Privacy policy

The protection and security of your personal data is important to Coface Central Europe Holding GmbH. The use of our websites is basically possible without any disclosure of personal data. However, the use of services provided by Coface Central Europe Holding GmbH requires the processing of personal data. If such data processing is required and there is no legal basis for it, such as a contractual relationship with Coface Central Europe Holding GmbH, the consent of the data subject concerned is obtained in advance.
The processing of personal data, such as the name, address, e-mail address or telephone number of a data subject is exclusively in accordance with the General Data Protection Regulation (GDPR 2018) as well as in compliance with the applicable national data protection regulations. This privacy policy is intended to inform the public about the nature, scope and purpose of personal data collected, used and processed by Coface Central Europe Holding GmbH. This should provide information about the existing legal rights of the data subjects.


The Data Protection Policy of the Coface Central Europe Holding Ltd uses the terms used by the European regulators in adopting the General Data Protection Regulation (GDPR). In order to make our privacy policy easy to read and understand, we would like to briefly explain the most important terms.
1. Personal Data: All information that allows the identification of a living natural person without too much effort. Personal data includes, but is not limited to:
  • personal details such as name, date of birth, social security number, bank account details, next of kin, account details on social networks;
  • contact details such as address and telephone numbers;
  • employee personal file details such as employment contract terms, training, performance appraisals, promotions, development plans, behavioural and disciplinary details, work location, pay details, bank account details and tax number, and personal identification numbers such as social security number;
  • employment history/application details such as training and work background;
  • customer data (orders, address data, account data, etc.);
  • physical characteristics (gender, skin, hair and eye colour, stature, dress size, etc.).
2. Data Subject: Any identified or identifiable natural person whose personal data isprocessed by the Data Processor.
3. Data Controller: A natural or legal person, public authority, institution or other body that, alone or in concert with others, decides on the purposes and means of processing personal data.
4. Data Processor: A natural personor legal entity, public authority, institution or other body that processes personal data on behalf of the Data Controller.
5. Processing: The collection, use, recording, organisation, modification, disclosure, destruction or storage of personal data in any form. This can be done both manually and by using automated systems, such as information technology systems.
6. Profiling: Automated processing of personal data for the purpose of evaluating individual aspects of a natural person, to analyse or predict, for example, the performance, specific decisions or behaviour of this natural person.
7. Consent: Any statement of intent voluntarily given by the data subject in an informed and unambiguous manner in the form of a statement or other unambiguous confirmatory act by the data subject to indicate that he/she agrees to the processing of the personal data concerning him/her.


CofaceCentral Europe Holding GmbH
Marxergasse 4c
1030 Vienna
T.: +43/1/515 54-0
F.: +43/1/512 44 15
Email: office@cofacecentraleurope.com 
Web: www.cofacecentraleurope.com
Commercial register: FN 043204 k, Commercial Court Vienna
UID no. ATU 53953208
Chief Executive Officer:
Dorota Angotti


  1. 1. Fulfilment of contractual obligations (Art. 6 para. 1(b) GDPR)
Personal data is processed exclusively for the fulfilment of a contract with the Data Subject, the sending of invoices and information material relating to the contract.
  1. 2. Fulfilment of legal obligations (Art. 6 para. 1(c) GDPR)
It may also be necessary to process personal data for the fulfilment of various legal obligations.
  1. 3. Consent (Art 6.Para. 1(a) GDPR)
Processing of personal data may also be based on explicit consent. If this is the case, the processing is exclusively in accordance with the consent given and agreed goals. Consent can be withdrawn at any time with effect for the future. Such a revocation does not affect the legality of the data processing up to the revocation.
  1. 4. Protection of legitimate interests (Art. 6 para. 1(f) GDPR)
Should it be necessary, personal data may also be processed in the interest of Coface Central Europe Holding GmbH or a third party for the purpose of safeguarding the legitimate interests of Coface Central Europe Holding GmbH or the third party. This can be the case:
  • in the context of legal action,
  • measures to protect employees or customers of Coface Central Europe Holding GmbH.


Within Coface Central Europe Holding GmbH, personal data is only disclosed to agencies and employees who need this information to fulfil their contractual or legal obligations. Data is only disclosed to external data processors only if it is necessary for the fulfilment of contractual or legal obligations. In this case, all external data processors are contractually obligated to treat the data confidentially and to process it only within the scope of the contractually agreed obligations. It may be necessary to disclose data to public authorities if a legal obligation exists. No further data will be disclosed.


The persons concerned have the following rights:
1. Right to information
The Data Subject has the right to be informed about the purpose and the details of the data processing as well as about his rights.
2. Right to access
Every Data Subject has the right to receive at any time free information from the data controller on the personal data stored about him and receive a copy of this information. This applies in particular to the following information:
  • the processing purposes,
  • the categories of personal data being processed,
  • the recipients or categories of recipients to whom the personal data have been disclosed or will be disclosed, in particular to recipients in third countries or to international organisations,
  • if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining the duration,
  • the existence of a right to rectification or erasure of the personal data concerning him or of a restriction of the processing by the controller or of a right to object to such processing,
  • the existence of a right of appeal to a supervisory authority,
  • if the personal data isnot collected from the Data Subject: All available information on the source of the data,
  • the existence of automated decision-making including profiling under Article 22 (1) and (4) of the GDPR and - at least in these cases - meaningful information on the logic involved and the scope and intended impact of such processing on the Data Subject.
3. Right to rectification
Every Data Subject has the right to demand the immediate rectification of incorrect personal data. This right also includes the right to supplement any incomplete personal data.
4. Right to erasure
Every Data Subject has the right to have their personal data erased, provided one of the following reasons applies:
  • the personal data has been collected for such purposes, or otherwise processed, for which it is no longer necessary,
  • the Data Subject revokes the consent on which the processing was based in accordance with Article 6 (1) (a) GDPR or Article 9 (2) (a) GDPR and it now lacks any other legal basis for the processing,
  • the Data Subject submits an objection to the processing in accordance with Article 21 (1) GDPR, and there are no overriding legitimate reasons for the processing, or the Data Subject objects to the processing in accordance with Article 21 (2) GDPR,
  • the personal data wasprocessed unlawfully,
  • the erasure of personal data is necessary to fulfil a legal obligation under union or national law to which the controller is subject,
  • the personal data wascollected in relation to information society services offered in accordance with Article 8 (1) GDPR.
5. Right to restriction of processing
Every Data Subject has the right to obtain from the data controller restriction of processing where one of the following applies:
  • the accuracy of the personal data is contested by the Data Subject for a period of time that enables the controller to verify the accuracy of the personal data,
  • the processing is unlawful and the Data Subject opposes the erasureof the personal data and instead requests the restriction of itsuse,
  • the data controller no longer needs the personal data for the purposes of processing, but the Data Subject requires itfor the establishment, exercise or defence of legal claims,
  • the Data Subject has objected to the processing according to Article 21 para. 1 GDPR pending the verification whether the legitimate grounds of the data controller override those of the Data Subject.
6. Right to data portability
Every Data Subject has the right to have his data transmittedto other service providers on request. This must be done automatically or in a structured form.
7. Right to object
Every Data Subject has the right to object on grounds relating to his particular situation to the processing of his personal data which is based on point (e) or (f) of Article 6 (1) (e) or (f) GDPR at any time.
8. Right of revocation
Every Data Subject has the right to revoke his consent to the processing of his personal data. The revocation will not affect the legality of the processing up to that point.


This website uses cookies. A cookie is a small amount of data that is generated by a website and stored by your web browser. This is to store information about you, similar to a settings file of a software application. Cookies fulfil several functions. Some cookies are indispensable to provide our website and services. Cookies can be “permanent”, i.e. they remain on your computer after you leave the website, or they may be "session cookies" that are deleted after you close your internet browser. You can change your cookie settings in the browser settings. Please note that certain functions may then not work at all or not properly.


Coface Central Europe Holding GmbH processes and stores the personal data of the Data Subject only for the period required to achieve the purpose of storage or, if required by the European directives and regulators or any other legislator, in laws or regulations for which the controller was foreseen.
If the storage purpose lapses or if a storage period prescribed by the European directives and regulators or any other relevant legislator expires, the personal data will be routinely blocked or erased in accordance with the statutory provisions.


Coface Central Europe Holding GmbH uses the so-called social plugins of the social network twitter.com. 
The operating company of Twitter is Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.
Those websites of our internet presence that contain Twitter social plugins connect directly to the servers of Twitter through your browser when you open it. The information that is on the page of our internet offer that you accessed is transmitted to Twitter by the social plugin. If you are logged in to Twitter at this time, the accessing our pages and all of your interactions related to the social plugins (e.g. clicking the "Tweet" button) may be allocated to your Twitter profile and stored on Twitter. Even if you do not have a Twitter profile, it cannot be ruled out that Twitter stores your IP address.
Regarding the purpose and extent of the data collection as well as the processing and use of data by Twitter, we refer to the Twitter Privacy Policy. There you will also find an overview of the settings options in your personal Twitter profile for the protection of your privacy and related rights.
In order to prevent Twitter from collecting the above-mentioned information from your visit to our website, log out of Twitter before visiting our site.


Coface Central Europe Holding GmbH uses plugins of the Google-powered YouTube page.
The operating company is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
When you visit one of our YouTube plug-in-enabled sites, you will be connected to the servers of YouTube. In doing so, the YouTube server is told which of our web pages you have visited.
If you're logged into your YouTube account, you enable YouTube to allocate your browsing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.


Coface Central Europe Holding GmbH uses the functions of the LinkedIn network.
Provider is the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.
Every time you access one of our pages that contains LinkedIn functions, a connection is established to the LinkedIn servers. LinkedIn is informed that you have visited our website with your IP address. If you click LinkedIn’s “recommend button”and are logged in to your LinkedIn account, LinkedIn will be able to allocate your visit to our website to you and your user account. We would point out, that we as the provider of the pages have no knowledge of the content of the data transmitted or their use by LinkedIn.


Coface uses the Google Analytics service provided by Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA) to analyze users' website usage. The service uses “cookies”- text files stored on your computer. The information collected by the cookies is as a rule transmitted to a Google server in the US and stored there.
IP anonymization is activated on this website. The IP address of users is shortened within the member states of the EU and the European Economic Area. This shortening deletes the personal reference of your IP address. Under the terms of the agreement, which website operators have entered into with Google Inc., they use the information collected to evaluate website use and activity, and provide internet-related services.
You have the option to prevent the storage of cookies on your computer by making the appropriate settings in your browser. There is no guarantee that you will be able to access all the functions of this website if your browser does not allow cookies.
Furthermore, you can use a browser plug-in to prevent the information collected by cookies (including your IP address) from being sent to Google Inc. and used by Google Inc. The following link leads you to the corresponding plugin: https://tools.google.com/dlpage/gaoptout?hl=de
Here you can find further information on data use by Google Inc.: https://support.google.com/analytics/answer/6004245?hl=de