Art. 12 GDPR Transparent information
We understand the importance of the personal data that you entrust to us. We see it as one of our most important responsibilities to ensure the confidentiality of your data.
In accordance with the General Data Protection Regulation (GDPR), we wish to comply with our obligation to provide information when collecting personal data by informing you transparently about the type, scope and purpose of the personal data collected by us as well as by informing you of your rights.
1. Contact details of the data controller
The data controller in the meaning of the General Data Protection Regulation is:
GUTMANN ALUMINIUM DRAHT GMBH
Am Sand 2
91781 Weißenburg, Germany
Tel.: +49 9141 99 75 – 0
e-mail: draht (at) gutmann-wire.com
The following has been designated as data protection officer:
Stephan Hartinger
Coseco GmbH
Tel.: 08232 80988-70
e-mail: datenschutz (at) coseco.de
2. Which sources are used to obtain personal data?
We process personal data that we receive directly from our customers in connection with our business relationship with them. We also process personal data that we receive from other companies, e.g. for the execution of orders, for the fulfilment of contracts or on the basis of a consent given by you.
Personal data that are relevant to us may include:
- Company
- First name
- Last name
- Position in company
- Road
- Post code/town
- (if applicable mobile no.)
2.1 Acquisition of new customers
To conduct customer acquisition, we process personal data that we have legitimately obtained and are allowed to process from publicly accessible sources (e.g. commercial and association registers, press, media, internet) and from business partners, sales agents and representatives.
2.2 Customer contact information
As part of the contract acquisition phase and during the business relationship itself, in particular through personal, telephone or written contacts, initiated by you or one of our employees, further personal data is generated, e.g. information about the contact channel, date, occasion and result; (electronic) copies of the correspondence and information on participating in direct marketing measures.
Personal data is also generated in relation to us offering our products and services,
and by means of general surveys to improve our customer service.
2.3 Trade fairs/events
In relation to trade fairs/events, we collect data (salutation, title, last name, first name, company, street, postal code, city, e-mail, and if applicable which industry/sector you operate in), which we use for the purpose agreed with you.
2.4 Credit rating information
Commercial creditworthiness documents: Revenue/profit accounts, balance sheets, business evaluation, type and duration of self-employment.
3. For what purposes are your data processed and on what legal basis?
We process the aforementioned personal data in accordance with the provisions of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG):
When processing personal data for which we obtain the consent of the data subject, Article 6 (1)(a) GDPR serves as the legal basis.
When processing personal data that are required to fulfil a contract to which the data subject is a party, Art. 6 (1)(b) GDPR serves as the legal basis. This provision also covers processing operations that are necessary in advance of signing of an actual contract.
Insofar as the processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6 (1)(c) GDPR serves as the legal basis.
If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the person concerned do not outweigh the first-mentioned interest, Art. 6 (1)(f) GDPR serves as the legal basis for the processing. The legitimate interest of our company lies in the conduct of our business activities.
4. Transfer of data to third parties
Within our company, only those persons and departments will receive your personal data who/which need it to fulfil our contractual and legal obligations.
We transfer data to third parties if we need their assistance to fulfil a contractual obligation.
In addition, we transfer data to third parties if there is a legal obligation to do so. This is the case when state institutions (e.g. authorities and offices) request information in writing, there is a court order or there is a legal basis for such disclosure.
Transmission to third parties can also take place within the framework of the contractual relationship with the respective dealer/sales agent worldwide.
5. Transfer of data to third countries
There is no transfer of personal data to so-called third countries outside the EU/EEA.
6. Data retention/deletion periods
We process and store your personal data as long as it is necessary for the fulfilment of our contractual obligations as well as for all other purposes mentioned under point 3 or as stipulated by the retention periods provided by the legislator.
If the data is no longer required for the fulfilment of contractual or legal obligations, it is blocked for further processing or deleted at regular intervals at in accordance with the statutory provisions.
7. Data protection rights of the data subject
If you have any questions about your personal data, you can write to us in this regard at any time.
Under the GDPR, you have the following rights:
The right to information (Art. 15 GDPR)
The right to rectification (Art. 16 GDPR)
The right to deletion (Art. 17 GDPR)
The right to restriction (Art. 18 GDPR)
The right to data portability (Art. 20 GDPR)
The right to objection (Art. 21 GDPR)
Right of appeal to the data protection regulatory authority (Art. 77 GDPR in conjunction with § 19 BDSG)
Right to withdraw consent under data protection law (Art. 7 (3) GDPR)
8. Legal or contractual provisions for the provision of personal data and possible consequences of not providing them
We hereby point out that the disclosure of personal data is required by law in certain cases (e.g. tax regulations) or can follow from a contractual provision (e.g. information on the contractual partner). For example, it may be necessary for the conclusion of a contract that the person concerned/the contractual partner must provide their personal data so that it is possible for us to process their request (e.g. order) in the first place. There is an obligation to provide personal data especially when entering into contracts. If no personal data is provided in this case, it will not be possible to enter into a contract with the data subject. Before the person concerned provides personal data, the latter can contact our data protection officer or the person responsible for processing. The data protection officer or the data controller will then inform the data subject whether the provision of the required personal data is required by law or contract or is necessary for the conclusion of a contract and whether the requests of the data subject result in an obligation to provide the personal data and what consequences a failure to provide the requested data has for the data subject.
9. Use of automated decision-making system (including profiling)
As a responsible company, we do not use automatic decision-making or profiling systems in our business relationships.
