DATA PROTECTION INFORMATION FOR CUSTOMERS AND INTERESTED PARTIES
according to Art. 13, 14 and 21 of the General Data Protection Regulation (GDPR)
Data protection is an important matter to us. Below we inform you how we process your data and what rights you are entitled to.
1. WHO IS RESPONISBLE FOR THE DATA PROCESSING AND WHOM CAN YOU CONTACT?
J.H. Ziegler GmbH
Fabrikstraße 2
77855 Achern-Oberachern
Telephone +49 7841 2027-0
Fax +49 7841 2027-900
e-mail: datenschutz@ziegler.eu
Internet: www.ziegler.eu
2. CONTACT DETAILS OF THE DATA CONTROLLER
Christoph Boser
Tel. no.: +49 7841/2027 – 0
e-mail: datenschutz@ziegler.eu
3. PURPOSES OF THE PROCESSING AND LEGAL BASIS
Your personal data are processed according to the provisions of the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and other relevant data protection regulations. The processing and utilisation of the individual data depends on the agreed or requested service.
3.1 CONSENT (ART. 6 (1) (A) GDPR)
If you have given us consent to process personal data, the respective consent is the legal basis for the processing mentioned therein. You can withdraw consents at any time with effect for the future.
3.2 PERFORMANCE OF CONTRACTUAL OBLIGATION (ART. 6 (1) (B) GDPR)
We process your personal data to carry out our contracts and agreements with you. Furthermore, your personal data are processed to carry out measures and actions as part of the pre-contractual relationships.
3.3 COMPLIANCE WITH LEGAL OBLIGATIONS (ART. 6 (1) (B) GDPR)
We process your personal data if this is necessary to comply with legal obligations (e.g. commercial, tax laws). Furthermore we process your data where necessary to comply with inspection and reporting duties under tax law as well as to archive data for the purposes of data protection and data security as well as the audit by tax or other authorities. Over and above this, it may be necessary to disclose personal data as part of official/judicial measures for the purposes of taking evidence, enforcing the law or asserting claims under civil law.
3.4 LEGITIMATE INTEREST PURSUED BY US OR THIRD PARTIES (ART. 6 (1) (F) GDPR)
We can also use your personal data based on weighing up interests to preserve the legitimate interest pursued by us or third parties. This is done for the following purposes:
verifying and optimising procedures for needs analysis and direct customer contact.
for advertising or market research, if you have not objected to the use of your data.
for the limited storage of your data, if erasure is not possible or only with an unreasonably high effort due to the special type of storage.
for the further development of services and products as well as existing systems and processes.
for statistical evaluations or for market analyses.
for internal and external investigations and/or security checks.
for the certification of official matters or those under private law.
4. CATEGORIES OF PERSONAL DATA THAT ARE PROCESSED BY US
The following data are processed:
Personal data (name, date of birth, profession/industry and comparable data)
Contact data (address, email address, telephone number and comparable data)
Customer history
We also process personal data from public sources (e.g. Internet, media, press)
5. WHO RECEIVES YOUR DATA?
We pass on your personal data within our company to the areas that need these data to comply with contractual and statutory obligations or to implement our legitimate interest.
Furthermore, the following bodies may be given your data:
processors used by us (Art. 28 GDPR), service providers for supporting activities and other responsible bodies according to the GDPR, particularly in the areas of IT services, logistics, courier services, printing services, external computer centres, support/maintenance of IT applications, archiving, document processing, accounting and controlling, data destruction, purchasing/procurement, customer administration, letter shops, marketing, telephony, website management, tax consultancy, auditing service, banks
public bodies and institutions where there is a legal or official obligation, by which we are obliged to provide information about, report or forward data
other bodies, for which you have given us your consent to transmit data.
6. TRANSMISSION OF YOUR DATA TO A THIRD COUNTRY OR AN INTERNATIONAL ORGANISATION
Data processing takes place outside the EU or the EEA.
7. HOW LONG DO WE STORE YOUR DATA?
As far as necessary, we process your personal data for the duration of our business relationship, which also covers the initiation and winding-up of a contract.
Over and above this, we are subject to various retention and documentation obligations resulting from the German Commercial Code (HGB) and the German Fiscal Code (AO) among others. The periods specified there for retention and documentation purposes are up to ten years beyond the end of the business relationship or the pre-contractual legal relationship.
Finally, the storage period is also judged on the statutory limitation periods, which, for example, according to Sections 195 et seq. of the Civil Code (BGB), can be three years as a rule, but in certain cases also up to thirty years.
8. TO WHAT EXTENT IS THERE AN AUTOMATED INDIVIDUAL DECISION-MAKING PROCESS?
No purely automated decision-making procedure in accordance with Article 22 GDPR is used by us. Should we use this procedure in individual cases, we will advise you separately about this, if this is prescribed by law.
9. YOUR DATA PROTECTION RIGHTS
You have the right to access according to Art. 15 GDPR, the right to correction according to Art. 16 GDPR, the right to erasure according to Art. 17 GDPR, the right to restriction of processing according to Art. 18 GDPR and the right to data portability from Art. 20 GDPR. Furthermore, there is a right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR). As a matter of principle, according to Article 21 GDPR there is the right to object to the processing of personal data by us. This right to object only applies, however, if there are special circumstances regarding your personal situation, whereby rights of our company may possibly be opposed to your right to object. If you want to enforce one of these rights, please contact our data protection officer (datenschutz@ziegler.eu)
10. EXTENT OF YOUR OBLIGATIONS TO PROVIDE US WITH YOUR DATA
You only need to provide those data which are required to start and carry out a business relationship or for a pre-contractual relationship with us, or which we are legally obliged to collect. Without these data, we will not be able, as a rule, to enter into or execute the contract. This may also relate to data later required as part of the business relationship. If we ask you for data over and above this, the voluntary nature of the information will be pointed out to you separately.
11. INFORMATION ABOUT YOUR RIGHT TO OBJECT, ART. 21 GDPR
You have the right at any time to lodge an objection to the processing of your data, which is done based on Art. 6 (1 f) GDPR (data processing based on a weighing up of interests) or Art. 6 (1 e) GDPR (data processing in the public interest), if there are reasons for this resulting from your particular situation. This also applies to profiling based on this provision in accordance with Art. 4 (4) GDPR.
If you lodge an objection, we will no longer process your personal data, unless we can demonstrate compelling reasons worth of protection for the processing that override your interests, rights and freedoms, or the processing is used to enforce, exercise or defend legal claims. We also process your personal data where applicable to carry out direct advertising. If you do not want to receive any advertising, you have the right to object to this at any time. We will observe this objection for the future.
We will no longer process your data for purposes of direct advertising if you object to the processing for these purposes. This objection can be made informally to the address listed under Section 1.
12. YOUR RIGHT TO COMPLAIN TO THE RESPONSIBLE SUPERVISORY AUTHORITY
You have the right to lodge a complaint with the data protection supervisory authority (Art. 77 GDPR).
The supervisory authority responsible for us is:
Data protection and freedom of information officer for the state of Baden-Württemberg
Königstrasse 10 a
70173 Stuttgart
Phone: 0711/615541-0
poststelle@lfdi.bwl.de
Additional information:
J.H. Ziegler uses products and services for analysis and marketing purposes, which are provided by Visable GmbH (www.visable.com) in cooperation with them. To that end, pixel-code technology is used to collect, process and store data in order to create at least pseudonymised, but where possible and sensible, completely anonymous user profiles. Data collected, which may initially still include personal data, is transmitted to Visable or is collected directly by Visable and is used to create the aforementioned user profiles there. Visitors to this website are not personally identified and no other personal data is merged with the user profiles. If IP addresses are identified as personal, they are immediately deleted. You can object to the processing operations described with future effect at any time: