top of page

We attach great importance to

DATA PROTECTION

Data protection notice

This website is operated by ASPEON Partners GmbH, hereinafter referred to as 'ASPEON'. ASPEON takes data protection very seriously and takes appropriate technical and organizational measures to meet the requirements of the EU General Data Protection Regulation (GDPR).


This Privacy Policy describes how we, as a data controller, process your personal data, whether when you use our website or otherwise in our interactions with you. The Privacy Policy applies when you use our website for personal or professional purposes. It also applies if we process your data because of your position as an employee of, or other connection to, a company, government agency or other organization with which Alpinuum is affiliated. This connection may be in some way related to our search for an acquisition of an SME in the DACH region, such as your investment and/or participation in one of our search and/or acquisition vehicles or your provision of services to us or companies we are interested in acquiring.

​ASPEON is an Austrian limited liability company and may be composed of various legal entities. This Privacy Policy is issued on behalf of ASPEON, but it contains information about our interaction with investors, partners and other related persons or companies and companies in which we invest. If you would like more information about ASPEON or our investors, partners and other related persons or companies, you can contact us using the contact details below.

Which data we process

When you visit this website, the following data is collected:

  • the date and time of access to a page on our website;

  • Your IP address;

  • Name and version of your web browser; and

  • certain cookies (see section 2 below)


Together, this is connection data. There is no obligation to disclose the information we ask you to provide on our website. However, if you choose not to disclose your information, you may not be able to use all of the website's features.

When we interact with you in your capacity as an employee or consultant, investor, candidate, investor, business owner, partner or affiliate or individual, we may also collect the following information, either from you directly or from a third party:

  • Information for identity verification, such as copies of your identity card, passport, social security number, tax number, employment details and nationality;

  • Contact information, such as your email address, postal address and telephone number;

  • Information about your identity, such as your name, date of birth, personal characteristics, marital status, gender, physical or personal characteristics, academic details and your family;

  • Financial data, such as information about your insurance, card details; and

  • Connection data as described above.


In certain cases, we may process so-called special category personal data based on our relationship with you, including in the course of identity verification or in the course of your engagement, employment, investment or partnership by/with us or any of our companies. This may include information about your ethnic origin, biometric or health data, or information about criminal convictions and breaches of laws, codes or regulations. Some of this data may also reveal information about your sex life or orientation, philosophical or religious beliefs, or genetic information, although we do not intentionally collect this information. We do not collect, process or store any data that we do not need to carry out our business. You can find more information about our reasons for processing below.

Cookies

This website uses so-called cookies. A cookie is a small piece of information that can be stored on your computer when you visit a website. In principle, cookies are used to offer users additional functions on a website. For example, they can be used to make it easier for you to navigate a website, to allow you to continue using a website where you left it and/or to save your preferences and settings when you return to the website. Cookies cannot access, read or modify other data on your computer.

Most cookies on this website are so-called session cookies. They are automatically deleted when you leave our website. Permanent cookies, on the other hand, remain on your computer until you manually delete them in your browser. We use such permanent cookies to recognize you the next time you visit our website.

If you want to control the cookies on your computer, you can set your browser to alert you when a website wants to store cookies. You can also block or delete cookies if they are already stored on your computer. If you want to know more about these steps, please use the "Help" function in your browser.

Please note that blocking or deleting cookies may impact your online experience and prevent you from fully using this website.

Purposes of processing and legal basis

When you use our website

When you use our website, we process your data for the following purposes:

  • to make this website available to you and to further improve and develop this website;

  • to be able to create usage statistics;

  • to detect, prevent and investigate attacks on this website; and

  • to answer your inquiries.


We carry out these processes on the basis of our legitimate interest. This is our interest in the success of our company and in the use and analysis of our website in order to promote the success of our company.


Employees, consultants, candidates, investors, partners
If you are an employee, consultant, candidate, investor or partner, we may use your information (i) to perform a contract with you or take steps at your request before entering into a contract with you; (ii) to comply with our legal obligations (for example, our obligations to tax authorities, employment agencies, trade bodies and regulators or if we are required to do so by a court, for example during legal proceedings); and (iii) for our legitimate interests.


Our legitimate interests in such processing include our ability to run our business, keep our records up to date, ensure that our investors and partners are satisfied, provide administrative and IT services, ensure network security and grow our business.

The processes that fall under the aforementioned legal bases are:

  • Recruitment processes, disciplinary rules, payroll, incident management, training and appraisals as well as contract negotiations;

  • internal and external commercial communications, including guidelines, e.g. for the development of and compliance with safety regulations, stakeholder management and media relations

  • logistics, due diligence and management of contracts and assets; and

  • Security measures such as anti-fraud, anti-money laundering, loss prevention and physical security of assets, security and technical support services.


If we use data in marketing communication, this is only first name and surname.
 
Investors and partners, professional advisors, board members and other service providers

If you are an investor or partner or an employee, director or consultant working for or with an investor, partner or one of our companies, we may use your personal data (i) to perform a contract with you or take steps at your request before entering into a contract with you; to comply with our legal obligations (such as our obligations to financial and other public bodies and authorities and to regulators or if we are required to do so by a court, for example during legal proceedings); and (iii) to pursue our legitimate interests. You may also act for us in your professional capacity or otherwise provide a service to us. In this case, the same legal bases for processing apply.

 
Our legitimate interests in processing as described above include running our business, arranging investments (including due diligence), managing assets, ensuring the satisfaction of investors, partners and board members, updating records, growing our business and ensuring compliance with laws and regulations.

 The processes that fall under the aforementioned legal bases are:

  • Identification of investment opportunities, brokering of investments and acquisition of assets;

  • Contract negotiations, logistics, due diligence, incident management, insurance compliance and other asset management activities;

  • Security and technical support, information security and compliance; and

  • internal and external communications, including managing relationships with stakeholders and the media.

 

If we use data in marketing communication, this is only first name and surname.

Special category data

If we have access to your special category personal data, we will only use it: (i) to the extent necessary for the performance of our duties in the field of employment and social security law and social protection, where we are authorized to do so by EU or Member State law or by other collective agreements providing for adequate safeguards; (ii) where necessary to protect the vital interests of an individual in specific circumstances; (iii) where such data is manifestly made public by you; (iv) where necessary for the establishment, exercise or defense of legal claims; or (v) where necessary for the purposes of prevention or occupational health care.

Consent

As a rule, we will not process data solely on the basis of your consent. However, if we do so, you usually have the right to request that we stop this processing. Please note that in such a case we may not be able to fulfill our part of the relationship with you.

Recipient of the data

We, ASPEON, may share your data with our investors, partners, employees and service providers. We may also share your data with the following categories of recipients for the purposes set out in Section 3:

  • ASPEON employees, interns and partners;

  • ASPEON's external processors such as consultants, investors and service providers acting as sub-processors; and

  • Authorities (if required for legal reasons).

  

Some of the above recipients are based outside the EU. However, we only pass on your data:

  • to recipients in countries that offer an adequate level of data protection according to a decision of the European Commission;

  • where we have taken steps to ensure that the recipients provide an adequate level of data protection. In such a case, we may, for example, use standard contractual clauses on data protection approved by the European Commission; or

  • to recipients in the USA who are certified in accordance with the EU-US Privacy Shield Framework approved by the European Commission.

 

For more information on how you can obtain a copy of the safeguards in place to protect your data, please contact us using our contact details in section 8 below.

Storage of data

We will only keep your data for as long as we need it, whether for our legitimate interests (as set out above), as required by applicable law or legal requirements, to perform a contract or provide a service at your request. After that, we will take steps to delete your data or keep it in a form that no longer identifies you.

Data security

We have taken measures to prevent your data from being lost or used or altered in an unauthorized way. We also ensure that we do not share your data with our affiliates or third parties unless we have a legal basis to do so, as set out in section 3 above.

Your rights under the GDPR

You have the right to request from ASPEON access to, rectification or erasure of your data or restriction of processing of your data, as well as the right to data portability. In addition, under certain circumstances, you may object to the processing of your data. If we have asked for your consent, you can withdraw it at any time. If you ask to withdraw your consent for ASPEON to process your data, this will not affect the processing that was already lawful at the time, but may prevent us from providing services to you if we cannot do so without your data. We will inform you if this is the case when you withdraw your consent.

Contact details

If you have any comments or questions about this Privacy Policy or our processing of your data, please contact: info@aspeon.at. Data protection officer: Stephan Pöll

Status: March 25, 2024

bottom of page