Privacy Notice

The TTTech company (hereinafter also “we” or “us”) listed in the corporate information of the website or as the sender of marketing communications will process your personal data as the data controller.

Depending on how we interact with each other, whether you have subscribed to a newsletter, or you contact us online or by phone, whether we meet online or in person at an event, we process personal data from different sources. 

We receive some of the personal data that we process directly from you, for example when you subscribe to a newsletter. Other information we collect ourselves, for example how you interact with our offers on our website. 

The following sections explain in more detail how we process your personal data, why we process it and for how long, the legal basis for the processing and with whom we may share this personal data. 

For the processing we may rely on your consent or the fact that the processing is necessary to fulfill a contract with you, or because we consider it to be in our legitimate interest, taking into consideration your interests, rights, and expectations. In some cases, the processing may be necessary to fulfil a legal obligation. 

Our Data Privacy team will also be happy to answer any questions you may have at any time at datenschutz(at)tttech.com.

Which personal data does TTTech process?

On our websites you can subscribe to our newsletter, you can also request or download marketing information about our products and services. 

When you subscribe to our newsletter or request information, TTTech processes the following personal data:

1. Your contact information such as first name and last name, email address,
2. Information relating to your profession such as the organization you work for or your job title,
3. Information we receive when you receive our newsletters to make them more interesting for you (such as time of opening the email)
4. In the case of electronic marketing communication, the status of your consent (Opt-In).

For what purpose does TTTech use my personal data?

TTTech uses this personal data to provide you with the requested information. We may also use this data to provide you with even more personalized information in the future.

Which legal basis does TTTech rely on?

The legal basis for sending newsletters and other marketing communications is your consent, which you have explicitly given us (Art. 6 (1) (a) GDPR), as well as our legitimate interest in maintaining business relationships with our customers (Art. 6 (1) (f) GDPR).

When will my data be deleted?

Your personal data will be stored for as long as your consent is valid and you have therefore not canceled your subscription or objected to processing. We retain the information relating to your consent itself (for example, when and for what purposes you gave it to us) for three years, with reference to the general limitation periods under Austrian civil law, after which time this information will also be deleted.

Which personal data does TTTech process?

If we have an ongoing business relationship with you, we may kindly ask you to take part in our customer satisfaction survey. In this case, we will process your contact details and organizational information:

• Contact details: First name, surname, email address.
• Organizational information: The company you work for and your position in the company (job title).

For what purpose does TTTech use my personal data?

The purpose of this processing activity is the ongoing improvement of our processes and compliance with international standards (e.g. ISO certifications). Furthermore, the satisfaction of our customers with our products and services is particularly important to us and we value the feedback we receive.

Which legal basis does TTTech rely on?

This processing activity is based on your consent (Art 6 (1) (a) GDPR), which you have explicitly given us, as well as on our legitimate interest (Art 6 (1) (f) GDPR) in continuously improving our processes and obtaining the necessary ISO certifications (ISO9001).

When will my data be deleted?

The retention period for this form of processing is based on the requirements of relevant ISO standards. At the end of this period, the data is deleted on a revolving basis.
 

Which personal data does TTTech process?

We process the following categories of data in connection with the performance of our sales and customer support activities:

• Your contact details such as name, email address, telephone number, company name and postal address
• Information on the current status of the contractual relationship with you, such as billing information, terms of service,
• Communication data that you actively communicate to us, such as a request with which you contact our customer support and the status of the processing of this request by us,
• Sales-related information such as your interest in our products or quotes that we have created based on your request or the status of your order.

For what purpose does TTTech use my personal data?

The purpose of this processing is, on the one hand, our interest in presenting our products and services to you, establishing or further deepening and expanding our business relationship with you and providing you with the best possible support for customer inquiries (customer support services).

Which legal basis does TTTech rely on?

This processing is based on your consent (Art. 6 (1) (a) GDPR), which you have expressly given us, as well as for the performance of an existing contract or for the establishment of a new contract (pre-contractual services) pursuant to Art. 6 (1) (b) GDPR, as well as on our legitimate interest (Art. 6 (1) (f) GDPR) to develop our sales activities and to develop our economic interests.

When will my data be deleted?

In the case of consent as the legal basis for the processing of your data, this will be stored for as long as your consent is valid and you have not objected to the processing.

We will retain the information relating to your consent itself (e.g. when and for what purpose you gave it to us) for three years, taking into account the general limitation periods under Austrian civil law, after which this information will also be deleted.

If the processing of your personal data is based on a legitimate interest or is necessary for the fulfillment of (pre-)contractual obligations, this information will be stored for the duration of the valid contract. In addition, the data will be stored if this is necessary to comply with mandatory legal provisions (e.g. accounting or tax regulations).
 

Which personal data does TTTech process?

You can contact us via various channels, you can send us an email, interact with our AI supported Chatbot or contact us via social media channels such as LinkedIn, Instagram, X (formerly Twitter) or Facebook.
TTTech processes the following personal data about you:

• Contact details such as first name, last name, email address or telephone number,
• Other information that you knowingly share with us in your request or in your message.
• Technical information that we process in order to provide you with these services, such as your IP address or information about the device you use to access our website,
• If you subscribe to or follow our social media channels, the service provider will add your profile to the subscriber list of the respective social media channel. This list will be shared with us, and we will have access to your publicly available personal data, i.e. only information that you disclose about yourself in the public area of your profile. Depending on the social media channel, this can include e. g. your first and last name or username, location, job title, company, email address or your profile picture. Depending on the privacy settings of your user account with the respective service provider, the service providers may also use other information stored in your user account such as information about your profile, your preferences (e.g. recommendations or “likes”), your interactions (e.g. posts) and your contacts (e.g. your network) with us.
   

Our social media channels offer you the opportunity to react to, comment on, recommend and send us public and, where possible, private messages. We use your interaction and profile data to enable you to use our social media channels interactively and to communicate with you via our social media channels. Please note that your public interaction on our social media channels in connection with your username leads to a direct personal assignment and is also visible to other users of the social media channel.

With regard to the social media platforms mentioned, we also refer to their privacy notices for further information, in particular with regard to their processing activities for their own purposes:

• LinkedIn: LinkedIn Privacy Policy 
• Instagram and Facebook: | Privacy Center | Manage your privacy on Facebook, Instagram and Messenger | Facebook Privacy
• X (formerly Twitter): X Privacy Policy

Your visit to our publicly accessible profiles on social networks triggers a variety of data processing operations. We would like to point out that you use the social networks and their functions at your own risk. This applies in particular to the use of interactive functions (e.g. commenting, sharing, rating).

As a rule, we have no influence on the interactive functionalities and visibility of your public interaction and profile data on our social media channels. Please carefully check what personal data you provide to us in connection with the use of our social media channels. As a general rule, we recommend that you publish as little personal data as possible on our social media channels.

In order to statistically evaluate the use of our social media channels, we collect statistical data in aggregated form, which provides us with insights into the use of our social media channels and the interaction with the content provided there (so-called “insights data”). We process insights data exclusively for the statistical analysis of user behavior with the aim of learning more about the users of our social media channels and aligning our content with the needs and interests of our users in the best possible way. We do not have access to the underlying usage data. Insights data can therefore not be used to draw any conclusions about your person. It is therefore not possible for us to link this data to your user account.

Controller for the processing of personal data within the meaning of Art. 4 No. 7 GDPR
a) are we, insofar as your personal data processed in connection with the use of our social media channels is processed for our purposes, such as the provision of the social media channels and the evaluation of the use of the content offered there, including the user and interaction data collected in the process;
b) the respective service provider for

Facebook/Instagram:
Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
X (formerly Twitter): 
Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, Ireland
LinkedIn:
LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland

who is responsible for the technical and administrative operation of the online service on which the social media channel is operated, insofar as the processing of your personal data in connection with the use of our social media channel is also or exclusively carried out by us.

With regard to the use of this new "Chatbot" technology on our website, we would like to explicitly state that the technology behind it ("Artificial Intelligence" / Large Language Model) is not trained with your data. It is technically ensured that the Chatbot only uses data that we have made available to it in advance.

For what purpose does TTTech use my personal data?

TTTech processes your personal data to respond to your request, to clarify your request and to process your comments and feedback. To the extent that these requests or inquiries have accounting or contractual significance, we will add them to the other contractual documents already associated with your company's account. We also process your personal data for the purpose of providing the social media channels and for evaluating the use of content offered there, including user and interaction data generated in the process, in particular for the purpose of interaction between us and users of our social media channels, such as by means of direct messages, commenting, recommending or sharing content, or to respond to your inquiries or requests, analyzing usage patterns and measuring the reach of our content offered on social media channels.

Which legal basis does TTTech rely on?

Depending on the request or concern, we refer to different legal bases. Firstly, we refer to your consent to data processing (Art 6 (1) (a) GDPR). If your request is in connection with an existing business relationship or a business relationship to be established, we process your personal data in order to fulfill a contract or to establish such a contract (Art 6 (1) (b) GDPR). In order to comply with accounting and other legal requirements, we process your data on the basis of Art 6 (1) (c) GDPR. Our legitimate interest in being able to indemnify us from liability for damages and claims, if applicable, as well as providing the technical flawlessness of our online services, constitutes the legal basis for processing (Art 6 (1) (f) GDPR).

When will my data be deleted?

If it is a general inquiry and does not relate to an existing or future business relationship, your data will be deleted shortly after your inquiry has been processed. 
However, if your request is based on a potential or existing business relationship, it will become part of the ongoing contractual documentation and will only be deleted after the statutory retention periods have expired. 
If you contact us in relation to our career portal or have submitted an initial application, the retention periods are based on the requirements and retention periods under local labor law, but in any case, seven months after your documents have been submitted. Please note the more detailed information that we provide to you in this context as part of our Recruiting Privacy Notice.

When you visit our profiles on social networks, your personal data will not only be collected, used and stored by us, but also by the operators of the respective social network. This also happens if you do not have a profile in the respective social network or are not logged into it during your visit to our profile. We have no influence on the processing and further use of this data, as the respective provider of the social network alone determines the processing. To what extent, where and for how long the data is stored, to what extent the data is linked and evaluated and to whom the data is passed on, is determined by the respective social media provider. The individual data processing operations and their scope differ depending on the operator of the respective social network and they cannot be described by us. For details on the collection and storage of your personal data as well as on the type, scope and purpose of their use by the operator of the respective social network, please refer to the privacy notice of the respective operator. We have linked these in this section above for further information.

When using our websites, TTTech processes information which is technically necessary for communication to take place and which may also be automatically sent to us by your browser or device, e.g., IP address, device type, browser type, pages visited, date and time of the request which is sent to us through Cookies. We also process personal data in order to make our website more attractive to users and to avoid bugs and the like for the secure operation of the website. We also process your data (in a data-minimized manner) in order to have user experience management included for us; we use Google Tag Manager for these services.

Which personal data does TTTech process?

Depending on your Cookie settings, we only process data that is necessary for the technical operation of the website. This includes information that is required to protect our technical infrastructure, in particular from a cyber security perspective, such as monitoring the use of our websites and the associated traffic using browser data, IP address, device type and the date and time of a request.

To monitor and diagnose system stability, performance and installation quality, Google Tag Manager may collect some aggregated data about the firing of tags. This data does not include IP addresses of users or measurement identifiers that are assigned to a specific person. Apart from the data in the standard HTTP request logs, which are all deleted within 14 days of receipt, and the diagnostic data mentioned above, Google Tag Manager does not store any information about visitors to our websites.

In addition, we process data for which we have explicitly asked for your consent in order to monitor the attractiveness of our website or to design our website according to user preferences. This data is made available to us via specific Marketing Cookies, which must be activated separately. You can find more information on this and all other Cookies, Pixels, Beacons and similar that we use on our website in our Cookie Notice. 

For what purpose does TTTech use my personal data?

We process this information to enable you to visit the websites, to improve and accelerate the presentation of the websites, to adapt and prepare the information offered to specific target groups and to design the websites in a user-oriented manner. This involves, on the one hand, tailoring our websites and the user-friendly design of our internet offering to the actual use of our internet pages and, on the other hand, monitoring the utilization of our technical infrastructure, particularly with regard to cybersecurity aspects. 

In addition, we process this information in order to assert or defend against legal claims and to prevent or combat fraudulent or similar acts, including attacks on our IT infrastructure.

In order to view and interact with advanced content objects such as videos or animations, TTTech may process personal data in the form of IP address, Cookies, and browser information that is technically necessary to deliver the required data directly from optimized hosting environments.

Which legal basis does TTTech rely on?

The legal basis for the processing is the safeguarding of the legitimate interests of TTTech as a website operator (Art. 6 (1) (f) GDPR) and your consent (Art 6 (1) (a) GDPR). 

When will my data be deleted?

Pseudonymized log files containing the information above are deleted within seven days after their creation, the retention for voluntarily accepted Cookies can be up to 90 days (depending on the frequency with which typically the cache of your browser is cleared).

Your IP address is only stored temporarily during the time that you are using the website. In exceptional cases, longer storage is necessary in order to ensure the functionality and security of the website (for example, when internet attacks occur). 
 

TTTech uses Cookies and other similar technologies to operate the TTTech websites and personalize content and ads. You may find out more about how TTTech uses Cookies in our Cookies Notice.

For the purposes described above, TTTech may share personal data with the following recipients to the extent necessary: 

• TTTech companies that process personal data to fulfill our contractual or legal requirements or to support our internal processes such as Sales or Quality Management;
• other third parties, for example, business partners or (IT) service partners, who process personal data as part of their contractual assignment for TTTech (for example, hosting or maintenance and support, but also in the context of supporting our communication activities such as newsletter distribution); 
• other third parties in connection with the fulfillment of legal obligations or the establishment, exercise, or defense of our rights or claims in connection with corporate transactions (for example, with regards to legal and arbitration proceedings, to law enforcement authorities, to lawyers and consultants).

Sometimes, a recipient to whom TTTech transfers personal data is in a country in which applicable Data Privacy laws do not provide the same level of Data Protection as the GDPR. In such cases and unless permitted otherwise by applicable law, TTTech only transfers personal data if appropriate and suitable safeguards for the protection of personal data are implemented, in particular, if the recipient entered into the EU Standard Contractual Clauses for the transfer of personal data to third countries with us or if the recipient has approved Binding Corporate Rules in its organization. In only exceptional cases, your explicit consent may also be the legal basis for a data transfer.

Further information on the safeguards in place is available by contacting the TTTech Data Privacy Organization.

Unless indicated otherwise at the time of the collection of your personal data (e.g., within a consent form), TTTech deletes personal data if the retention of the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed and no legal obligations or the establishment, exercise or defense of legal claims make a longer retention necessary.

Under the GDPR, you have specific rights in relation to your personal data. In particular, and subject to the statutory requirements, you may be entitled to: 

• obtain confirmation as to whether TTTech processes personal data about you and, where that is the case, obtain access to your personal data processed by TTTech as well as other information,
• obtain the rectification of your inaccurate personal data processed by TTTech,
• obtain from TTTech the erasure of your personal data processed by TTTech,
• obtain from TTTech restriction of processing of your personal data,
• obtain a copy of your personal information that you have provided to TTTech or request that your personal information be transmitted to another recipient,
• object on grounds relating to your particular situation to the processing of your personal data by TTTech insofar as the processing of your personal data is based on legitimate interests.

If you have given TTTech your consent to process your personal data, you have the right to withdraw your consent at any time with effect for the future, i.e., your withdrawal does not affect the lawfulness of the processing based on consent before its withdrawal. 
To receive more information regarding these rights or to exercise any of your rights, please contact the TTTech Data Privacy Organization (datenschutz[at]ttech.com). 

If you have any questions or comments about our handling of your personal data, or if you would like to exercise any of your Data Privacy related rights, you can contact the TTTech Data Privacy Office at datenschutz(at)ttech.com. Alternatively, you may send us a letter to the following address:
 

TTTech Computertechnik AG
c/o Data Privacy Office
Schönbrunner Straße 7
1040 Vienna
Austria
 

The TTTech Data Privacy Office will always use its best efforts to address and settle any requests or complaints brought to its attention. 

In addition, you may also contact a supervisory authority with requests or complaints. The lead supervisory authority for TTTech is:

Österreichische Datenschutzbehörde / Austrian Data Protection Authority
Barichgasse 40-42
1030 Vienna
Austria

We keep our Privacy Notice under regular review to make sure it is up to date and accurate. The date of the last update can be found at the beginning of this Privacy Notice. We recommend that you visit this page regularly to check for any updates that may have been made.

Every data subject has the right to enforce her/his rights in court or to lodge a complaint with the competent Data Protection Authority. The competent Data Protection Authority of Switzerland is the Federal Data Protection and Information Commissioner.

If you are a U.S. resident, then please take note of the following:

Do Not Track

At this time our Online Offerings do not recognize or respond to “Do Not Track” browser signals.  For more information on “Do Not Track”, please visit your browser’s support page.

Usage by Children

This Online Offering is not directed to children under the age of thirteen. We will not knowingly collect personal data from children under the age of thirteen without insisting that they seek prior parental consent if required by applicable law. We will only use or disclose personal data about a child to the extent permitted by law, to seek parental consent, pursuant to local law and regulations or to protect a child.

State Rights

Depending on the US state in which you reside, you may have special rights with respect to your personal data. Below you will find information in case the California Consumer Privacy Act applies to you.

California’s “Shine The Light” law:

California’s “Shine The Light” law permits those of our customers who are California residents to annually request a list of their personal information (if any) that we have disclosed to third parties for direct marketing purposes in the preceding calendar year, and the names and addresses of those third parties. At this time, we currently do not share any personal information with third parties for their direct marketing purposes.

Rights:

California residents have the right to request that we delete the personal information that we have collected about that resident. Please note that there are circumstances under which such a right of deletion does not apply, such as where it is reasonable for us to maintain the personal information to:

• Complete the transaction for which the personal information was collected, provide a good or service requested or reasonably anticipated, or otherwise perform a contract with the resident.
• Detect security incidents; protect against malicious, deceptive, fraudulent or illegal activity; or prosecute those responsible for that activity.
• Debug to identify and repair errors that impair existing intended functionality.
• Exercise free speech, ensure the right of another resident to exercise his or her right of free speech, or exercise another right provided for by law, or Comply with a legal obligation.
• Comply with the California Electronic Communications Privacy Act.
• Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest (when deletion of the information is likely to render impossible or seriously impair the achievement of such research) if the resident has provided informed consent.
• To enable solely internal uses that are reasonably aligned with the resident's expectations based on the relationship with us.
• To otherwise use the personal information, internally, in a lawful manner that is compatible with the context in which the resident provided the information.

California residents have the right to request that we disclose, with respect to that resident,

• The categories of personal information we have collected.
• The categories of sources from which we collected the personal information.
• The purpose for collecting or selling personal information.
• The categories of third parties with whom we share personal information.
• The specific pieces of personal information we have collected.

Please note that, in general, the categories of personal information we collect include those identified in our Website Privacy Policy.

California residents have the right to not be discriminated against by us for any exercise of these rights.