Responsible for the data processing (controller)
ASFINAG | Autobahnen- und Schnellstraßen-Finanzierungs-Aktiengesellschaft attaches great importance to the protection of your personal data.
T +43 (0) 50108-10000
F +43 (0) 50108-10020
Rechtsform Aktiengesellschaft, Sitz Wien, FN 92191 a
Firmenbuchgericht Handelsgericht Wien, UID-Nummer ATU 43143200
The direct contact partners for matters relating to data protection law are the data protection officers of ASFINAG. You can get in touch with them at email@example.com.
Processing activity and purpose
We use your personal data (first name, last name, e-mail address, your message and if provided company salutation, postal address, phone number, country) for the purpose of answering upon your contact request. This is always voluntary and is only done with your consent. This also applies to the transfer of your personal data to third parties (subsidiaries or other third parties).
The legal basis for the processing of personal data is your consent (Art 6 para 1 lit a GDPR)
We store your personal data as long as the answer to your contact requests lasts and beyond that for another 3 months for archiving purpose. Afterwards your personal data gets deleted.
Technical organisational measures
We have applied the necessary technical and organisational measures according to the legal requirements for electronic communication and data protection.
You have the right to access correct or delete your personal data at any time. For the purpose of the technical operation the IP address, date and time are collected when visiting this website. These are used exclusively from a technical point of view for traceability in the event of a fault and troubleshooting. This data will not be disclosed to third parties.
Log files and hosting
When you visit the website, information is automatically sent from your device to our website in an automated manner. The following information is temporarily stored in a so-called log file:
- IP address of the device
- Date and time of access
- Name and URL of the retrieved file
- The website from which access is made
- The browser and, if necessary, the operating system used by your device
These data are stored for 4 months until their automatic deletion.
The processing serves the following purpose:
The temporary storage of the user’s IP address by the system is necessary in order to enable the delivery of the website to the user’s computer. The data mentioned make it possible to gain important points of reference for the optimisation of the website. Error situations can be better understood, and the user friendliness can be improved. These data also serve to ensure the security of our systems (e.g. detection of attacks). Evaluation for marketing purposes does not take place.
The legal basis for the data processing is Art. 6 Para. 1 Item f GDPR. Our legitimate interest is in the above-mentioned purpose.
When you call up the website, we place the functional cookies on your browser. Functional cookies are necessary so as to be able to execute basic functions of the website. You may delete these cookies at any time via the settings in your browser.
We place the following cookies on your web browser:
|contrastButton||c-its-deployment-group.eu||For saving your preferred color of the website||1 year|
|__RequestVerificationToken||Google Inc.||For verifying your request when you use the contact form||Until you close your web browsers|
The website uses Google Inc's reCAPTCHA service in order to prevent automated queries on the website and to identify legitimate users. The IP address, browser key data, the mouse movement and existing cookies are processed by other Google services and if required also processed by Google for the reCAPTCHA service. As the website is only to be accessible for legitimate inquiries or orders by persons, the use of reCAPTCHA is a necessity. The conditions of use for reCAPTCHA can also be found at https://www.google.de/intl/de/policies/. Details regarding the service can be found at https://www.google.com/recaptcha/intro.
Your rights as data subject
Right to information
Every data subject has the right to request confirmation from ASFINAG as to whether personal data concerning said data subject are processed; if this is the case, the data subject has a right of access to this personal data (copy of the personal data that are the subject of the processing) and to the following information: (a) the processing purposes; (b) the categories of personal data being processed; (c) the recipients or categories of recipients to whom the personal data have been or are still being disclosed, in particular recipients in third countries or international organisations; (d) if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining that duration; (e) the existence of a right of correction or deletion of personal data concerning the data subject or of a restriction on processing by the controller or of a right of objection to such processing; (f) the existence of a right of appeal to a supervisory authority; (g) if the personal data are not collected from the data subject, all available information on the origin of the data; (h) the (non-)existence of automated decision-making, including profiling. ASFINAG provides a copy of the personal data that are the subject of the processing. ASFINAG may charge an appropriate fee based on the administrative costs for all further copies requested by the data subject. Where the data subject submits the application electronically, the information shall be provided in a common electronic format, unless otherwise indicated.
Right to correction and deletion
The data subject has the right to request ASFINAG to correct any incorrect personal data concerning said data subject without delay. Taking into account the purposes of the processing, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary declaration.
Furthermore, the data subject has the right to request ASFINAG to delete personal data concerning said data subject without delay, and ASFINAG is obliged to delete personal data without delay if one of the following reasons applies: (a) Personal data are no longer necessary for the purposes for which they were collected or otherwise processed. (b) The data subject withdraws its consent on which the processing was based and there is no other legal basis for the processing. (c) The data subject objects (see below) to the processing. (d) The personal data have been processed unlawfully. (e) The deletion of personal data is necessary to fulfil a legal obligation to which ASFINAG is subject. (f) The personal data have been collected in relation to information society services offered (consent of a child). In particular, the right to deletion does not exist if the processing is necessary to fulfil a legal obligation of ASFINAG or to perform a task that is in the public interest or in the exercise of official authority that has been transferred to ASFINAG and/or to assert, exercise or defend legal claims.
Right to restriction of processing
The data subject has the right to request ASFINAG to restrict processing if one of the following conditions applies: (a) the accuracy of the personal data is disputed by the data subject for a time period which enables ASFINAG to verify the accuracy of the personal data, (b) the processing is unlawful and the data subject refuses to delete the personal data and instead requests the restriction of the use of the personal data; (c) ASFINAG no longer needs the personal data for the purposes of the processing, but the data subject needs them to assert, exercise or defend legal claims, or (d) the data subject has filed an objection to the processing until it has been determined whether ASFINAG's legitimate reasons outweigh those of the data subject.
Where the processing has been restricted, such personal data may not be processed except with the data subject's consent or for the purpose of asserting, exercising or defending rights or protecting the rights of another natural or legal person or on grounds of an important public interest of the Union or a Member State.
A data subject who has obtained a restriction on processing will be informed by ASFINAG before the restriction is lifted.
Right to data transfer
The data subject has the right to receive the personal data concerning said data subject that it has provided to ASFINAG (as part of the voluntary additional services) in a structured, current and machine-readable format and said data subject has the right to transfer this data to another data controller. In exercising its right to data transfer, the data subject shall have the right to have the personal data transferred directly by a data controller to another data controller, where technically feasible.
Right of objection
The data subject has the right to object at any time to the processing of personal data concerning said data subject for reasons arising from its particular situation, which is necessary for the performance of a task in the public interest or in the exercise of official authority assigned to ASFINAG or which is necessary for the protection of the legitimate interests of ASFINAG or a third party. ASFINAG will then no longer process the personal data unless it can prove compelling reasons worthy of protection for the processing, which outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.
Where personal data are processed for direct marketing purposes, the data subject has the right to object at any time to the processing of personal data concerning said data subject for the purpose of such advertising. If the data subject objects to processing for direct marketing purposes, the personal data will no longer be processed for these purposes.
Right of appeal to the supervisory authority
Any data subject, without prejudice to any other administrative or judicial remedy, has the right of appeal to a supervisory authority, in particular in the Member State where it resides, works or is allegedly infringing, when the data subject considers that the processing of personal data concerning said data subject is contrary to these legal requirements – see https://www.dsb.gv.at/rechte-der-betroffenen.