Data controller is OMV Gas Marketing & Trading Belgium BV. Furthermore, you may encounter and access on our website other offers or information of other OMV group companies, e.g. OMV Downstream GmbH, which are also controllers of personal data and to which this Privacy Policy applies as well.
If you have any questions regarding the processing of your data, please contact:
Data Protection Officer Mr. Mag. Manfred Spängler, MSc
OMV Gas Marketing & Trading Belgium BV
Kortenberglaan 52
1000 Brussel
Telefon:
E-Mail: privacy@omv.com
We process among others the following data:
Moreover, we are processing as well master data (e.g. name, address, contact information), billing information (e.g. billing details, bank data), documentation data (e.g. call memos and emails), and data in order to comply with legal requirements.
We process personal data that we receive from you (or your employer) in the context of a business relationship or the initiation of a business relationship or record in the context of legitimate interests. In addition, we process data that we legitimately obtain from publicly available sources (e.g. commercial register, land register, media).
Insofar as we obtain the consent of the data subject for processing operations involving personal data, Art. 6 (1) (a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) lit. b DSGVO serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.
Insofar as processing of personal data is necessary for the fulfillment of a legal obligation to which our company is subject, Art. 6 (1) lit. c DSGVO serves as the legal basis.
In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) lit. d DSGVO serves as the legal basis.
If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not override the first-mentioned interest, Art. 6 (1) f DSGVO serves as the legal basis for the processing.
While operating this website, we collect certain data ("personal data") that may refer to identified natural persons or identifiable natural persons, which are directly provided by the users of this website by filling in forms (e.g. name, first name, postal address, e-mail address, telephone number) or indirectly by visiting the website (e.g. IP-address).
For further details on embedded third party services, content and cookies please refer to the information further below.
We process the data that you provide us with in your correspondence in order to answer your inquiries, requests or complaints. We obtained your personal data for this purpose based on your freely given consent. The expression of your consent derives neither from legal, nor contractual obligations. However, if you do not provide your personal data, we are unable to answer your inquiries, requests or complaints.
In order to conduct promotional games and award prizes to the winners, we process the data provided by you by completing and submitting the appropriate entry forms.
We obtained personal data for this purpose based on your freely given consent. The expression of your consent derives neither from legal, nor contractual obligations. However, if you do not provide us with your personal data, it is not possible to participate in promotional games and raffles. Details of the respective promotional game/raffle are stated in the respective terms and conditions.
By signing up for our e-mail newsletter on our websites, the personal data provided by you upon registration will be stored by us and used to send the selected newsletter and, in the case of your prior express consent, to receive advertising. We only send our newsletter to the e-mail address provided by you. The revocation of your consent to receive the newsletter is possible any time by using the opt-out option, which can be found in the newsletter or via privacy@omv.com.
We process the data you provide us with to inform you about our products and services (for example through a newsletter) and to analyze the effectiveness of our advertising campaigns.
If you provided us with your e-mail address when purchasing any of our products or services, we may use your e-mail address to provide you with information about similar products or services based on our legitimate interest in informing you about our products and services.
We obtained your personal data for this purpose based on your freely given consent. The expression of your consent derives neither from legal, nor contractual obligations. However, if you do not provide us with your personal data, it is not possible to receive about our products and services.
We process your information that you provide to us as part of your participation in surveys, market surveys, or customer satisfaction surveys.
The expression of your consent derives neither from legal, nor contractual obligations. However, if you do not provide us with your personal data, it is not possible to participate in such surveys or studies.
*
We use cookies to make our website as user-friendly and functional as possible for you. Some of these cookies are stored on the device you use to access the site.
Cookies are small packages of data that are exchanged between your browser and our web server whenever you visit our website. They do not cause any damage and are used solely to recognise website visitors. Cookies can only store information provided by your browser, e.g. information that you have entered into your browser or that is available on the website. Cookies cannot execute code and cannot be used to access your terminal device.
The next time you access our website using the same device, the information stored in the cookies can then either be sent back to us (“first-party cookie”) or to a web application of third party to whom the cookie belongs (“third-party cookie”). The information that is stored and sent back allows each web application to recognise that you have already accessed and visited the website using the browser on your device.
Cookies contain the following information:
We classify cookies in the following categories depending on their purpose and function:
Depending on the storage period, we also divide cookies into session and persistent cookies. Session cookies store information that is used during your current browser session. These cookies are automatically deleted when the browser is closed. No information remains on your device. Persistent cookies store information between two visits to the website. Based on this information, you will be recognized as a returning visitor on your next visit and the website will react accordingly. The lifespan of a persistent cookie is determined by the provider of the cookie.
The legal basis for using technically necessary cookies is our legitimate interest in the technically fault-free operation and smooth functionality of our website. The use of statistics and marketing cookies is subject to your consent. You can withdraw your consent for the future use of cookies at any time. Your consent is voluntary. If consent is not given, no disadvantages arise. For more information about the cookies we actually use (specifically, their purpose and lifespan), refer to this Privacy Policy and to the information in our cookie banner about the cookies we use.
You can also set your web browser so that it does not store any cookies in general on your device or so that you will be asked each time you visit the site whether you accept the use of cookies. Cookies that have already been stored can be deleted at any time. Refer to the Help section of your browser to learn how to do this.
Please note that a general deactivation of cookies may lead to functional restrictions on our website.
On our website, we also use so-called local storage functions (also called "local data"). This means that data is stored locally in the cache of your browser, which continues to exist and can be read even after you close the browser - as long as you do not delete the cache or data is stored within the session storage.
Third parties cannot access the data stored in the local storage. If special plug-ins or tools use the local storage functions, you are informed within the description of the respective plug-in or tool.
If you do not wish plug-ins or tools to use local storage functions, you can control this in the settings of your respective browser. We would like to point out that this may result in functional restrictions.
Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Parent company: Google LLC (USA).
Purpose: Web Analytics, Performance Measurement, Conversion Tracking, Collection of Statistical Data
Category: Statistics
Recipients: EU, USA
Data processed: IP Address, Website Visit details, User Data.
Data subjects: Users
Technology: JavaScript Call, Cookies
Legal basis: Consent, Data Privacy Framework, https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active
Website: https://www.google.com
Further information:
https://policies.google.com/privacy
https://safety.google/intl/en/principles/
https://business.safety.google/adsprocessorterms/
Here you can find out where exactly Google data centers are located: https://www.google.com/about/datacenters/locations/
On our website, we use the functions of the web analysis service Google Analytics to analyze user behavior and to optimize our website. The reports provided by Google are used to analyze the performance of our website and to measure the success of possible campaigns via our website.
Google Analytics uses cookies that enable an analysis of the use of our website.
Information about the use of the website such as browser type/version, operating system used, the previously visited page, host name of the accessing computer (IP address), time of server request are usually transmitted to a Google server and stored there. We have concluded a contract with Google for this purpose.
On our behalf, Google will use this information for the purpose of evaluating your use of our website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. According to Google, the IP address transmitted by your browser is not merged with other data from Google.
We only use Google Analytics with IP anonymization activated by default. This means that the IP address of a user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. According to Google, the IP address transmitted by a user's browser within the scope of Google Analytics is not linked to other Google data.
During the website visit, the user behaviour is recorded in the form of so-called events. These can represent the following:
furthermore, the following is recorded:
The processing of this data is essentially done by Google for its own purposes such as profiling (without our ability to influence).
The data about the use of our website is deleted immediately after the end of the retention period set by us in each case. Google Analytics gives us a default of 2 months for the retention period of user and event data, with a maximum retention period of 14 months. This retention period also applies to conversion data. For all other event data, the following options are available: 2 months, 14 months, 26 months (Google Analytics 360 only), 38 months (Google Analytics 360 only), 50 months (Google Analytics 360 only). We will choose the shortest storage period that corresponds to our intended use. You can ask us at any time for the retention period currently set by us.
The deletion of data whose retention period has been reached takes place automatically once a month.
Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, Parent company: Google LLC (USA)
Purpose: Launching Tools and Plugins
Category: Technically Required
Recipients: EU, USA (possible)
Data processed: IP Address
Data subjects: User
Technology: JavaScript Call
Legal basis: legitimate interest, Data Privacy Framework, https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active
Website: https://www.google.com
Further information:
https://policies.google.com/privacy
https://safety.google/intl/en/principles/
https://business.safety.google/adsprocessorterms/
Here you can find out where exactly Google data centers are located: https://www.google.com/about/datacenters/locations/
The Google Tag Manager service is used on our website.
The Tag Manager is a service that allows us to manage website tags via an interface. This allows us to include code snippets such as tracking codes or conversion pixels on websites without interfering with the source code. In doing so, the data is only forwarded by the Tag Manager, but neither collected nor stored. The Tag Manager itself is a cookie-less domain and does not process any personal data, as it serves purely to manage other services in our online offering.
When the Google Tag Manager is started, the browser establishes a connection to Google's servers. These are mainly located in the U.S. Through this, Google obtains knowledge that our website was called up via the IP address of a user.
The Tag Manager ensures the resolution of other tags, which in turn may collect data. However, the Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, this remains in place for all tracking tags that are implemented with the Tag Manager.
In the process of hosting our website, we store all data related to the operation of our website. This is necessary for enabling operation of our website. Therefore, we process this data on the legal grounds of our legitimate interest in optimising our website. To provide access to our website, we use the services of web hosting providers, to whom we supply the aforementioned data within the context of contractual processing.
Whenever you contact us, your information is used to process and handle your contact request in the course of fulfilling pre-contractual rights and obligations. To handle and answer your request it is necessary for us to process your data; otherwise we are unable to answer your request or only able to partially answer it. Your information can be stored in a database of customers and leads on the grounds of our legitimate interest in direct marketing.
We delete your request and contact information when your request has been definitively answered and there is no legally required time limit for storing this data prior to deletion (e.g. pursuant to a subsequent contractual relationship). This is usually the case when there is no further contact with you for three years in a row.
For technical reasons, particularly to ensure a functioning and secure website, we process the technically necessary data about accesses to our website in so-called server log files which your browser automatically sends to us.
The access data we process includes:
This data cannot be traced back to any natural person and is used solely to perform statistical analyses and to operate and improve our website while also optimising our site and keeping it secure. This data is sent exclusively to our website operator. The data is neither connected nor aggregated with other data sources. In case of suspicion of unlawful use of our website, we reserve the right to examine the data retroactively. This data processing takes place on the legal grounds of our legitimate interest in maintaining a technically fault-free and optimal website.
The access data is deleted within a short period of time after serving its purpose (usually within a few days) unless further storage is required for evidence purposes. In such cases, the data is stored until the incident is definitively resolved.
Within your visit to our website, we use the widespread SSL procedure (Secure Socket Layer) in conjunction with the highest level of encryption supported by your browser. You can tell whether an individual page of our website is transmitted in encrypted form by the closed representation of the key or lock symbol in the lower status bar of your browser. We use this encryption procedure on the basis of our justified interest in the use of suitable encryption techniques.
We also make use of suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments and kept state-of-the-art.
Provider: DataReporter GmbH, Zeileisstraße 6, 4600 Wels, Austria.
Purpose: Consent Management
Category: Technically Required
Recipient: EU, AT
Data processed: IP Address, Consent Data
Data subjects: Users
Technology: JavaScript call, Cookies, Swarmcrawler
Legal basis: Legitimate interest, consent (swarmcrawler to evaluate search results)
Website: https://www.datareporter.eu/
Further information: https://www.datareporter.eu/de/privacystatement.html
On our website, we use the Webcare tool for consent management. Webcare records and stores the decision of each user of our website. Our Consent Banner ensures that statistical and marketing technologies such as cookies or external tools are only set or started if the user has expressly consented to their use.
We store information on the extent to which the user has confirmed the use of cookies. The user's decision can be revoked at any time by accessing the cookie setting and managing the declaration of consent. Existing cookies are deleted after revocation of consent. For the storage of information about the status of the consent of the user, a cookie is also set, which is referred to in the cookie details. Furthermore, the IP address of the respective user(s) is transmitted to DataReporter's servers when this service is called up. The IP address is neither stored nor associated with any other data of the user, it is only used for the correct execution of the service.
With the help of Webcare, our website is regularly checked for technologies relevant to data protection. This investigation is only carried out for those users who have expressly given their consent (for statistical or marketing purposes). The search results of the users are evaluated by Webcare in an anonymous form and only in relation to technologies and used for the fulfillment of our information obligations. To start the Swarmcrawler technology, a request is sent to our servers and the IP address of the user is transmitted for the purpose of data transfer. Servers are selected which are geographically close to the respective location of the user. It can be assumed that for users within the EU, a server with a location within the EU will also be selected. The IP address of the user is not stored and is removed immediately after the end of the communication.
Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC (USA)
Purpose: Integration of Video Content, Collection of Statistical Data
Category: Statistics
Recipients: EU, USA
Data processed: IP Address, Website Visit Details, User Data
Data subjects: Users
Technology: JavaScript Call, Cookies, Device Fingerprinting, Local Storage
Legal basis: Consent, Data Privacy Framework, https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active
Website: https://www.youtube.com
Further information: https://www.youtube.com/intl/ALL_at/howyoutubeworks/user-settings/privacy/
https://policies.google.com/privacy
https://safety.google/intl/en/principles/
https://support.google.com/youtube/answer/10364219?hl=en
On our website, we use the YouTube service to embed videos.
We have activated the extended data protection mode on YouTube. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch a video. However, the disclosure of data to YouTube partners is not excluded by the extended data protection mode.
As soon as you start a YouTube video, a connection to YouTube's servers is established. This tells YouTube which of our pages you have visited. If you are logged into your YouTube account, you thereby enable YouTube to assign your surfing behaviour directly to your personal profile. This can be prevented by logging out of your account.
Furthermore, YouTube can save various cookies on your end device after starting a video or use comparable technologies (e.g. device fingerprinting). YouTube also uses the local storage on your end device. In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to collect video statistics, improve the user experience and prevent fraud attempts
We collect information from you as a user of our website through the use of Cookies in order to make our website more user-friendly, effective and secure. This includes your IP-address (anonymized), browser type, language settings, operating system, type of device, domain name, domain host, date and time. The legal basis for this is your consent, which you express by the appropriate settings of your browser or device to allow Cookies or by choosing the respective settings in our Cookie banner. This consent can be revoked anytime. The setting of Cookies is according to Art. 6 para 1 lit. f GDPR also based on our legitimate interest insofar as it is technically absolutely necessary in order to use offered services accessed by you.
More information about the use of Cookies on this website and their purposes, as well as your options to control or block the Cookies, you find in our Cookie banner. Currently, we are using the following Cookies:
Cookies are small text files that are stored on your computer, tablet computer or smartphone when you visit a website using your browser. These files do no harm and serve only to recognize the website visitor. On your next visit to the website using the same device, the information stored in cookies may subsequently be returned either to the website ("First Party Cookie") or to another website to which the cookie belongs ("Third Party Cookie"). You can set your browser so that the storage of cookies is generally prevented or you are asked each time whether you agree to the setting of cookies. Once set, you can delete cookies at any time. How this works can be found in the help function of your browser. An explanation for the browsers Firefox, Microsoft Internet Explorer and Google Chrome can be found at this link: http://www.meine-cookies.org/cookies_verwalten/index.html.
Technically necessary cookies are used to enable the technical operation of a website and make it functional for you. The use is based on our legitimate interest to provide a technically flawless website. However, you can generally disable the use of cookies in your browser.
| Surname | Purpose | Creator | Storage time | Domain |
|---|---|---|---|---|
| __(ID) | ensures the functionality and usability of the page and is used to track errors. | 1 hour | www.omv-gas.be | |
| __ZEHIC | ensures the functionality and usability of the page and is used to track errors. | 1 minute | www.omv-gas.be | |
| cookieconsent_mode | ensures the functionality and usability of the page and is used to track errors. | DataReporter GmbH | 12 months | www.omv-gas.be |
| cookieconsent_status | ensures the functionality and usability of the page and is used to track errors. | DataReporter GmbH | 12 months | www.omv-gas.be |
| JSESSIONID | counts the number of sessions and assigns an anonymous identifier to each visitor. | Session | www.omv-gas.be |
Statistics cookies collect information about how websites are used to improve their attractiveness, content and functionality. A use takes place only with your consent and only as long as you have not deactivated the respective cookie.
| Surname | Purpose | Creator | Storage time | Domain |
|---|---|---|---|---|
| _ga | Contains information to help distinguish users from the page. Gathers data about user visits, such as which pages are relevant. | 1 year | omv-gas.be | |
| _ga_(GA4-ID) | Contains information to help distinguish users from the page. Gathers data about user visits, such as which pages are relevant. | 1 year | omv-gas.be |
Marketing cookies come from external advertising companies and are used to collect information about the websites visited by the user. A use takes place only with your consent and only as long as you have not deactivated the respective cookie.
| Surname | Purpose | Creator | Storage time | Domain |
|---|---|---|---|---|
| NID | registers a unique ID that identifies and recognizes the user. Used for targeted advertising. | www.google.com |
While hosting our website, all data related to operating our website are stored. This is necessary in order to make the operation of the website possible. Thus, all data are processed on the basis of our legitimate interests according to Art. 6 para 1 lit. f GDPR to optimize our website.
Due to technical reasons, in particular in order to guarantee a functioning and secure web presence, we are processing technical necessary data on accesses on our website in so-called server-log-files. Your browser is transmitting those automatically to us.
The following data are protocolled:
This data are not connected to natural personen and are only used for evaluation and improvement of our website. These data are only transmitted to our Website provider. A connection or aggregation of these data with other data sources does not take place.. The processing of data is based on our legitimate interest according to Art. 6 para 1 lit. f GDPR to provide for a technical flawless presentation and optimization of our website.
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer.
The storage in log files is done to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
We process this data on the basis of our legitimate interest in data processing pursuant to Art. 6 (1) lit. f GDPR.
Data are deleted after fulfilling the purpose, normally within a few days, in case there is no need to store data as evidence. In this case, data will be stored until the issue is finally resolved.
We only transfer your data restrictively.
In order to achieve the above under point III stated purposes your data may be shared with the following categories of recipients:
As part of the data processing described above, transmitted transmission of personal data to recipients in countries outside the European Union (so-called third countries) may take place. We only transfer your data to (i) countries for which the EU Commission has determined that they provide an adequate level of data protection or (ii) if we take measures to ensure that the respective recipient provides an adequate level of data protection (in particular by concluding EU Standard Contractual Clauses).
We would like to point out that on July 10, 2023, the European Commission adopted a new adequacy decision in accordance with Art. 45 GDPR for the United States of America, the so-called EU-U.S. Data Privacy Framework.
It stipulates that the United States will ensure an adequate level of protection – comparable to that of the European Union – for personal data transferred from the EU to US companies under the new framework.
This new EU-US data protection framework provides, in principle, a valid legal basis for the transfer of personal data to the USA. The EU-US data protection framework introduces new binding safeguards to address all concerns raised by the European Court of Justice; This provides for US intelligence services' access to EU data to be limited to a necessary and proportionate level and for the creation of a Data Protection Review Court (DPRC) to which individuals in the EU have access.
If a data transfer by us to the USA takes place or if a service provider based in the USA is used, we explicitly refer to this in this privacy policy (see in particular the description of the technologies on our website).
What can the transfer of personal data to the USA mean for you as a user and what are the risks in this context?
While the new framework brings significant improvements over the existing Privacy Shield mechanism, however, it should be noted that the adequacy decision only applies partially and only covers data transfers to those data importers in the United States that appear in the so-called Data Privacy Framework List.
Risks for you as a user, when data is transferred to data importers in the United States, which are not subject to the EU-U.S. Data Privacy Framework are in any case the powers of the U.S. intelligence services and the legal situation in the U.S., which currently, according to the ECJ, no longer ensure an adequate level of data protection. Among others, these are the following:
Legally compliant transfer of data to the USA based on the standard contractual clauses for data transfers to data importers in the United States, which are not subject to the EU-U.S. Data Privacy Framework?
The standard contractual clauses adopted by the Commission in 2021 (2021/914 vom 4. Juni 2021), Art. 46 (2) c GDPR, are valid under the condition that the level of protection for personal data equivalent to that in the European Union is ensured. Thus, not only the contractual relationships with our service providers are decisive, but the possibility of access to the data by authorities in the USA and the legal system there must also be evaluated.
What measures do we take to ensure that data transfers to the USA are legally compliant?
Wherever US providers offer the option, we choose to process data on EU servers. This should technically ensure that the data is located within the European Union and that access by US authorities is not possible.
For the further use of US tools, we take the following measures:
As far as possible and not already provided for by law (for example FATCA), your consent will be requested before using a US tool and you will be informed transparently in advance about how a service works. The risks involved in transferring data to the USA can be found in the corresponding passage in our privacy policy.
With US providers we make every effort to conclude the mentioned EU standard contractual clauses and to demand additional guarantees.
We process your personal data as long as reasonably necessary to achieve the under point III mentioned purposes and in addition in accordance with the legal obligations for storage and documentation, which result among others from the Austrian Civil Code (ABGB) and the Austrian Business Code (UGB) or for asserting, exercising or defending legal claims.
Generally, your data will be deleted after withdrawing your consent or objecting to the processing of your data. Therefore, processing of a possible application procedure needs to be completed and provided that the storage of data is not necessary to fulfill a legal obligation or to assert, exercise or defend legal claims. Further processing will only take place if you have expressly consented to the further use of your data or if we have reserved the right to process the data in excess thereof under the permission of applicable laws.
Instead of deleting your data, it is possible that the data may be made anonymous. In this case, any personal reference will irretrievably be removed, which is why the deletion obligations under data protection law also cease to apply.
According to current data protection laws, you enjoy the following rights regarding the processing of personal data:
If the processing of your personal data is based on our legitimate interest, you have the right, to object any time to the processing of your data for reasons arising out of the particular situation; this applies in particular to the processing of data for the purpose of direct marketing.
If the processing of your data is based on your consent, you have the right to withdraw the consent at any time with future effect. Such withdrawal shall not affect the lawfulness of the data processing up to the date of withdrawal.
If you believe that our processing of your data is violating applicable data protection laws or if your privacy rights have otherwise been violated, please contact us using the contact details provided in point I above. In this way, we get to know and understand your concerns and can respond accordingly.
You can exercise your aforementioned rights by sending your request via the below form.
You also have the right to file a complaint with the national competent data protection authority. In Austria it is the Data Protection Authority.
Commission de la protection de la vie privée
Rue de la Presse 35, 1000 Bruxelles, Belgien
Tel.: +32 2 274 48 00, commission@privacycommission.be
Due to the further development of our website and offers about it or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can call up and print out the current privacy policy on our website at any time.