• Unterfeldstrasse 7, D-86842 Türkheim
Contact

Art. 12 GDPR Transparent information

We are aware of the importance of the personal data you entrust to us. We consider it one of our most important tasks to ensure the confidentiality of your data.

In accordance with the General Data Protection Regulation (GDPR), we would like to fulfill our duty to provide information when collecting personal data and inform you transparently about the type, scope, and purpose of the personal data we collect, as well as explain your rights.

Contact details of the data controller

The controller within the meaning of the General Data Protection Regulation is:

SD GmbH Klaus Hirsch
Unterfeldstraße 7
D-86842 Türkheim/Irsingen
Phone: +49 8245 96750-0
E-Mail: alexandra.rosenberg@sdhirsch.de

The following person has been appointed as data protection officer:
Mr. Stephan Hartinger
Coseco GmbH
Phone: +49 (0) 8232 80988 70
E-Mail: datenschutz@coseco.de

What sources are used to collect personal data?

We process personal data that we receive directly from our customers in the course of our business relationship. We also process personal data that we have received from other companies, e.g., for the execution of orders, the fulfillment of contracts, or on the basis of your consent.

Personal data relevant to us may include:

  • The company

  • First name

  • Last name

  • Street

  • Postal code / City

  • E-Mail

  • Phone

In addition, it may be necessary to collect the date of birth in the context of funded projects.

2.1 New customer acquisition

For the purpose of customer acquisition, we process personal data that we have obtained from publicly accessible sources (e.g., commercial and association registers, press, media, Internet) in a permissible manner and are permitted to process.

2.2 Customer contact information

During the business initiation phase and throughout the business relationship, particularly through personal, telephone, or written contact initiated by you or one of our employees, additional personal data is generated, e.g., information about the contact channel, date, occasion, and outcome; (electronic) copies of correspondence; and information about participation in direct marketing measures.

2.3 Trade fairs/events

During trade fairs/events, we collect data (salutation, title, surname, first name, company, street, postal code, city, email address, industry information if applicable), which we use for the purpose agreed with you individually.

2.4 Credit report

Business creditworthiness documents: income/surplus statements, balance sheets, business analysis, type and duration of self-employment.

3. What is your data processed for (purposes) and on what legal basis?

We process the aforementioned personal data in accordance with the provisions of the EU General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG):

  • When processing personal data for which we obtain the consent of the data subject, Art. 6 (1) (a) GDPR serves as the legal basis.

  • When processing personal data that is necessary for the performance of a contract to which the data subject is party, Article 6(1)(b) GDPR serves as the legal basis. This provision also covers processing operations that are necessary for the implementation of pre-contractual measures.

  • Insofar as the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 (1) lit. c) GDPR serves as the legal basis.

  • If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights, and freedoms of the data subject do not outweigh the former interest, Art. 6 para. 1 lit. f) GDPR serves as the legal basis for processing. The legitimate interest of our company lies in the performance of our business activities.

4. Disclosure of data to third parties

Within our company, only those persons and departments who need your personal data to fulfill our contractual and legal obligations will receive it.

We transfer data to third parties if we need it to fulfill a contractual obligation.

In addition, we transfer data to third parties if there is a legal obligation to do so. This is the case when government agencies (e.g., authorities and offices) request information in writing, a court order has been issued, or a legal basis permits the transfer.

Further transfer to third parties may take place within the framework of the contractual relationship to the respective dealers worldwide.

5. Transfer of data to third countries

Option 1
Personal data will not be transferred to so-called third countries outside the EU/EEA area.

Option 2
We transfer personal data to service providers or companies within our group of companies outside the European Economic Area in the following countries:

[…]
[…]

The level of data protection is guaranteed as follows:

  • […] e.g. confirmation of adequate data protection by the EU Commission

  • […] e.g. EU standard contractual clauses

  • […] e.g. binding internal company data protection regulations

6. Data storage period / deletion periods

We process and store your personal data for as long as it is necessary to fulfill our contractual obligations and for all other purposes mentioned in section 3, or as required by the retention periods stipulated by law.

If the data is no longer required for the fulfillment of contractual or legal obligations, it will be blocked or deleted on a regular basis in accordance with the statutory provisions for further processing.

7. Data protection rights of the data subject

If you have any questions about your personal data, you can contact us in writing at any time.

According to the GDPR, you have the following rights:

  • The right to information (sub-section Art. 15 GDPR)

  • The right to rectification (Art. 16 GDPR)

  • The right to erasure (Art. 17 GDPR)

  • The right to restriction (Art. 18 GDPR)

  • The right to data portability (Art. 20 GDPR)

  • The right to object (Art. 21 GDPR)

  • Right to lodge a complaint with the data protection supervisory authority (Art. 77 GDPR in conjunction with § 19 BDSG)

  • Right to withdraw consent under data protection law (Art. 7(3) GDPR)

8. Legal or contractual requirements for the provision of personal data and possible consequences of failure to provide such data

We hereby point out that the provision of personal data is required by law in certain cases (e.g., tax regulations) or may result from a contractual provision (e.g., information about the contractual partner). For example, it may be necessary for the data subject/contractual partner to provide their personal data in order for us to process their request (e.g., an order) at all.

An obligation to provide personal data arises primarily when concluding contracts. If no personal data is provided in this case, the contract with the data subject cannot be concluded.

Before providing personal data, the data subject may contact our data protection officer or the controller responsible for processing. The data protection officer or the controller will then inform the data subject whether the provision of the required personal data is required by law or contract or is necessary for the conclusion of the contract, and whether the data subject's concerns give rise to an obligation to provide the personal data or what consequences the failure to provide the requested data will have for the data subject.

9. Legal existence of automated decision-making (including profiling)

As a responsible company, we refrain from using automated decision-making or profiling in our business relationships.

en_USEnglish
de_DEGerman en_USEnglish