Data Privacy
Elisabeth Scheidl Consulting e.U. (hereinafter referred to as ESC) offers services around quality assurance of clinical trials for pharmaceutical companies and contract research organizations. As part of its activities, ESC processes your personal data. In this regard, the following information is provided.
You can visit most pages of the website www.esc-consulting.co.at without providing any personal information. However, sometimes ESC may need additional information about you to provide the materials or services you have requested. This privacy policy is intended to explain the collection and use of such information in such circumstances.
Please read the privacy policy below completely or send an email to office@esc-consulting.co.at for further information.
1. What is personal data and what is processing of personal data?
Personal data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
2. Who is responsible and what are the contact details?
The data controller is Elisabeth Scheidl Consulting e.U., Prechtlgasse 9/15-16, 1090 Vienna, Austria, E-Mail: office@esc-consulting.co.at, Telephone: +43 680 300-76 72.
3. What categories of data are processed?
ESC processes your personal data, which falls under the following categories of data:
· Name/Company,
· Commercial register number,
· Function/job title,
· Contact person,
· Business address and other addresses of the customer,
· Contact data (Telephone number, Fax number, E-Mail Address, etc.),
· Bank details, credit card details,
· Ordering data,
· VAT ID number.
4. For what purposes and on what legal basis is personal data processed?
ESC offers services in the field of quality assurance. As part of this activity, personal data is processed as follows:
Purpose | Legal base |
To provide you with further requested information about ESC and its services | Art. 6 (1) (a) |
For the performance of a contract or for the implementation of pre-contractual measures | Art. 6 (1) (b) |
To comply with its legal obligations | Art. 6 (1) (c) |
For the purposes of the legitimate interests pursued by the controller (e.g. direct marketing, customer data) | Art. 6 (1) (f) |
5. What are the recipients or categories of recipients?
ESC uses processors for certain data processing activities, with regard to article 28 GDPR.
The list of processors and partners is available at first request by sending an email to office@esc-consulting.co.at.
6. Will personal data be transferred to third countries or international organizations?
As a matter of principle, personal data will not be transferred to recipients in third countries or to international organizations.
7. How long will personal data be stored?
We store your data for the purpose of contacting you during acquisition, direct marketing, etc. until you object.
We store your data regarding contract fulfilment and invoicing for 7 years (§ 132 Abs 1 BAO and §§ 190, 212 UGB, respectively).
8. Where does ESC get my personal data from?
In general, ESC only receives personal data that has been provided by you.
It may also happen that ESC requests personal data from other publicly accessible sources (e.g. company websites, social media profiles, telephone directory, company register). In this case, the individual obligation to provide information pursuant to Art. 14 (5) (c) GDPR does not apply.
9. What data subject rights do I have under data protection law?
In principle, you have the right to information, correction, deletion, restriction, data portability and objection. To do so, please contact office@esc-consulting.co.at or contact.
· Right of access (Art. 15 GDPR),
· Right to rectification (Art. 16 GDPR),
· Right to erasure (Art. 17 GDPR),
· Right to restriction of processing (Art. 18 GDPR),
· Right to object (Art. 21 GDPR).
If you believe that the processing of your data violates data protection law or that your data protection rights have been violated in any other way, you can lodge a complaint with the supervisory authority. In Austria, the data protection authority is http://dsb.gv.at/ responsible.
10. Does ESC carry out automated decision-making in accordance with Art. 22 GDPR?
No. All entries are checked and processed individually.
11. Which cookies are set or read when www.esc-consulting.co.at visit?
Please refer to the cookie policy.
12. What cookies are set when using the contact form?
Please refer to the cookie policy.
13. Contact
If you have any request about the privacy of your data, please send an email to office@esc-consulting.co.at.
June, 2024