Data Protection

Cookies are small text files which serve to identify the frequency of use and the number of users of our website. You can refuse to accept cookies in your browser settings. For information on how this works please refer to the instructions from your browser provider. If you choose not to accept certain technical and/or functional cookies, our website's functionality may be limited. In addition, you may separately consent to the type and scope of cookie use by our website via the cookie banner, which will open when you visit the website for the first time and which can be reopened at any time via a link in the footer. Please note that certain cookies that are necessary for a correct display of the website (but do not contain any personal data) are not optional. Beyond that, other cookies, in particular concerning preferences, statistics and marketing, will only be used upon your consent. The settings chosen and, where applicable, the consent given may be modified or withdrawn at any time by re-opening the cookie banner.

For more information on these cookies and the option to change your cookie settings see: https://www.hyponoe.at/de/cookie-hinweis

Tracking pixels are small graphical elements that allow tracking of user behaviour. You can refuse to accept cookies/pixels in your browser settings.

Categories of processed data

We use Matomo on our websites (https://www.hyponoe.at, https://rechner.hyponoe.at/, opens new window, https://wohnrechner.at/, opens new window). Matomo is an analysis tool (open source software) that is operated on our own websites on our server and which does not transmit any data to third-party servers. Matomo allows us to collect the following personal data

• country;
• browser;
• operating system;
• device information: make, type, screen resolution;
• pages of the HYPO NOE website visited plus time and duration of the visit; name of the file retrieved and time of retrieval;
• truncated IP address: in order to prevent it from being broken down to an individual IP address;
• the website (URL) you visited prior to your visit;
• cookies, if any, which allow us to see whether you accessed our sites via a link

Purposes of data processing

Your data will be processed for the following purposes:

• to offer the website to you, including the services and information related to it, in the best possible manner and to enhance and adapt it;
• to compile usage statistics;
• to detect, prevent and investigate attacks on our website;
• to display personalised page suggestions.

Legal basis for processing

We will process your personal data on the following basis:

• your consent to the processing of your personal data (Article 6(1)(a) GDPR and Section 165(2) TKG);
• our overriding legitimate interest as defined in Article 6(1)(f) GDPR with respect to absolutely necessary cookies.

Storage period

In principle the data processed by us will be stored up until the time you withdraw your consent or for the duration specified in the cookie information of the relevant website (see the links below).

HYPO NOE website: https://www.hyponoe.at/cookie-hinweis

Wohnrechner [housing cost calculator]: https://www.wohnrechner.at/cookie-hinweis/, opens new window

Kreditrechner [loan calculator]: https://rechner.hyponoe.at/datenschutz, opens new window

Users may also delete their cookies and their browser cache manually via their browser.

Data may (have to) be stored for longer periods in order to investigate identified attacks on the website; beyond that they will only be stored until the end of relevant periods of statutory limitation, statutory retention periods or legal disputes in which the data is needed as evidence, if any.

Use of Facebook, Instagram, LinkedIn, Xing, YouTube and TikTok

Our online presence in social networks or on platforms serves to communicate with and inform (prospective) clients. We use products and offers of different providers such as, e.g., Facebook, Instagram, LinkedIn, TikTok and YouTube. When doing so, we and those third-party providers process personal user data, for some of which we may be jointly responsible.

We process your personal data as a user on the basis of our legitimate interest in informing users effectively and communicating with them as defined in Article 6(1)(f) GDPR. Where a user is asked to consent to processing of data (declaration of consent, e.g. by ticking a check box or clicking on a button), Article 6(1)(a) GDPR, Article 7 GDPR will be the legal basis.

For up-to-date information and a detailed description of the processing activities of these third parties (e.g. Facebook, Instagram, LinkedIn, TikTok and YouTube), as well as further information on the processing of data by the third parties and the right to object please refer to our website: https://en.hyponoe.at/data-protection.

Facebook

For more information on which data is processed by Facebook itself and the purposes for which it is used please go to Facebook's Privacy Policy: https://www.facebook.com/about/privacy/, opens new window; for the functionality of ads please see: https://www.facebook.com/help/568137493302217, opens new window. Enquiries about the processing of data by Facebook and the assertion of user rights are most effectively directed to/asserted vis-à-vis Facebook directly. In this context we would also like to draw your attention to the fact that you can change detailed privacy settings on your Facebook profile yourself. For more information please go to: https://www.facebook.com/settings? tab=your_facebook_information, for information on opting out please see: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com, opens new window.

Instagram

For more information on which data is processed by Instagram, a Facebook Group company, itself and on the purposes for which it is used please go to Instagram's Privacy Policy: https://help.instagram.com/519522125107875?helpref=page_content.Auskunftsanfragen, opens new window Enquiries about the processing of data by Instagram and the assertion of user rights are most effectively directed to/asserted vis-à-vis Instagram directly. There you will also find further information on your data protection rights and settings options for protecting your privacy. In this context we would like to draw your attention to the fact that you can change privacy settings on your Instagram profile yourself. For details please go to: https://help.instagram.com/155833707900388/?helpref=hc_fnav&cms_id=155833707900388, opens new window.

YouTube

YouTube is a product of Google. For details on the purpose and scope of data collection and processing thereof by YouTube please see YouTube's Privacy Policy. There you will also find further information on your rights and settings options for protecting your privacy: https://policies.google.com/privacy?hl=en-US.

LinkedIn

For details on the purpose and scope of data collection and processing thereof by LinkedIn please see LinkedIn's Privacy Policy. There you will also find further information on your rights and settings options for protecting your privacy: https://www.linkedin.com/legal/privacy-policy.

Xing

For details on the purpose and scope of data collection and processing thereof by Xing please see Xing's Privacy Policy. There you will also find further information on your rights and settings options for protecting your privacy: https://privacy.xing.com/en/privacy-policy, opens new window.

TikTok

Please check carefully which personal data you share with us via TikTok (TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland). We expressly point out that TikTok stores the data of users of its services (e.g. personal details, IP address, etc.) and may also use it for commercial purposes. For more detailed information on TikTok's processing of data please see TikTok's Privacy Policy: https://www.tiktok.com/legal/page/row/privacy-policy/en

We have no influence on how TikTok collects and further processes the data. Furthermore, we cannot see to what extent, where and for how long the data is being stored, whether TikTok complies with applicable erasure obligations, how the data is analysed or linked and to whom the data is disclosed.

TikTok provides us with so-called site insights (analytics): https://www.tiktok.com/analytics, opens new window. This is summarised data which helps us see how people interact with our website. Site insights may be based on personal data that was created in connection with a visit or an interaction of persons to or with our website and its contents. In accordance with Article 6(1)(f) GDPR this serves to safeguard our overriding legitimate interests in presenting our offer in an optimised way and in an effective communication with our (prospective) clients.

You may object to processing of your data for the above purposes at any time by changing the settings for advertisements in your TikTok user account accordingly by going to the settings and customising "Personalised advertising" under "Settings and data protection".

Does automated decision-making (including profiling) take place?

No automated decision-making will take place as part of the processing of personal data.

Are you required to provide data?

In many cases we have no control over the processing of data by the operator of a social media platform and do not know exactly which data is processed by them.

If you communicate with us via social media channels it will be necessary to provide certain data for us to process your enquiry.

Who do we disclose your data to?

We will not disclose data you send to us in connection with private messages to third parties.

However, we will process data entered by you on social media platforms, in particular your username and the content published under your account, insofar as we may share your posts, reply to them or create posts ourselves that refer to your account or where you mention us in your posts. We will therefore include in our offer data freely published and disseminated by you on social media platforms, and we will make it accessible to our followers.

For how long will we store your data?

The storage period of personal data within the social media platforms will depend on the relevant platform operators. We do not have access to the data processed by the platform operators and we are in no position to influence whether it is deleted or not.

We will only process your data for as long as it is necessary and only for as long as statutory retention periods apply. If you send us private messages, we will only store them for as long as we need them for answering your enquiry. Posts published by you on our social media sites will remain on the timeline indefinitely unless we delete them, for example due to a violation of the law or a violation of our policies, or if you delete the post yourself.

What are your rights as a data subject?

As a data subject the GDPR grants you the following rights vis-à-vis the controller:

• right of access
• right to rectification
• right to erasure
• right to restriction of processing
• right to data portability

Right to object: Under certain conditions you have a right to object to our processing of your personal data at any time on grounds relating to your particular situation of if personal data is used for direct marketing purposes, and we may be required to stop processing your personal data. Moreover, if personal data is processed for direct marketing purposes, you will have the right to object to our processing of the personal data relating to you for the purpose of such marketing at any time. This also applies to profiling to the extent that it is related to such direct marketing. In this case the personal data will no longer be processed by us for those purposes.

To exercise those rights please use the above Contact details.

In addition, as the data subject you have the right to lodge any complaints you may have with the Austrian Data Protection Authority.

Links

The websites and apps of HYPO NOE may also contain links to website of other providers which are not subject to this Privacy Policy. As a rule the bank has no control over the content of such third parties or their compliance with data protection provisions, which is why we ask that you inform yourself about the policies that apply in this regard.