— Data protection information for customers and interested parties
Data protection information for customers and interested parties
according to Art. 13, 14 and 21 of the Data Protection Regulation DSGVO (GDPR)
Data protection is an important matter for us. In the following, we inform you how we process your data and what rights you are entitled to.
1. Who is responsible for data processing and whom can you contact?
Signite GmbH
Kiefernweg 3
74321 Bietigheim-Bissingen
Telephone: +49.151.2422.2022
E-mail: peter.klingler@signite-experts.com
2. Contact details of the data protection officer
Markus Geiger; datenschutz@mage-solutions.de
3. Processing purposes and legal basis
Your personal data will be processed in accordance with the provisions of the General Data Protection Regulation (DSGVO), the Federal Data Protection Act BDSG and other relevant data protection regulations. The processing and use of individual data depends on the agreed or requested service. Our contractual documents, forms, declarations of consent and other information provided to you (e.g. on the website or in the terms and conditions) provide further details and supplements on the purposes of processing.
3.1 Consent (Art. 6 para. 1 letter a DSGVO)
If you have given us consent to process personal data, the respective consent is the legal basis for the processing mentioned there. You can revoke your consent at any time with effect for the future.
3.2 Fulfilment of contractual obligations (Art. 6 para. 1 lit. b DSGVO)
We process your personal data for the performance of our contracts with you. Furthermore, your personal data is processed for the performance of measures and activities in the context of pre-contractual relations.
3.3 Fulfilment of legal obligations (Art. 6 para. 1 c DSGVO)
We process your personal data if this is necessary for the fulfilment of legal obligations (e.g. commercial, tax laws).
This includes identity and age verification, the fulfilment of control and reporting obligations under tax law and the archiving of data for data protection and data security purposes as well as for auditing by tax and other authorities. In addition, the disclosure of personal data may be necessary in the context of official/court measures for the purpose of gathering evidence, criminal prosecution or the enforcement of civil law claims.
3.4 Legitimate interest of us or third parties (Art. 6 para. 1 f DSGVO)
We may also use your personal data on the basis of a balance of interests to protect the legitimate interest of us or of third parties. This is done for the following purposes:
– for advertising or market research, if you have not objected to the use of your data.
– for the limited storage of your data if deletion is not possible or only possible with disproportionate effort due to the special nature of the storage.
– for the further development of services and products as well as existing systems and processes.
– for the disclosure of personal data in the context of due diligence, e.g. in the case of company sales.
– for the enrichment of our data by using or researching publicly available data.
– for statistical evaluations or for market analyses.
– for benchmarking.
– for the assertion of legal claims and defence in legal disputes which are not directly attributable to the contractual relationship.
– for internal and external investigations and/or security audits.
– for certifications of private law or official matters.
– for securing and exercising our house rights through appropriate measures (e.g. video surveillance).
4. Categories of personal data that we process
The following data are processed:
– Personal data (name, nationality, profession/industry and comparable data);
– Contact details (address, email address, telephone number and comparable data);
– customer history.
We also process personal data from public sources (e.g. internet, media, press, trade and association registers, civil registers, debtor registers, land registers).
If necessary for the provision of our services, we process personal data that we have lawfully received from third parties (e.g. address publishers, credit agencies).
5. Who receives your data?
We pass on your personal data within our company to the departments that need this data to fulfil contractual and legal obligations or to implement our legitimate interests.
In addition, the following departments may receive your data:
– Order processors used by us (Art. 28 DS-GVO), service providers for supporting activities and other responsible parties within the meaning of the DS-GVO, in particular in the area of.
(e.g. IT services, logistics and printing services, external data centres, support/maintenance of IT applications, archiving, document processing, call centre services, compliance services, controlling, data screening for anti-money laundering purposes, data validation or plausibility checks, data security services, etc.). -data validation or plausibility check, data destruction, purchasing/procurement, customer administration, lettershops, marketing, media technology, research, risk controlling, billing, telephony, website management, auditing services, credit institutions, printing services or companies for data disposal, courier services, logistics
– Public bodies and institutions in the event of a legal or official obligation, according to which we are obliged to provide information, report or pass on data or the passing on of data is in the public interest.
– bodies and institutions on the basis of our justified interest or the justified interest of the third party for the purposes stated in section 3.5 (e.g. to authorities, credit agencies, debt collection, lawyers, courts, experts, companies belonging to the group and committees and supervisory bodies);
– other bodies for which you have given us your consent to the transfer of data.
6. Transfer of your data to a third country or to an international organisation
Data is transferred to bodies in countries outside the European Union (EU) or the European Economic Area (EEA), so-called third countries, if it is necessary for the execution of an order/contract from or with you, if it is required by law (e.g. tax reporting obligations), if it is in the legitimate interest of us or a third party or if you have given us your consent.
The processing of your data in a third country may also be carried out in connection with the involvement of service providers within the framework of commissioned processing. If the EU Commission has not passed a resolution on an appropriate level of data protection for the country in question, we will ensure that your rights and freedoms are adequately protected and guaranteed in accordance with EU data protection regulations by means of corresponding contracts. We will provide you with detailed information on request.
7. How long do we store your data?
As far as necessary, we process your personal data for the duration of our business relationship, this also includes the initiation and execution of a contract.
In addition, we are subject to various storage and documentation obligations, which result from the German Commercial Code (HGB) and the German Fiscal Code (AO), among others. The retention and documentation periods specified there are up to ten years beyond the end of the business relationship or the pre-contractual legal relationship.
Ultimately, the storage period is also assessed according to the statutory limitation periods, which, for example, according to §§ 195 et seq. of the German Civil Code (BGB), are generally three years, but in certain cases can be as long as thirty years.
8. To what extent is there automated decision-making in individual cases (including profiling)?
We do not use any purely automated decision-making procedures in accordance with Article 22 of the GDPR. Should we use such procedures in individual cases, we will inform you of this separately, insofar as this is required by law.
9. Your data protection rights
You have the right to information pursuant to Article 15 of the Data Protection Regulation, the right to rectification pursuant to Article 16 of the Data Protection Regulation, the right to deletion pursuant to Article 17 of the Data Protection Regulation, the right to restriction of processing pursuant to Article 18 of the Data Protection Regulation and the right to data portability pursuant to Article 20 of the Data Protection Regulation. In addition, there is a right of appeal to a data protection supervisory authority (Art. 77 DSGVO). In principle, there is a right to object to the processing of personal data by us in accordance with Article 21 of the GDPR. However, this right of objection only applies in the case of very special circumstances of your personal situation, whereby rights of our company may possibly conflict with your right of objection. If you wish to exercise one of these rights, please contact our data protection officer (datenschutz@mage-solutions.de).
10. Scope of your obligations to provide us with your data
You only need to provide us with the data that is required for the establishment and implementation of a business relationship or for a pre-contractual relationship with us, or which we are legally obliged to collect. Without this data, we will generally not be able to conclude or execute the contract. This may also refer to data required later in the course of the business relationship. If we request additional data from you, you will be informed separately of the voluntary nature of the information.
11. Information about your right to object Art 21 DSGVO
You have the right to object at any time to the processing of your data which is carried out on the basis of Art. 6(1)(f) DSGVO (data processing on the basis of a balance of interests) or Art. 6(1)(e) DSGVO (data processing in the public interest), if there are grounds for doing so which arise from your particular situation. This also applies to profiling based on this provision within the meaning of Art. 4 No. 4 DSGVO.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.
We may also process your personal data for the purposes of direct marketing. If you do not wish to receive advertising, you have the right to object at any time. This also applies to profiling, insofar as it is connected with such direct advertising. We will observe this objection in the future.
We will no longer process your data for direct marketing purposes if you object to the processing for these purposes.
The objection can be made informally to the address listed under point 1.
12. Your right to complain to the competent supervisory authority
You have the right to lodge a complaint with the data protection supervisory authority (Art. 77 DSGVO). The supervisory authority responsible for us is:
The State Commissioner for Data Protection and Freedom of Information of Baden-Württemberg.
Lautenschlagerstraße 20
70173 Stuttgart / Germany
http://www.baden-wuerttemberg.datenschutz.de/