Privacy statement :

Thank you for your interest in our company. The management of Muhr und Bender KG places a particularly high value on data protection. The Muhr und Bender KG website can be used without providing any personal data whatsoever. However, in order for an individual to use certain services provided by our company via our website, it may be necessary for us to process personal data. If we need to process personal data and there is no legal basis for doing so, we generally obtain the consent of the individual in question (data subject).

 

Personal data, such as the name, address, e-mail address, or telephone number of a data subject, is always processed in accordance with the General Data Protection Regulation and with the country-specific data protection regulations applicable to Muhr und Bender KG. This privacy statement aims to inform the general public about the nature, scope, and purpose of the personal data collected, used, and processed by our company. Furthermore, this privacy statement informs data subjects about their rights. This privacy statement applies to our website as well as other online offerings from Muhr und Bender KG, such as presences on Facebook, LinkedIn, and Xing.

 

As the data controller, Muhr und Bender KG has implemented a number of technical and organizational measures in order to guarantee, as far as possible, comprehensive protection of the personal data processed via this website. Nevertheless, when transmitting data via the Internet, there is always a risk of security vulnerabilities, and therefore absolute protection cannot be guaranteed.

 

For this reason, all data subjects have the option of communicating personal data to us by alternative means, including by telephone (info@mubea.com, +49 2722 620).

 

1. Definitions

The privacy statement of Muhr und Bender KG is based on the terminology used by the European legislator when adopting the General Data Protection Regulation (GDPR), valid from May 25, 2018. Our privacy statement should be easy for the general public, our customers, and our business partners to read and understand. We would therefore like to start by explaining the terminology used. In this privacy statement, the following terms are used:

 

a) personal data
Personal data refers to all information that relates to an identified or identifiable natural person (hereinafter referred to as the “data subject”). A natural person is considered identifiable if they can be identified directly or indirectly, in particular by being assigned to an identifier such as a name, ID, location information, or online identifier, or to one or more specific characteristics that are an expression of the physical, physiological, genetic, psychic, economic, cultural, or social identity of this natural person.

 

b) data subject
A data subject is any identified or identifiable natural person whose personal data is processed by the data controller.

 

c) processing
Processing is any procedure, or sequence of procedures, carried out with or without the help of automated processes in connection with personal data such as collection, compiling, organization, sorting, storage, adjustment or modification, reading, querying, use, publication by transmitting, distributing, or making available in some other form, matching or linking, truncation, erasure, or destruction.

 

d) restriction of processing
Restriction of processing is the marking of stored personal data for the purpose of restricting its future processing.

 

e) profiling
Profiling is any kind of automated processing of personal data in which this personal data is used to evaluate certain personal aspects pertaining to a natural person, in particular to analyze or predict aspects relating to the work performance, economic situation, health, personal preferences, interests, reliability, behavior, abode or change of location of this natural person.

As a company that takes its responsibility seriously, we do not perform any automated decision-making or profiling.

 

f) Pseudonymization
Pseudonymization is the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without consulting additional information, provided that this additional information is stored separately and there are technical and organizational measures in place to guarantee that the personal data is not assigned to an identified or identifiable natural person.

 

g) Data controller
The data controller is the natural or legal person, public authority, agency, or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of the processing are determined by European Union law or the laws of member states, the controller or the specific criteria for the controller’s nomination may be designated by European Union law or by the laws of member states.

 

h) Processor
The processor is a natural or legal person, public authority, agency, or any other body which processes personal data on behalf of the controller.

 

i) Recipient
A recipient is a natural or legal person, public authority, agency, or any other body to whom personal data is disclosed, whether a third party or not. However, public authorities which may receive personal data in the context of a specific investigation under European Union law or the laws of member states are not deemed to be recipients.

 

j) Third party
A third party is any natural or legal person, public authority, agency, or any other body other than the data subject, the controller, the processor, and the persons who, under the direct authority of the controller or the processor, are authorized to process the personal data.

 

k) Consent
Consent is any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by the data subject in the form of a declaration or other clear affirmative action by which the data subject signifies agreement to personal data relating to him or her being processed.

 

2. Name and address of controller

The controller, within the meaning of the General Data Protection Regulation, other data protection laws applicable in the member states of the European Union, and other provisions dealing with data protection, is:

 

Muhr und Bender KG
Mubea-Platz 1
57439 Attendorn
Germany
Tel.: 02722 / 620
E-mail: info@mubea.com
Website: www.mubea.com

 

3. Controller’s data protection officer

External:
VIA Consult GmbH & Co. KG

Mr. Karsten Kunde
Martinstraße 25
57462 Olpe
+49 (2761) 83668-0
datenschutz@via-consult.de

 

Data subjects may contact our data protection officer directly at any time in case of any questions or suggestions regarding data protection.

 

4. Cookies

 

The websites of Muhr und Bender KG use cookies. Cookies are text files that are created and stored on a computer system via a web browser.


Many websites and servers make use of cookies. A large number of cookies contain a “cookie ID.” A cookie ID is the cookie’s unique identifier. It consists of a sequence of characters that allows websites and servers to match the cookie to the specific web browser in which the cookie was stored. This allows the websites and servers visited to distinguish the individual browser of the data subject from other web browsers containing other cookies. The unique cookie ID allows a specific web browser to be recognized and identified.
The use of cookies allows Muhr und Bender KG to provide the users of this website with more user-friendly services, which would not be possible without setting cookies.

 

A cookie can be used to optimize the information and offerings on our website in a user-specific way. As mentioned already, cookies allow us to recognize the users of our website. The purpose of this recognition is to make it easier for the users to use our website. Users of a website that makes use of cookies do not need to enter their login details every time they visit the website, as this function is performed by the website and the cookie stored on the user’s computer system. Another example is the shopping cart cookie in an online shop. The online shop uses a cookie to remember the items that a customer has placed in the virtual shopping cart.

 

The data subject can prevent cookies from being set by our website at any time using the appropriate web browser settings, thereby permanently rejecting the use of cookies. Furthermore, cookies that have already been set can be erased at any time via a web browser or other software. All common web browsers have this feature. If the data subject disables the use of cookies in the web browser, this may mean that certain functionality on our website is not fully usable.

 

5. Collection of general data and information
 

The website of Muhr und Bender KG collects certain general data and information every time a data subject or automated system accesses the website. This general data and information is stored in the server’s log files. The data that may be collected includes: (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system arrives at our website (the “referrer”), (4) the sub-websites visited on our website by an accessing system, (5) the date and time of access to the website, (6), an Internet Protocol address (IP address), (7) the Internet service provider of the accessing system, and (8) other similar data and information for the purposes of security in the event of attacks on our IT systems.

 

In making use of this general data and information, Muhr und Bender KG does not identify the data subject. Instead, this information is required to (1) provide accurate content on our website, (2) optimize the content of our website and optimize the advertising for our website, (3) ensure the long-term operational reliability of our IT systems and the technology used for our website, and (4) to provide law enforcement agencies with the information necessary for prosecution in the event of a cyberattack. This anonymously collected data and information is therefore analyzed by Muhr und Bender KG for statistical purposes, as well as with the aim of improving data protection and data security within our company, in order to ultimately guarantee an optimal level of protection for the personal data that we process. The anonymous data in the server log files is stored separately from all personal data provided by a data subject. This data is analyzed anonymously for statistical purposes. The data is not disclosed to third parties.

 

6. Contacting the company via the website
 

In line with legal provisions, the website of Muhr und Bender KG includes functionality that allows users to contact our company instantly by electronic means and to communicate directly with us, including the provision of a general e-mail address. If a data subject contacts the controller via e-mail or via a contact form, the personal data transmitted by the data subject is automatically stored. This personal data voluntarily sent to the controller by a data subject is stored for the purpose of handling requests or contacting the data subject. This personal data is not disclosed to third parties. At your request, this data is erased by us following the conclusion of the correspondence. The data is not disclosed to third parties outside the company. In addition, the data collected in this way is not matched to data that may be collected by other components of our site.

 

7. Data protection for job applications


We collect and process personal data relating to applicants for the purpose of conducting the application process. If this results in an employment relationship, the application data will continue to be used for this purpose, in line with the legal provisions.

 

It is important to note that the data you provide is not stored anonymously but, in the context of the application process, will be made accessible to the relevant personnel managers as well as functions within the company that are relevant to the position. If additional consent is given via the form, the application you submit can be stored and considered for other vacancies at the company.

 

If you apply for a job at one of our group companies, your data will be transmitted to our company for this purpose.

 

If you apply for a job outside Germany, your data will also be transmitted to the relevant country for this purpose, if applicable.

 

You can find further information at www.mubea.com/en/data-protection-statement

 

8. Newsletter

 

On our careers page, you have the option of subscribing to a careers newsletter to stay informed about suitable job offers as soon as they are placed online. You can unsubscribe from the newsletter at any time. The personal data required for sending the newsletter is taken from the input form. Your data is only used to send the newsletter and is not disclosed to third parties.

 

9. Use of YouTube

 

Muhr und Bender KG has included a number of components (videos) from YouTube on this website. YouTube is an Internet video portal that allows video publishers to post video clips for free and other users to view, rate, and comment on these videos, also for free.

 

YouTube’s operating company is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. The data controller is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

 

Every time one of the individual pages on this website, which is operated by Muhr und Bender KG and on which a YouTube component (YouTube video) appears, is accessed, the web browser on the user’s IT system is automatically prompted by the relevant YouTube component to download a representation of the YouTube component in question from YouTube. As part of this technical process, YouTube and Google receive information on which specific subpage of our website the user is visiting.

 

If the user is logged in to YouTube at the same time and accesses a subpage containing a YouTube video, YouTube identifies which specific subpage of our website the user is visiting. This information is collected by YouTube and Google and attributed to the user’s YouTube account.

 

If the user does not wish for this information to be sent to YouTube and Google, the user should log out of his or her YouTube account before accessing our website in order to prevent the information being sent.
The privacy policy published by YouTube (https://www.google.com/policies/privacy/) provides information about the collection, processing, and use of personal data by YouTube and Google.

 

10. Online social media presences

 

We establish online presences on social networks in order to communicate with interested parties and users who are active on those platforms and to provide them with information about our company.

 

Data relating to these users may be processed outside the European Union by the service provider. This may entail risks for the user because, for example, it could make enforcement of the user’s rights more difficult.

 

The user’s data is generally processed by the service provider for market research and advertising purposes. This means, for example, that the user’s interests, determined from the usage behavior, are used to place advertisements, on and off the platforms, that might match the user’s interests. In most cases, cookies are stored on users’ computers for this purpose. In addition, data may be stored in the usage profiles independently of the devices used (particularly if users are members of the relevant platforms and are logged in to them).

 

Below you will find information on the processing we perform on your personal data as part of the online presences we provide. In its judgment of June 5, 2018, the ECJ confirmed the joint responsibility of the service provider and the website operator.

 

The social media website you visited offers you the opportunity to react to our posts, comment on them, create your own user post, and send us private messages to discuss personal matters. We use the data provided by you and made accessible to us for this purpose (e.g., username, images, interests, contact details) exclusively for the purpose of communicating with customers and interested parties. Our focus is on providing a platform on which we can display up-to-date information, which gives you the opportunity to send us your concerns, and which allows us to handle these concerns as quickly as possible.

 

Muhr und Bender KG makes use of photos and videos for marketing purposes on social media platforms. Any personal data contained therein is only processed with the consent of the data subject. The legal basis for the processing of the recorded data is Art. 6, para. 1(a) GDPR. Data subjects are entitled to have the stored data erased at any time. The data subject has the right to obtain information on the personal data relating to him or her at any time. The data is erased as soon as it is no longer necessary to achieve the purpose for which it was collected or the consent is withdrawn.

 

We do not perform any data processing via the website besides the basic functions. Please bear in mind that the service provider may use tracking tools as well as cookies, independently of our use of the website.

 

For a detailed view of the processing and opt-out possibilities, please refer to the following links to information from the provider.

 

In case of requests for information and assertion of user rights, please note that these can be asserted most effectively via the providers. Only the providers have access to the user data and can implement the necessary measures directly and provide information. However, feel free to contact us if you require assistance.

 

11. Use of etracker

 

Our website uses the services of etracker GmbH to analyze usage data. The data controller is etracker GmbH, Erste Brunnenstraße 1, 20459 Hamburg, Germany. Cookies are used to enable statistical analysis of the use of this website by the users and to allow usage-related content or advertising to be displayed. Cookies are small text files stored on the user’s device by the web browser. etracker cookies do not contain any information that could allow a user to be identified.

 

The data generated with etracker is processed and stored exclusively in Germany by etracker on behalf of the provider of this website and is therefore subject to stringent German and European data protection laws and standards. In this regard, etracker has been independently audited and certified, and awarded the privacy seal from ePrivacy (https://www.eprivacy.eu/kunden/vergebene-siegel/firma/etracker-gmbh/).

 

The legal basis for the data processing is Art. 6, para. 1(f) (legitimate interest) of the EU General Data Protection Regulation (EU-GDPR). Our legitimate interest is the optimization of our online offering and web presence. As the privacy of our visitors is very important to us, IP addresses are anonymized as quickly as possible by etracker, and login and device IDs are converted by etracker to a unique key that is not mapped to a person. etracker does not use the data in any other way, merge the data with other data, or disclose the data to third parties.

 

You may object to the data processing described above at any time, insofar as it is processed in personalized form. Objecting in this way will have no detrimental consequences for you.

Web Analytics and Website Optimization with eTracker

Please choose one of these options:

You can find more information on etracker’s data protection at https://www.etracker.com/en/data-privacy/

 

12. Routine erasure and blocking of personal data

The data controller processes and stores personal data relating to the data subject only for the period necessary to achieve the purpose of storage or insofar as this has been prescribed by the European legislator or another legislator in laws or regulations to which the data controller is subject.

 

If the purpose of storage no longer applies or a retention period prescribed by the European legislator or another competent legislator expires, the personal data is routinely blocked or erased in accordance with the legal provisions.
 

 

13. Rights of data subjects

a) Right to confirmation

Every data subject has the right, granted by the European legislator, to request confirmation from the data controller as to whether personal data relating to the data subject is processed. If a data subject wishes to exercise this right to confirmation, he or she may contact our data protection officer or another employee of the data controller at any time (datenschutz@via-consult.de; VIA Consult GmbH & Co. KG appoints the external data protection officer of Muhr und Bender KG and is therefore available to deal with any questions regarding data protection; see Section 3 for full contact details).

b) Right to information

Every data subject whose personal data is processed has the right, granted by the European legislator, to obtain information from the data controller at any time, free of charge, about the stored personal data relating to him or her and to obtain a copy of this information. The European legislator have also granted the data subject the right to the following information: the purposes of processing, the categories of personal data processed, the recipients or categories of recipients to whom the personal data has been or will be disclosed, particularly recipients in third countries or at international organizations, the planned duration of storage of the personal data if possible, or, if this is not possible, the criteria for determining this duration, the existence of a right to rectification or erasure of the personal data relating to him or her or to restriction of processing by the controller or a right to object to this processing, the existence of a right to lodge a complaint with a supervisory authority if the personal data is not collected from the data subject, all available information about the origin of the data, the existence of automated decision-making including profiling in accordance with Articles 22, paras. 1 and 4 GDPR, and—at least in these cases—meaningful information about the logic involved as well as the consequences and intended effects of such processing for the data subject.

Furthermore, the data subject has a right to obtain information as to whether personal data is transferred to a third country or an international organization. If this is the case, the data subject also has the right to obtain information about the appropriate guarantees connected with the transfer of data (info@mubea.com, +49 2722 620).

If a data subject wishes to exercise this right to information, he or she may contact our data protection officer or another employee of the data controller at any time (datenschutz@via-consult.de; VIA Consult GmbH & Co. KG appoints the external data protection officer of Muhr und Bender KG and is therefore available to deal with any questions regarding data protection; see Section 3 for full contact details).

c) Right to rectification

Every data subject whose personal data is processed has the right, granted by the European legislator, to request the immediate rectification of inaccurate personal data relating to him or her. The data subject also has the right to request the completion of incomplete personal data, including by means of an additional declaration, taking into account the purposes of processing.

If a data subject wishes to exercise this right to rectification, he or she may contact our data protection officer or another employee of the data controller at any time (datenschutz@via-consult.de; VIA Consult GmbH & Co. KG appoints the external data protection officer of Muhr und Bender KG and is therefore available to deal with any questions regarding data protection; see Section 3 for full contact details).

d) Right to erasure (right to be forgotten)

Every data subject whose personal data is processed has the right, granted by the European legislator, to request the immediate erasure of personal data relating to him or her, provided that one of the following grounds applies and the processing is not necessary:
The personal data was collected or otherwise processed for purposes for which it is no longer required.

The data subject revokes his or her consent on which the processing is based in accordance with Art. 6, para. 1(a) GDPR or Art. 9, para. 2(a) GDPR, and no other legal basis for the processing exists.

The data subject objects to the processing in accordance with Art. 21, para. 1 GDPR and no overriding legitimate grounds for the processing exist, or the data subject objects to the processing in accordance with Art. 21, para. 2 GDPR.
The personal data was unlawfully processed.

The erasure of the personal data is necessary in order to fulfill a legal obligation under European Union law or the laws of member states to which the data controller is subject.
The personal data was collected in relation to information society services in accordance with Art. 8, para. 1 GDPR.

If one of the aforementioned grounds exists and a data subject wishes to initiate the erasure of personal data stored by Muhr und Bender KG, he or she may contact our data protection officer or another employee of the data controller at any time. The data protection officer of Muhr und Bender KG or another employee will arrange for the request for erasure to be fulfilled immediately.

If the personal data was disclosed by Muhr und Bender KG and our company, as a controller, is obligated to erase the personal data in accordance with Art. 17, para. 1 GDPR, Muhr und Bender KG will implement suitable measures, including those of a technical nature, taking into account the available technology and implementation costs, to inform other data controllers processing the published personal data that the data subject has requested that these other data controllers erase all links to this personal data or copies or replications of this personal data, provided that the processing is not necessary. The data protection officer of Muhr und Bender KG or another employee will arrange for the necessary steps to be taken on a case-by-case basis.

e) Right to restriction of processing

Every data subject whose personal data is processed has the right, granted by the European legislator, to request restriction of the processing if one of the following criteria is fulfilled:
The accuracy of the personal data is disputed by the data subject, for a sufficient period of time for the controller to verify the accuracy of the personal data.

The processing is unlawful, the data subject opposes erasure of the personal data, and instead requests restriction of the use of the personal data.

The data controller no longer requires the personal data for the purposes of processing, but the data subject requires it in order to assert, exercise, or defend legal claims.

The data subject has objected to the processing in accordance with Art. 21, para. 1 GDPR and it has not yet been determined whether the controller’s legitimate grounds outweigh those of the data subject.

If one of the aforementioned criteria is fulfilled and a data subject wishes to request the restriction of personal data stored by Muhr und Bender KG, he or she may contact our data protection officer or another employee of the data controller at any time. The data protection officer of Muhr und Bender KG or another employee will arrange for the processing to be restricted.

f) Right to data portability

Every data subject whose personal data is processed has the right, granted by the European legislator, to receive the personal data relating to him or her, which the data subject has made available to a controller, in a structured, commonly used, and machine-readable format. The data subject also has the right to transfer this data to another controller without hindrance from the controller to which the personal data was provided, provided that the processing is based on consent in accordance with Art. 6, para. 1(a) GDPR or Art. 9, para. 2(a) GDPR or on a contract in accordance with Art. 6, para. 1(b) GDPR and the processing is carried out by automated means, provided that the processing is not necessary in order to perform a task carried out in the public interest or in the exercise of official authority vested in the controller.

In exercising his or her right to data portability in accordance with Art. 20, para. 1 GDPR, the data subject also has the right to have the personal data transferred directly from one controller to another insofar as this is technically feasible and does not adversely affect the rights and freedoms of other persons.

To assert the right to data portability, the data subject may contact the data protection officer appointed by Muhr und Bender KG or another employee at any time.

g) Right to object

Every data subject whose personal data is processed has the right, granted by the European legislator, to object to the processing, on the basis of Art. 6, para. 1(e) or (f) GDPR, of personal data relating to him or her at any time on grounds relating to his or her specific situation. This also applies to profiling based on these provisions.

 

In the event of objection, Muhr und Bender KG will no longer process the personal data unless we are able to demonstrate compelling legitimate grounds for the processing, which outweigh the interests, rights, and freedoms of the data subject, or the processing is for the purpose of asserting, exercising, or defending legal claims.

 

If Muhr und Bender KG processes the personal data in order to engage in direct advertising, the data subject has the right to object at any time to the processing of the personal data for the purposes of such advertising. This also applies to profiling insofar as it is connected to this direct advertising. If the data subject objects to the processing for the purposes of direct advertising carried out by Muhr und Bender KG, Muhr und Bender KG will no longer process the personal data for these purposes.

 

The data subject also has the right, on grounds relating to his or her specific situation, to object to the processing of personal data relating to him or her by Muhr und Bender KG for scientific or historical research purposes or for statistical purposes in accordance with Art. 89, para. 1 GDPR, unless such processing is necessary in order to perform a task carried out in the public interest.
To exercise the right to object, the data subject may contact the data protection officer of Muhr und Bender KG or another employee directly. Furthermore, in the context of the use of information society services, notwithstanding Directive 2002/58/EC, the data subject is entitled to exercise his or her right to object by automated means using technical specifications.

h) Automated decisions on a case-by-case basis, including profiling

Every data subject whose personal data is processed has the right, granted by the European legislator, not to subject to a decision based solely on automated processing—including profiling, which will have legal effect or significantly affect him or her in a similar manner, provided that the decision (1) is not required for the conclusion or execution of a contract between the data subject and the data controller, or (2) is permitted by European Union legislation or the legislation of member states to which the data controller is subject and where such legislation contains suitable measures to safeguard the rights and freedoms and legitimate interests of the data subject, or (3) is made with the express consent of the data subject.

 

If the decision (1) is required for the conclusion or execution of a contract between the data subject and the data controller, or (2) is made with the express consent of the data subject, Muhr und Bender KG will implement suitable measures to safeguard the rights and freedoms and legitimate interests of the data subject, at least the right to obtain human intervention on the part of the controller, to express his or her own point of view, and to contest the decision.

If the data subject wishes to assert rights relating to automated decisions, he or she may contact our data protection offer or another employee of the data controller at any time.

i) Right to withdraw consent in relation to data protection

Every data subject whose personal data is processed has the right, granted by the European legislator, to withdraw consent for the processing of personal data at any time.

If the data subject wishes to assert his or her right to withdraw consent, he or she may contact our data protection offer or another employee of the data controller at any time.

 

14. Legal basis for processing

Art. 6(1)(a) GDPR is the legal basis used by our company for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is party—as is the case, for example, with processing operations that are necessary for a delivery of goods or the provision of other performance or consideration—the processing is based on Art. 6(1)(b) GDPR. The same applies to processing operations that are required for the execution of precontractual measures, such as in cases of enquiries regarding our products and services. If our company is subject to a legal obligation requiring the processing of personal data, such as for the fulfillment of tax obligations, the processing is based on Art. 6(1)(c) GDPR. In rare cases, the processing of personal data may be necessary in order to protect vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were injured at our company and subsequently needed to give his or her name, age, health insurance details, or other vital information to a doctor, hospital, or other third party. In this case, the processing would be based on Art. 6(1)(d) GDPR. Finally, processing operations may be based on Art. 6(1)(f) GDPR. Processing operations that are not covered by another of the aforementioned legal bases are based on this legal basis if the processing is required to safeguard a legitimate interest of the company or a third party, provided that this is not outweighed by the interests and fundamental rights and freedoms of the data subject. Such processing operations are permissible for us in particular because they were mentioned specifically by the European legislator. They took the view that a legitimate interest could be assumed if the data subject were a customer of the data controller (Recital 47, sentence 2 GDPR).

 

15. Legitimate interests in the processing pursued by the data controller or a third party

If the processing of personal data is based on Article 6(1)(f) GDPR, our legitimate interest is carrying out our business in favor of the wellbeing of all our employees and shareholders.

 

16. Duration for which the personal data is stored

The criterion for the duration of storage of the personal data is the applicable statutory retention period. When this period expires, the data is routinely erased insofar as it is no longer necessary for contract performance or contract initiation.

 

17. Legal or contractual regulations on the provision of personal data; necessity for the conclusion of a contract; obligation of the data subject to provide the personal data; possible consequences of failure to provide the data

We would like to make you aware that the provision of personal data is sometimes legally prescribed (e.g., tax regulations) or may be derived from contractual regulations (e.g., details of the contracting partner). From time to time, for the purpose of concluding a contract, it may be necessary for a data subject to provide us with personal data that will subsequently need to be processed by us. The data subject is obligated to provide us with personal data, for example, if our company enters into a contract with him or her. Failure to provide the personal data would mean that the contract could not be concluded with the data subject. Before the data subject provides personal data, the data subject must contact our data protection officer. Our data protection officer will explain to the data subject, on a case-by-case basis, whether the provision of personal data is legally or contractually prescribed or is necessary for the conclusion of the contract, whether he or she is obligated to provide the personal data, and the consequences of failing to provide the personal data.