Skip to content

Data protection and cookie policy

1. General information

Kommunalkredit Austria AG (“bank”) attaches great importance to protecting the personal data of its customers and website users. The Bank complies with the applicable legal provisions on the protection, lawful handling and confidentiality of personal data and on data security, in particular the Austrian Data Protection Act (“DSG”), the Austrian Telecommunications Act (“TKG”) and the EU General Data Protection Regulation (“GDPR “).

These Kommunalkredit AG data protection and cookie provisions (“data protection provisions”) inform users of the website about the collection, use, processing, scope and purposes of the use of their personal data by the bank when using this website.


2. Contact person and contact details

Responsible for data processing is

Kommunalkredit Austria AG
Türkenstraße 9 | 1090 Vienna | Austria
T +43 1 31631

The data protection officer can be contacted at

Türkenstraße 9 | 1090 Vienna | Austria
T +43 1 5334795-0


3. What is personal data?

Personal data is information about data subjects (in this specific case, website visitors) whose identity is determined or at least determinable (e.g. name, email address or IP address).


4. What data does the Bank collect from its visitors?

The bank collects and processes the following visitor data when the website is used:

  • IP address and IP location
  • Date and time of the user’s visit to the website
  • Number, duration and time of visits (the user’s interaction with the website)
  • Referrer URLs (the previously and subsequently visited website)
  • Search engines and keywords used by the website visitor to find the bank on the Internet
  • Browser type, screen size and operating system
  • If the web form is used to make contact or the option to book an event is utilised, the following additional data categories are processed: Name, contact details (e-mail address and telephone number) and other data entered by the user in the message field of the contact form

The Bank collects these log files (access data) automatically using a website analysis tool and cookies (see below for details).


5. Legal basis

If necessary, data processing may be carried out in favour of the bank or a third party as part of a balancing of interests to safeguard the legitimate interests of the bank or third parties (Art. 6 para. 1 lit. f GDPR). This is done for the following purposes:

5.1 We process your data as part of event management in connection with the organisation of and information about the (upcoming) event (“event”). The processing takes place in the context of the implementation of (pre-)contractual measures in accordance with Art. 6 para. 1 lit. b GDPR for (i) the organisation of the events and (ii) any necessary contact in connection with the selected event (e.g. reservation for registration).

5.2. Video and photo recordings may be made during the event, which may also record the participants. We use these recordings on the basis of our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR for (i) documentation and (ii) internal and external reporting on the event, including in the form of postings on our websites, social media channels or intranet.

5.3. If we cannot base the use of images on our legitimate interests, we will obtain separate consent from you for processing in accordance with Art. 6 para. 1 lit. a GDPR.

5.4. Before we process your data for purposes other than those described in this document, we will inform you separately.

The bank only collects and processes additional personal data with the user’s consent (e.g. to send information about the event by e-mail) and to the extent necessary for this purpose. The user can revoke such consent at any time with effect for the future, e.g. by sending an e-mail to


6. To whom may your data be passed on and from whom do we receive it?

6.1. If necessary, we will transfer your registration data to an external organiser and, if applicable, other third parties who support us in organising the event in order to ensure that the event runs smoothly.

6.2. We comply with legal and contractual obligations. To this end, we work together with external service providers (processors) and transfer your personal data to them to the extent necessary for the provision of services. Our processors include, in particular, IT service providers:

  • Software and service providers (provision of IT applications) for mail, as well as for administrative activities;
  • Data centres, IT operations and hosting;
  • Scan and print service providers;
  • Security service providers for the protection of physical security and data security;
  • IT service providers and IT support for the purpose of project management, definition of requirements, introduction, adaptation and development of software as well as support and maintenance of IT systems and the performance of ongoing IT activities (hotline, problem solving, interface support).

6.3. There are also legal obligations that we can only fulfil if we transfer your personal data to authorities or courts to the extent necessary.


7. Cookies and Google Analytics

Like most websites, the bank also uses cookies. These are small text files that a website places on the hard drive of the user’s device to make the website more convenient and to better understand the user’s behaviour based on their activities with the website.

The bank uses (i) functional cookies that are necessary for the operation of the website and (ii) cookies that collect statistical data on the use of the website so that the bank can improve its services and make them more user-friendly.

All cookies that are not personal and/or not required for the functional operation of the website are only set with the visitor’s consent. The visitor can therefore agree by clicking on the “Accept all” button or not give consent by clicking on “Only allow technically necessary cookies”. If consent is given, it can be revoked at any time with effect for the future, e.g. by sending an email to


The user can object to data processing by cookies on the Kommunalkredit website under ” Privacy policy”. Users can also change the options for storing cookies on their device at any time in their browser settings, deactivate cookies in general and delete existing cookies. However, if the user does not accept cookies, this may lead to functional restrictions on the website.

If you have consented to the use of cookies, we use the following cookie:

The website uses Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, ( ). The controller for users in the EU/EEA and Switzerland is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Cookies make it possible to analyse the use of the website, to create reports on website activities and to provide other services associated with the use of the website and the Internet. This data may also be used by Google to record the websites visited and to improve Google’s services.

We use Google Analytics with the extension “_anonymizeIp()”, so that the IP addresses transmitted to Google are only processed there in abbreviated form in order to exclude the possibility of direct personal references.

You can find more information on how Google Analytics handles user data in Google’s privacy policy:

Google’s cookies are stored for 2 years and then deleted.

The website also uses Google Tag Manager to record your user behaviour. Google Tag Manager is a tool that allows marketers to manage website tags via a user interface. The tool itself (which implements the tags) is a domain-free application and does not collect any personal data. However, it triggers other tags that may collect data. The Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, this deactivation remains in place for all tracking tags implemented via Google Tag Manager.

You can find more detailed information here:


8. How long will your data be stored?

As soon as we no longer need your personal data for the purposes described above, we will delete it, provided that no other statutory retention periods apply.

The data and log files collected when using the bank’s website are stored for a maximum period of one year after the event is held and then deleted. Google cookies (see point 7) are stored for 2 years and then deleted.


9. What rights do you have?

In accordance with Art. 12 ff GDPR, the user has the right to information, rectification, erasure, restriction of processing and data portability as well as the right to object. Users can also withdraw their consent at any time and without reason in order to prevent the further use of their personal data that was collected and used on the basis of a declaration of consent.

If the user has any questions in this regard or other questions, they can contact Kommunalkredit Austria AG, Türkenstraße 9, 1090 Vienna,, T +43 1 31631. The user also has the right to lodge a complaint with the Austrian Data Protection Authority (

real cookie banner

Real Cookie Banner

We use the “Real Cookie Banner” consent tool to manage the cookies and similar technologies used (tracking pixels, web beacons, etc.) and related consents. Details on how “Real Cookie Banner” works can be found at The legal basis for the processing of personal data in this context is Art. 6 para. 1 lit. c GDPR and Art. 6 para. 1 lit. f GDPR. Our legitimate interest is the management of the cookies and similar technologies used and the related consents. The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obliged to provide the personal data. If you do not provide the personal data, we will not be able to manage your consents.