Data Privacy

1) Privacy Policy for Business Parnters of voestalpine Precision Strip GmbH 
2) Privacy Policy for Business Partners of voestalpine Precision Strip AB
3) Privacy Policy for Business Partners of voestalpine Precision Strip S.A.U.



General Data Protection Notice for Business Partners of voestalpine Precision Strip GmbH
 
In the course of our business relationship with you, it is necessary for us to process your personal data. “Personal data” is any information that relates to an identified or identifiable natural person (e.g. names and addresses).
Protecting the security and privacy of personal data of our business partners (such as customers and suppliers) is very important to voestalpine Precision Strip GmbH, Waidhofnerstraße 3, 3333 Böhlerwerk and its subsidiaries (together voestalpine). We are obligated to protect your data and take this duty very seriously. We expect the same from our business partners.
Please find enclosed a summary of the processing of personal data of business partners:

1. Categories of personal data processed, purpose of the processing and legal basis
In the context of the business relationship with business partners, voestalpine may process personal data for the following purposes:
»         Communicating with business partners about products, services and projects, e.g. to process inquiries from business partners
»         Initiate, process and manage (contractual) relationships and maintain business relationships between voestalpine and the business partner, e.g. to process orders for products or services, to process payments, for accounting, billing and collection purposes, to make deliveries, to carry out maintenance activities and repairs
»         Conducting customer surveys, marketing campaigns, market analysis, sweepstakes, contests, and other promotional activities or events
»         Maintaining and protecting the security of our products, services and websites, preventing and detecting security threats, fraud and other criminal or malicious activities
»         Ensuring compliance with (i) legal obligations (such as record keeping obligations in accordance with tax and commercial law), and (ii) voestalpine policies
»         Settling disputes, enforcing our contractual agreements and establishing, exercising or defending legal claims
For the aforementioned purposes, voestalpine may process the following categories of personal data:
»         Business contact information, such as name, work address, work telephone number and email address;
»         Payment data, such as data necessary for processing payments and fraud prevention, including credit card numbers and card security codes;
»         Information collected from publicly available sources, information databases and credit agencies;
»         Other information that has to be processed to initiate, process and manage (contractual) relationships and maintain business relationships or that you voluntarily provide, such as orders placed, order details, inquiries or project details, correspondence, other data pertaining to the business relationship
The processing of personal data is necessary to meet the aforementioned purposes including the performance of a contractual relationship or a pre-contractual activity with the business partner.
Unless indicated otherwise, the legal basis for the processing of personal data is Article 6 (1) (a) (if consent has been given) or Article 6 (1) (b) or (f) of the General Data Protection Regulation (GDPR).
»         processing is necessary for the performance of a contract to which the data subject is party or for pre-contractual measures;
»         processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party;
If aforementioned personal data is not provided or is insufficient or if voestalpine cannot collect the respective personal data the purposes described may not be met or the received inquiry/inquiries could not be processed. Note that this would not be considered failure to fulfill our obligations under a contract.

2. Transfer and disclosure of personal data

If legally permitted to do so, voestalpine may transfer personal data to other voestalpine Group companies (www.voestalpine.com/locations) or courts, authorities, attorneys, or other business partners (for example shipping and logistics partners for executing and processing orders).
Furthermore voestalpine engages processors (service providers) to process personal data (within the scope of an IT support contract, for example). These processors are contractually bound to act in compliance with applicable data protection regulations.
Recipients of personal data may be located in countries outside of the European Union (“third countries”), in which applicable laws do not offer the same level of data protection as the laws of the respective individual’s home country. In this case, according to the legal requirements personal data is only transferred if the European Commission has adopted an adequacy decision for the third country, if adequate safeguards have been agreed (e.g. EU Standard Contractual Clauses were concluded), the recipient participates in an approved certification system (e.g. EU-US Privacy Shield), binding corporate rules are implemented in accordance with Art. 47 of the General Data Protection Regulation or there is a derogation for specific situations in accordance with Art. 49 of the General Data Protection Regulation (e.g. because you explicitly consented to the proposed transfer, after having been informed of the possible risks of such transfers for the data subject due to the absence of an adequacy decision and appropriate safeguards). Further information and a copy of the implemented measures can be obtained from the contact listed under 6.

3. Retention periods
 
Unless explicitly indicated otherwise at the time of the collection of your personal data (e.g. in a declaration of consent), your personal data will be erased if the retention of the personal data is no longer necessary to fulfill the purposes for which they were collected and if no statutory retention obligations (such as tax or commercial law) or establishment, exercise or defence of legal claims require us to further retain the data.

4. Right of access to and rectification or erasure of personal data, restriction of processing, Right to object to processing, right to data portability and right to withdraw explicitly granted consent
 
»         In accordance with Art. 15 GDPR, you have the right to obtain from the controller confirmation as to whether or not personal data concerning you are being processed and access to information about this data.
»         In accordance with Art. 16 GDPR, you have the right to obtain without undue delay the rectification of inaccurate personal data and to have incomplete personal data completed.
»         In accordance with Art. 17 GDPR, you have the right to erasure of your personal data.
»         In accordance with Art. 18 GDPR, you have the right to restrict processing.
»         In accordance with Art. 20 GDPR, you have the right to data portability.
»         In accordance with Art. 21 GDPR, you have the right to object to the processing of personal data.
»         Finally, you are entitled to file a complaint with the supervisory authority.
»         If processing of your personal data is based on your consent, you have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
In order for us to efficiently respond to such a request, we ask you to contact us using the contact data listed below and to provide us with confirmation of your identity, for example, by sending us an electronic copy of your ID.
 
5. Protection of your personal data

The security of your personal data is extremely important to us. We take specific measures to protect your personal data against loss, misuse, unauthorized access, manipulation or disclosure, including the following:
»         Limited access to our premises (access control)
»         Implementation of access rights and protection of media (access and transfer control)
»         Deployment of network security measures such as antivirus software, firewalls, security updates, etc. (network control)
All processors engaged by us are bound by our security concept and are obligated to adhere to similar or equal security measures.

6. Contact
 
For any questions related to data protection and asserting the rights as listed, please contact the voestalpine data protection organization at <This e-mail address is protected against spam bots, you have to activate JavaScript in your browser to see it.>.
Elisabeth Moser
Assistant of Managing Director
voestalpine Precision Strip GmbH
Waidhofner Strasse 3
3333 Boehlerwerk, Austria
T. +43 7442 600-29401
<This e-mail address is protected against spam bots, you have to activate JavaScript in your browser to see it.>
www.voestalpine.com/precision-strip
This General Data Protection Notice for business partners will be revised from time to time.
The date of the last revision: May 1, 2018


General Data Protection Notice for Business Partners of voestalpine Precision Strip AB
 
In the course of our business relationship with you, it is necessary for us to process your personal data. “Personal data” is any information that relates to an identified or identifiable natural person (e.g. names and addresses).
Protecting the security and privacy of personal data of our business partners (such as customers and suppliers) is very important to voestalpine Precision Strip AB, Uddeholmsvägen, 684 28 Munkfors, P.O. Box 503, Sweden and its subsidiaries (together voestalpine). We are obligated to protect your data and take this duty very seriously. We expect the same from our business partners.
Please find enclosed a summary of the processing of personal data of business partners:

1. Categories of personal data processed, purpose of the processing and legal basis

In the context of the business relationship with business partners, voestalpine may process personal data for the following purposes:
»         Communicating with business partners about products, services and projects, e.g. to process inquiries from business partners
»         Initiate, process and manage (contractual) relationships and maintain business relationships between voestalpine and the business partner, e.g. to process orders for products or services, to process payments, for accounting, billing and collection purposes, to make deliveries, to carry out maintenance activities and repairs
»         Conducting customer surveys, marketing campaigns, market analysis, sweepstakes, contests, and other promotional activities or events
»         Maintaining and protecting the security of our products, services and websites, preventing and detecting security threats, fraud and other criminal or malicious activities
»         Ensuring compliance with (i) legal obligations (such as record keeping obligations in accordance with tax and commercial law), and (ii) voestalpine policies
»         Settling disputes, enforcing our contractual agreements and establishing, exercising or defending legal claims
For the aforementioned purposes, voestalpine may process the following categories of personal data:
»         Business contact information, such as name, work address, work telephone number and email address;
»         Payment data, such as data necessary for processing payments and fraud prevention, including credit card numbers and card security codes;
»         Information collected from publicly available sources, information databases and credit agencies;
»         Other information that has to be processed to initiate, process and manage (contractual) relationships and maintain business relationships or that you voluntarily provide, such as orders placed, order details, inquiries or project details, correspondence, other data pertaining to the business relationship
The processing of personal data is necessary to meet the aforementioned purposes including the performance of a contractual relationship or a pre-contractual activity with the business partner.
Unless indicated otherwise, the legal basis for the processing of personal data is Article 6 (1) (a) (if consent has been given) or Article 6 (1) (b) or (f) of the General Data Protection Regulation (GDPR).
»         processing is necessary for the performance of a contract to which the data subject is party or for pre-contractual measures;
»         processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party;
If aforementioned personal data is not provided or is insufficient or if voestalpine cannot collect the respective personal data the purposes described may not be met or the received inquiry/inquiries could not be processed. Note that this would not be considered failure to fulfill our obligations under a contract.

2. Transfer and disclosure of personal data

If legally permitted to do so, voestalpine may transfer personal data to other voestalpine Group companies (www.voestalpine.com/locations) or courts, authorities, attorneys, or other business partners (for example shipping and logistics partners for executing and processing orders).
Furthermore voestalpine engages processors (service providers) to process personal data (within the scope of an IT support contract, for example). These processors are contractually bound to act in compliance with applicable data protection regulations.
Recipients of personal data may be located in countries outside of the European Union (“third countries”), in which applicable laws do not offer the same level of data protection as the laws of the respective individual’s home country. In this case, according to the legal requirements personal data is only transferred if the European Commission has adopted an adequacy decision for the third country, if adequate safeguards have been agreed (e.g. EU Standard Contractual Clauses were concluded), the recipient participates in an approved certification system (e.g. EU-US Privacy Shield), binding corporate rules are implemented in accordance with Art. 47 of the General Data Protection Regulation or there is a derogation for specific situations in accordance with Art. 49 of the General Data Protection Regulation (e.g. because you explicitly consented to the proposed transfer, after having been informed of the possible risks of such transfers for the data subject due to the absence of an adequacy decision and appropriate safeguards). Further information and a copy of the implemented measures can be obtained from the contact listed under 6.

3. Retention periods
 
Unless explicitly indicated otherwise at the time of the collection of your personal data (e.g. in a declaration of consent), your personal data will be erased if the retention of the personal data is no longer necessary to fulfill the purposes for which they were collected and if no statutory retention obligations (such as tax or commercial law) or establishment, exercise or defence of legal claims require us to further retain the data.

4. Right of access to and rectification or erasure of personal data, restriction of processing, Right to object to processing, right to data portability and right to withdraw explicitly granted consent
 
»         In accordance with Art. 15 GDPR, you have the right to obtain from the controller confirmation as to whether or not personal data concerning you are being processed and access to information about this data.
»         In accordance with Art. 16 GDPR, you have the right to obtain without undue delay the rectification of inaccurate personal data and to have incomplete personal data completed.
»         In accordance with Art. 17 GDPR, you have the right to erasure of your personal data.
»         In accordance with Art. 18 GDPR, you have the right to restrict processing
»         In accordance with Art. 20 GDPR, you have the right to data portability.
»         In accordance with Art. 21 GDPR, you have the right to object to the processing of personal data.
»         Finally, you are entitled to file a complaint with the supervisory authority.
»         If processing of your personal data is based on your consent, you have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
In order for us to efficiently respond to such a request, we ask you to contact us using the contact data listed below and to provide us with confirmation of your identity, for example, by sending us an electronic copy of your ID.

5. Protection of your personal data

The security of your personal data is extremely important to us. We take specific measures to protect your personal data against loss, misuse, unauthorized access, manipulation or disclosure, including the following:
»         Limited access to our premises (access control)
»         Implementation of access rights and protection of media (access and transfer control)
»         Deployment of network security measures such as antivirus software, firewalls, security updates, etc. (network control)
All processors engaged by us are bound by our security concept and are obligated to adhere to similar or equal security measures.

6. Contact
 
For any questions related to data protection and asserting the rights as listed, please contact the voestalpine data protection organization at <This e-mail address is protected against spam bots, you have to activate JavaScript in your browser to see it.>.
Leif-Anders Andersson
voestalpine Precision Strip AB
T.  +46/563 162 50
<This e-mail address is protected against spam bots, you have to activate JavaScript in your browser to see it.>
This General Data Protection Notice for business partners will be revised from time to time. 
Date of the last revision: May 1, 2018


General Data Protection Notice for Business Partners of voestalpine Precision Strip S.A.U.
 
In the course of our business relationship with you, it is necessary for us to process your personal data. “Personal data” is any information that relates to an identified or identifiable natural person (e.g. names and addresses).
Protecting the security and privacy of personal data of our business partners (such as customers and suppliers) is very important to voestalpine Precision Strip, S.A.U., Poligono Indust. El Congost, Sector J, Camí Ral 1, Nave G-H, 08170 Montornés del Vallés, Spain and its subsidiaries (together voestalpine). We are obligated to protect your data and take this duty very seriously. We expect the same from our business partners.
Please find enclosed a summary of the processing of personal data of business partners:

1.Categories of personal data processed, purpose of the processing and legal basis

In the context of the business relationship with business partners, voestalpine may process personal data for the following purposes:
»         Communicating with business partners about products, services and projects, e.g. to process inquiries from business partners
»         Initiate, process and manage (contractual) relationships and maintain business relationships between voestalpine and the business partner, e.g. to process orders for products or services, to process payments, for accounting, billing and collection purposes, to make deliveries, to carry out maintenance activities and repairs
»         Conducting customer surveys, marketing campaigns, market analysis, sweepstakes, contests, and other promotional activities or events
»         Maintaining and protecting the security of our products, services and websites, preventing and detecting security threats, fraud and other criminal or malicious activities
»         Ensuring compliance with (i) legal obligations (such as record keeping obligations in accordance with tax and commercial law), and (ii) voestalpine policies
»         Settling disputes, enforcing our contractual agreements and establishing, exercising or defending legal claims
For the aforementioned purposes, voestalpine may process the following categories of personal data:
»         Business contact information, such as name, work address, work telephone number and email address;
»         Payment data, such as data necessary for processing payments and fraud prevention, including credit card numbers and card security codes;
»         Information collected from publicly available sources, information databases and credit agencies;
»         Other information that has to be processed to initiate, process and manage (contractual) relationships and maintain business relationships or that you voluntarily provide, such as orders placed, order details, inquiries or project details, correspondence, other data pertaining to the business relationship
The processing of personal data is necessary to meet the aforementioned purposes including the performance of a contractual relationship or a pre-contractual activity with the business partner.
Unless indicated otherwise, the legal basis for the processing of personal data is Article 6 (1) (a) (if consent has been given) or Article 6 (1) (b) or (f) of the General Data Protection Regulation (GDPR).
»         processing is necessary for the performance of a contract to which the data subject is party or for pre-contractual measures;
»         processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party;
If aforementioned personal data is not provided or is insufficient or if voestalpine cannot collect the respective personal data the purposes described may not be met or the received inquiry/inquiries could not be processed. Note that this would not be considered failure to fulfill our obligations under a contract.

2. Transfer and disclosure of personal data

If legally permitted to do so, voestalpine may transfer personal data to other voestalpine Group companies (www.voestalpine.com/locations) or courts, authorities, attorneys, or other business partners (for example shipping and logistics partners for executing and processing orders).
Furthermore voestalpine engages processors (service providers) to process personal data (within the scope of an IT support contract, for example). These processors are contractually bound to act in compliance with applicable data protection regulations.
Recipients of personal data may be located in countries outside of the European Union (“third countries”), in which applicable laws do not offer the same level of data protection as the laws of the respective individual’s home country. In this case, according to the legal requirements personal data is only transferred if the European Commission has adopted an adequacy decision for the third country, if adequate safeguards have been agreed (e.g. EU Standard Contractual Clauses were concluded), the recipient participates in an approved certification system (e.g. EU-US Privacy Shield), binding corporate rules are implemented in accordance with Art. 47 of the General Data Protection Regulation or there is a derogation for specific situations in accordance with Art. 49 of the General Data Protection Regulation (e.g. because you explicitly consented to the proposed transfer, after having been informed of the possible risks of such transfers for the data subject due to the absence of an adequacy decision and appropriate safeguards). Further information and a copy of the implemented measures can be obtained from the contact listed under 6.

3. Retention periods
 
Unless explicitly indicated otherwise at the time of the collection of your personal data (e.g. in a declaration of consent), your personal data will be erased if the retention of the personal data is no longer necessary to fulfill the purposes for which they were collected and if no statutory retention obligations (such as tax or commercial law) or establishment, exercise or defence of legal claims require us to further retain the data.

4. Right of access to and rectification or erasure of personal data, restriction of processing, Right to object to processing, right to data portability and right to withdraw explicitly granted consent
 
»         In accordance with Art. 15 GDPR, you have the right to obtain from the controller confirmation as to whether or not personal data concerning you are being processed and access to information about this data.
»         In accordance with Art. 16 GDPR, you have the right to obtain without undue delay the rectification of inaccurate personal data and to have incomplete personal data completed.
»         In accordance with Art. 17 GDPR, you have the right to erasure of your personal data.
»         In accordance with Art. 18 GDPR, you have the right to restrict processing
»         In accordance with Art. 20 GDPR, you have the right to data portability.
»         In accordance with Art. 21 GDPR, you have the right to object to the processing of personal data.
»         Finally, you are entitled to file a complaint with the supervisory authority.
»         If processing of your personal data is based on your consent, you have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
In order for us to efficiently respond to such a request, we ask you to contact us using the contact data listed below and to provide us with confirmation of your identity, for example, by sending us an electronic copy of your ID.
 
5. Protection of your personal data

The security of your personal data is extremely important to us. We take specific measures to protect your personal data against loss, misuse, unauthorized access, manipulation or disclosure, including the following:
»         Limited access to our premises (access control)
»         Implementation of access rights and protection of media (access and transfer control)
»         Deployment of network security measures such as antivirus software, firewalls, security updates, etc. (network control)
All processors engaged by us are bound by our security concept and are obligated to adhere to similar or equal security measures.
 
6. Contact
 
For any questions related to data protection and asserting the rights as listed, please contact the voestalpine data protection at <This e-mail address is protected against spam bots, you have to activate JavaScript in your browser to see it.>.
Roger Cadena Sanchez
voestalpine Precision Strip S.A.U.
P.I. El Congost, Sector J, Camí Ral 1, Nave F-G-H
08170 - Montornés del Vallés, Barcelona, Spain
T. +34 93 860 45 69

This General Data Protection Notice for business partners will be revised from time to time. 
Date of the last revision: May 1, 2018

BACK TO TOP

This website uses technologies such as cookies and comparable functions for processing information that help us to improve the user experience of the website. Because your privacy is important to us, we ask for your permission to use these technologies. You can withdraw your consent. See our privacy policy.


Essential cookies enable basic functions of the website or certain functions and can therefore not be deactivated.


Provider: Q2E Online-Agentur
Description: Saves session information such as active logins, shopping carts and other settings to ensure the functionality of the website.
Duration: until the end of the browser session

Provider: Q2E Online-Agentur
Description: Saves the selection of permitted cookies that is made here.
Duration: 1 year

These are cookies that are essential for certain functions of the website. Deactivating cookies can mean that certain functions cannot be used.


Provider: Q2E Online-Agentur
Description: Saves the device resolution to ensure the optimal display of the website.
Duration: until the end of the browser session

Provider: Facebook
Description: Activates the share or like functionality of pages on Facebook for this website. Facebook saves so-called metadata on your browser, operating system and device. In addition, Facebook logs certain actions by you as a user on this website.
Duration: unknown

These cookies help us to collect information about the use of the website. These are collected anonymously and enable us to understand how we can improve the website.


Provider: Google
Description: Registers a unique ID that is used to generate statistical data on how the visitor uses the website and to set various settings.
Duration: up to 2 years

Provider: Google
Description: Registers a unique ID that is used to generate statistical data on how the visitor uses the website and to set various settings.
Duration: up to 2 years

We use marketing cookies and comparable functions for processing information in order to be able to show users personalized advertising or advertisements.


Provider: Google
Description: Collects and stores information related to the control and improvement of advertising by Google Ads and Google DoubleClick.
Duration: up to 1 year

Provider: Facebook
Description: Collects and stores information relating to the analysis, control and improvement of Facebook advertising.
Duration: up to 90 days

Provider: LinkedIn
Description: Collects and stores information related to the analysis, control and improvement of LinkedIn advertising.
Duration: up to 2 years