Data Protection

Thank you for your interest in our website and our company. Although we carefully check external links, we are not liable for the content and security of these external links.

We protect your personal information as best we can when collecting, processing and during your visit to our website. Your data is protected by law. Below you will find explanations on the nature of the information collected when you visit our website and how they are used.

As of May 25, 2018, the General Data Protection Regulation, briefly GDPR, will apply in the European Union. It contains regulations regarding the processing and the protection of your personal data. This document provides you with the essential information regarding data protection in a summarized form.

What is GDPR?

The GDPR is a regulation of the European Union. It is directly applicable in every member state of the EU, hence also in Austria. Every natural person can refer to the GDPR if his/ her data is being processed.

What does the GDPR regulate?

The GDPR contains regulations on processing of you personal data. This includes for example your name, phone number, your account turnover or your hobbies – all of this is protected by the GDPR. The principles stipulated by the GDPR regulate how your personal data can be stored or processed.

Why is there still an Austrian data protection law (DSG 2018)?

Not only has the European Union adopted the GDPR, but it has introduced a complete data protection package. A part of this package was the new data protection guideline. What differs a guideline from a regulation? A guideline has to be translated into national law in order to become effective.

Furthermore, the GDPR leaves room for the member states to manage certain aspects in more detail. Austria is covered both by the “Datenschutz-Anpassungsgesetz 2018” (DSG or DSG 2018) as well as the GDPR. If appropriate for you, we will always consider the DSG 2018 as well for you.

Why is it important to protect my data?

Data protection is a basic right. Your right of data protection is anchored in the EU-Charter of Fundamental Rights the same way as your right to freedom and right to safety. The EU-Charter of Fundamental Rights is valid between you and state institutions.

Furthermore, it is legally accepted that the private and business sector also have to ensure a balanced relationship of interest between data processor and data subject – e.g. between you and your bank. These rules can be found in the GDPR and DSG 2018.

Personal data provide a lot of information about us: our hobbies, preferences and dreams may become apparent. Evidently, this is worth protecting. However, we are only able to improve our services for you individually, if we understand your preferences. A core element of data protection is to find a common ground on how your personal data can be processed in your interest under our supervision.

A core element of data protection is that we can together find a way in which we can process your data in your interest and under your supervision.

(All links as of May 2018)

In order to talk about data protection, it is important to clarify basic definitions. We have listed the corresponding Articles of the GDPR, so you can read up on them in case you are interested. Please note that we only show summarized versions of the text. The full text of GDPR can be found here:

What is “personal data”?

“Personal data” is all information that relates to an identifiable natural person („data subject“). An identifiable person is a natural person that can be identified directly or indirectly, by Name or identification number such as IBAN or account ID.This information can be found in Art. 4 point 1 GDPR.

What is „data processing“?

The term “processing” covers every procedure in the context of personal data that is conducted with or without automated processing. This includes for instance collecting, capturing, organizing, sorting, storing adapting or changing, reading out, requesting, using, publishing (transmitting, spreading or another form of making data available), comparing, linking, limiting or deleting.This information can be found in Art. 4 point 2 GDPR.

What is a “data controller”?

The term “data controller” comprises every natural or legal person, authority or institution that decides upon the purpose and way of processing personal data either alone or together with other institutions. We as a bank for instance are a data controller.This information can be found in Art. 4 point 7 GDPR.

What is a “data processor”?

The term “data processor” comprises every natural or legal persons, authority or institution that processes personal data on behalf of a data controller.This information can be found in Art. 4 point 8 GDPR.

At EG IT INT, Data Protection Officer Alexandru Hritcu is the point person on the management and processing of personal data.

Contact details:

Alexandru Hritcu
Data Protection Officer at Erste Group IT International GmbH
A-1100 Vienna, Am Belvedere 1

Phone:  +43 (0)5 0100 13481


What about cookies, social networks and web analytics?

Cookies: Cookies are used in various locations on our website. Cookies are small text files that recognize users when they use the website again. However, no personal details, such as name or address, are stored. They cannot be identified by the information in question.We use cookies to tailor our offers to your needs and to analyze how these offers are used. You can set your browser to consult you before the use of a cookie, or to generally block the use of cookies. You can also use our website without cookies.

Social networks: We work with different social networks. If you use these social networks, your browser automatically connects to the network. It transmits your IP address as well as other information, such as e.g. cookies, if you have previously visited the platform in question. As far as possible, we avoid this type of data transfer until you actually interact with one of the platforms. By clicking on the relevant icon (e.g. Facebook logo) you indicate that you are ready to communicate with the selected platform and that information about you, such as your IP address, is transmitted to this social network.

Web analytics: For an anonymous, statistical evaluation of the flow of visitors to the websites, we transfer personal data to the service provider Adobe Analytics. You can prevent this forwarding of your data.