Data Protection

BWT Aktiengesellschaft (you will find our contact data below) and its subsidiaries and affiliates are delighted to welcome you to our website. We are committed to protecting your data and your privacy.

In general, it is possible to use our website without ever having to enter any personal data. However, if you wish to make use of certain of our services via our website, processing of your personal data may be required. If we do need to process your personal data but there is no basis in law permitting this, we will always ask for your consent prior to processing.

We always perform any processing of personal data in compliance with the General Data Protection Regulation (GDPR) and in accordance with all national data protection laws applicable to BWT Aktiengesellschaft. This Privacy Statement is intended to inform the general public of the nature, scope and purpose of the personal data that we collect, use and process, and tell you about your rights in this regard.

BWT Aktiengesellschaft has implemented appropriate technical and organisational measures to safeguard your data against loss, manipulation, unauthorised access and other hazards. The measures in place are subject to regular review and are continuously updated.

This Privacy Statement applies solely for BWT Aktiengesellschaft and the website subpages devoted to that company, but not for websites controlled and operated by third parties. We kindly request that you check all websites controlled and operated by third parties, as BWT Aktiengesellschaft is not responsible for their content or measures they utilise for data protection. Section 2 explains which of our Group companies is responsible for processing your data.

1. General

This Privacy Statement is based on the terms as defined in the GDPR.

"Personal data" means any information relating to an identified or identifiable natural person ("data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. "Non-personal data" are data that have been rendered anonymous and which under no circumstances can be traced to any specific data subject. For this reason, non-personal data are not subject to data protection law.

"Data subject" means any identified or identifiable natural person whose personal data is to be processed by the controller.

"Processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

"Controller" means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by European Union or Member State law, the controller or the specific criteria for its nomination may be provided for by European Union or Member State law.

"Third party" means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

"Consent" of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her. Personal data that we process are processed exclusively in accordance with the data protection laws, rules and regulations currently in force. Please note that when you correspond with us or complete a form on our website, the data you enter in the form will be processed for the purposes defined below.

2. Name and address of the controller and data protection contact

The controller as defined in the GDPR, any other data protection laws in force in the Member States of the European Union, and other statutory or regulatory provisions governing data protection, is:

BWT Austria GmbH
Walter-Simmer-Strasse 4
A-5310 Mondsee, Austria.

The data protection officer voluntarily appointed by the controller can be reached using the following contact information:

EY Law – Pelzmann Gall Größ Rechtsanwälte GmbH
Dr. Ermano Geuer
Alexander Wollmann
Wagramer Strasse 19/33 A-1220 Vienna, Austria
Email: [email protected]

3. Processing of personal data

Your personal data are processed solely for the purposes specified in this Privacy Statement and only to the extent required for achieving these purposes. These data will not be disclosed to any other party without your consent except as defined in this Privacy Statement or where required by mandatory national legislation.

Use of certain facilities on our website – such as a user account, newsletters and contact forms – may require prior registration involving further processing of your personal data. However, we will make use of these data only if you provide them to us and expressly consent to such usage beforehand. In such cases, we will display a request for your consent at prominent locations, and make further information available to you directly via hyperlinks at these locations.

3.1 Log files

When you visit our website, for technical reasons your browser transmits the following data to our server (in what are termed server log files):

  • IP address
  • Date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Operating system and is access status / HTTP status code
  • Volume of data transmitted
  • Website the request is coming from (referrer URL)
  • Browser, language and version of the browser software.

It is necessary to store these data in log files in order to provide the website to users and for reasons of IT security. These data are not combined with personal data sources. We reserve the right to review these data at a future time if we become aware of specific evidence of unlawful use. If, in such cases, it is necessary to identify a data subject, we collect these data on the basis of our legitimate interest as defined in Article 6(1)(f) of the GDPR in order to display our website and ensure that it is secure.

3.2. User account

A user account is required in order to use our partner portal. You can delete your user account at any time. Data disclosed in the user account is necessary for customer support and customer care purposes and we process and use it for those purposes.

Some of the services we provide require collaboration with partner companies. If a user makes use of one of these services, we share names or other contact details with these partner companies so that they can perform their tasks. However, our partner companies are not permitted to use information disclosed to them for purposes other than the tasks associated with the service.

3.3. Pearls and More rewards program

Our BWT drinking water professionals and BWT partner fitters are registered in our partner web (fitter platform). When registering, the personal data of the BWT drinking water professional or BWT partner installer entered in the contact fields (title, name, address, telephone number and email address) will be processed. These personal data are transmitted to Connex Marketing GmbH, located at Dr-Schauer-Strasse 26 in A-4600 Wels, Austria, to enable these BWT drinking water professionals and BWT partner fitters to access our Pearls & More rewards program. A data processing agreement has been concluded with Connex Marketing GmbH. No processing of customer data takes place. The purpose of processing these data is to implement certain pre-contractual and contractual measures. The legal basis for this processing is Article 6(1)(b) of the GDPR.

3.4. Newsletters

We offer you the option of receiving various newsletters by email. You can register to receive newsletters either by consenting to receive the newsletter(s) you have selected when you register as a user, or by explicitly providing your email address when subscribing to a specific newsletter. The data you submit when registering to receive a newsletter will be used solely for the purpose of sending the newsletter to you. We will use the email address that you give us to send you the newsletter(s), and require your confirmation that you, as the holder of that email address, consent to receive it/them.

When you register for newsletters, the personal data you enter in the contact fields (title, name, address, telephone number, and email address) will be processed. The purpose of processing these data is to send you information on products, services and events.

The legal basis for this processing is Article 6(1)(a) of the GDPR. Under Article 7(3) of the GDPR, you may withdraw your consent to future processing of your data at any time. All you need to do is inform us of your withdrawal of consent, which you can do by simply clicking the unsubscribe link provided in every newsletter.

3.5. Email notifications (SendGrid)

Account-specific and product-specific notifications (status messages, warning messages and error messages) and email confirmations in response to contact forms are sent via an external service provided by the company