevo.com/legal/privacypolicy/ 

You can revoke your consent at any time for the future using the unsubscribe option in the respective newsletter or by email ca-res@energyagency.at. Your data will be stored until you revoke your consent or the newsletter service is discontinued.

 

CA-RES Plenary Meetings & Events:

If you register for the CA-RES Plenary Meetings of other Events that we organise, we will process the personal data you provide (e-mail, name, company) for organisational processing and implementation of all CA-RES Plenary Meetings & Events. This data is necessary for administration and will be processed with external processors if necessary.

Sending of updates and news with current information and invitation of events etc. is based on your consent during the “sign-in”process for the the access to the CA-RES website. If you don´t wish to receive any further event invitations, you can revoke your consent at any time for the future by email: ca-res@energyagency.at or you reply directly to the respective event invitation.

Kindly note that we use your data only for internal purpose.

 

Data security:

We do our utmost to make your visit and use of our website as secure as possible. We therefore comply with the provisions of Article 32 of the General Data Protection Regulation (GDPR) to ensure the confidentiality and security of your personal data and take appropriate technical and organisational security measures.

 

Image & video material:

During CA-RES Plenary Meetings and events, the CA-RES Coordination team will take photographs, which will be used for the final publication and for short posts via social media like “X”.

The final publication will be publicly disseminated. The photos will be stored securely. If you would prefer for you not to be photographed, please let the CA-RES coordination know. We will never share your information with third parties for any marketing purposes. If you would like to see your images, or would like us to delete them after the meeting, please email us to ca-res@energyagency.at

Recordings taken during virtual meetings are only for internal purposes of the CA-RES and will be visible only in the secure area of the CA-RES Webpage.

 

 

Information about your rights:

You have the right to obtain information about the personal data we hold about you. In addition, you can submit requests for correction of your data or restriction of the processing of your data if there are uncertainties that need to be clarified. You can object to the processing of your data. You can submit a request for deletion of your data. You can submit a request for the transfer of your data in a machine-readable format. You can submit a request against exclusively automated decision-making, except in cases of processing by consent, contract or existing legal bases for processing.
You may withdraw any consent you have given. The consequences may be a failure to treat the interests you have disclosed.

You can submit any claims as a complaint to the data protection authority. Contact details can be found in the section “data protection authority”.

 

Duration of the storage of personal data:

Business transactions in general

For reasons of tax law and company law, business-relevant documents must be kept for 7 years in accordance with § 132 of the Austrian Federal Fiscal Code (BAO) and §§ 190, 212 of the Austrian Federal Business Code (UGB).

In addition to the retention period of 7 years pursuant to § 132 para. 1 of the Austrian Federal Fiscal Code resulting from the wage tax and duty to pay, various specific retention periods up to the general retention obligation of employment data of 30 years pursuant to § 1478 of the Austrian Federal General Civil Code (ABGB) must be taken into account in and after the current employment relationship.

 

Data related to processing by public authorities

In connection with federal processing activities, data must be retained for 10 years pursuant to section 25(3) of the Office Regulations, unless the specific content of the file or legal provisions require longer retention (Federal Archival Material Ordinance).

Award procedure

Irrespective of the requirements under public procurement law to retain data of the award procedure for at least three years or, in the case of the subsequent contractual relationship, for the term of the contract, the long limitation period under civil law of 30 years pursuant to Section 1489 of the Austrian Federal Civil Code (ABGB) must be observed for retention in accordance with the ECJ ruling of 26 November 2015, Rs C-166/14, MedEval.

 

 

Data protection authority

You can submit any claims as a complaint to the data protection authority.

On the website of the data protection authority www.dsb.gv.at you will find further information, FAQs and all relevant legal bases for data protection in Austria.

 

Austrian Data Protection Authority (Österreichische Datenschutzbehörde)
Barichgasse 40-42
1030 Vienna
Telephone: +43 1 52 152-0
EMail: dsb(at)dsb.gv.at
Internet: https://www.dsb.gv.at

 

Our data protection officer

Dr. Sonja Hebenstreit
Herbst Kinsky Rechtsanwälte GmbH
1010 Wien

datenschutz(at)energyagency.at