Privacy Policy

Updated: 24 May 2018 10:40:29

1. An overview of data protection

1.1 General
J. Wagner GmbH (further legal information can be found in the Legal Information section) is the entity responsible for complying with data protection legislation relating to this website. We are delighted by your interest in our website, and we want you to feel secure and happy during your visit. J. Wagner GmbH (hereinafter “WAGNER”) therefore takes the protection of your personal data very seriously. This data privacy statement is intended to inform you about which personal data we collect from you when you use our website, and for what purposes we process and use this data.
The data privacy statement has a modular structure to make it easy for you to find specific information. By following this link https://go.wagner-group.com/internet_dataprotection_en you can view or download the complete text as a PDF file.

WAGNER reserves the right to modify its data privacy statement at any time to reflect changing legal provisions and requirements, or to make other updates as it sees fit. Please keep yourself up to date about changes to the data privacy statement by visiting the relevant link from our website to view it.
If you have any general questions about our website, please get in touch with us:

Tel: +49 7544 505 0
E-mail: online-services@wagner-group.com

1.2 Data collection on our website
Who is responsible for the data collection on this website?
The data collected on this website are processed by the website operator. The operator’s contact details can be found in the website’s required legal notice.

How do we collect your data?
Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form.
Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.

What do we use your data for?
Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site.

What rights do you have regarding your data?
You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities.

Analytics and third-party tools
When visiting our website, statistical analyses may be made of your surfing behaviour. This happens primarily using cookies and analytics. The analysis of your surfing behaviour is usually anonymous, i.e. we will not be able to identify you from this data. You can object to this analysis or prevent it by not using certain tools. Detailed information can be found in the following privacy policy. You can object to this analysis. We will inform you below about how to exercise your options in this regard.

2. General information and mandatory information

2.1 Data protection
If you use this website, various pieces of personal data will be collected. Personal information is any data with which you could be personally identified. This privacy policy explains what information we collect and what we use it for. It also explains how and for what purpose this happens.

Please note that data transmitted via the internet (e. g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.

Notice concerning the party responsible for this website
The party responsible for processing data on this website is:

J. Wagner GmbH
Otto-Lilienthal-Str. 18
88677 Markdorf
Phone: +49 7544 505-0
Fax: +49 7544 505-200
Email: wagner@wagner-group.com

The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).

2.2 Information, blocking, deletion and correction
You have the right to find out about the personal details we have stored about you and also the right to block, delete and correct erroneous data.
In such instances, please use the contact form so that we are able to attend to your request.
If you would prefer to contact WAGNER’s Data Security Officer to exercise these rights rather than WAGNER itself, you are of course welcome to do so (Datenschutz.Deutschland@wagner-group.com).

2.3 Revocation of your consent to the processing of your data
Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.

2.4 Right to file complaints with regulatory authorities
If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which our company is headquartered.

2.5 Right to data portability
You have the right to have data which we process based on your consent or in fulfilment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.

3. Data protection officer

Statutory data protection officer
We have appointed a data protection officer for our company. If you have any questions regarding the use of your personal data or the enforcement of your rights, please do not hesitate to contact them.

Contact:
Email: Datenschutz.Deutschland@wagner-group.com
Phone: +49 7544 505-0
Fax: +49 7544 505-200

J. Wagner GmbH
Statutory data protection officer
Otto-Lilienthal-Str. 18
88677 Markdorf

4. Data collection on our website

4.1 Contact forms
The reasons for processing the data collected in our contact forms are based on the purpose of your enquiry. Essentially, we process your information in order to respond to your query. Other reasons for processing this data are outlined below.

Personal details
We collect your salutation, your name, your address and your postcode so that we know who is contacting us and for what purpose, and so that we can forward your request instantly to the correct person.
The details of your email address are mandatory, since we will use it to process your request depending on the reason for you contacting us. It is not used for any other purpose.
We want you to voluntarily provide your telephone number since we will use it to process your request depending on the reason for you contacting us. Your personal details are stored in our CRM system so that it can be used if you get in touch with us again. It is not used for any other purpose.

Support requests, complaints
The information you provide us about the product will be stored in the event of a support request along with your personal details in our CRM and SAP system.

Transfer of your details to authorised distributors
If your enquiry relates to a complaint, warranty claim or similar, we will also transfer this data together with your personal details to the distributor from which you purchased the device, or to another distributor near you so that your request can be dealt with.

Storage, use and deletion
If your device is repaired or replaced by WAGNER, your data will be stored in our support, accounting and logistics system until the statutory storage period has elapsed, and then deleted.

The data entered in the contact form will be processed on the basis of your consent (Art. 6 (1) (b) DSGVO) or on the basis of the data processing pursuant to Art. 6 (1) (b) DSGVO, which permits the processing of data to fulfil a contract or pre-contractual measures. You can revoke the processing on the basis of your consent at any time. All you need to do is send an informal message via the contact form or by e-mail to our data protection officer. The legality of the data processing processes carried out up to the revocation remains unaffected by the revocation.

The data entered by you in the contact form will remain with us until you request deletion, revoke your consent for storage or the purpose for data storage ceases to apply. Mandatory statutory provisions – in particular retention periods – remain unaffected.

4.2 Processing of data (customer and contract data)
We collect, process, and use personal data only insofar as it is necessary to establish, or modify legal relationships with us (master data). This is done based on Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfil a contract or for measures preliminary to a contract.

In order to avoid bad debts, we can, on the basis of Art. 6 (1) (b) DSGVO, in accordance with our legitimate interest, after placing an order with Euler Hermes Forderungsmanagement GmbH, Risk Management Division, P.O. Box 50 07 40, 22707 Hamburg, Germany, to submit your credit assessment data. In a credit check, a so-called score value is calculated on the basis of a mathematical procedure, which makes statements about your solvency. This usually happens as soon as a credit limit of € 1,000 is exceeded. We would like to point out that Euler Hermes Forderungsmanagement GmbH continues to use the transmitted data for its own purposes. You can object to the transmission of this data to Euler Hermes Forderungsmanagement GmbH at any time, however, the execution of the purchase contract may then not be possible.

Collected customer data shall be deleted after completion of the order or termination of the business relationship. Legal retention periods remain unaffected.

4.3 Cookies
Cookies are small text files that our server stores in a separate area of your browser on your PC if your browser allows this. Cookies are distinguished partly based on how long they are stored for. Session cookies are deleted automatically when you close your browser. A session cookie can be used to manage a shopping basket or define which products are of particular interest to you. Permanent cookies, on the other hand, remain stored on your PC. Your browser can tell you how long they are stored for. A permanent cookie can be re-read next time you visit our website. To prevent this, you can delete the permanent cookie after visiting our website. Permanent cookies can be used, for example, to store your preferred language in your browser after you have visited us.

Cookies are also distinguished based on their origin. First-party cookies always come from the website specified in the address bar of your browser. Third-party cookies come from websites that you have not visited directly, but which have been integrated through images or advertising on the first party’s website. Your browser can then tell you where the cookies stored on your PC come from.

The first time you visit our site, a banner will appear indicating our use of cookies. By clicking on the “I agree” button, you agree to our use of cookies on the basis of your consent (Art. 6 (1) (b) DSGVO).
Third-party cookies are also set by our web server. These include for instance Google Analytics and Mouseflow.
Most browsers are set to accept cookies. To turn this off, please change the corresponding settings of your browser. If your browser does not allow cookies, you may not be able to visit all pages of our website without interruption.

Diese Cookie-Richtlinie wurde erstellt und aktualisiert von der Firma CookieFirst.com.

4.4 Server log files
The website provider automatically collects and stores information that your browser automatically transmits to us in “server log files”. These are:
• Browser type and browser version
• Operating system used
• Referrer URL
• Host name of the accessing computer
• Time of the server request
• IP address
These data will not be combined with data from other sources.

The basis for data processing is Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfil a contract or for measures preliminary to a contract.

5. Social media, Plugins and Tools

The content on our pages can be shared on other social networks like Facebook, LinkedIn, XING, Pinterest and Instagram.
Our website contains links to social media (Facebook, YouTube). The buttons to these links are designed so that a connection between your PC and the respective network is only established if you follow the link by clicking it. You are then connected directly with the respective server of the selected social medium. The respective operators of social media networks are responsible for their own data privacy.
This also applies to websites to which our portal links but which are operated by third-party providers. An example of such links would be videos on our main page that are retrieved from YouTube. Information about the data privacy policies of linked pages can be found in the respective providers’ data privacy statements.

When the user actively clicks on one of these buttons, your browser establishes a direct connection to the respective servers.
This tool does not automatically transfer user data to the operators of these platforms. If users are logged into one or more of the social networks, it will display an information window in which the user can edit the text before it is sent.
Our users can share the content of this page on social networks without their providers creating profiles of users’ surfing behaviour

5.1 Facebook plugins
Our website includes plugins for the social network Facebook, Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA.
The Facebook plugins can be recognized by the Facebook logo or the Like button on our site. For an overview of Facebook plugins, see https://developers.facebook.com/docs/plugins/.
When you visit our site, a direct connection between your browser and the Facebook server is established via the plugin. This enables Facebook to receive information that you have visited our site from your IP address. If you click on the Facebook “Like button” while you are logged into your Facebook account, you can link the content of our site to your Facebook profile. This allows Facebook to associate visits to our site with your user account. Please note that, as the operator of this site, we have no knowledge of the content of the data transmitted to Facebook or of how Facebook uses these data. For more information, please see Facebook’s privacy policy at https://de-de.facebook.com/policy.php.
If you do not want Facebook to associate your visit to our site with your Facebook account, please log out of your Facebook account.

5.2 LinkedIn plugin
Our site uses functions from the LinkedIn network. The service is provided by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.
Each time one of our pages containing LinkedIn features is accessed, your browser establishes a direct connection to the LinkedIn servers. LinkedIn is informed that you have visited our web pages from your IP address. If you use the LinkedIn “Recommend” button and are logged into your LinkedIn account, it is possible for LinkedIn to associate your visit to our website to your user account. We would like to point out that, as the provider of these pages, we have no knowledge of the content of the data transmitted or how it will be used by LinkedIn.
More information can be found in the LinkedIn privacy policy at https://www.linkedin.com/legal/privacy-policy.
If you do not want LinkedIn to associate your visit to our site with your LinkedIn account, please log out of your LinkedIn account.

5.3 Twitter plugin
Functions of the Twitter service have been integrated into our website and app. These features are offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. When you use Twitter and the “Retweet” function, the websites you visit are connected to your Twitter account and made known to other users. In doing so, data will also be transferred to Twitter. We would like to point out that, as the provider of these pages, we have no knowledge of the content of the data transmitted or how it will be used by Twitter. For more information on Twitter’s privacy policy, please go to https://twitter.com/privacy.
Your privacy preferences with Twitter can be modified in your account settings at https://twitter.com/account/settings.

5.4 YouTube
Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited.
If you’re logged in to your YouTube account, YouTube allows you to associate your browsing behaviour directly with your personal profile. You can prevent this by logging out of your YouTube account.
YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.
Further information about handling user data, can be found in the data protection declaration of YouTube under https://www.google.de/intl/de/policies/privacy.

5.5 Google Maps
This site uses the Google Maps map service via an API. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use Google Maps, it is necessary to save your IP address. This information is generally transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.
The use of Google Maps is in the interest of making our website appealing and to facilitate the location of places specified by us on the website. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.
Further information about handling user data, can be found in the data protection declaration of Google at https://www.google.de/intl/de/policies/privacy/.

6. Analytics and advertising

6.1 Google Analytics
This website uses Google Analytics, a web analytics service. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.
Google Analytics cookies are stored based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in analysing user behaviour to optimize both its website and its advertising.

IP anonymization
We have activated the IP anonymization feature on this website. Your IP address will be shortened by Google within the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the United States. Only in exceptional cases is the full IP address sent to a Google server in the US and shortened there. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity, and to provide other services regarding website activity and Internet usage for the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.

Browser plugin
You can prevent these cookies being stored by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you will not be able to enjoy the full functionality of this website. You can also prevent the data generated by cookies about your use of the website (incl. your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.

Objecting to the collection of data
You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this site: Disable Google Analytics.
For more information about how Google Analytics handles user data, see Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=en.

Outsourced data processing
We have entered into an agreement with Google for the outsourcing of our data processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Demographic data collection by Google Analytics
This website uses Google Analytics’ demographic features. This allows reports to be generated containing statements about the age, gender, and interests of site visitors. This data comes from interest-based advertising from Google and third-party visitor data. This collected data cannot be attributed to any specific individual person. You can disable this feature at any time by adjusting the ads settings in your Google account or you can forbid the collection of your data by Google Analytics as described in the section “Refusal of data collection”.

6.2 Google Analytics Remarketing
Our websites use the features of Google Analytics Remarketing combined with the cross-device capabilities of Google AdWords and DoubleClick. This service is provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
This feature makes it possible to link target audiences for promotional marketing created with Google Analytics Remarketing to the cross-device capabilities of Google AdWords and Google DoubleClick. This allows advertising to be displayed based on your personal interests, identified based on your previous usage and surfing behaviour on one device (e.g. your mobile phone), on other devices (such as a tablet or computer).
Once you have given your consent, Google will associate your web and app browsing history with your Google Account for this purpose. That way, any device that signs in to your Google Account can use the same personalized promotional messaging.
To support this feature, Google Analytics collects Google-authenticated IDs of users that are temporarily linked to our Google Analytics data to define and create audiences for cross-device ad promotion.
You can permanently opt out of cross-device remarketing/targeting by turning off personalized advertising in your Google Account; follow this link: https://www.google.com/settings/ads/onweb/.
The aggregation of the data collected in your Google Account data is based solely on your consent, which you may give or withdraw from Google per Art. 6 (1) (a) DSGVO. For data collection operations not merged into your Google Account (for example, because you do not have a Google Account or have objected to the merge), the collection of data is based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in analysing anonymous user behaviour for promotional purposes.
For more information and the Google Privacy Policy, go to: https://www.google.com/policies/technologies/ads/.

6.3 Google AdWords and Google Conversion Tracking
This website uses Google AdWords. AdWords is an online advertising program from Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, United States (“Google”).
As part of Google AdWords, we use so-called conversion tracking. When you click on an ad served by Google, a conversion tracking cookie is set. Cookies are small text files that your internet browser stores on your computer. These cookies expire after 30 days and are not used for personal identification of the user. Should the user visit certain pages of the website and the cookie has not yet expired, Google and the website can tell that the user clicked on the ad and proceeded to that page.
Each Google AdWords advertiser has a different cookie. Thus, cookies cannot be tracked using the website of an AdWords advertiser. The information obtained using the conversion cookie is used to create conversion statistics for the AdWords advertisers who have opted for conversion tracking. Customers are told the total number of users who clicked on their ad and were redirected to a conversion tracking tag page. However, advertisers do not obtain any information that can be used to personally identify users. If you do not want to participate in tracking, you can opt-out of this by easily disabling the Google Conversion Tracking cookie by changing your browser settings. In doing so, you will not be included in the conversion tracking statistics.
Conversion cookies are stored based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in analysing user behaviour to optimize both its website and its advertising.
For more information about Google AdWords and Google Conversion Tracking, see the Google Privacy Policy: https://www.google.de/policies/privacy/.
You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website.

Updated: 25 May 2018 09:00:00

Duty to inform for data collection

Data protection notice for customers, suppliers, partners, clients, Visitors and interested parties

With this data protection notice we inform you about how we process your personal data and which rights are granted to you by data protection law in this context. The individual personal data that are processed by you and the scope of the processing depends on the legal provisions and the content of the contractual business relationship that has been agreed with you. It may therefore be that not all parts of this data protection information are applicable to you.

I. Responsible for data processing

Responsible is the:
J. Wagner GmbH
Otto-Lilienthal-Str. 18
88677 Markdorf
Phone: +49 (0) 75 44 / 5 05-0
Fax: +49 (0) 75 44 / 5 05-2 00
E-Mail: wagner@wagner-group.com

You can contact our company data protection officer at:
E-Mail: Datenschutz.Deutschland@wagner-group.com
Phone: +49 (0) 75 44 / 5 05-0
Fax: +49 (0) 75 44 / 5 05-2 00

II. Data processed and their origin

First and foremost, we process the personal data that we receive or have collected from the data subjects within the scope of the business or customer relationship. We also process data provided on the basis of inquiries / visits / registrations (e.g. Internet shop), consents (e.g. newsletter dispatch) etc. within the legally permitted framework.
In addition, we also process personal data provided to us in the context of order processing and data from publicly accessible sources (e.g. press, Internet), insofar as this is necessary and permissible for the respective purposes. We also process personal data that are legally transmitted to us by other companies of the Wagner Group or by third parties (e.g. credit insurance, receivables management, indications of criminal acts).
The personal data processed by us in this context consists of personal data / identification data (name, address, contact data, user ID etc.), data from the fulfilment of our contractual obligations (bank data, history, authorisations etc.), data made available to us within the scope of consents and other data which are comparable with the categories mentioned.

III. Processing purposes and legal bases

The personal data are processed by us in accordance with the regulations of the EU data protection basic regulation (GDPR) and the Federal Data Protection Act (BDSG) on the basis of the following legal bases:
1 a) For the performance of a contract (Art. 6 (1) lit. b GDPR)
The processing of personal data is necessary for the fulfilment of a contract to which the data subject is a party or for the implementation of pre-contractual measures taken at the request of the data subject.
If you make use of additional services, your data will be processed to the extent necessary to provide these additional services.
b) In the context of contract processing (Art. 28 GDPR)
The processing of personal data on behalf of the customer takes place exclusively in accordance with instructions and within the framework of legal regulations.
2 In the context of a balance of interests (Art. 6(1)(f) GDPR)
Beyond the actual fulfilment of the contract with you, we process your data to the extent necessary to protect our legitimate interests or the legitimate interests of third parties, provided that your interests do not predominate. Examples are:
Internal and external communication
Documentation
Internal and external monitoring (ICS controls or key figures)
Internal and external investigations, safety reviews
Measures for business management and further development of services and products
Advertising
Authorization management
IT security measures
Event Management
Assertion / defence of legal claims, also in legal disputes
Prevention and detection of criminal offences
measures for building and system security (e.g. access controls)
Measures to secure the domiciliary right
Risk management via the Wagner Group of Companies
3 On the basis of your consent (Art. 6 para. 1 lit. a GDPR)
If you have consented to certain processing of your personal data (e.g. newsletter dispatch, participation in advertising campaigns), your personal data will be processed lawfully on the basis of this consent. You can revoke your consent at any time with effect for the future. This also applies to declarations of consent that you have given us before the GDPR has entered into force, i.e. before May 25, 2018 Since the revocation of a consent is valid for the future, it does not affect the effectiveness of the processing until the time of the revocation.
4. Statutory or legal provisions (Art. 6(1)(c) GDPR or in the public interest (Art. 6(1)(e) GDPR)
In addition, we as a company have various legal obligations (e.g. tax laws, money laundering laws). These include identity checks, fraud and money laundering prevention, the fulfilment of tax control and reporting obligations as well as the assessment and control of risks in the company and the Wagner Group.

IV.Processing principles

The company ensures the implementation of appropriate technical and organisational measures for data security by internal regulations and – if the data are processed by an external service provider – by corresponding contractual agreements, for example by using the EU standard contract clauses for data processing outside the European Union.

Please arrange for any necessary changes to your data in good time. You can contact the relevant departments or the data protection officer to clarify questions about your data and request both information and the correction / deletion of incorrect or no longer required data.

V. Recipient of the data

In compliance with the statutory provisions and the existing internal regulations, the departments that require your data to fulfil our contractual and statutory obligations have access to it. Similarly, service providers and vicarious agents (e.g. IT service providers, logistics, telecommunications, debt collection, consulting, financial services, marketing agencies, insurance companies…) employed by us may access your data for these purposes, provided that you maintain the confidentiality and integrity of the data in particular.
We only pass on personal data to recipients outside our company if and insofar as this is necessary in compliance with the applicable data protection regulations. We may only disclose information about you if required to do so by law, if you have given your consent or if we are authorized to provide such information. Recipients of personal data may be, for example:
For operational purposes
To other companies of the Wagner Group
To service providers / contractors
To customers, suppliers, partners
Obligations to report and provide information
To authorities and other bodies (e.g. tax authorities, auditors)
To clarify claims and accusations
Lawyers, prosecution authorities, creditors or insolvency administrators
For recipients that you have explicitly named
To credit and financial services institutions
In addition, your personal data may be transferred to recipients for whom you have given us your consent. The same applies to bodies to which we may transfer personal data on the basis of a balance of interests.

VI. Transfer of data to third countries or international organisations

We transfer personal data to bodies in countries outside the European Union (so-called third countries) insofar as
it is required by law (e.g. tax reporting obligations)
you have consented or
the transmission is necessary to protect our legitimate interests and your interests or fundamental rights and freedoms do not outweigh the protection of your personal data.
In addition, personal data will be transferred to bodies in third countries in the following cases:
With the consent of the data subject or on the basis of legal regulations to combat money laundering, the financing of terrorism or other criminal acts and on the basis of a balance of interests, personal data will in individual cases be transmitted to the European Union in compliance with the data protection level.

VII. Duration of the storage of personal data

Your personal data will only be stored or otherwise processed by us for as long as is necessary to achieve the respective purpose.
Once the purpose of the processing has ceased to apply (e.g. legal transaction concluded), the corresponding personal data will be deleted. The deletion may be postponed in the following cases:
Compliance with legal retention periods (e.g. German Commercial Code (HGB), German Banking Act (KWG), German Money Laundering Act (GwG). The storage periods mentioned there are generally 6 to 10 years.
Fulfilment of justified retention periods (e.g. for customer service, inquiries, log files).
Securing of evidence within the statutory statute of limitations. According to §§ 195 ff. of the German Civil Code (BGB), these limitation periods can be up to 30 years. The regular limitation period is 3 years.
If we or a third party process your data on the basis of the above-mentioned weighing of interests, we will delete your personal data as soon as our legitimate interest no longer exists. The above-mentioned exceptions also apply here.
Data deletion takes place within the deletion routines implemented by the process owners.
In the event of consent, the data will be deleted as soon as the consent is revoked for the future, unless one of the above-mentioned exceptions exists.

VIII. Internal monitoring and investigation

To protect against the various threats to our IT – e.g. by malware, hacker attacks, spam – and the intellectual property, different procedures are used in which the information exchanged is checked for viruses, for example, and the connection data for anomalies. When anomalies are discovered, the relevant documents and connection data can be analyzed.
In order to comply with existing supply and payment restrictions – for example on companies and persons listed on various government lists – a comparison can be made against this list.
In addition, in suspicious cases, in official investigations and to defend against claims against our company, an investigation and, if necessary, the surrender of data and documents on the persons concerned may be necessary.
In all cases, our internal regulations, the legal requirements and the personal rights of those affected are observed.

IX. Rights of the person concerned

Under Art. 15 of the GDPR, any person concerned has a right of access. According to Art. 16
of the GDPR, the data subject may request the rectification of inaccurate personal data. According
to Art. 17 of the GDPR, the data subject has a right of cancellation or, according to Art. 18, a
right of processing restriction. Similarly, under the conditions laid down in Art. 21 GDPR, the data
subject may object to the processing of personal data concerning him/her. According to Art. 20 of
the GDPR, the data subject has a right to data transferability. To assert these rights, please contact
the data protection officer or the relevant department:
In addition, pursuant to Art. 77 GDPR in conjunction with § 19 BDSG, you have a right of appeal
to the responsible data protection supervisory authority.
A given consent can be revoked at any time.

X. Obligation to provide personal data

Within the framework of the legal transaction to be carried out with you, you are obliged to provide the personal data required for the execution of the legal transaction and for the fulfilment of the associated contractual obligations or which we are legally obliged to collect.
If you do not provide certain personal data, you may suffer disadvantages or the legal transaction may not be concluded.

XI. Automated decision making

According to Art. 22 of the GDPR, automated decisions can only be taken if they are necessary for the conclusion or fulfilment of a contract or if they are permitted by law or if they are legitimised by the express consent of the person concerned.
If we use such procedures in individual cases, you will be informed about this and about your associated rights within the framework of legal requirements.

XII. Profiling

Some of your data will be processed automatically in order to evaluate certain personal aspects (profiling). For example, we are required by law and regulation to combat money laundering, terrorist financing and asset-polluting crimes. In this context, data analyses are also carried out.

XIII. Information on your right of objection under Art. 21 GDPR 1

1. Right of objection in individual cases
You have the right to object at any time for reasons arising from your particular situation to the processing of personal data concerning you, which is based on Art. 6 (1)(e) (data processing in the public interest) or (f) (data processing on the basis of a balance of interests); this also applies to profiling based on these provisions.
If you object, we will no longer process your personal data. Anything to the contrary shall only apply if we can prove compelling legitimate reasons for the processing which outweigh your interests, rights and freedoms or if the processing serves to assert, exercise or defend legal claims.
2. Recipient of an opposition
The objection can be made form-free with the subject “objection” stating your name, address and, if applicable, contact data and should be addressed to the data protection officer.