Our handling of your data and your rights – Information according to Art. 13, 14 and 21 of the EU General Data Protection Regulation (GDPR)
With the following information we would like to give you an overview of the processing of your personal data by us and your resulting rights. Which data is processed in detail and how it is used depends largely on the services requested or agreed in each case. Therefore, not all statements contained herein may apply to you.
In addition, this privacy information may be updated from time to time. The latest version can be found at any time on our website at: www.wilknergroup.de
Who is responsible for data processing and whom can I contact?
The responsible person in the sense of the DSGVO is:
Wilkner Group Member GmbH
Nature of the personal data collected
We process the following personal data that we receive from you in the course of our business relationship:
Company name with legal form and address
Title and names
We process your data for the following purposes and on the following legal basis
We process personal data in accordance with the provisions of the European General Data Protection Regulation (DSGVO) and the German Federal Data Protection Act (BDSG):
For the fulfillment of contractual obligations (Art. 6 para. 1 letter b DSGVO)
The processing of data is carried out for the implementation:
of our contract/orders
Due to legal requirements (Art. 6 para. 1 letter c DSGVO)
We are subject to various legal obligations that entail data processing. These include, for example:
Tax laws as well as statutory accounting
Complying with requests and requirements from regulatory or law enforcement authorities.
the fulfillment of control and reporting obligations under tax law
In addition, the disclosure of personal data may become necessary in the context of official/court measures for the purpose of gathering evidence, criminal prosecution or enforcement of civil claims.
Within the framework of the balancing of interests (Art. 6 para. 1 f DSGVO)
As far as necessary, we process your data beyond the actual fulfillment of the contract to protect legitimate interests of us or third parties. Examples of such cases are:
Assertion of legal claims and defense in legal disputes
Who gets my data?
Inside our house
Employees for contact with you and contractual cooperation (incl. the fulfillment of pre-contractual measures)
Within the scope of order processing
Your data may be passed on to service providers who act as order processors for us:
Support or maintenance of EDP or IT applications
All service providers are contractually bound and in particular obliged to treat your data confidentially.
Other third parties
Data will only be passed on to recipients outside our company in compliance with the applicable data protection regulations. Recipients of personal data may be, for example:
Public agencies and institutions (e.g., financial or law enforcement authorities) in the event of a legal or regulatory obligation
Credit and financial service providers (processing of payment transactions)
Tax advisor or business and payroll tax and tax auditor (statutory audit mandate)
Is data transferred to a third country or to an international organization?
Your data will only be processed within the European Union and states within the European Economic Area (EEA).
How long is my data stored?
We process and store your personal data as long as this is necessary for the fulfillment of our contractual and legal obligations. If the data is no longer required for the fulfillment of contractual or legal obligations, it is regularly deleted.
Exceptions arise insofar as legal storage obligations must be fulfilled, e.g. the German Commercial Code (HGB) and the German Fiscal Code (AO). The periods specified there for storage or documentation are generally six to ten years;
to preserve evidence within the scope of the statutory limitation provisions. According to Sections 195 et seq. of the German Civil Code (BGB), these limitation periods can be up to 30 years, with the regular limitation period being 3 years.
Others, if applicable.
If the data processing is carried out in the legitimate interest of us or a third party, the personal data will be deleted as soon as this interest no longer exists. The aforementioned exceptions apply here.
What data protection rights do I have?
You have the right to information under Article 15 GDPR, the right to rectification under Article 16 GDPR, the right to erasure under Article 17 GDPR, the right to restriction of processing under Article 18 GDPR, the right to object under Article 21 GDPR and the right to data portability under Article 20 GDPR.
Restrictions may apply to the right to information and the right to delete data in accordance with sections 34 and 35 of the BDSG.
In addition, there is a right of appeal to a competent data protection supervisory authority (Article 77 DSGVO in conjunction with Section 19 BDSG).
The supervisory authority responsible for us is:
State Office for Data Protection Supervision
Address: P.O. Box 606, 91511 Ansbach, Germany
Promenade 27 (Schloss), 91522 Ansbach
Phone: 0981 53 – 1300
Fax: 0981 53 – 5300
Is there an obligation to provide data?
Within the framework of the contractual relationship, you must provide those personal data that are required for the commencement, implementation and termination of the contractual relationship and for the fulfillment of the associated contractual obligations, or which we are legally obligated to collect. Without this data, we will usually not be able to conclude the contract with you or execute it.
Information about your right to object according to Article 21 of the General Data Protection Regulation (GDPR)
Right to object on a case-by-case basis
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(f) DSGVO (data processing on the basis of a balance of interests); this also applies to profiling based on this provision within the meaning of Article 4 No. 4 DSGVO.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims.
Recipient of an opposition
The objection can be made informally with the subject “Objection”, stating your name, address and date of birth, and should be addressed to:
Wilkner Group Member GmbH