Privacy policy 
of the Presta Foundation

General information

We process your personal data as part of the insured person relationship. Your data and the protection it requires are very important to us.

We only process the data about you that is necessary. We do this with due care, not least to protect you from possible misuse.

With this privacy policy, we would like to give you an overview of the processing of your data and the rights to which you are entitled in accordance with the provisions of the General Data Protection Regulation (hereinafter referred to as "GDPR") and the Liechtenstein Data Protection Act (hereinafter referred to as "DPA").

1. Collection and storage of personal data and the nature and purpose of their use

   
   

   As described, we only process the necessary data. This may vary depending on the group of people. We collect the following information:

   • Identification data (e.g. surname, first name, date of birth, nationality, gender)

   • Contact details (e.g. address, telephone number, e-mail address, etc.)

   • Bank details (e.g. bank name, account holder, IBAN)

   • Data on the implementation of the insurance (marital status and salary situation, date of entry and exit, insurance plan, social insurance and health data, etc.)

     
     

     This data is collected,

   • primarily for initiating, implementing, maintaining and terminating the insurance relationship.

   • to identify you as an insured person.

   • for correspondence with you as well as

   • in order to fulfil the tasks specified in the Occupational Pensions Act (OPA), in particular

     1. to ensure compliance with the insurance obligation

     2. calculate and collect contributions from insured persons

     3. assess any entitlement to benefits

     4. calculate and grant benefits and coordinate them with benefits from other social insurance schemes

     5. to assert a right of recourse against liable third parties

     6. to supervise the implementation of this law

     7. to keep statistics (anonymised data)

        
        

        Without this data, we will not be able to execute or maintain the insurance.

        to maintain it. Data processing is generally carried out at the request of your past or current employer and is required in accordance with Art. 6 para. 1 lit. B and lit. c GDPR for the purposes mentioned for the appropriate processing of the contract and for the mutual fulfilment of obligations arising from the contract or to fulfil a legal obligation. Data may also originate from other third parties or from publicly accessible sources.

        
        

        Your data will also be processed to fulfil legal obligations (Art. 6 para. 1 lit. c GDPR) or in the public interest (Art. 6 para. 1 lit. e GDPR), in particular to comply with legal and regulatory requirements (e.g. BPVG, AHV Act, Persons and Companies Act (PGR), or General Civil Code (ABGB)).

        In addition, your data will be processed to protect our legitimate interests or those of third parties (Art. 6 para. 1 lit. f GDPR) for specifically defined purposes. In doing so, we carry out a comprehensive balancing of interests to ensure that your interests are safeguarded.

        These are the following purposes and legitimate interests:

        
        

        • Ensuring IT security and IT operations

        • Creation of anonymised statistics

        • Assertion, exercise or defence of legal claims

        • Prevention and investigation of criminal offences in the context of the insurance relationship

        
        

        In addition, we may process personal data for the processing of which we have been given consent (Art. 6 para. 1 lit. a GDPR). We obtain this separately.

        
        

        You have the right to withdraw your consent at any time. However, the withdrawal of consent does not affect the lawfulness of the data processed until the withdrawal.

        
        We reserve the right to continue processing personal data collected for one of the above purposes for other purposes if this is compatible with the original purpose or is authorised or required by law (e.g. any reporting obligations).

        
        

     
     

2. Recipients or categories of recipients of the personal data

   
   

   Within our company, employees may only process your data if they need it to fulfil our contractual, legal and supervisory obligations and to protect legitimate interests. Third parties may also receive personal data for these purposes, including processors who are bound by data protection law through order processing contracts (Art. 4 No. 8 GDPR).

   These are service providers in the following areas:

   
   

   • IT services

     Your personal data will only be disclosed to third parties if this is necessary for the processing of the insurance. This includes, in particular, disclosure to the pension fund expert, the tax authorities, the courts, the supervisory authorities or other insurance companies for the purposes mentioned.

     
     

3. Transfer of personal data to third countries.

   
   

   Data will only be transferred to countries outside the European Economic Area (so-called third countries) within the framework of adequacy decisions of the European Commission or if this is necessary for the implementation of pre-contractual measures or fulfilment of a contract, if you have given us your express consent (e.g. in the context of special services), if this is necessary for important reasons of public interest or if this is required by law.

   
   

4. Duration of storage of personal data

   
   

   The personal data collected by us will generally be stored until the statutory retention period expires and then deleted, unless we deem longer storage to be necessary in accordance with Art. 6 para. 1 lit. c GDPR due to retention and documentation obligations under tax, company or supervisory law (in particular from BPVG, BPVV, PGR, AHVG or ABGB, as well as BVG and BVV) or you have consented to further storage in accordance with Art. 6 para. 1 lit. a GDPR. Further processing and storage may also take longer for reasons of preserving evidence, for example for the duration of the applicable statute of limitations.

   
   

5. Your data privacy rights

   
   

   As a data subject, you have the right to information about your personal data at any time, in particular its origin and recipient and the purpose of the data processing. You also have the right to rectification, objection, data transfer, restriction of processing or erasure of incorrect or inadmissibly processed data.

   
   If there are any changes to your personal data, please inform us accordingly.

   
   You also have the right to withdraw your consent to the use of your personal data at any time. The assertion of your right to information, deletion, correction and/or objection can be directed to the address stated in point 7 of this declaration.

   
   If you are of the opinion that the processing of your personal data by us violates the applicable data protection law or your data protection claims have been violated in any other way, you have the option of lodging a complaint with the competent supervisory authority. In Liechtenstein, the data protection authority is responsible for this.

6. Current version

   
   

   This privacy policy is currently valid and was last updated in October 2022.

   
   Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration. The current privacy policy can be accessed and printed out on our website at any time.

   
   

7. Data protection officer and data protection centre

        Contact details of the data protection officer:

         Rene Engstler

         E-Mail: datenschutz.presta@thyssenkrupp-automotive.com

        Contact details of the data protection authority responsible in Liechtenstein:

         Datenschutzstelle Liechtenstein, Städtle 38, Postfach, 9490 Vaduz, 

         Fürstentum Liechtenstein

         Telefon: +423 236 6090

         E-Mail: info.dss@llv.li

Website

1. Provision of the website

   
   

   Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.

   We store this information in accordance with legal regulations. The processing is carried out for reasons of data security in order to ensure the stability and operational security of our system. The legal basis is Art. 6 para. 1 lit. f GDPR.

   We ensure that the data collection is anonymised so that no personal evaluation takes place. It is not possible to draw conclusions about individual persons or to merge this data with other personal data sources. The data is not passed on to third parties.

   
   

2. Cookies

   
   

   We use cookies on our website to make our offering more user-friendly. Cookies are small files that your browser automatically creates and that are stored on your end device (computer, tablet, smartphone, etc.) when you visit our website. This allows us to recognise your browser the next time you visit. If you do not wish this to happen, you can set up your browser so that it informs you when cookies are set. However, we would like to point out that deactivating cookies will mean that you will not be able to use all the functions of our website. The legal basis for the data processed by cookies is Art. 6 para. 1 lit. f GDPR.

   Temporary cookies remain valid for the duration of the session and are then deleted by your browser. The permanent cookies remain in your browser according to your own specifications or until they are deleted manually.

3. Contact form/email

   
   

   If you fill out a contact form or send us an email or other electronic message, your details will only be stored for the purpose of processing the enquiry or related correspondence and will only be used in the context of the enquiry.

   The legal basis for processing your enquiry is Art. 6 para. 1 lit. b GDPR.

   
   

4. File downloads

We do not require any personal information from you in order for you to download files from our website.