Data Privacy Statement (GDPR)
This aim of this privacy notice is to inform you of the purposes for which Breitfeld & Schliekert GmbH, Max-Planck-Straße 30, 61184 Karben, Germany (hereinafter referred to as "we" or "us") processes your personal data. Personal data includes all information pertaining to you. The following information is intended to help you understand the processing of your personal data and to thus ensure transparency.
We handle the following personal data
Since your personal data must be processed for the purposes specified above in fulfillment of the existing business relationship between you and us or to take steps prior to entering into a contract, the legal basis for this processing is generally Article 6 (1b) GDPR. We may also have a legitimate interest in conducting promotional activities or marketing campaigns based on Article 6 (1f) GDPR, provided that no consent is required from you for these purposes.
The legal bases for potential compliance activities are Article 6 (1c) and Article 6 (1f) GDPR since processing of the respective personal data may be required for our legitimate interests. Such legitimate interests include having relevant violations reported to us and having compliance with applicable laws analyzed.
If we transmit your personal data to other companies in our group as our group-wide IT service provider and this is not carried out as part of order processing, the legal basis for such transfers is once again Article 6 (1f) GDPR. In this regard, we have a legitimate interest in (i) a centralized, global IT approach with harmonized processes and (ii) cost reductions resulting from the operation of centralized IT.
Article 6 (1c) may also be used as a legal basis if we need to process your personal data for compliance with a legal obligation.
If none of the legal bases specified above applies, we process your personal data only if you have given us your consent to do so.
No automatic decision-making is carried out based solely on automated processing – including profiling – that produces legal effects or similarly significantly affects you.
We generally retain your personal data as long as we have a business relationship with you. After the business relationship has ended, your data is generally saved for another 10 years unless contradicted by statutory record retention periods or you request that we delete it.
We transmit your personal data only to bodies that require your data to perform our tasks. Service providers may be required to support us with this. It may also be necessary to transmit your data to other units within our group of enterprises. In doing so, we comply with privacy regulations. In particular, your personal data may be transmitted to the following recipients:
The recipients specified above may be located in a non-EU country. This country may not have an adequate level of data protection as compared to the level of data protection inside the European Union. This means that the privacy laws in the country to which we transmit your data may not offer the same protection as in Germany. Your data is generally transmitted to third countries without adequate levels of data protection pursuant to what are known as the EU standard contractual clauses. You can obtain a copy of these protective measures at the following website: https://eur-lex.europa.eu/legal-content/en/TXT/?uri=CELEX%3A32010D0087.
Under the provisions of the EU General Data Protection Regulation, you may exercise the following rights vis-à-vis us:
In order to exercise one of your rights listed above or to contact our data protection officer, please email: email@example.com. If you believe we are unlawfully processing your personal data, please also contact us at: firstname.lastname@example.org.
You also have the right to contact the data protection supervisory authorities. The competent supervisory authority is:
The Hessian Commissioner for Data Protection and Freedom of Information
65021 Wiesbaden, Germany
Phone: +49 611 1408 - 0
Fax: +49 611 1408 - 611
Right of modification
We reserve the right to modify this Data Privacy Statement at any time in compliance with the legal regulations. This may be necessary, for example, to comply with new legislation or in the case of new services.
Version: June 2018