Skip to main content

Data protection & Cookies

Information pursuant to Articles 13 and 14 of the General Data Protection Regulation (GDPR) on the processing of personal data

We take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory provisions. In this privacy policy we inform you about the data processing of your personal data. As a rule, it is possible to use our website without providing your personal data independently. Insofar as personal data (for example, name, address or e-mail address) is collected on our pages, this is always done to enable the use of the website or on a voluntary basis.

(Status: 27.11.2023)

Your data is collected and processed by Raiffeisen Group IT GmbH (Member of Raiffeisen Bank International AG) Mooslackengasse 12, 1190 Vienna, Austria.

Responsible for data processing:

Raiffeisen Bank International AG
Am Stadtpark 9, 1030 Wien
Phone Number  +43 1 71707-0
E-Mail: datenschutz@rbinternational.com

Contact data of the Data Protection Officer of the Bank:

Mag. Daniela Bollmann, LL.M
Phone Number +43 1 71707-8603
E-Mail: datenschutzbeauftragter@rbinternational.com

 

We process the personal data that we receive from you, your employer or other third parties within the scope of the business relationship. In addition, we process data that we have permissibly received from publicly accessible sources (e.g. company register, register of associations, land register or media) or that are legitimately transmitted to us by other companies affiliated with Raiffeisen Group IT GmbH.

Personal data may include, for example, your personal details and contact data (e.g. name, address, date and place of birth, nationality, etc.) or legitimation data (e.g. specimen signature, identification data). In addition, it may also include data for the execution of payments (e.g. account details) as well as data for the fulfilment of our contractual obligations, information from your electronic transactions with Raiffeisen Group IT GmbH (e.g. cookies) and other data comparable to the categories mentioned.

We process your personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the Austrian Data Protection Act 2018.

  • to fulfil contractual obligations (Art. 6 para. 1 lit. b DSGVO)

The processing of personal data (Art. 4 No. 2 DSGVO) is carried out in particular for the provision of services and the execution of our contracts with you and the execution of your orders as well as for the implementation of pre-contractual measures. The specific details regarding the purpose of data processing can be found in the respective contract documents and terms and conditions.

  • for the fulfilment of legal obligations (Art. 6 Para. 1 lit. c DSGVO)

The processing of personal data may be necessary for the purpose of fulfilling various legal obligations (e.g. from the law on limited liability companies (GmbHG) etc.) to which Raiffeisen Group IT GmbH is subject.

  • within the scope of your consent (art. 6 para. 1 lit a DSGVO)

If you have given us your consent to process your personal data for specific purposes (e.g. transfer of data to the recipients named in the consent), the data will only be processed in accordance with the purposes and to the extent agreed in the declaration of consent. A given consent can be revoked at any time with effect for the future.

  • to safeguard legitimate interests (Art. 6 para. 1 lit f DSGVO)

Insofar as necessary, data processing may be carried out for the protection of legitimate interests beyond the actual fulfilment of the contract within the scope of weighing up interests in favour of Raiffeisen Group IT GmbH or a third party. In the following cases, among others, data processing is carried out to safeguard legitimate interests:

  • Measures to protect customers and employees as well as the property of Raiffeisen Group IT GmbH;
  • measures to prevent and combat fraud;
  • within the scope of legal prosecution;
  • Measures for business management and further development of services and products;

Within Raiffeisen Group IT GmbH, those departments or employees receive your data that need it to fulfil contractual, legal and legitimate interests. In addition, contractually bound processors receive your data if they require the data to fulfil their respective services. All processors are contractually obliged to treat your data confidentially and to process it only within the scope of providing the service.

If there is a legal or regulatory obligation, public bodies and institutions (e.g. courts, tax authorities, etc.), other institutions and our auditors may be recipients of your personal data. Auditors may be recipients of your personal data. Your data will not be transferred to third countries.

We process your data for the duration of the entire business relationship (from the initiation, processing to the termination of a contract) as well as beyond that as long as this is necessary due to legal storage and documentation obligations or for the protection or enforcement of rights. In addition, the statutory limitation periods, which can be up to 30 years in certain case, e.g. according to the General Civil Code (ABGB), must also be taken into account for the storage period.

You have the right to information, correction, deletion or restriction of the processing of your stored data, a right to object to the processing and a right to data portability in accordance with the requirements of data protection law. If you wish to exercise your rights, please contact datenschutz@rbinternational.com or the data protection officer. If you believe that your rights have not been exercised in accordance with the GDPR, you are welcome to contact us again or lodge a complaint with the Austrian Data Protection Authority, Barichgasse 40-42, 1030 Vienna, Austria, www.dsb.gv.at.

As part of the business relationship, you must provide us with all personal information that is necessary to enter into and to maintain the business relationship with you, and also those data that we are required by law to collect. If you do not provide us with these data, we will generally decline either to conclude or to complete the contract, or we will be unable to execute an existing contract or we would be forced to terminate such contract. However, you are not obliged to give your consent to the processing of data if such data is not necessary for the performance of a contract or is not required by law or regulation.

As a matter of principle, we do not use a fully automated decision-making process in accordance with Article 22 of the DSGVO to establish and conduct the business relationship. 

If you contact us by form on the website or by e-mail, the data you provide and transmit will be stored by us for a maximum of twelve months for the purpose of processing the inquiry and in case of follow-up questions. In this way, we pursue our legitimate interest in being able to offer you the best possible service and to open up ways for you to exchange information with us. If you do not wish your data to be shared and/or stored in this way, please send your objection to: datenschutz@rbinternational.com

Our website only uses technically necessary cookies.

Technically necessary cookies are small files that are necessary for the basic functions of the website. They are used to ensure that the website is displayed correctly, functions technically and that the respective levels communicate with each other correctly. You can block or delete these cookies, but then you run the risk that some parts of the website will not function properly.

Record on the web server
Every time a user accesses our website and every time a file is retrieved or attempted to be retrieved from the server, data about this process is stored in a log file. For us it is not directly recognizable, which user called upon which data. We also do not try to collect this information. This would only be possible in legally regulated cases and with the help of third parties (e.g. Internet service providers). In detail, the following data record is stored for each retrieval: The IP address, the name of the downloaded file, the date and time of the download, the amount of data transferred, the message as to whether the download was successful and the message as to why a download may have failed, the name of your Internet service provider, if applicable the operating system, the browser software of your computer and the website from which you are visiting us.

The legal basis for the processing of personal data is our legitimate interest (in accordance with Art 6 (1) (f) GDPR). This is to detect, prevent and investigate attacks on our website.

In addition, we process your personal data in special cases on the basis of the legitimate interests of us or legitimated third parties for legal proceedings or on behalf of legally authorized authorities or courts.

We generally store data for a period of three months to guarantee the security of our homepage. A longer storage only takes place as far as this is necessary to investigate determined attacks on our website or to pursue legal claims.

For the above-mentioned purposes, we have your personal data processed by the following service providers: Raiffeisen Informatik GmbH, der RAITEC GmbH, Raiffeisen Informatik Center Steiermark GmbH.