Data Privacy

PRIVACY POLICY

Note on the language version: This Privacy Policy is written in German. Any translations into other languages are provided solely for the purpose of improving clarity. Only the German version is legally binding and authoritative.

1. | DATA CONTROLLER

The controller responsible for the processing of personal data on this website is:
ELMET Elastomere, Produktions- und Dienstleistungs-GmbH
Tulpenstraße 21, 4064 Oftering, Austria
www.elmet.com
datenschutz@elmet.com

2. | DATA PROTECTION CONTACT

If you have any questions regarding data protection or wish to exercise your rights as a data subject, please contact our data protection officer at: datenschutz@elmet.com

3. | SCOPE OF THIS PRIVACY POLICY

This Privacy Policy applies to the website www.elmet.com, including its language and country variants, to the extent that this Privacy Policy is referenced there. It provides information about which personal data is processed when you visit the website and use the features offered there.

4. | WEBSITE OPERATION AND SERVER LOGS

When you visit our website, technically necessary information is processed so that the website can be displayed, operated stably, and protected against misuse.

Purposes: technical provision of the website, IT security, error analysis, prevention of misuse, and operational stability.
Data categories: IP address, date and time of access, URL accessed, referrer URL, browser and device information, operating system, HTTP status code, and technical log data.
Legal basis: Art. 6(1)(f) GDPR; our legitimate interest lies in the secure and functional operation of the website.
Recipients/Service Providers: Hosting providers, IT service providers, and, where applicable, technical infrastructure or security service providers.
Retention period: Server logs are generally stored only for as long as necessary for operation, security, and error analysis.

5. | COOKIES, LOCAL STORAGE, AND CONSENT MANAGEMENT

Our website uses cookies and similar technologies. Cookies are small text files that are stored on your device. Similar technologies may include local storage, session storage, or similar storage and access functions.

5.1 | TECHNICALLY NECESSARY COOKIES

Technically necessary cookies are used to provide basic website functionality. This may include, in particular, language/navigation settings, session functions, and the storage of your cookie or consent decisions.

Purposes: Website functionality, storage of consent decisions, security, and usability.
Legal basis: Art. 6(1)(f) GDPR; where statutory obligations to provide evidence are concerned, Art. 6(1)(c) GDPR.

5.2 | NON-ESSENTIAL COOKIES AND THIRD-PARTY SERVICES

We only use cookies that are not technically necessary, as well as analytics, marketing, or remarketing technologies, if you have given your prior consent. You can revoke your consent at any time under “Cookie Settings” with future effect or change your selection.

6. | CONTACT FORM AND SALES INQUIRIES

If you contact us via a contact form, by email, or by phone, we will process the data you provide to handle your inquiry.

Data categories: Contact details & inquiry details
Purposes: Processing your inquiry, communication, preparing quotes, sales and service communication, and maintaining a record of correspondence.
Legal basis: Art. 6(1)(b) GDPR, insofar as your inquiry relates to a contract or pre-contractual measures; otherwise, Art. 6(1)(f) GDPR based on our legitimate interest in processing inquiries.
Recipients: Relevant internal departments, IT and hosting service providers, and, where applicable, CRM, email, or form service providers.
Retention period: Inquiries are generally stored for as long as necessary for processing and traceability. Statutory retention obligations remain unaffected.

7. | NEWSLETTERS AND DIRECT ELECTRONIC COMMUNICATIONS

When you subscribe to our newsletter or similar electronic communications, we process your data to send you information about our products, services, events, company news, or other relevant content.
Registration generally takes place via a double opt-in process. This means that after registering, you will receive a confirmation message at the email address you provided. Only after you confirm your registration via the confirmation link contained therein will your email address be activated for newsletter distribution. This is to ensure that the registration is actually performed by the authorized person.

Data categories: Name, email address, company, position or role, language, interests or topic preferences, time of registration, IP address, time of confirmation, technical log data, and, where applicable, information regarding opens, clicks, and unsubscriptions.
Purposes: Sending newsletters and electronic information, managing consents, verifying registration, segmenting by interests or customer groups, improving content, and tracking subscriptions and unsubscriptions.
Legal basis: Art. 6(1)(a) GDPR for sending based on your consent. The documentation of registration and consent is based on Art. 6(1)(c) GDPR or Art. 6(1)(f) GDPR, in particular to fulfill legal obligations of proof and accountability and to defend against unjustified claims.
Withdrawal: You may withdraw your consent at any time with future effect, in particular via the unsubscribe link in the respective newsletter or by sending a message to our data protection contact. The lawfulness of the processing carried out up to the time of withdrawal remains unaffected.
Recipients/Service Providers: Microsoft Dynamics or Microsoft Dynamics 365 may be used for the administration and distribution of newsletters. The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. Depending on the technical configuration, other Microsoft group companies or service providers may be involved.
Third-Country Transfer: When using Microsoft services, data may be accessed or transferred to countries outside the EU or the EEA.
Retention period: Your data will be stored for the purpose of sending the newsletter for as long as your consent remains valid. Upon unsubscribing, you will generally be removed from the active distribution list. Records of registration, consent, revocation, and unsubscription may also be stored for as long as necessary to fulfill legal documentation and accountability obligations or to defend against potential claims.

8. | CAREER SECTION, APPLICATION, AND FILE UPLOAD

If you apply via our website or use the career section, we process the application data you submit to carry out the application process.

Data categories: Personal information, contact details, application documents, resume, certificates, proof of qualifications, professional history, communication data, and other information you provide during the application process.
Purposes: Processing your application, assessing your suitability, communicating during the application process, conducting the selection process, and documenting the decision.
Legal basis: Art. 6(1)(b) GDPR for the initiation of an employment relationship; voluntary additional information, where applicable, Art. 6(1)(a) GDPR; legal obligations, where applicable, Art. 6(1)(c) GDPR; legitimate interests, where applicable, Art. 6(1)(f) GDPR, in particular to ensure the traceability of the application process and to defend against potential claims.
Recipients: Human Resources Department, relevant departments, management, IT service providers, and, where applicable, providers of application or form systems.
Retention period: Application data is generally retained for six months after the application process is completed and is subsequently automatically anonymized in the applicant management system, unless longer retention is required by law or a separate legal basis exists. Longer retention of records occurs only on an appropriate legal basis, in particular with consent.

9. | DOWNLOAD CENTER, BROCHURES, AND CERTIFICATES

Our website provides information, brochures, certificates, and other files for download. For freely accessible downloads, we generally process only technical access data in connection with the provision of the website.

Purposes: Provision of information, product documentation, and certificates, as well as technical operation of the download area.
Data categories: Server log data, file accessed, time of access, and technical metadata.
Legal basis: Art. 6(1)(f) GDPR; our legitimate interest lies in the provision of company and product information.

10. | EXTERNAL RESOURCES, CDNs, AND TECHNICAL SERVICE PROVIDERS

Our website may incorporate external technical resources, such as libraries, fonts, CDN resources, or other technical services. In doing so, technical data such as IP address, user agent, referrer, URL, and time of access may be transmitted to the respective provider.

Purposes: technical delivery, performance, stability, security features, or functionality of individual website sections.
Legal basis: Art. 6(1)(f) GDPR, provided that the integration is technically necessary or required for the secure and high-performance provision of the website; for non-essential analytics/marketing functions, Art. 6(1)(a) GDPR.

11. | SOCIAL MEDIA LINKS

Our website may link to external social media profiles, such as LinkedIn, YouTube, Facebook, or Instagram. Simply clicking on these links does not result in any data being transferred to these platforms when you visit our website. Only when you click on a link do you leave our website; at that point, the privacy policies of the respective platform operator apply.

Purpose: Corporate communications, information, and linking to external profiles.
Legal basis: Art. 6(1)(f) GDPR; our legitimate interest lies in modern corporate communication.

12. | TRANSFERS TO THIRD COUNTRIES

When using external service providers, personal data may be transferred to countries outside the EU or the EEA, or access to such data may be possible from such countries. This applies in particular to global technology providers.

To the extent that a transfer to a third country takes place, it is carried out only on the basis of appropriate safeguards or another permissible basis pursuant to Art. 44 et seq. of the GDPR, such as an adequacy decision, certification under the EU-US Data Privacy Framework for appropriately certified U.S. companies, standard contractual clauses, or supplementary measures. The specific basis must be documented for each provider on a case-by-case basis.

13. | RETENTION PERIOD

The specific retention periods are specified for each processing operation in this Privacy Policy. Unless a specific period is stated, we store personal data only for as long as is necessary for the respective purpose or as required by statutory retention obligations. After that, the data is deleted or anonymized.

14. | YOUR RIGHTS

Under the GDPR, you have the following rights in particular:

The right to access the personal data processed about you.
Right to rectification of inaccurate or incomplete data.
Right to erasure, provided that no legal retention obligations or other justifiable grounds prevent this.
Right to restriction of processing.
Right to data portability, provided the legal requirements are met.
Right to object to processing based on legitimate interests.
Right to withdraw consent with future effect.

To exercise your rights, please contact the data protection officer listed above.

15. | RIGHT TO FILE A COMPLAINT

If you believe that the processing of your personal data violates data protection law, you have the right to file a complaint with a data protection supervisory authority. In Austria, this is specifically the Austrian Data Protection Authority, Barichgasse 40-42, 1030 Vienna, www.dsb.gv.at.

You are also welcome to contact our data protection officer in advance so that we can review your concern directly: datenschutz@elmet.com.

16. | UPDATES TO THIS PRIVACY POLICY

We will update this Privacy Policy if our website, the services we use, legal requirements, or internal processes change. The version published on the website at any given time is the one that applies.

Effective: April 30, 2026