Privacy

We process your personal data exclusively in accordance with the provisions of the General Data Protection Regulation (GDPR) and the Data Protection Act (DSG). In this statement, you will find all the information about the type, scope, and purpose of data collection and usage.

TURM. Srl
Thomas Peintner
I-39031 Bruneck
Via Michael Pacher 1

T +39 378 0854 588
E office@turm.gmbh
PEC turm.gmbh@pec.it
W www.turm.gmbh

VAT Number: 03136300211
UID Number: IT03136300211
Recipient Code: W7YVLK9

What are Personal Data?

The term “personal data” is defined in Art. 4 No. 1 EU General Data Protection Regulation (GDPR) as “information relating to an identified or identifiable natural person.” This includes personal details such as name or email address, as well as browsing and communication behavior.

Data Processing When Visiting Our Website

Informational Use
When you use the website solely for informational purposes, meaning you do not register or transmit information to us in any other way, we only collect personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display the website and ensure stability and security (Legal basis: Art. 6 para. 1 sentence 1 lit. f GDPR):

  • IP address
  • Date and time of the request
  • Time zone difference from Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status/HTTP status code
  • Amount of data transferred
  • Website from which the request originates
  • Browser
  • Operating system and its interface
  • Language and version of the browser software

These data are stored anonymously and are used exclusively for statistical purposes (e.g., how often individual pages of our offering are visited) or for technical network and system monitoring to detect disturbances in server operations (log files). We delete or anonymize your personal data as soon as they are no longer required for the purposes for which they were collected or used as described above.

Cookies

A cookie is a small file containing a string of characters that is transferred to your computer when you visit a website. If you visit the website again, the cookie allows that website to recognize your browser. Cookies are typically not used to store personal data but can store user preferences and other information. You can configure your browser to reject all cookies or to notify you when a cookie is sent. Some features or services of the website may not function properly without cookies.

Data Processing with Plugins

Plugins are components embedded within the website that link to third-party content (referred to as “plugins”). When embedding plugins, we use the so-called two-click solution. This means that when you visit the website, no personal data is initially transmitted to the third-party provider.

We have no influence on the data collected and processing operations, nor do we know the full extent of data collection, the purposes of processing, or the storage periods. We also have no information regarding the deletion of the collected data by Google.

Data Types:
By visiting the website, Google receives the information that you have accessed the relevant subpage of our website. Additionally, the following data are transmitted to Google when using the plugin:

  • Information about the browser type and version used
  • The user’s operating system and its interface
  • The user’s internet service provider
  • The user’s IP address
  • Date and time of access
  • Websites from which the user’s system accesses our website
  • Websites accessed by the user’s system through our website
  • Transferred data volume
  • Access status/HTTP status code

This occurs regardless of whether Google provides a user account through which you are logged in or if no user account exists. If you are logged into Google, your data is directly assigned to your account. If you do not want the data to be assigned to your Google profile, you must log out before activating the plugin. Google stores your data in user profiles and uses them for advertising, market research, and/or needs-based design of its website. Such evaluation is performed, especially for non-logged-in users, to provide targeted advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of such user profiles, and to exercise this right, you must contact the third-party provider directly.

Legal Basis:
The processing of personal data concerning the collection and transmission of the user’s IP address and information about the browser type and version to the third-party provider is necessary to provide the online offering of the third-party provider, for user-friendliness, and for technical necessity. The IP address is necessary for delivering third-party content, and information about the browser type and version is required to deliver content in the correct format.

The legal basis for the collection and transmission of the IP address and information about the browser type is Art. 6 para. 1 sentence 1 lit. f GDPR. The legitimate interest lies in providing and improving the online offering as well as user-friendliness.

The legal basis for the collection and transmission of cookies (see point 2.c.) and the information you provide is your consent under Art. 6 para. 1 sentence 1 lit. a GDPR. You can withdraw your consent at any time. The lawfulness of the processing based on consent until the withdrawal is not affected.

Storage Duration:
We do not store data related to the use of plugins. Regarding potential storage by Google, please refer to their privacy policy at: https://policies.google.com/privacy.

Recipients:
The collected data will be transmitted to the respective third-party providers. The transmission of personal data is justified by our legitimate interest in providing and improving our online offering and for user-friendliness, and your rights and interests in protecting your personal data under Art. 6 para. 1 sentence 1 lit. f GDPR are not overridden.

Data Processing Outside the European Union:
In cases where personal data are transmitted to the USA, third-party providers have self-certified under the EU-US Privacy Shield. Google’s certification can be viewed at: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Registration Data in Business Transactions – B2B

In the course of business initiation and business transactions (contract fulfillment and use of TURM.GmbH services by customers), we store and process contact data, contract data, billing data, and correspondence.

Legal Basis:
For new and existing customers, processing is necessary for contract fulfillment and/or pre-contractual measures under Art. 6 para. 1 sentence 1 lit. b GDPR.
For potential customers, we rely on the legal basis of legitimate interest in business initiation under Art. 6 para. 1 sentence 1 lit. b and f GDPR.

Retention Periods:
We process data for existing customers as long as the contractual relationship remains in effect. After termination, we store the data until the statutory retention periods expire. All billing data, accounts, receipts, invoices, etc., are stored in accordance with the statutory retention periods, usually for 7 years, and then deleted or anonymized. Personal data of customers will be stored by TURM.GmbH as long as necessary to fulfill the company’s obligations or to defend against any potential claims.

Recipients:
Beyond our internal authorized employees, billing data may be passed on to our tax advisors (and thus to third parties). The data you provide will be shared within our company group for internal administrative purposes, including joint customer support as necessary. Any sharing of personal data is justified by our legitimate interest in providing the data for administrative purposes within our company group, and your rights and interests in the protection of your personal data under Art. 6 para. 1 sentence 1 lit. f GDPR do not override.

Your Rights Regarding Your Personal Data

You generally have the right to access (Art. 15 GDPR), correct (Art. 16 GDPR), delete (Art. 17 GDPR), restrict (Art. 18 GDPR), and transfer (Art. 20 GDPR) your personal data.

Additionally, you have the right to object to the processing of your personal data for reasons related to your specific situation at any time. If you object, we will no longer process your personal data, unless we can demonstrate compelling legitimate grounds for the processing that override your rights and freedoms or the processing is necessary for the establishment, exercise, or defense of legal claims (Art. 21 GDPR). The withdrawal of consent will take effect only in the future. Processing of personal data before the withdrawal is not affected.

If you believe that the data we process is incorrect, please inform us, and we will promptly correct it and inform you.

If you no longer wish for us to process your data, please inform us informally at info@turm.gmbh. We will promptly delete your data and inform you. If there are mandatory legal reasons preventing deletion, we will promptly inform you.

You also have the right to restrict processing and data transfer. If you believe that the processing of your data violates Austrian or European data protection law and that we have violated your rights, please contact us at info@turm.gmbh to clarify any questions.