This website collects personal data from its users.
This document can be printed for preservation purposes using the “Print” command in the browser.
LEHNER INVESTMENTS AG
Provider email address: [email protected]
Personal data processed by this website independently or through third parties include: First name; Last name; Email; Cookie; Usage data.
Personal data may be provided voluntarily by the user or, in the case of usage data, may be collected automatically when this website is used.
Unless otherwise specified, the provision of all data requested by this website is mandatory. If the user refuses to provide the data, this may result in this website being unable to provide the user with its services. In cases where this website expressly states that the provision of personal data is voluntary, users may choose not to provide such data without any consequences for the availability or functioning of the service.
Users who are unclear about which personal data is mandatory can contact the provider.
Users are responsible for all third party personal data obtained, published or disclosed through this website and confirm that they have obtained consent to the transfer of any third party personal data to this website.
The Provider processes User Data in a proper manner and takes appropriate security measures to prevent unauthorized access and unauthorized forwarding, modification or destruction of data.
Data processing is carried out by means of computers or IT-based systems in accordance with organizational procedures and practices specifically aimed at the stated purposes. In addition to the data controller, other parties may operate this website internally (human resources, sales, marketing, legal department, system administrators) or externally – and in the case where necessary, designated by the data controller as processors (such as technical service providers, delivery companies, hosting providers, IT companies or communication agencies) – and thus have access to the data. An up-to-date list of these parties can be requested from the provider at any time.
The Provider may process personal data of Users only if one of the following applies:
- Users have given their consent for one or more specific purposes. Note: In some jurisdictions, the provider may be permitted to process personal data until the user objects to such processing (“opt-out”) without relying on consent or any other of the following legal bases. However, this does not apply if the processing of personal data is subject to European data protection law;
- the data collection is necessary for the fulfillment of a contract with the user and/or for pre-contractual measures arising therefrom;
- the processing is necessary for compliance with a legal obligation to which the provider is subject;
- the processing is related to a task carried out in the public interest or in the exercise of official authority vested in the provider;
- the processing is necessary to protect the legitimate interests of the provider or a third party.
In any case, the provider will be happy to provide information about the specific legal basis on which the processing is based, in particular whether the provision of personal data is a legal or contractual obligation or a prerequisite for the conclusion of a contract.
The data will be processed in the Provider’s office and in all other places where the entities involved in data processing are located.
Depending on the location of the users, data transfers may involve the transfer of the user’s data to a country other than their own. To learn more about the place of processing of the transferred data, users can consult the section with the detailed information on the processing of personal data.
Users also have the right to be informed about the legal basis of the transfer of data to a country outside the European Union or to an international organization governed by international law or established by two or more countries, such as the UN, as well as about the security measures taken by the Provider to protect their data.
If such a transfer occurs, the user can learn more about it by reviewing the relevant sections of this document or by contacting the provider using the information provided in the contact section.
Personal data is processed and stored for as long as required by the purpose for which it was collected.
- Personal data collected for the purpose of fulfilling a contract concluded between the provider and the user will be stored until the complete fulfillment of this contract.
- Personal data collected to protect the Provider’s legitimate interests will be retained for as long as necessary to fulfill those purposes. Users can obtain more detailed information about the Provider’s legitimate interests in the relevant sections of this document or by contacting the Provider.
In addition, the provider is permitted to store personal data for a longer period of time if the user has consented to such processing, as long as the consent is not revoked. Furthermore, the provider may be obliged to store personal data for a longer period of time if this is necessary to fulfill a legal obligation or by order of an authority.
After the retention period has expired, personal data is deleted. Therefore, the right of access, the right of deletion, the right of rectification and the right of data portability cannot be exercised after the expiry of the retention period.
Personal data about the User is collected in order for the Provider to provide the Service and further to comply with its legal obligations, respond to enforcement requests, protect its rights and interests (or those of Users or third parties), detect malicious or fraudulent activities. In addition, data is collected for the following purposes: Contacting the user, analytics, displaying content from external platforms and managing contacts and sending messages.
Users can find more detailed information on these processing purposes and the personal data used for each purpose in the “Detailed information on personal data processing” section of this document.