Effective Date: September 1st, 2022
This is the Privacy Policy hosted at https://www.noscat.at/ by Noscat GmbH („we“ „us “ and „Noscat“) headquartered in 1010, Wallnerstraße 4/34 Vienna, Austria. Please see below for our contact details.
At Noscat, we take your privacy seriously. Please read the following to learn how we treat your personal information („personal data“ means any information relating to an identified or identifiable natural person („data subject“); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.)
What this Privacy Policy Covers
This Privacy Policy covers how we treat Personal Data that we gather when you access or use our website at https://www.noscat.at/ or otherwise interact with our Services and the recipients of our emails (collectively, the „Services“) as a data controller within the meaning of Art. 4 of the General Data Protection Regulation („GDPR“). The privacy notice also applies to the use of our services with mobile devices or by other means.
Personal Data, which we Collect and how we use it on what legal basis
Depending on how you interact with our Services, we collect different categories of Personal Data and use them in different ways, based on different legal bases, as we described out below:
1. Information you provide to us when you interact with us
Personal contact information:
This includes your name, home or postal address, phone number and email address. This could include information that you give us about someone else (for example, if you ask us to ship a product to someone else). We collect personal contact information in connection with product orders and customer service. The legal basis for this processing is contract performance/ pre-contractual measures
2. Automatically collected information when visiting the website
When you visit our website, we store certain information about the browser and operating system you use, the date and time of your visit, the access status (e.g. whether you were able to access a website or received an error message), the use of functions on the website, how often you visit individual subpages, the name of files you access, the website from which you accessed our website, and the website you visit after visiting our website, whether by clicking on links on our website or by entering a domain directly in the input field of the same tab (or window) of your browser in which you opened our website. In addition, we store your IP address and the name of your Internet provider for seven days for security reasons, in particular to prevent and detect attacks on our website or fraud attempts.
The legal basis for this processing is our legitimate interest in the presentation of our website as well as data protection organization and data security.
3. Cookies and similar technologies
When you use the Site, we use various technologies (including cookies) to collect certain information (i.e., personal data) about how you use the Site. We use this information to understand your preferences better so we can improve for security and anti-fraud purposes. The legal basis for the use of „Functional Cookies“ is our legitimate interest.
We do not use „performance/analytics cookies“ or „marketing cookies“.
To the extent that cookie/similar technology providers are deemed to be our processors or joint controllers, we have entered into appropriate agreements with such providers, if available.
4. Company Website
In the following, we present our processing activities in connection with your visit to our corporate website. Based on the type of personal data processed, we explain which purposes and on which legal basis we process your personal data.
Our own data processing in connection with our corporate website serves our (and your) legitimate interest (legal basis) in improving the user experience when visiting the respective corporate website.
If you contact us, we process the aforementioned personal data to handle your inquiry and the associated technical administration and store it in case follow-up questions arise. Otherwise, we process the aforementioned personal data only to find out whether visitors to our corporate website like our content.
The processing of the aforementioned personal data takes place, if you express interest in our products, on the basis of contract performance/pre-contractual measures, i.e., for the initiation of a contractual relationship. Otherwise, it is carried out on the basis of mutual interest in providing good service to visitors to our company website and is thus based on our legitimate interest.
There is no obligation to provide the above personal data, but without it we are not able to process requests or interact with you.
5. Other purposes of processing
We use all of the information described above for the following general purposes:
• To protect against or deter fraudulent, illegal or harmful actions and maintain the safety, security and integrity of our Services.
• To comply with our legal or contractual obligations, resolve disputes, and enforce our Terms of Service.
• To respond to law enforcement inquiries and when required by applicable law, court order or government regulation.
As noted in the list above, we may communicate with you if you’ve provided us the means to do so. For example, if you’ve given us your email address, we may send you promotional email offers or email you about your use of the Services. Also, we may receive a confirmation when you open an email from us, which helps us improve our Services. If you do not want to receive marketing communications from us, please indicate your preference by emailing us at office@noscat.at
The legal basis for this processing is our legitimate interest to inform you about our products or otherwise your consent.
We will not collect additional categories of Personal Data or use the Personal Data we collected for materially different, unrelated, or incompatible purposes without providing you notice.
How Personal Data May Be Disclosed to third parties
1. Your personal Data (as listed above in Personal Data We Collect and How We Use It) may be disclosed with the following categories of third parties:
• to our third-party service providers who provide services such as website hosting, data analysis, payment processing, product delivery, fraud detection, advertising providers and partners, email delivery services, customer relationship management, survey and feedback collection services, credit card processing, staff augmentation and contract personnel, auditing services and other services, to enable them to provide services and for purposes described in this Privacy Policy.
• If we are under a duty to disclose or share your Personal Data in order to comply with any legal obligation, or in order to establish, exercise, defend, enforce or apply our terms of service or sale and other agreements or legal claims; investigate or prevent actual or suspected unlawful activity, loss or harm and to protect the rights, property, or safety of our customers, or others; or as otherwise required or permitted by law. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction and to prevent cybercrime.
• to the extent permitted, to a third party in the event of a reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or partnership interests.
• to other companies in the Noscat group from time to time and for purposes set out in this Privacy Policy. (in the main case, the transfer of personal data to companies of the Noscat group of companies takes place for the fulfillment of product orders; the legal basis in this case is contract fulfillment/pre-contractual measures)
2. Information that is automatically collected when you use the Site may be disclosed with the following categories of third parties:
• our online and email advertisers, social media partners or other third-party vendors we use who may provide Cookies or other similar technologies for use on our Site to manage and improve our online and email advertising campaigns, to the extent permitted by law.
3. Recipients in „third countries“ within the meaning of the GDPR; where applicable, we will use EU standard contractual clauses or binding internal data protection rules to ensure an „adequate level of protection“ in accordance with the legal requirements of the GDPR.
No obligation to provide
The provision of personal data by you is usually on a voluntary basis. In principle, there is neither a legal nor a contractual obligation on your part to provide such personal data. However, in the event that you do not provide personal data, it may not be possible to provide some or all of our services properly.
Data Security and Retention
We seek to protect your Personal Data from unauthorized access, use and disclosure using appropriate physical, technical, organizational and administrative security measures based on the type of Personal Data and how we are processing that data. For example, the Site uses industry standard Secure Sockets Layer (SSL) technology to allow for the encryption of Personal Data you provide to us.
We retain Personal Data about you for as long as necessary to provide you with our Services. In some cases, we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation. We may further retain information in an anonymous or aggregated form where that information would not identify you personally.
Information on legal bases as well as rights of the data subjects and transfers of personal data
Lawful basis under GDPR
We will only process your Personal Data if we have a lawful basis under the GDPR for doing so. Lawful bases for processing include consent, contractual necessity and our “legitimate interests” or the legitimate interest of others, as further described below.
• Contractual Necessity: We process Personal Data in the form of your name, address(es), order details, email address and phone number in order to comply with our contractual obligations to deliver products to you or to take steps at your request prior to an order being finalised. When we process data due to contractual necessity, failure to provide such Personal Data will result in your inability to use some or all portions of our Site that require such data, for instance the ability to order products.
• Legitimate Interests: This is a technical term in data protection law which really means we have a good and fair reason to use your data and we do so in ways which does not hurt your interests and rights. We use your data in our legitimate interests where it is reasonably expected as part of running our business, and which does not materially impact your rights, freedom or interests. For example, we will send you promotional communications about our service, subject to your legal rights to control this. We also analyse how users interact with our Site so we can understand how different elements of the Site are working so we can improve and develop the Site. We also process your data to guard against fraud and security threats and may do so in the completion of corporate transactions for the sale or part or all of our business.
• Consent: In some cases, we process Personal Data based on the consent you expressly grant to us at the time we collect such data. When we process Personal Data based on your consent, it will be expressly indicated to you at the point and time of collection.
• Compliance with law: For instance, we keep Personal Data in the form of order and transaction records to comply with our tax record obligations under legislation.
Data Subject Rights
You have certain rights with respect to your Personal Data, including those set forth below. For more information about these rights, or to submit a request, please:
o Email us at: office@noscat.at
o Submit a form at this address: office@noscat.at
In some cases, we may also need you to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request.
• Information: You can request more information about the Personal Data we hold about you and request a copy of such Personal Data. You can also access certain of your Personal Data by logging on to your account.
• Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data.
• Erasure: You can request that we erase some or all of your Personal Data from our systems.
• Withdrawal of Consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. The lawfulness of the processing of your personal data until the revocation is not affected by the revocation. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Services.
• Portability: You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.
Objection: You can contact us to let us know that you object to the further use or disclosure of your Personal Data for certain purposes, such as for direct marketing purposes.
• Restriction of Processing: You can ask us to restrict further processing of your Personal Data.
• Right to File Complaint: You have the right to lodge a complaint about Noscat’s practices with respect to your Personal Data with the supervisory authority, the Information Commissioner’s Office.
Transfer of personal data
We will take all reasonable steps to ensure that your data is subject to appropriate safeguards, for example, by relying on a recognized legal adequacy mechanism, including standard contractual clauses, and that it is processed securely and in accordance with this Privacy Notice. Examples of when we transfer your personal data outside the European Economic Area include.
• To store it.
• So that we can provide goods or services to you and perform our contract with you. This includes presenting our products, fulfilling orders and providing customer services.
• When we are required to do so by law.
• To facilitate the operation of our group of companies where it is in our legitimate interest to do so and we have concluded that your rights are not overridden.
Automated decisions
We will not use your personal data to make automated decisions (including profiling) about you that have legal effects on you or similarly significantly affect you.
Changes to this Privacy Policy
We’re constantly trying to improve our Services, so we may need to change this Privacy Policy from time to time as well. Those changes will go into effect on the Effective Date shown in the revised Privacy Policy. Use of information we collect is subject to the Privacy Policy in effect at the time such information is collected.
Contact Information
If you have any questions or comments about this Privacy Policy, the ways in which we collect and use your Personal Data, your choices and rights regarding such use, please do not hesitate to contact us at office@noscat.at