List of active policies

Name Type User consent
Data privacy statement Privacy policy Guests


Data privacy statement SIH Finance Academy

Full policy

Data privacy statement SIH

Finance Academy


The Data Controller responsible for data processing is Schmid Industrieholding GmbH, A -2754 Wopfing, Friedrich
Schmidstraße 165. 

When visiting the website, data about the end device such as browser type/version, operating system used, referrer
URL (the previously visited page), host name of the accessing computer (IP address) as well as the time of the server
request and the requested URL are stored. We use this data for our legitimate interest accordance with GDPR Art. 6
para 1 only to optimise the appearance of the website and for evidence in case of its unlawful use and erase it, as
long as there is no legal basis for a longer storage period, after seven days. In addition, two functional cookies are
used that are necessary for the operation of the website.

The processing of the additional user data serves the sole purpose of handling staff training. The data will not be
published for any other purpose. The following data are processed:

  • Name
  • Password
  • E-mail address
  • Country
  • Logon language
  • Course registration and progress
  • Quiz status (start / result)

Depending on the type of training, the legal basis for voluntary participation (registration) is the consent of the
participants in accordance with GDPR Art 6 para. 1 lit a or, for training prescribed by the company, the legitimate
interest of the company in the targeted and complete training of the employees (GDPR Art 6 para. 1 lit f).
Furthermore, training courses held can be used as evidence of training activities.

Erasure of the data takes place after 3 years of inactivity of the employee. Thus, he has the possibility to refresh his
knowledge online at any time.

The data will not be forwarded to any third parties. An IT service provider was commissioned to offer the training
portal. A further transmission or transfer of the data does not take place, unless the issuance of data is necessary for
the establishment, exercise or defence of legal claims before a court or public authority.

We treat personal data with the utmost care and discretion. The regulations of the GDPR and local laws are of course
observed and ensured in particular through appropriate organisational and technical measures.

The processing described above is not required by law or contract. Profiling (creation of an overall picture of a
person for specific purposes) also does not take place.

The person concerned has at any time the right of access to information whether and which personal data is
processed. Furthermore, the person has a right to rectification, erasure, restriction of processing, data portability as
well as blocking of inaccurate or unlawfully processed data. Consent given can be revoked at any time without
affecting the lawfulness of the previous processing. If processing is based on our legitimate interest or the legitimate
interest of third parties, there is a right to object on grounds relating to your particular situation. Requests to this
effect should be sent to

Should anyone be of the opinion that the processing of their personal data by us violates the applicable data
protection law or that their data protection rights have been violated, they also have the option of complaining to
the Austrian Data Protection Authority (Barichgasse 40-42, 1030 Vienna, phone: +43 1 521 52-25 69, E-mail: