Data Privacy Policy

By clicking on the button below, you can call up our data protection notice and edit your data protection settings there.

The protection of your personal data is a top priority for us. As a consequence, we handle your data exclusively in strict compliance with data privacy laws (DSGVO, TKG 2003). In the following data privacy policy, we inform you about the most important aspects of how data is handled within the framework of our website.

If you have transmitted your personally identifiable information through this website or by email, such information will only be used in order to conduct correspondence with you as well as for those purposes for which you provided that information. We assure you that your personally identifiable information will not be shared with third parties unless the law requires us to do so.

Transfer of personal data to third parties
If we use external service providers to process your enquiry, this is done on our behalf as part of order processing. Personal data will only be passed on to third parties if this is necessary to initiate or process a contract or if you have given your express prior consent. If you send us general enquiries or enquiries about UNEX products that you have previously configured using our HEXAGON configurator, you consent to your personal data being transmitted to the relevant UNEX sales partner. This partner will use your personal data exclusively for the purposes specified in these data protection provisions.

The data you have provided will only be stored for 12 months or until such point as the purpose for which it was shared has been achieved. Insofar as the law requires that data be stored for a specific period of time, we will comply with such legal provisions. Should you no longer agree to our storing your personally identifiable data, pursuant to your request we will delete such data. If your personal data has changed in the meantime, we will correct that data based upon the information you provide us.

For security reasons and in order to protect transmission of confidential content, such as inquiries which are sent to us using the contact form, this site uses SSL encryption. You will be able to recognize the secure connection when the URL in your browser changes from "http://" to "https://", also generally accompanied by a green padlock symbol in your browser toolbar. When SSL encryption is activated, the data you share with us cannot be read or stolen by third parties.

You have the right, at any time and at no cost, to receive information about your personally identifiable data stored by us, about the source and recipient, the purpose for which it was collected, as well as to demand the correction, blockage or deletion of such data. 

If you think that the processing of your data violates the data protection law or your data protection claims have otherwise been violated, you can complain to the relevant supervisory authority. In Austria this is the „Datenschutzbehörde“ (data protection authority).

If you have questions on the topic of “your personally identifiable data”, you may contact us at any time as follows:

Ing. Márton Antal LESKÓ
Lobäckerstraße 60d
7000 Eisenstadt
Austria

+43 2682 63585-0
nfnxt

A cookie is a small file consisting of letters and numbers, containing information that is downloaded to your device whenever you open a webpage with the aid of your browser. It does not cause any damage. In order to get optimal use out of the website and benefit from certain personalized functions, it is necessary to accept cookies on your computer, tablet or smartphone. Such cookies enable us to recognize your browser the next time you pay us a visit. However, if you do not wish this to happen automatically, you can change the settings in your browser so that you are informed on each occasion and can accept the cookies, or not, on a case-by-case basis.

However, you should be aware that, by deactivating cookies, this may reduce the functionality of our website.

Cookies make it possible to differentiate you from other users. This helps to make surfing this website more pleasant for visitors and to improve the website itself. When you reopen pages you have already visited several times in the past, cookies will also help improve your user experience. Assuming that you use the same device and the same browser as before, these cookies tell us how you use our pages and may potentially make the content displayed more relevant to your personal interests and needs.

Most of the cookies we use are so-called “session cookies”. At the end of your visit, they are automatically deleted. Visit data that must remain permanently available during a session includes form data, which allows us to redisplay such data if information has been entered erroneously. However, this will also be deleted once the form is submitted. The cookies used on our website do not collect any information with which we can personally identify you.

By activating the "Use all functions" option in the data protection settings that were offered when you accessed our website, you have already consented to the use of cookies when using this website.

You can prevent cookies by changing your privacy settings for this website. To do this, use the button at the top of this page to call up your data protection settings and click on "Use without external services". This will deactivate all cookies for this website.

The provider of our website automatically stores information in so-called server log files for certain services on the server on which our website is hosted. All log files are rotated daily, the logs from the previous day are archived and are then available for the specified retention time. However, these are purely internal log files to which we as the customer have no access. This data is not merged with personal data sources.
 
Web server log file
Contains: Domain, IP, requests, user agent, timestamp, status code
Retention time: 3 days
 
FTP log file
Contains: FTP User, IP, Downloaded / Uploaded files
Retention time: 24 hours
 
Email log file
Contains: metadata (sender, receiver, time, IP, size)
Retention time: 3 days

Our website uses a plug-in for the Google-operated service YouTube. The operator of this service is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. This means, if you visit one of our pages that feature the YouTube plug-in, a connection will immediately be established to the YouTube servers. This will inform the YouTube server which of our pages you are visiting as well as those you have visited. If you are logged in to your own YouTube account, you will enable YouTube to sync your surfing behavior with your personal profile. You can prevent this from happening by logging out of your YouTube account beforehand.

Further information about how user data is used as well as the data privacy policy can be found on the pertinent webpages of Google.

We integrate the maps of the work “OpenStreetMap” https://www.openstreetmap.org, which are offered on the basis of the Open Data Commons Open Database license (ODbL) by the OpenStreetMap Foundation (OSMF). Data protection declaration of the OSMF.

As far as we know, the data of the users are used by OpenStreetMap exclusively for the purpose of displaying the map functions and temporarily storing the selected settings. This data may include, in particular, IP addresses and location data of the users, which, however, are not collected without their consent (usually carried out as part of the settings of their mobile devices).

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create any user profiles, does not store cookies, and does not carry out any independent analyses. It only manages and runs the tools integrated via it. However, the Google Tag Manager does collect your IP address, which may also be transferred to Google’s parent company in the United States.

The Google Tag Manager is used on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the quick and uncomplicated integration and administration of various tools on his website. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25 (1) TDDDG, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TDDDG. This consent can be revoked at any time.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/participant/5780.

This website uses functions of the web analysis service Google Analytics. The provider of this service is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyze the behavior patterns of website visitors. To that end, the website operator receives a variety of user data, such as pages accessed, time spent on the page, the utilized operating system and the user’s origin. This data is assigned to the respective end device of the user. An assignment to a user-ID does not take place.

Furthermore, Google Analytics allows us to record your mouse and scroll movements and clicks, among other things. Google Analytics uses various modeling approaches to augment the collected data sets and uses machine learning technologies in data analysis.

Google Analytics uses technologies that make the recognition of the user for the purpose of analyzing the user behavior patterns (e.g., cookies or device fingerprinting). The website use information recorded by Google is, as a rule transferred to a Google server in the United States, where it is stored.

The use of these services occurs on the basis of your consent pursuant to Art. 6(1)(a) GDPR and § 25(1) TDDDG. You may revoke your consent at any time.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://business.safety.google/adscontrollerterms/sccs/.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/participant/5780.

IP anonymization

Google Analytics IP anonymization is active. As a result, your IP address will be abbreviated by Google within the member states of the European Union or in other states that have ratified the Convention on the European Economic Area prior to its transmission to the United States. The full IP address will be transmitted to one of Google’s servers in the United States and abbreviated there only in exceptional cases. On behalf of the operator of this website, Google shall use this information to analyze your use of this website to generate reports on website activities and to render other services to the operator of this website that are related to the use of the website and the Internet. The IP address transmitted in conjunction with Google Analytics from your browser shall not be merged with other data in Google’s possession.

Browser plug-in

You can prevent the recording and processing of your data by Google by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

For more information about the handling of user data by Google Analytics, please consult Google’s Data Privacy Declaration at: https://support.google.com/analytics/answer/6004245?hl=en.

Contract data processing

We have executed a contract data processing agreement with Google and are implementing the stringent provisions of the German data protection agencies to the fullest when using Google Analytics.

Our website uses the remarketing or “similar target groups” function by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). This function serves to analyse visitor behaviour and visitor interests.

Google uses cookies to analyse website use, forming the basis for producing interest-related adverts. Cookies allow for the recording of website visits as well as anonymised data on the use of the website. The personal data of website visitors is not saved. If you then visit another website in the Google display network you will then be shown adverts which are more likely to take previous areas of product and information interest into account.

Your data may also be transmitted to the USA. Transmission of data to the USA is covered by an adequacy decision by the European Commission. Processing is carried out on the basis of art. 6 (1) lit. f GDPR due to our justified interest in addressing visitors to the website with targeted marketing by displaying personalised interest-related adverts when they visit other websites in the Google display network.

You have the right to veto this processing of your personal data according to art. 6 (1) lit. f GDPR by contacting us, for reasons relating to your personal situation. For this purpose you can permanently deactivate the use of cookies by following the link below and downloading and installing the plug-in: https://support.google.com/ads/answer/7395996?hl=en

Alternatively, you can deactivate the use of cookies by third parties by calling up the Network Advertising Initiative deactivation page at: https://www.networkadvertising.org/choices/ and following the opt-out instructions.

You can find more detailed information on Google remarketing as well as the associated data protection declaration at: https://policies.google.com/technologies/ads?hl=en

The social media buttons provided on our website for Facebook and Twitter are “share” buttons or hyperlinks to the respective social media channel. They do not create an automatic connection to the various platforms, which distinguishes them from “like” buttons, which are not used on this website.

UNEX Heatexchanger Engineering GmbH uses products and services for analysis and marketing purposes, which are provided by Visable GmbH (www.visable.com) in cooperation with them. To that end, pixel-code technology is used to collect, process and store data in order to create at least pseudonymised, but where possible and meaningful, completely anonymous user profiles. Data collected, which may initially still include personal data, is transmitted to Visable or is collected directly by Visable and is used to create the aforementioned user profiles there. Visitors to this website are not personally identified and no other personal data is merged with the user profiles. If IP addresses are identified as personal, they are immediately deleted. You can object to the processing operations described with future effect at any time:

The provider of this website uses the services of etracker GmbH, Hamburg, Germany (www.etracker.com) to analyse usage data. We do not use cookies for web analysis by default. If we use analysis and optimisation cookies, we will obtain your explicit consent separately in advance. If this is the case and you agree, cookies are used to enable a statistical range analysis of this website, a measurement of the success of our online marketing measures and test procedures, e.g. to test and optimise different versions of our online offer or its components. Cookies are small text files that are stored by the Internet browser on the user's device. etracker cookies do not contain any information that could identify a user.

The data generated by etracker on behalf of the provider of this website is processed and stored by etracker solely in Germany by commission of the provider of this website and is thus subject to the strict German and European data protection laws and standards. In this regard, etracker was independently checked, certified and awarded with the ePrivacyseal data protection seal of approval.

The data processing is based on Art. 6 Section 1 lit f (legitimate interest) of the General Data Protection Regulation (GDPR). Our legitimate interest is the optimisation of our online offer and our website. As the privacy of our visitors is very important to us, the data that may possibly allow a reference to an individual person, such as IP address, registration or device IDs, will be anonymised or pseudonymised as soon as possible. etracker does not use the data for any other purpose, combine it with other data or pass it on to third parties.

You can object to the outlined data processing at any time by clicking on the slider. The objection has no disadvantageous consequences. If no slider is displayed, the data collection is already prevented by other blocking means.

Further information on data protection with etracker can be found here.

For communication with our customers and other third parties, one of the services we use is the instant messaging service WhatsApp. The provider is WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

The communication is encrypted end-to-end (peer-to-peer), which prevents WhatsApp or other third parties from gaining access to the communication content. However, WhatsApp does gain access to metadata created during the communication process (for example, sender, recipient, and time). We would also like to point out that WhatsApp has stated that it shares personal data of its users with its U.S.-based parent company Meta. Further details on data processing can be found in the WhatsApp privacy policy at: https://www.whatsapp.com/legal/#privacy-policy.

The use of WhatsApp is based on our legitimate interest in communicating as quickly and effectively as possible with customers, interested parties and other business and contractual partners (Art. 6(1)(f) GDPR). If a corresponding consent has been requested, data processing is carried out exclusively on the basis of the consent; this consent may be revoked at any time with effect for the future.

The communication content exchanged between you and us on WhatsApp remains with us until you request us to delete it, revoke your consent to storage or the purpose for which the data is stored ceases to apply (e.g. after your request has been processed). Mandatory legal provisions, in particular retention periods, remain unaffected.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/participant/7735.

We use WhatsApp in the “WhatsApp Business” variant.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here:
https://www.whatsapp.com/legal/business-data-transfer-addendum?lang=en.

We have concluded a data processing agreement (DPA) with the above-mentioned provider.

We use online conference tools, among other things, for communication with our customers. The tools we use are listed in detail below. If you communicate with us by video or audio conference using the Internet, your personal data will be collected and processed by the provider of the respective conference tool and by us. The conferencing tools collect all information that you provide/access to use the tools (email address and/or your phone number). Furthermore, the conference tools process the duration of the conference, start and end (time) of participation in the conference, number of participants and other “context information” related to the communication process (metadata).

Furthermore, the provider of the tool processes all the technical data required for the processing of the online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker and the type of connection.

Should content be exchanged, uploaded, or otherwise made available within the tool, it is also stored on the servers of the tool provider. Such content includes, but is not limited to, cloud recordings, chat/ instant messages, voicemail uploaded photos and videos, files, whiteboards, and other information shared while using the service.

Please note that we do not have complete influence on the data processing procedures of the tools used. Our possibilities are largely determined by the corporate policy of the respective provider. Further information on data processing by the conference tools can be found in the data protection declarations of the tools used, and which we have listed below this text.

The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6(1)(b) GDPR). Furthermore, the use of the tools serves to generally simplify and accelerate communication with us or our company (legitimate interest in the meaning of Art. 6(1)(f) GDPR). Insofar as consent has been requested, the tools in question will be used on the basis of this consent; the consent may be revoked at any time with effect from that date.

Data collected directly by us via the video and conference tools will be deleted from our systems immediately after you request us to delete it, revoke your consent to storage, or the reason for storing the data no longer applies. Stored cookies remain on your end device until you delete them. Mandatory legal retention periods remain unaffected.

We have no influence on the duration of storage of your data that is stored by the operators of the conference tools for their own purposes. For details, please directly contact the operators of the conference tools.

We employ the following conference tools:

We use Microsoft Teams. The provider is the Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. For details on data processing, please refer to the Microsoft Teams privacy policy: https://privacy.microsoft.com/en-us/privacystatement.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/participant/6474.

We offer website visitors the opportunity to submit job applications to us (e.g., via e-mail, via postal services on by submitting the online job application form). Below, we will brief you on the scope, purpose and use of the personal data collected from you in conjunction with the application process. We assure you that the collection, processing, and use of your data will occur in compliance with the applicable data privacy rights and all other statutory provisions and that your data will always be treated as strictly confidential.

If you submit a job application to us, we will process any affiliated personal data (e.g., contact and communications data, application documents, notes taken during job interviews, etc.), if they are required to make a decision concerning the establishment or an employment relationship. The legal grounds for the aforementioned are Art. 6(1)(b) GDPR (General Contract Negotiations) and – provided you have given us your consent – Art. 6(1)(a) GDPR. You may revoke any consent given at any time. Within our company, your personal data will only be shared with individuals who are involved in the processing of your job application.

If your job application should result in your recruitment, the data you have submitted will be archived on the grounds Art. 6(1)(b) GDPR for the purpose of implementing the employment relationship in our data processing system.

If we are unable to make you a job offer or you reject a job offer or withdraw your application, we reserve the right to retain the data you have submitted on the basis of our legitimate interests (Art. 6(1)(f) GDPR) for up to 6 months from the end of the application procedure (rejection or withdrawal of the application). Afterwards the data will be deleted, and the physical application documents will be destroyed. The storage serves in particular as evidence in the event of a legal dispute. If it is evident that the data will be required after the expiry of the 6-month period (e.g., due to an impending or pending legal dispute), deletion will only take place when the purpose for further storage no longer applies.

Longer storage may also take place if you have given your agreement (Article 6(1)(a) GDPR) or if statutory data retention requirements preclude the deletion.

If we do not make you a job offer, you may be able to join our applicant pool. In case of admission, all documents and information from the application will be transferred to the applicant pool in order to contact you in case of suitable vacancies.

Admission to the applicant pool is based exclusively on your express agreement (Art. 6(1)(a) GDPR). The submission agreement is voluntary and has no relation to the ongoing application procedure. The affected person can revoke his agreement at any time. In this case, the data from the applicant pool will be irrevocably deleted, provided there are no legal reasons for storage.

The data from the applicant pool will be irrevocably deleted no later than two years after consent has been granted.

We maintain publicly available profiles in social networks. The individual social networks we use can be found below.

Social networks such as Facebook, X etc. can generally analyze your user behavior comprehensively if you visit their website or a website with integrated social media content (e.g., like buttons or banner ads). When you visit our social media pages, numerous data protection-relevant processing operations are triggered. In detail:

If you are logged in to your social media account and visit our social media page, the operator of the social media portal can assign this visit to your user account. Under certain circumstances, your personal data may also be recorded if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies stored on your device or by recording your IP address.

Using the data collected in this way, the operators of the social media portals can create user profiles in which their preferences and interests are stored. This way you can see interest-based advertising inside and outside of your social media presence. If you have an account with the social network, interest-based advertising can be displayed on any device you are logged in to or have logged in to.

Please also note that we cannot retrace all processing operations on the social media portals. Depending on the provider, additional processing operations may therefore be carried out by the operators of the social media portals. Details can be found in the terms of use and privacy policy of the respective social media portals.

Our social media appearances should ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. The analysis processes initiated by the social networks may be based on divergent legal bases to be specified by the operators of the social networks (e.g., consent within the meaning of Art. 6 (1) (a) GDPR).

If you visit one of our social media sites (e.g., Facebook), we, together with the operator of the social media platform, are responsible for the data processing operations triggered during this visit. You can in principle protect your rights (information, correction, deletion, limitation of processing, data portability and complaint) vis-à-vis us as well as vis-à-vis the operator of the respective social media portal (e.g., Facebook).

Please note that despite the shared responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are determined by the company policy of the respective provider.

The data collected directly from us via the social media presence will be deleted from our systems as soon as you ask us to delete it, you revoke your consent to the storage or the purpose for the data storage lapses. Stored cookies remain on your device until you delete them. Mandatory statutory provisions - in particular, retention periods - remain unaffected.
We have no control over the storage duration of your data that are stored by the social network operators for their own purposes. For details, please contact the social network operators directly (e.g., in their privacy policy, see below).

Please note that despite the shared responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are determined by the company policy of the respective provider.

You have the right to receive information about the origin, recipient and purpose of your stored personal data at any time and free of charge. You also have the right to object, the right to data portability and the right to file a complaint with the responsible regulatory agency. Furthermore, you can request the correction, blocking, deletion and, under certain circumstances, the restriction of the processing of your personal data.

We have a profile on Facebook. The provider of this service is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland (here in after Meta). According to Meta’s statement the collected data will also be transferred to the USA and to other third-party countries.

We have signed an agreement with Meta on shared responsibility for the processing of data (Controller Addendum). This agreement determines which data processing operations we or Meta are responsible for when you visit our Facebook Fanpage. This agreement can be viewed at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.

You can customize your advertising settings independently in your user account. Click on the following link and log in: https://www.facebook.com/settings?tab=ads.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

Details can be found in the Facebook privacy policy: https://www.facebook.com/about/privacy/.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/participant/4452

We have a profile on Instagram. The provider of this service is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Irland.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.

For details on how they handle your personal information, see the Instagram Privacy Policy: https://privacycenter.instagram.com/policy/.

The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/participant/4452

We have a LinkedIn profile. The provider is the LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.

If you want to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.

For details on how they handle your personal information, please refer to LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy.
The company is certified in accordance with the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the US, which is intended to ensure compliance with European data protection standards for data processing in the US. Every company certified under the DPF is obliged to comply with these data protection standards. For more information, please contact the provider under the following link: https://www.dataprivacyframework.gov/participant/5448