Privacy Policy

Privacy Policy

The following represents the privacy policy of www.esg.guide ("Website") which is a platform of ESG.Guide GmbH („ESG.Guide“, „we“, „us“). We consider customer privacy to be a fundamental aspect of our relationship with the users of the Website ("Users", "you") as users of the Website. Users can be organisations with an Organisation Profile and Newsfeed or companies with a Company Profile and Newsfeed (both "Company") and organisations, companies or individuals interested in the content ("Readers"). ESG.Guide is committed to maintaining the confidentiality, integrity, and security of its current, prospective and former clients‘ personal data, while allowing client needs to be served. We therefore process your data in accordance with the legal provisions, in particular the General Data Protection Regulation („GDPR“), the Austrian Data Protection Act („DSG“) and the Austrian Telecommunications Act („TKG“).

1. Controller

ESG.Guide GmbH, Universitätsring 10, 1010 Vienna, Austria, e-mail: [email protected], Tel: +43 1 3483003 is the data controller and responsible for the collection, and processing of your personal data in accordance with the GDPR.

2. Which data do we collect, for what purpose and on what legal basis?

2.1. Access Data/Server Log Files

When you use our Website, we collect and process data about each access to our website (so-called server log files). The access data includes: Name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider.

We process the log data only for statistical evaluations, for the purpose of operation, security and optimization of our website and the services. The data processing is therefore necessary to protect our legitimate interests in the provision of a user-friendly and secure website.

2.2. Contact

If you contact us by e-mail, phone or by using a contact form, we process your title, name, company, e-mail address or telephone number and the content of your message in order to answer your enquiry and provide you with the requested information. The processing is therefore necessary to fulfill our (pre-)contractual obligations.

2.3. Login Data and User Account

When you register as a Reader, we process first name, last name, e-mail address, role, country, gender, organization name, selected companies, date and time of changes. Thereafter, if you choose to register your Company on our Website, we process, in addition to the above-mentioned data, your organization/company name, position, address, ZIP code, city and country. We process your data in order to enable you to use the website and to provide you with a user account. The processing is necessary to fulfil our (pre-)contractual obligations.

2.4. ESG.Guide Newsletter

If you subscribe to our ESG.Guide Newsletter, we process your first name, last name, e-mail address, country and occupation/role. We process this data to send you a newsletter to the provided e-mail address with updates, information about the Website, new functions and further details on products and services of ESG.Guide. The processing is based on your freely given consent. You can withdraw your consent at any time, free of charge and without giving reasons, with effect for the future (e.g. by clicking the "unsubscribe" button in the e-mail).

2.5. ESG.Guide Content Newsletter

As a Reader you have the possibility to create an account and choose to receive a content newsletter to the provided e-mail address with information about new content from Company newsfeeds on the Website. For this reason, we process your first name, last name, e-mail address, country and occupation/role. The processing is based on your freely given consent. You can withdraw your consent at any time, free of charge and without giving reasons, with effect for the future (e.g. by clicking the "unsubscribe" button). If you do not provide or withdraw your consent, you will still be able to browse the Website and the Company newsfeeds.

3. Cookies

3.1. What is a Cookie?

A cookie is a small text file that stores internet settings. Almost every website uses cookie technology. It is downloaded by your internet browser the first time you visit a website. The next time you visit that website with the same terminal device, the cookie and the information stored in it is sent back to the website that generated it. As a result, the website recognizes that you have been visiting before with this browser and, in some cases, varies the content displayed. 

Some cookies are extremely useful, as they can improve the user experience when you return to a website that you have already visited several times. If you use the same terminal and the same browser as before, cookies remember, for example, your preferences, share how you use a page, and adapt the offers displayed more relevant to your personal interests and needs.

3.2. Legal Basis for the Use of Cookies

There are cookies that require your consent before they can be activated on your device and cookies that can be used without your consent because they are technically necessary for the provision of our service ("absolutely necessary cookies").

Absolutely necessary cookies are required for the operation of the website and cannot be disabled in your systems. Typically, these cookies are only set in response to actions you take that correspond to a service request, such as setting your privacy preferences, logging in or filling out forms. You can set your browser to block these cookies or to notify you about these cookies. However, some areas of the website will then not work. The data processing is thereby necessary for the purpose of data security measures, to prevent misuse and to optimize the website and is therefore based on our legitimate interests pursuant to Art 6 para 1 lit f GDPR in conjunction with Sec 165 para 3 TKG.

We use all other cookies on our website exclusively on the basis of your prior explicit consent pursuant to Art 6 para 1 lit a GDPR. You can give your general consent at the start of using the website by clicking on the button "Accept all" on the cookie banner. Further you can modify your choice by separately selecting the respective cookie types and clicking on "Save" or by clicking on "Modify cookie settings" where you can select or deactivate each individual type of cookie. If you deselect all cookies, no cookie-based services requiring consent will be loaded.

In the Cookie Manager, you can find specific details about which cookies are activated for which purposes and on what legal basis. The Manager will be displayed when you first visit our website. In addition, you can call it up at any time via the "Cookie Configuration" button and change your preferences. Here you will also find a daily updated list of cookie providers.

4. Data Transfer

If we transfer your personal data to third parties, these data will only be provided to the necessary extent. We transfer your personal data to the following external service providers („processors“):

- IT service providers and providers of data hosting solutions or similar services;

- Other service providers and providers of tools and solutions that assist us in performing our services (e.g. providers of marketing tools and marketing agencies, communications service providers).

Our processors process your data only on our behalf and in accordance with our instructions. In addition, we transmit your data to the following recipients („controllers“):

- External third parties to the extent necessary on the basis of our legitimate interests (e.g. auditors and tax consultants; insurance companies in the event of an insurance claim, legal representatives in the event of a claim);

- Authorities and other public bodies to the extent required by law (ESG.Guide might have responsibility under legislation or regulation to verify the identity of registered users and may need to obtain information from users for that purpose and pass on such information to the responsible authority).

ESG.Guide is based in Vienna, Austria and hosts data on servers in Austria and might also operate servers in other countries within the European Union.

If we process your data in a third country outside the European Union (EU) or the European Economic Area (EEA) or if this is done in the context of the use of third-party services, this will only occur if it is necessary to fulfill our (pre-)contractual obligations, on the basis of your consent, a legal obligation or on the basis of our legitimate interests. We have implemented suitable and appropriate guarantees to ensure that the transfer of your data to the respective third country complies with data protection regulations (e.g. Binding Corporate Rules, the conclusion of Standard Contractual Clauses and other appropriate guarantees). Upon your request, we will provide you with a copy of these appropriate safeguards if we process or have your data processed in third countries.

5. Data Security

We undertake appropriate technical and organizational security measures in accordance with Art 32 GDPR to protect your personal data against accidental or unlawful deletion, alteration or loss and against unauthorized disclose or unauthorized access.

Moreover, ESG.Guide and its employees are obliged to comply with data secrecy according to Sec 6 DSG.

6. Retention Periods

ESG.Guide stores personal data only as long as they are necessary to fulfill the obligations towards the Users. For reasons of our retention obligations, however, we store the personal data which Users provide in connection with establishing contacts and concluding contracts, three or a maximum seven years after fulfillment of the contract.

We store access data and log files for a maximum period of five years. The data about your user behavior will be stored for a period of five years, or at the longest until you revoke your consent.

The data from your newsletter subscription will be stored until you withdraw your consent or three years after the last contact.

7. Your Rights as Data Subject

As a data subject you have the right to obtain information about personal data processed concerning you as well as about your rights as data subject in a clear and transparent manner (Art 13 et seq GDPR):

If you demand it in writing and prove your identity, you have a right to free access information about your personal data processed by us (Art 15 GDPR). Additionally, you have a right to correct or supplement false data (right to rectification), and the right to erasure (Art 16 et seq GDPR). Further, you have the right to restrict the processing of personal data pursuant to Art 18 GDPR and the right of data portability according to Art 20 GDPR. In addition, you have the right to revoke any consent you have given at any time free of charge with effect for the future.

You have the right to object to the processing of personal data concerning you, particularly concerning any direct marketing measures.

Additionally, according to Art 77 GDPR, you have the right to lodge a complaint with the data protection authority, if you consider that the processing of personal data relating to you infringes the GDPR or DSG. Your competent authority is the Austrian Data Protection Authority („DSB“), Barichgasse 40-42, 1030 Vienna.

For any question in this regard or other requests, please contact us directly:

ESG.Guide GmbH
Universitätsring 10
1010 Vienna
Austria
Tel: +43 1 3483003
E-Mail: [email protected]