Our handling of your data and your rights

Information according to Art. 13, 14 and 21 of the EU General Data Protection Regulation ( GDPR)

Our handling of your data and your rights
With the following information, we would like to give you an overview of the processing of your personal data by us and your resulting rights. Which data is processed in detail and how it is used depends largely on the services requested or agreed in each case. Therefore, not all statements contained herein may apply to you.

 

1) Who is responsible for data processing and whom can I contact?

The responsible party is:
SEAL Systems AG | Lohmühlweg 4 | 91341 Röttenbach, Germany.

You can find more information about our company, details of the persons authorized to represent us and also further contact options in our imprint:
https://www.sealsystems.com/imprint/

You can reach our company data protection officer at:
datenschutzbeauftragter@sealsystems.de

 

2) Type of personal data collected

We process the following personal data that we receive from you in the course of our business relationship:

  • Company name with legal form and address
  • Title and name
  • Contact data
  • Field of activity or position
  • Account information
  • Order and billing information
  • Access data for the ticket system
  • Documents provided by you for support purposes

 

3) We process your data for the following purposes and on the following legal basis

We process personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR):

3.1 On the basis of consent (Art. 6 para. 1 letter a GDPR)

The processing of data is carried out for the implementation:

  • Sending the newsletter
  • Participation in digital offers
  • Participation in online surveys
  • When using the contact form
  • on initiative contact of the customer by e-mail

 

3.2 For the performance of contractual obligations (Art. 6 para. 1 letter b GDPR)

The processing of data is carried out for the performance of:

  • our contract
  • of ancillary contractual services (e.g. online meetings, ticket system)

 

3.3 Due to legal requirements (Art. 6 para. 1 lit. c GDPR)

We are subject to various legal obligations that entail data processing. These include, for example:

  • Tax laws as well as statutory accounting
  • compliance with requests and requirements of supervisory or law enforcement authorities
  • the fulfillment of tax control and reporting obligations

In addition, the disclosure of personal data may become necessary in the context of official/court measures for the purposes of collecting evidence, criminal prosecution or enforcement of civil claims.

 

3.4 In the context of balancing interests (Art. 6 para. 1 f GDPR)

Where necessary, we process your data beyond the actual performance of the contract to protect legitimate interests of us or third parties. Examples of such cases are:

  • Making legal claims and defense in legal disputes

 

4) Information on contact channels

4.1 Initiative contact of the customer by e-mail

If you initiate business contact with us by e-mail, we collect your personal data (name, e-mail address, message text) only to the extent provided by you. The data processing is used to process and respond to your contact request.

If the contact serves the implementation of pre-contractual measures (e.g. consultation in case of interest in purchase, preparation of an offer) or concerns a contract already concluded between you and us, this data processing is based on Art. 6 para. 1 lit. b GDPR.

If the contact is made for other reasons, this data processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR from our overriding legitimate interest in processing and responding to your request. In this case, you have the right to object at any time to this processing of personal data relating to you based on Art. 6 (1) (f) GDPR for reasons arising from your particular situation.

We will only use your e-mail address to process your request. Your data will then be deleted in compliance with statutory retention periods, providing you do not consent to further processing and use.

 

4.2 Collection and processing when using the contact form

When using the contact form, we collect your personal data (name, telephone number, e-mail address, message text) only to the extent provided by you. The data processing serves the purpose of contacting you. By sending your message, you consent to the processing of the transmitted data. The processing is based on Art. 6 para. 1 lit. a GDPR with your consent.

You can revoke your consent at any time by notifying us, without affecting the legality of the processing carried out on the basis of the consent until revocation. We will only use your e-mail address to process your request. Your data will then be deleted unless you have consented to further processing and use.

 

5) Who gets my data?

5.1 Within our company

  • Staff members for contact with you and contractual cooperation (including the fulfillment of pre-contractual measures)

 

5.2 In the context of order processing

Your data may be disclosed to service providers who act as processors for us:

  • Support or maintenance of computing or IT applications
  • Accounting

All service providers are contractually bound and in particular obliged to treat your data confidentially.

 

5.3 Other third parties

Data will only be passed on to recipients outside our company in compliance with the applicable data protection regulations. Recipients of personal data may be, for example:

  • Public bodies and institutions (e.g. financial or law enforcement authorities) if there is a legal or regulatory obligation
  • Credit and financial service providers (processing of payment transactions)
  • Tax advisor or business and payroll tax and tax auditors (statutory audit mandate)

 

6) Will data be transferred to a third country or to an international organization?

Your data will only be processed within the European Union and states within the European Economic Area (EEA). Furthermore, access to the data by our subsidiaries may also take place outside the EEA.

 

7) How long will my data be stored?

We process and store your personal data as long as this is necessary for the fulfillment of our contractual and legal obligations. If the data is no longer required for the fulfillment of contractual or legal obligations, it is regularly deleted.

Exceptions arise,

  • insofar as legal storage obligations must be fulfilled, e.g. the German Commercial Code (HGB) and Fiscal Code (AO). The periods specified there for storage or documentation are usually six to ten years;
  • for the preservation of evidence within the framework of the statutory limitation provisions. According to § § 195 ff of the German Civil Code (BGB), these limitation periods can be up to 30 years, with the regular limitation period is 3 years.

If the data processing is carried out in the legitimate interest of us or a third party, the personal data will be deleted as soon as this interest no longer exists. In this regard, the stated exceptions apply.

 

8) What data protection rights do I have?

You have the right to information under Article 15 of the GDPR, the right to rectification under Article 16 of the GDPR, the right of erasure under Article 17 of the GDPR, the right to restrict processing under Article 18 of the GDPR, the right to object under Article 21 of the GDPR and the right for data portability under Article 20 of the GDPR.

With regard to the right to information and the right of erasure, restrictions may apply in accordance with Sections 34 and 35 BDSG.

In addition, there is a right of appeal to a designated data protection supervisory authority (Article 77 GDPR in conjunction with Section 19 BDSG). The supervisory authority responsible for us is:

Bavarian State Office for Data Protection Supervision
Michael Will
P.O. Box 1349
91504 Ansbach
Germany

Phone: +49 (0) 981 180093-0 | E-Mail:  poststelle@lda.bayern.de

 

9) Is there an obligation to provide data?

Within the framework of the contractual relationship, you must provide those personal data that are necessary for the initiation, execution and termination of the contractual relationship and for the fulfillment of the associated contractual obligations or which we are legally obliged to collect. Without this data, we will generally not be able to conclude the contract with you or to execute it.

 

10) Information about your right to object under Article 21 of the General Data Protection Regulation (GDPR)

10.1 Individual right of objection

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(f) GDPR (data processing based on a balance of interests); this also applies to profiling based on this provision within the meaning of Article 4(4) GDPR.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims.

 

10.2 Recipients of an objection

The objection can be made informally with the subject “Objection”, stating your name, address and should be addressed to:
info@sealsystems.de