Privacy Policy

The protection of your personal data is of particular concern to us. We, adapa Holding GesmbH collect, use and store your personal data exclusively within the framework of European and national data protection laws. In the following, we inform you about the type, extent, and purpose of data processing, as well as about data collection and use in the context of our business activities and operation of our website.

Responsible person:
adapa Holding GesmbH
IZ NÖ-Süd Street 1, Obj. 50C
2351 Wiener Neudorf
Managing Directors: Noël Kasmi, Georges Gravanis, Marek Pawlak

Alexandra Kocsis
Tel: +43 2252 266014 72

External data protection officer:
Markus Dittrich | CASC – full-service agency GmbH
Address: A-1160 | Heigerleinstraße 2/4-9
Tel.: 01 / 924 05 28

Types of data processed

Within the scope of business transactions, business initiation, operation and use of our website or simply when you are interested in our company, we process and use personal data that you provide directly or indirectly. This includes, for example: names, addresses, contact data (e-mails, telephone numbers); entries made by you (texts, photographs, videos); the recording of visited websites and protocols thereof, interests in content, access times, as well as device information, IP addresses, etc.
No special categories of data within the meaning of Art. 9 para. 1 GDPR are processed.

Legal basis

In accordance with Art. 13 GDPR, we explain the legal basis of our data processing in this paragraph. Art. 6 para. 1 lit. b GDPR is the legal basis for the processing of contractual or pre-contractual measures. lnsofar as we are forced to process data within the framework of legal obligations, this is based on Art. 6 para. 1 lit. c GDPR. With a view to safeguard our legitimate interests, data processing is based on Art. 6 para. 1 lit. f GDPR. lf none of the aforementioned legal bases are relevant, we will carry out the processing, if we have your consent (Art. 6 para. 1 lit. a and Art. 7 GDPR).

Data security

Unauthorized attempts to access personal data represent a reality that private individuals and companies have to face every day. Since data protection is a high priority for us, we invest in the security of our systems and constantly monitor them. The protection of your personal data is important to us. Therefore, taking into account the state of technology, the implementation costs and the nature, scope, circumstances, and purposes of the data processing, as well as the varying probability of occurrence and severity of the risk of abuse of the rights and freedom of natural persons, we implement technical and organizational measures designed to prevent the misuse, loss, incorrect alteration of personal data, access by unauthorized third parties and attacks (Art. 32 DSGVO). In all these measures, reference should be made, among other things, to maintaining the confidentiality, integrity and availability of data by controlling its physical access, input, disclosure, secure availability and separation. In the context of the development or acquisition of new hardware and software and the associated introduction of new processes, we make particular efforts to comply with the principles of data protection in the best possible way.

Cooperation with data processors and third parties

lf we use other persons and companies (data processors or third parties) for processing the data, it shall in principle be based on one of the above-mentioned legal bases. Furthermore, with these cooperation partners, data is basically processed on the basis of a “data processing agreement” see Art. 28 GDPR. Such cooperation partners can be, for example, external recruitment agencies or external providers of IT services and network services.

Data transfer within the adapa Group

Within the adapa Group of Companies, your personal data will be transmitted for one of the purposes listed below or, if necessary, due to legitimate interests as defined by Art. 6 para. 1 lit. f GDPR, for the purposes of internal administrative activities, at group level between affiliated companies. Our company organisation ensures that the companies of adapa meet the data protection level of the European Union.

Data transmission to third countries

Should data be transferred to a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) and processed there, this will only take place to the extent that it can be based on one of the above-mentioned legal bases and within the framework of the provisions of Art. 44 ff. GDPR (General principles of data transmission). This means that the data is either transferred to a secure third country or processed in compliance with officially recognised special contractual obligations (so-called “standard contractual clauses”). Safe third countries are those countries to which the European Commission has confirmed an adequate level of data protection comparable to EU law by means of an Adequacy Decision. Safe third countries include Andorra, Argentina, Canada (commercial organisations only), Faroe lslands, Guernsey, Israel, lsle of Man, Jersey, New Zealand, Switzerland, Uruguay and Japan.

Purpose of processing, collection, handling and use of data

a. Use of the website

To enable you to use our website, we collect data that your browser transmits to our server. This includes your IP address, browser type, language settings, operating system, domain name and domain host. The legal basis for this is our legitimate interest in enabling the operation of the website (Art. 6 para. 1 lit. f GDPR).
By using the website, we would like to provide or initiate contractual and pre­-contractual services, as well as offer various services and maintain contact with our business partners and interested parties.

b. Marketing purposes

Finally, data processing is carried out for marketing purposes, advertising and market research and as a security measure to protect our website. For internal statistical or system-related purposes, therefore, every access to our website and every retrieval of a file made available on this website is logged (so­ called serverlogfiles, storage duration 72 hours).

The name of the retrieved file, date and time of the retrieval, transferred data volume, notification of successful retrieval, web browser type/version, the user’s operating system, referrer URL (the previously visited site) and inquiring domain as well as the IP addresses of the inquiring computers are recorded. Additional personal data will only be logged if you provide information to our website voluntarily, e.g., when contacting us via our contact form, newsletter registration or e-mail, in the context of an inquiry or by changing your browser settings.

c. Customer Relationship Management System (“CMR System”)

When you contact us via contact form or e-mail, your request will be processed on the basis of Art. 6 para. 1 lit. b) GDPR. We reserve the right to store your data in our customer relationship management system (“CRM system”) or a similar system.
lf the requests have been processed and further storage is no longer necessary, the data will be deleted. The necessity is reviewed every two years. In the case of legal archiving obligations, the deletion will be completed after the legally prescribed retention periods. Requests for correction and deletion of personal data will be processed as quickly as possible.

d. Applications

We process the personal data that you provide us with in connection with your job application. The purpose of storing your applicant data is to fill a vacant position in our company. lf you are not offered a position with us, we will store your data for up to six months. Should we wish to keep your data on file longer for future job advertisements, we will ask you for your consent in advance. lf you do not agree that we keep your applicant data evident, we will delete it. You can revoke your consent at any time. In this case, the stored personal data will, of course, also be deleted.

Use of personal data for our newsletter

lf you have registered to receive our newsletter, we will use the data provided during your registration, such as first name, surname and your e-mail address, only for the purpose of sending the newsletter. To register for the newsletter, we use the “double opt-in procedure”. After the registration to receive the newsletter, we will send you a confirmation e-mail in which you are asked to confirm the regular receipt of the newsletter by clicking on a link in the e-mail. Afterwards, you will begin to receive the newsletter.

You have the possibility to unsubscribe from the newsletter anytime by clicking on a link contained in the respective newsletter or via e-mail to info@adapa­ You can also send a letter to make a corresponding declaration.

The personal data stored to provide our newsletter will be deleted after the cancellation of the newsletter. For the handling of the newsletter dispatch we work together with an operator of a newsletter management system based in the EU.

Data subject rights

As a data subject in relation to your data processed by us, you have the following rights:

  • Right to be informed / Information on the data processed by us
  • Right to rectification of data
  • Right to data portability
  • Right to restrict and object the processing of, and
  • Right to erasure of data / Right to be forgotten

Right of access to information

On request, we can provide you with your data in accordance with Art. 20 GDPR. Furthermore, you have the right to lodge a complaint with the competent supervisory authority in accordance with Art. 77 GDPR.

Right of objection

You can object to future processing of the data concerning you at any time in accordance with Art. 21 GDPR. The objection may particularly be made against processing for the purposes of direct advertising.

Right of withdrawal

You can revoke any consent you have given us in accordance with Art. 7 Para. 3 GDPR with effect for the future.

To exercise your rights, please contact us via

Storage period of personal data

We store your personal data only as long as a legal basis exists. lf the legal basis ceases to exist, we are obliged to delete the personal data, unless storage is required by law or legally required. lf you would like further information on our retention periods, please contact our data protection officer using the contact details given above.

Use of cookies

Cookies are used on our website. Cookies typically contain data about the web page visited, which the web browser stores while surfing. lf the user calls up our website again via the corresponding server, the browser of the user of our website sends the cookie received previously back again. This enables the server to evaluate the information received and to facilitate navigation on a website or to control the display of advertising.

Cookies can only contain information that was sent to your computer by us. No private data can be processed in this way. lf you allow the use of cookies on our pages, there is no possibility for us to access your personal data. With the help of cookies, we can recognise your computer when you visit our site again.

By configuring the Internet browser on your computer, i.e., the application which you use to provide or display Internet pages (such as Microsoft Edge, Internet Explorer, Mozilla Firefox, Opera, Google Chrome or Safari), the use of cookies can be excluded. In this case, certain functions on our pages may no longer be available to you or may not be displayed correctly.

lt is possible that our cooperation advertising partners may also store their own third-party cookies on your computer. This happens, for example, in connection with advertising measures on third-party websites (retargeting or the use of social plug-ins).

None of the cookies used contain personal data. lt is not possible to assign the cookies to you as a natural person, only the computer used can be recognised. This is only possible in terms of time until the cookies are deleted or delete themselves due to their programming.

Integration of third-party services and content

Within the scope of this online presence, third-party content, such as videos from YouTube, map material from Google Maps, RSS feeds or graphics from other websites may be integrated (so-called “third-party providers”). A prerequisite here is always that the providers of this content are aware of the IP address of the users, since without this IP address their content cannot reach your browser. We make every effort to use only content whose third-party provider uses the IP address only to deliver the content. We have no influence on the fact that third party providers may record your IP address for statistical purposes.

Google Analytics

We use Google Analytics on our websites. This is a service of Google lnc, 1600 Amphitheatre Parkway, Mountain View, CA, 94043, USA (“Google”). Due to our legitimate interest in an analysis, improvement and economic operation of our website, based on Art. 6 para. 1 lit. f GDPR, we have decided to use this service.

Google Analytics uses cookies, with the help of which information about your use of the website is usually transferred to a Google server in the USA and stored there.

lf you have activated IP anonymisation on our websites, your IP address will be shortened by Google within member states of the European Union or in other states which are party to the Agreement on the European Economic Area.

Occasionally the full IP address may be transferred to a Google server in the USA and shortened there. On our behalf, Google uses this data to evaluate your use of our website, to create reports on the activities on our website and to provide further services to the website operator in connection with the use of the website and the Internet. The IP address transmitted by your browser within the scope of Google Analytics is not merged with other data from Google.

You can prevent the storage of cookies by making the appropriate settings in your browser software. In this case, it is possible that you may not be able to use all the functions of our website to their full extent. By installing a browser plugin, which you can download from this link (, you have the option of preventing the data generated by the cookie and related to your use of the website (including your IP address) from being sent to Google and the processing of this data by Google lnc. Further information on data use by Google lnc can be found at

Links to other Internet pages

From time to time, we refer to the websites of third parties. Even with a conscientious selection of the Internet pages to which we refer, we cannot assume any guarantee or liability for the correctness or completeness of the content and the data security of third-party websites. This privacy policy is also not valid for linked third-party websites.

Changes and updates to the privacy policy

Should we introduce new offers, products or services, adapt online procedures or further develop the Internet and EDP security technology, we will update this “privacy policy”. We therefore reserve the right to adapt this declaration as necessary. The adjustments will be announced here. We therefore recommend that you inform yourself regularly about the current status of the privacy policy at this point.

adapa Integrity Line

adapa Group is committed to providing a safe environment for our employees to speak up if they witness misconduct. lf employees or business partners see or suspect behaviour that violates the Code of Conduct, we depend on them to report it to the lntegrity Line, the adapa whistleblower system Even if you are not sure or do not have all the evidence, we encourage you to share as much information as you have via the adapa lntegrity Line. Reports can be made anonymously, and all cases are kept confidential, whether names are provided or not. The lntegrity Line is hosted on a secure, external website, where anyone can raise concerns safely and anonymously. adapa has zero tolerance for retaliation taken against whistleblowers and witnesses.

Status 06/2024

To top