Status: 18.05.2018

Data protection is a matter of trust and your trust is important to us. To ensure that you feel safe when visiting and using our offers, we strictly observe the legal provisions when processing your personal data and would like to inform you here about our data collection and data use. The following privacy policy explains what data is collected from you in our offers and which of these data we process and use in what way and whom you can contact with concerns.

1. responsible body and rights of the data subject
The responsible party for the collection, processing and use of your personal data within the meaning of the Data Protection Act is M&H CNC Technik GmbH (hereinafter: MHCNC). MHCNC, as the responsible party, can be reached at the contact information listed below:
– Postal address: M&H CNC Technik GmbH, 8262 Ilz, Neudorf 171, Austria
– E-mail: office@mhcnc.com
– Managing directors: Patrick Herzig, Robert Mauerhofer

You can obtain information about your data stored by us free of charge at any time, as well as assert your right to have your data corrected, blocked or deleted. For this purpose, please contact us using the contact details provided above. If you wish to object to the collection, processing or use of your data by MHCNC in accordance with these data protection provisions as a whole or for individual measures, you can also send your objection by e-mail or letter to the contact data mentioned above.

2. collection, processing and use of personal data
Personal data is information about factual or personal circumstances of an identified or identifiable natural person. This includes, for example, your name, your telephone number, your address, your IP address and all inventory data that you provide to us when registering and creating your account.

2.1. Account
The following data is mandatory when registering for a customer account (mandatory data):
– E-mail address
– Password
The following data must be provided only once you place a paid order:
– Company name
– Contact person (first name, last name)
– Salutation
– Invoice address
– Delivery address
For your order we need your correct name, address and payment information. We need your e-mail address so that we can confirm receipt of your order and generally to be able to communicate with you. We also use your email address to identify you (as a login name) when you log in to your account.

2.2. Collection, processing and use of your personal data
We collect, store and process your data for the entire processing of your order and including any subsequent warranties, technical administration and for the prevention of crime and fraud. Your personal data will be disclosed to third parties only to the extent permitted by law, including for the purpose of contract execution or billing, or if you have previously consented. In the context of order processing, for example, the service providers we use (such as banks, logisticians) receive the necessary data for order and order processing. The data thus disclosed may only be used by our service providers to fulfill their task. Even if you do not conclude a contract with MHCNC, we as website operator collect data on the basis of our legitimate interest within the meaning of Art. 6 para. 1 lit. f, the basic data protection regulation, we record data about your access and log the website visited, the date and time of access, the amount of data sent, the source/reference, the page from which you accessed our site, the version and type of browser and operating system used, as well as your IP address and store this as a “server log file” on the server of the website. The server log files are stored for a maximum of 60 days and then deleted. This data is stored for security reasons in order to clarify any cases of misuse and to improve our services. If data must be retained for evidentiary reasons, it is exempt from deletion until the matter is resolved.

2.3 Data transmission
If necessary, we will pass on your data to the following categories of recipients with the corresponding legal basis or consent: banks, legal representatives, auditors, courts, administrative authorities, collection agencies, insurance companies, cooperating contractual and business partners, IT service providers, advertising agencies.
Your data is also processed, at least in part, outside the EU or EEA, namely in the USA.
The adequate level of protection results from an adequacy decision of the European Commission according to Art 45 GDPR by Privacy Shield.

3. cookies
Accepting cookies is not a prerequisite for visiting our website. However, please note that our website and offers will have limited functionality if you do not allow us to set cookies.

3.1. What are cookies?
Cookies are small files that are stored on your data carrier and save certain settings and data for exchange with our system via your browser. Basically, we distinguish between 2 different types of cookies, so-called session cookies, which are deleted as soon as you close your browser, and temporary/permanent cookies, which are stored on your data carrier for a longer period of time or indefinitely. This storage helps us to design our offers for you accordingly and makes it easier for you to use them, for example, by storing certain entries from you in such a way that you do not have to keep repeating them.

3.2. Are there also cookies from third-party providers (so-called third-party cookies)?
MHCNC uses a number of third party vendors to help make the website and web pages more interesting for you. Therefore, cookies from partner companies are also stored on your hard drive when you visit the websites. These are temporary/permanent cookies that automatically delete themselves after the specified time. These temporary or permanent cookies (lifetime 14 days to 10 years) are stored on your hard drive and delete themselves after the specified time. Also the cookies of our partner companies contain only pseudonymous mostly even anonymous data.

3.3. How can you prevent cookies from being stored?
In your browser, you can set that cookies are only accepted if you agree to this and thus prevent further cookies from being set in the future. If you wish to accept only the MHCNC cookies but not the cookies of our service providers and partners, you can select the “Block third-party cookies” setting in your browser. As a rule, the Help function in the menu bar of your web browser will tell you how to reject new cookies and disable those you have already received.

4. web analysis
In order to constantly improve and optimize our offer, we use so-called tracking technologies. For this purpose, we use the services of Google Analytics.

4.1. Google Analytics
This website uses Google (Universal) Analytics, a web analytics service provided by Google, Inc. (www.google.at). Google (Universal) Analytics uses methods that enable an analysis of your use of the website, such as so-called “cookies”, text files that are stored on your computer. The information generated about your use of this website is usually transferred to a Google server in the USA and stored there. By activating IP anonymization on our offers, the IP address is shortened before transmission within the member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there. The anonymized IP address transmitted by your browser as part of Google Analytics is not merged with other data from Google. You can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

As an alternative to the browser plugin, you can click this link to prevent Google Analytics from collecting data on this website in the future. In the process, an opt-out cookie is placed on your end device. If you delete your cookies, you will need to click the link again.

5. secure data transmission
Your personal data is transferred securely by us through encryption. Of course, this also applies to your order and also to the account login. We use the TLS (Transport Layer Security) or SSL (Secure Socket Layer) coding system. Furthermore, we secure our websites and other systems by technical and organizational measures against loss, destruction, access, modification or distribution of your data by unauthorized persons.

6. links to other websites and social media
Links to other websites are provided for information purposes only. Other websites are beyond our control and are not covered by this policy. When you access other websites via the links provided, the operators of the respective websites may collect data about you, which the operators may then use in accordance with their respective privacy policies in a manner that may differ from our policy.
On some pages of our website, third-party content, applications or plug-ins may be made available that track your use of content, applications or plug-ins and/or that optimize your use of content, applications or plug-ins. For example, if you share an article via a share button for social media (e.g. Facebook, Twitter or Google Plus) on our website, this process is recorded by the social network that created the button.

7. online presence in social media
We maintain online presences within social networks and platforms in order to be able to communicate with the customers, interested parties and users active there and to inform them about our services there. When calling up the respective networks and platforms, the terms and conditions and data processing policies of their respective operators apply. We process the data of users if they communicate with us within the social networks and platforms, e.g. write posts on our online presences or send us messages.

8. newsletter data
If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or only on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.
The processing of the data entered in the newsletter registration form is based exclusively on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the “unsubscribe” link in the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.
The data you provide for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted after you unsubscribe from the newsletter. Data stored by us for other purposes (e.g. e-mail addresses for the member area) remain unaffected by this.

8.1. AutopilotHQ
This website uses the services of AutopilotHQ for sending newsletters. The provider is Autopilot Inc, 717 California Street, Level 1, San Francisco, CA, 94108, USA.
AutopilotHQ is a service that can be used, among other things, to organize and analyze the sending of newsletters. If you enter data for the purpose of receiving the newsletter (e.g. e-mail address), this data will be stored on AutopilotHQ’s servers in the USA.
AutopilotHQ has a certification according to the “EU-US Privacy Shield”. The “Privacy Shield” is an agreement between the European Union (EU) and the USA, which is intended to ensure compliance with European data protection standards in the USA.
With the help of AutopilotHQ we can analyze our newsletter campaigns. When you open an email sent with AutopilotHQ, a file contained in the email (called a web beacon) connects to AutopilotHQ’s servers in the United States. This makes it possible to determine whether a newsletter message has been opened and which links, if any, have been clicked on. In addition, technical information is collected (e.g. time of retrieval, IP address, browser type and operating system). This information cannot be assigned to the respective newsletter recipient. They are used exclusively for statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients.
If you do not want analysis by AutopilotHQ, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. Furthermore, you can also unsubscribe from the newsletter directly on the website.
The data processing is based on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.
The data you provide for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from our servers as well as from the servers of AutopilotHQ after you unsubscribe from the newsletter. Data stored by us for other purposes (e.g. e-mail addresses for the member area) remain unaffected by this.
For more details, please see AutopilotHQ’s privacy policy at: https://autopilothq.com/privacypolicy.html

9. LinkedIn
Our website uses functions of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time one of our pages containing LinkedIn functions is accessed, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited our web pages with your IP address. If you click the “Recommend Button” of LinkedIn and are logged into your account at LinkedIn, it is possible for LinkedIn to assign your visit to our website to you and your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by LinkedIn.
For more information, please see LinkedIn’s privacy policy at: https://www.linkedin.com/legal/privacy-pol

10. google fonts and google maps
We integrate the fonts (“Google Fonts”) and the maps of the service “Google Maps” of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The processed data may include, in particular, IP addresses and location data of the users, which, however, are not collected without their consent (usually executed within the settings of their mobile devices). The data may be processed in the USA. Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.

11. data retention
We will not retain your data longer than is necessary for our business purposes or due to legal requirements. However, please note that we may retain some data after you have closed your account with us, for example, if this is necessary to comply with our legal obligations, such as to retain the data for tax and accounting purposes.

12. legal remedy instruction
You are generally entitled to the rights of information, correction, deletion, restriction, data portability and objection. For this purpose, please contact us.
If you believe that the processing of your data violates data protection law or that your data protection rights have otherwise been violated in some way, you can complain to the supervisory authority. In Austria, the Austrian Data Protection Authority, Wickenburggasse 8, 1080 Vienna is responsible.