Protection of personal data
The Austrian Energy Agency respects the privacy of its users. All information is treated confidentially in accordance with the applicable data protection regulations (General Data Protection Regulation, Austrian Federal Data Protection Act, Austrian Federal Telecommunications Act). Data will not be passed on to third parties without your consent. Data processing is carried out in any case and according to the applicable legal situation on the basis of the legal provisions of § 96 para. 3 of the Austrian Federal Telecommunications Act (TKG) as well as Art. 6 para. 1 lit. a (consent) and/or f (legitimate interest) of the General Data Protection Regulation (GDPR).
The Austrian Energy Agency collects personal data only to the extent necessary for a specific purpose. The information will not be further used for a purpose incompatible with this purpose. Although you can view most Internet pages without providing any personal information, in some cases personal information is required in order to provide the online services you have requested.
For all privacy related inquiries please contact datenschutz(at)energyagency.at.
Matomo:
In order to be able to evaluate user behavior on the websites, we uses an open source web application for web analytics called Matomo. We use Matomo to obtain information about the use of the individual component of the website. The legal basis for the processing is Art. 6 para. 1 lit. f GDPR.
Matomo processes these data:
- IP address, so that the last two numbers of your IP address are encrypted (2-bit encryption).
- city, region, country, longitude/latitude,
- browser, browser version, device type, operating system,
- user agent, pages visited files clicked and downloaded
- links to an outside domain that were clicked
- screen resolution
- session recording storing the HTML page, and all mouse events (movements, scrolls, locations and clicks), and keypresses
- search terms used on an internal mobile’s or web properties’ search engine
- custom dimensions and custom variables (any personal or non personal data the controller wishes to process)
- custom events
- content pieces
- JavaScript errors
- User ID
- ecommerce order ID, order dDate
- ecommerce abandoned carts
- media titles and URLs
- participation in A/B tests.
Data processed by Matomo is subject to the GDPR and does not leave the EU. The data will be saved for 24 months and 14 days. In the browser settings, you can delete your cookies-settings at any time. We have concluded an DPA with Matomo. The Matomo privacy policy can be found here: https://matomo.org/privacy-policy/
Cookies Policy:
We use cookies on our website to make our Internet presence more user-friendly and functional.
Cookies are small data packets that are exchanged between your browser and the/our web server when you visit our website. They do not cause any damage and only serve to recognize the website visitor. Cookies can only store information supplied by your browser, i.e. information that you yourself have entered into the browser or that is present on the website. Cookies cannot execute code and cannot be used to access your terminal device.
The next time you visit our website with the same terminal device, the information stored in cookies may subsequently be sent back either to us ("first-party cookie") or to a third-party web application to which the cookie belongs ("third-party cookie"). Through the stored and returned information, the respective web application recognizes that you have already called up and visited the website with the browser of your end device.
The legal basis for the use of technically necessary cookies is based on our legitimate interest in the technically flawless operation and smooth functionality of our website in accordance with Art 6 (1) lit. f DSGVO. Our website cannot function properly without these cookies. The use of statistics and marketing cookies requires your consent pursuant to Art 6 (1) lit. a DSGVO. You can revoke your consent to the use of cookies in accordance with Art 7 (3) DSGVO at any time for the future. The consent is voluntary. If it is not given, no disadvantages will arise. You can find more information about the cookies we actually use (in particular, their purpose and storage period) in this privacy policy and in the information about the cookies we use in our cookie banner. https://www.ca-res.eu/data-protection-declaration-1#c394.
Wonder:
We use Wonder as a video conferencing system. When you use Wonder, your data (name, email, IP address) will be processed.
Before using Wonder, you must give your consent.
Examples of cookies that "Wonder" uses:
- Session cookies: are necessary to use the service.
- Preference cookies: are used to store settings and usage instructions.
- Security cookies: are necessary for security settings.
Your data will transmitted to Wonder. Server location is in the US. There is not the level of data protection that corresponds to the standards of the EU. In particular, US intelligence agencies can access your data without your approval, you won’t be able to take legal action against them.
Click for the privacy statement of "Wonder”: https://wonder.me/policies/privacy-policies
The Austrian Energy Agency has concluded a data processing agreement with Wonder.
Webex/Cisco:
We process your personal data in connection with the implementation of telephone conferences, online meetings and video conferences as well as webinars using Webex/Cisco. Webex is Part of the Cisco Systems Inc. group.
The following data are processed: Name, first name, e-mail address, IP address.
You can turn off the microphone as well as the video function of the terminal device at any time. If a seminar is recorded, the participants will be informed in advance and can thus submit an objection. Cisco Systems Inc. is based in the USA. The USA does not have a level of data protection that corresponds to the standards of the EU. In particular, US intelligence agencies can access your data without you being informed and without you being able to take legal action against them.
Click for the privacy statement of "Webex/Cisco”: https://www.cisco.com/c/de_at/about/legal/privacy-full.html
The Austrian Energy Agency has concluded an DPA with Cisco Systems Inc.
Taskcards:
The company headquarters of dsign Systems GMBH is located in Germany. We have concluded a DPA with dsign Systems GMBH. Taskcards is a digital pinboard. The following data is sent to the company when you use the tool: name, age, address, IP address and usage-behavior when visiting a website. We have concluded a DPA with dsign Systems GMBH.
Click for the privacy statement of "Taskcards”: https://www.taskcards.de/#/home/start
Lamapoll:
Lamapoll is operated by Lamano GmbH & Co. KG. We use Lamapoll for online surveys. The following data is processed: Your IP address, as well as browser data. Lamapoll stores your data for 7 days.
We have concluded a DPA with Lamapoll.
You can find Lamapoll's privacy policy here: www.lamapoll.de/Support/Datenschutz
Mentimeter:
Mentimeter AB is a Swedish company. We use Mentimeter for online surveys through our Webex account. Mentimeter stores the following personal data: IP address, email address, browser.
It is not possible to conclude a DPA with Mentimeter. The IP address of the presenter is stored permanently until revoked. The IP address of survey participants is stored for 12 months,
Mentimeter is hosted in the EU, there are also servers in the USA. There is a risk that your personal data, will be stored in servers in the USA. The USA does not have a level of data protection that corresponds to the standards of the EU. In particular, US intelligence agencies can access your data without you being informed and without you being able to take legal action against them.
You can find Mentimeter's privacy statement here: https://www.mentimeter.com/privacy
Twitter:
On this website you can contact to Twitter. Only when you click on the corresponding buttons will contact be made to the server of Twitter and your data (IP-address, End device used, browser type) transmitted.
Once the social media service is opened, The Austrian Energy Agency has no influence on the use of cookies or access to the data collected there.
By clicking on the Twitter icon, data is sent to Twitter. Twitter is subject to the US Cloud Act. In the event of a government request to Twitter, data must be released. Klick for Twitter privacy statement: https://twitter.com/en/privacy
Zoom:
We may use Zoom to host and record online Sessions of Plenary Meeting of the Concerted Action on the EU Directive Renewable Energy Sources (CA-RES4). This Tool is hosted by Zoom Video Communication Inc, 55 Almaden Blvd, 6th Floor, San José, 95113 CA. (click here for Zoom privacy policy). The following personal data will be processed: User data: Name (o. Alias), e-mail address, password.; Meta Data: Host, meeting ID, meeting title, scheduled time, scheduled duration, list of participants, e-mail addresses of the participants (if registered participants), IP addresses of the Participants. The video will be recorded - If you do not want to be recorded, please turn off the camera. The fact of recording is indicated to participants in the Zoom app by a red record icon. The recording serves the legitimate interests on the part of AEA to make all required information accessible to all participating experts of the CA-RES4. Responsible for the processing is the Austrian Energy Agency. For questions or if you want to exercise your right of access, please contact ca-res@energyagency.at. We put the recordings on the CA-RES.eu website and only in the secure part of the website. (Access only for registered users) . The video is available for the entire duration of the project 1.3.2026 after that it will be deleted.
Newsletter:
The sending of newsletters with current information, notice of events etc. is based on your registration in the list of recipients. In each newsletter, you have the option of withdrawing this consent to the processing of your personal data by "opting out" of the list of recipients.
By subscribing to the newsletter, the following data is collected: First name, last name, e-mail. The data is transmitted to our order processor sendinblue GmbH. The Austrian Energy Agency has concluded an data processing agreement with Brevo.
You can revoke your consent at any time using the unsubscribe option in the respective newsletter or by email ca-res@energyagency.at. Your data will be stored until you revoke your consent or the newsletter service is discontinued.
Events:
If you register for the CA-RES Plenary Meetings of other Events that we organise, we will process the personal data you provide (e-mail, name, company) in order to put you on the guest list of our event as requested. This data is necessary for administration and will be processed with external processors if necessary. If you do not wish to receive any further event invitations, you can revoke this at any time by email: ca-res@energyagency.at or in the respective event invitation. Kindly note that we use your data only for internal purpose.
Data security:
We do our utmost to make your visit and use of our website as secure as possible. We therefore comply with the provisions of Article 32 of the General Data Protection Regulation (GDPR) to ensure the confidentiality and security of your personal data and take appropriate technical and organisational security measures.
Image & video material:
During Plenary Meetings, the CA-RES Coordination team will take photographs, which will be used for the final publication. The final publication will be publicly disseminated. The photos will be stored securely. If you would prefer for you not to be photographed, please let the CA-RES coordination know. We will never share your information with third parties for any marketing purposes. If you would like to see your images, or would like us to delete them after the meeting, please email us to ca-res@energyagency.at
Recordings taken during virtual meetings are only for internal purposes of the CA-RES4 and will be visible only in the secure area of the CA-RES Webpage.
Information about your rights:
You have the right to obtain information about the data we hold about you. In addition, you can submit requests for correction of your data or restriction of the processing of your data if there are uncertainties that need to be clarified. You can object to the processing of your data. You can submit a request for deletion of your data. You can submit a request for the transfer of your data in a machine-readable format. You can submit a request against exclusively automated decision-making, except in cases of processing by consent, contract or existing legal bases for processing.
You may withdraw any consent you have given. The consequences may be a failure to treat the interests you have disclosed.
Duration of the storage of personal data:
Business transactions in general
For reasons of tax law and company law, business-relevant documents must be kept for 7 years in accordance with § 132 of the Austrian Federal Fiscal Code (BAO) and §§ 190, 212 of the Austrian Federal Business Code (UGB).
In addition to the retention period of 7 years pursuant to § 132 para. 1 of the Austrian Federal Fiscal Code resulting from the wage tax and duty to pay, various specific retention periods up to the general retention obligation of employment data of 30 years pursuant to § 1478 of the Austrian Federal General Civil Code (ABGB) must be taken into account in and after the current employment relationship.
Award procedure
Irrespective of the requirements under public procurement law to retain data of the award procedure for at least three years or, in the case of the subsequent contractual relationship, for the term of the contract, the long limitation period under civil law of 30 years pursuant to Section 1489 of the Austrian Federal Civil Code (ABGB) must be observed for retention in accordance with the ECJ ruling of 26 November 2015, Rs C-166/14, MedEval.
Data related to processing by public authorities
In connection with federal processing activities, data must be retained for 10 years pursuant to section 25(3) of the Office Regulations, unless the specific content of the file or legal provisions require longer retention (Federal Archival Material Ordinance).
Data protection authority
You can submit any claims as a complaint to the data protection authority.
On the website of the data protection authority www.dsb.gv.at you will find further information, FAQs and all relevant legal bases for data protection in Austria.
Austrian Data Protection Authority (Österreichische Datenschutzbehörde)
Barichgasse 40-42
1030 Vienna
Telephone: +43 1 52 152-0
EMail: dsb(at)dsb.gv.at
Internet: https://www.dsb.gv.at
Our data protection officer
Markus Stender / Georg Koller - SDH Attorneys at Law, 1010 Vienna, stender(at)sdh-law.eu, koller(at)sdh-law.eu