We deal with confidential, sometimes even sensitive information, on a daily basis in all our business areas. For that reason alone, Oesterreichische Kontrollbank Aktiengesellschaft (OeKB) is very concerned about handling data carefully. As such, we adhere strictly to the applicable laws on data protection. We will keep your personal data strictly confidential.

Content of the Privacy Policy

  1. General information
  2. Contact persons and details
  3. Identification and storage of personal data
  4. Use and disclosure of personal data
  5. Right to information, rectification, erasure or restriction of the processing of your stored data as well as to objection and to data portability
  6. Data security
  7. Cookies
  8. Logging e-mail traffic
  9. Social Media
  10. Updating this Privacy Policy

1. General information

We at Oesterreichische Kontrollbank Aktiengesellschaft (OeKB) are committed to handling your personal data with the utmost care during your visit to our website – from collecting to processing and storing it. Austrian and European laws on data protection form the basis for this.

This Privacy Policy applies only to the website of OeKB. Individual pages may refer to links of other providers within and outside the OeKB Group not covered by the privacy policy, i.e. we cannot assume any liability for the content therein or for how data is used and processed.

2. Contact persons and data

The following company is responsible for data processing:
Oesterreichische Kontrollbank Aktiengesellschaft (OeKB)
Am Hof 4
A-1010 Vienna
Telephone: +43 1 53 127 -0
Fax: +43 1 53127-5262
E-mail: info@oekb.at

The Data Protection Officer of OeKB is:
Harald Sommer
Strauchgasse 3
A-1010 Vienna
Telephone: +43 1 53 127-2366
E-mail: dataprotection@oekb.at

Information on data processing according to art. 13 and 14 DSGVO

Below you will also find information about the nature, extent and purpose of the collection and use of data when you visit our websites.

3. Identification and storage of personal data

For technical reasons, every time you access our website, your browser automatically transmits the data listed below to our web servers. Storage is solely for statistical and technical purposes, for example, to evaluate the frequency of page visits or to detect disruptions to server operations.
The following data is logged and evaluated:

  • IP address
  • browser type and version
  • operating system
  • device (PC, tablet or smartphone)
  • resolution of the computer
  • source (country and city)
  • language
  • page views
  • date, time and duration of the visit
  • bounce rate
  • traffic sources (social media, search engines or referring websites)
  • click or conversion rate
  • request (filename of the requested file)
  • Username and password (only for pages with login details, such as the Login-Portal or the General Terms and Conditions in Export Services procedures)
  • any content of forms

Additional personal data, such as name, home address, e-mail address, date of birth or business-related data, are only recorded if you indicate them yourself. For example, on our website you may indicate such information when making an online application, when using the feedback form, when registering for a newsletter, or when requesting the signature directory.

4. Use and disclosure of personal data

Personal data transmitted by you will only be used to handle your request, as part of the fulfilment of contracts concluded with you or for technical administration.

If you have consented to the processing of your personal data, processing will take place only in accordance with the purposes set out in the declaration of consent and to the extent agreed therein. As such, you will only receive advertising or e-mail newsletters from us on the basis of your consent here. You can revoke consent at any time, free of charge, with effect for the future: in electronic newsletters using the cancellation link provided, or via a written and telephone notification to all contact details listed.

Moreover, your data will be received only by those bodies or employees within OeKB who or which require it to fulfil contractual, legal and regulatory obligations and to serve legitimate interests. We also use selected processors for the technical and organisational implementation of our website. All processors will be placed under a corresponding contractual obligation to handle your personal data confidentially and only to process it within the framework of the provision of their service according to our instructions.

5. Right to information, rectification, erasure or restriction of the processing of your stored data as well as to objection and to data portability

You have a right to information, rectification, erasure or restriction of the processing of your stored data, a right to object to the processing and a right to data portability in accordance with the prerequisites of data protection law.

You can address any appeals to the Austrian Data Protection Authority.

6. Data Security

The security of your data in our systems is very important to us. Our goal is to manage your data with the utmost care and to take all necessary technical and organisational security measures to protect your personal data from loss and misuse.

Access to nearly all our websites is secured via HTTPS if your browser supports SSL. This means that communication between your device and our servers is encrypted. If you wish to contact us or our employees by e-mail, we would like to point out that the confidentiality of the information provided is not guaranteed. The content of e-mails may be viewed by third parties due to their technical design, unless special technical security measures are taken.

7. Cookies

a) General information on cookies

OeKB uses cookies for optimising your experience while you are on our website. Cookies are small text files that are stored on your device. Cookies help us to make our website and our offer more user-friendly and more effective. 

What cookies do we use

We use so-called session cookies, which will automatically be deleted from your device after you leave our website, and persistent cookies, which remain stored on the device for identification purposes. Persistent cookies are valid for a precisely defined period and will also be automatically deleted after its expiry.

In addition, we use so-called first-party cookies. Such cookies are generated by OeKB itself, as website operator, and stored on your device. Finally, we use third-party cookies, which are stored in your browser by a third-party provider.

The following kinds of cookies are used for our website:

  1. Technically required cookies
  2. Functionality cookies
  3. Performance cookies
  4. Personalisation cookies

Legal basis for cookie placement

Technically required cookies are stored on the basis of Art. 6 (1) (f) GDPR. As website operator, OeKB has a legitimate interest in storing cookies for the purpose of providing its services in a technically flawless and optimised manner. Functionality, performance and personalisation cookies are stored exclusively based on your consent under Art. 6 (1) (a) GDPR. 

The cookie settings for our website can be changed at any time via the privacy note in the footer on the bottom of the website or here.

In section 7 b, the various cookies that are used on our website and their purpose are described in greater detail.

You can configure your browser so that you will be informed about cookies to be placed and only admit them in individual instances, that you exclude the acceptance of cookies generally or in certain cases, and that you enable cookies to be automatically deleted when the browser is closed. Disabling cookies generally may restrict the functionality of this website.

The steps and measures required for this depend on the specific Internet browser you use. Use the links below for more information on how to proceed with standard browsers:

b) The following cookies are used on the OeKB website

1. Technically required cookies 

Technically required cookies help you use a website by allowing basic functions such as site navigation and access to secure areas of the website. Without such cookies, the website cannot function correctly. The use of such cookies is based on protecting our legitimate interests (Art. 6 (1) (f) GDPR), i.e. safeguarding operation, security and optimisation of our website.

The following technically required cookies are used on our website:

Provider Type Name Purpose Service life
OeKB First Party Cookie JSESSIONID Allows session Session Cookie
OeKB First Party Cookie TS0149ea30 Web Application Firewall Session Cookie
OeKB First Party Cookie acceptCookies Stores the settings chosen in the cookie banner Persistant Cookie
1 year

2. Functionality cookies

Functionality cookies allow a website to remember information that have an impact on the way a website is to behave or look. Examples include your preferred language or the region where you are. Functionality cookies are stored exclusively based on your consent under Art. 6 (1) (a) GDPR. 

The following functionality cookies are used on our website:

Provider Type Name Purpose Service life
OeKB First Party Cookie disclaimerCookie Stores the user’s acceptance of the terms and conditions of use in the sphere of Investor Relations Session Cookie

3. Performance Cookies

These cookies allow us to collect information on how our website is used, in order to subsequently improve its attractiveness, content and functionality. For instance, we will be informed about which contents raise particular interest or which subpages of our website are visited. Performance cookies are stored exclusively based on your consent under Art. 6 (1) (a) GDPR. 

The following performance cookies are used on our website:

Provider Type Name Purpose Service life
Google Third Party Cookie _ga Contains a unique, randomly generated ID; allows the identification of recurrent users and the merging of data from earlier visits Persistent Cookie
2 years
_gat Restricts specific data transmissions to Google Analytics Session Cookie
_gid Contains a unique, randomly generated ID; allows the identification of recurrent users and the merging of data from earlier visits Persistant Cookie
24 hours
gtm_auth Is used to forward data to the Google Tag Manager and thus indirectly allows specific traffic analyses Session Cookie
gtm_debug Is used to forward data to the Google Tag Manager and thus indirectly allows specific traffic analyses Session Cookie
gtm_preview Is used to forward data to the Google Tag Manager and thus indirectly allows specific traffic analyses Session Cookie

Below you find further information on the third-party cookies we use: 

3.1. Google Analytics

In order to analyse and improve the structure and navigation of our website and tailor them to your needs, we use the Google Analytics tool, a web analysis service provided by Google Ireland Limited, on our website. Google Analytics collects the information listed in item 3 relating to website navigation. Any data generated by these cookies on the use of this website will be forwarded to and stored on a Google server in the USA, in the context of using the Google Analytics web analysis service.

However, your IP address will immediately be truncated and thus anonymised, so that it can no longer be attributed to you, within the Member States of the European Union or in other countries that are signatories of the treaty on the European Economic Area. This means that personal data is neither collected nor analysed, nor linked to other such data. In order to allow continuous optimisation of the website, the anonymised data will initially be stored for 26 months and then deleted automatically.

By downloading and installing the Google-Browser-Add-on you can stop the data collected by the cookie and relating to your use of our website (including your IP address) from being stored and processed by Google Analytics. Thus, opt-out cookies can be set to prevent your data from being used by Google Analytics when you visit websites (including ours). In order to prevent data collection by Google Analytics across various devices, you need to choose this opt-out option on all systems you use. Click here to set an opt-out cookie: Disable Google Analytics

3.2. Google Data Studio

In addition, we use the “Google Data Studio” data management tool, a service provided by Google LLC (USA) to create user-defined visual reports and interactive dynamic dashboards. Such visualisation options allow us to optimise our offer and tailor it to our customers’ needs.

For this purpose, we use anonymised data from the sources of Google Analytics, Google Ads, Facebook and Linkedin (see below). Such data is accessed via a web browser, the data sources are linked directly via Google Data Studio. For further information on the use of Google Data Studio see here.

4. Personalisation cookies

We also use personalisation cookies on our website. Personalisation cookies are provided by external advertising companies and are used to determine the effectiveness of ad campaigns (conversions), to collect information about the websites visited by the user or to create target-group-specific advertising. Personalisation cookies are stored exclusively based on your consent under Art. 6 (1) (a) GDPR. 

The following personalisation cookies are used on our website:

Provider Type Name Purpose Service life
LinkedIn Third Party Cookie lidc Transmits the user’s routing through advertising services Persistent Cookie
24 hours
bcookie Browser ID cookie which allows log-in via LinkedIn and/or Follow function, advertising and targeting Persistent Cookie
2 years
bscookie ID cookie to identify secure browsers as well as for advertising and targeting Persistent Cookie
2 years
BizoID For ad analysis to distinguish users, allowing for personalised advertising Persistent Cookie
6 months
BizoData For ad analysis, allowing for personalised advertising Persistent Cookie
6 months
BizoUserMatchHistory Stores the last time cookie IDs were synchronised with authorised network partner companies, for the purpose of ad analysis; part of LinkedIn’s server-to-server data integration solution Persistant Cookie
6 months
BizoNetworkPartnerIndex For ad analysis, allowing for personalised advertising Persistent Cookie
6 months
L1c Browser ID cookie to follow the use of embedded services, advertising and targeting Session Cookie
Facebook Third Party Cookie _fbp For following the use of embedded services, thus allowing for personalised advertising Persistent Cookie
3 months
fr For following the use of embedded services, thus allowing for personalised advertising Persistent Cookie
3 months
Google Third Party Cookie _gcl For determining user actions in the context of ad campaigns (conversion tracking, ad analysis) Persistent Cookie
3 months
NID Browser settings (e.g. preferred language, SafeSearch filter) and browser ID in order to optimise and/or personalise advertising Persistent Cookie
6 months

Below you find further information on the third-party cookies we use:

4.1. Google Ads (Remarketing und Conversion Tracking)

We use the “Google Ads” online advertising program of Google LLC (Google).

We use the remarketing function within the Google Ads service. This function allows us to present on other websites within the Google Display Network (on Google itself, so-called “Google ads”, or on other websites) to all users of our website ads based on their interests. Therefore, interactions on our website are analysed, e.g. which offers the user was interested in, so that targeted ads can be displayed on other websites as well, even after the user has left our website. For this purpose, Google stores a cookie in the browsers of the users who visit specific Google services or websites within the Google Display Network. Their visits are recorded by this cookie. The cookie is used for identifying a particular web browser on a specific device and not for identifying an individual. This cookie becomes invalid after 30 days and does not contain any personal data. During a visit to our website, such data will be transferred – in an encrypted manner – to and stored on Google servers part of which may be located in the USA.

In addition, we use conversion tracking within the Google Ads service. Whenever you click on an ad published by Google, a cookie will be placed on your device. This cookie will become invalid after 30 days, does not contain any personal data and can therefore not be used for identifying individuals. Various values are measured and collected on a regular basis, among them the Unique Cookie ID (advertising ID), the number of ad impressions per placement, the last impression (post-view conversions), opt-out information and other conversion events.

Whenever you click on an ad published by Google, a cookie for conversion tracking will be placed on your computer. If you visit certain pages of our website and the cookie has not yet expired, Google and we can detect that you have clicked on the ad and have been redirected to this page. Every individual using Google AdWords will receive a different cookie. Thus, it will not be possible to track cookies of AdWords users across websites.

Based on anonymised analyses provided by Google it can be determined which ads are essential or effective for achieving the target. In the process, we do neither receive, collect or process personal data nor can we identify users based on this information.

Google is not going to link such data with personal data from your Google account unless you expressly allowed Google to do so. For more information on how Google processes data, see the following links:

Google is certified under the Privacy Shield agreement and thereby guarantees compliance with European data protection law: Google certification under the Privacy Shield agreement  

There are various ways to prevent the Google Ads cookies from being placed (as described above). On the one hand, you can use a Google plugin, which permanently disables such cookies in your browser (Chrome, Firefox or Internet Explorer): Call up Google-Plugin 

In order to disable the Google Ads cookie on our website, you may set the following opt-out cookie: Disable Google Ads cookie. This cookie will, however, be deleted whenever you delete your cookies.

You may also directly object to personalised advertising by Google. To do so, you need to call up the link www.google.de/settings/ads from every browser you use and choose the appropriate settings there. These settings will, however, be deleted whenever you delete your cookies.

4.2. LinkedIn Insight Tag

On our website, we use the “LinkedIn Insight Tag” based on web analysis technology of LinkedIn Ireland Unlimited Company (LinkedIn). This technology allows us to show you interest-specific and more relevant ads on LinkedIn (retargeting) after you have visited our website, although we will not be able to identify you as website visitor. In addition, LinkedIn allows us to create anonymised reports for the provision of ads, information on website interaction (conversion tracking) and on website target groups.

For this purpose, the LinkedIn Insight Tag generates a cookie in your web browser that allows us to collect data relating to your visits on our website, including URL, IP address, referrer URL, device and browser characteristics, page views and time of day. During a visit to our website, such data will be transferred to LinkedIn servers part of which may be located in the USA. According to LinkedIn, this information will be encrypted, pseudonymised within seven days and deleted within 90 days. LinkedIn does not share any personal data with us, but provides anonymised reports on website target groups and the provision of ads. LinkedIn may also transfer this information to third parties where required to do so by law or where such third parties process such information on behalf of LinkedIn.

For further information on data collection and data use by LinkedIn as well as the options and rights relating to the protection of your privacy, please refer to the LinkedIn privacy note.

LinkedIn is certified under the Privacy Shield agreement and thereby guarantees compliance with European data protection law: LinkedIn certification under the Privacy Shield agreement  

As a member of LinkedIn, you can disable data collection in your account settings at any time using this link. These settings apply to all your devices, both stationary and mobile.

In order to disable the LinkedIn tag on our website, you may set the following opt-out cookie: Disable LinkedIn tag. This cookie will, however, be deleted whenever you delete your cookies.

4.3. Facebook Custom Audiences (Facebook Pixel)

On our website, we use “Custom Audiences” based on web analysis technology of Facebook Inc. (Facebook). This technology allows us to show you interest-specific and more relevant ads on Facebook (retargeting) after you have visited our website, although we will not be able to identify you as website visitor.

In addition, Facebook offers us anonymised reports for the provision of ads, on website interaction (conversion tracking) and on target groups, so that we are able to analyse the effectiveness of Facebook ads for statistical purposes and optimise future advertising measures, if required. For this purpose, Facebook will generate a cookie (Facebook Pixel) in your web browser. Via this cookie, a direct link to Facebook servers will be established when you visit our website. Information will be transferred as to whether you clicked on one of our ads and/or which of your web pages you visited. If you are registered with Facebook services, Facebook will be able to match the visit with your user account. 

Facebook will process your data within the scope of Facebook’s Data Policy. For further information on the collection and use of data by Facebook, please refer to Facebook’s Data Policy and the privacy note of Facebook.

Facebook is certified under the Privacy Shield agreement and thereby guarantees compliance with European data protection law: Facebook certification under the Privacy Shield agreement  

As a member of Facebook, you can disable data collection in your account settings at any time using using this link. These settings apply to all your devices, both stationary and mobile.

In order to disable Facebook Custom Audiences on our website, you may set the following opt-out cookie: Disable Facebook Pixel. This cookie will, however, be deleted whenever you delete your cookies.

8. Logging of e-mail traffic

To ensure an appropriate level of information and system security and to detect malicious software, we store log data of e-mail traffic. When you send an e-mail to one of our addresses, the following information is logged: e-mail and IP addresses of the recipient and the sender, number of recipients, subject, date and time of receipt at the server, file name of any attachments, message size, risk classification for spam and delivery status. E-mails are checked purely automatically in the first step. Individual e-mails are manually checked by responsible persons only in the event of a suspected threat to the security of the IT systems.

In addition, we process your personal data in connection with e-mails, as far as necessary, for the duration of the entire business initiation phase and beyond in accordance with statutory retention and documentation obligations.    

9. Social Media

We integrate the services of various social networks in our website through social media plug-ins and iFrames. These comprise Facebook, LinkedIn, XING, Twitter and YouTube.

We prevent the transmission of data to these services as far as possible. Only when you click on the symbol of a service and actively call it up, your IP address and cookies, among other things, are transmitted and the service receives the information that you have visited our website with your IP address. If you are actively logged in to one of the social media networks, this information will be assigned to your user account. Please note that we ourselves neither have a secure knowledge of nor influence over how and which data reaches the respective services. By activating and using a social media plug-in, you consent to the transfer of personal data to the selected service.

For the latest information on the nature, purpose, extent, use and protection of your data through these networks and their associated rights, please refer to the privacy policy of the selected service provider. According to our information, these are as follows. We assume no responsibility for the completeness and accuracy of this information:

10. Update of this Privacy Policy

We reserve the right to amend this privacy policy as necessary to reflect technical developments and legal changes or to update it in connection with the offer of new services or products.