Art. 12 GDPR Transparent Information
We are aware of the importance of the personal data that you entrust to us. We consider one of our most important tasks to be ensuring the confidentiality of your data.
In accordance with the General Data Protection Regulation (GDPR), we would like to comply with our information obligation when collecting personal data and to transparently inform you about the nature, scope and purpose of the personal data we collect and explain your rights to you.
1. Contact details of the party responsible for data processing
The party responsible according to the General Data Protection Regulation is:
Neuland GmbH & Co. KG
Am Kreuzacker 7
36124 Eichenzell / Germany
Tel.: +49 6659 88-0
Email: support-de@neuland.com
Data Protection Officer:
Stephan Hartinger
Coseco GmbH
Telephone: +49 8232 80988-70
Email: datenschutz@coseco.de
2. What sources are used to collect personal data?
We process personal data that we receive directly from our customers as part of our business relationship. In addition, we process personal data that we collect from other companies – for example, to execute orders, to fulfil contracts or on the basis of your consent. Personal data which are relevant for us may include:
Customer contact information
We process personal data that we receive directly as part of our business relationship with our customers. In addition, we process personal data that we have received from other companies, e.g. for carrying out orders or fulfilling contracts, or on the basis of consent that you provided.
Personal data relevant to us may be:
- Company
- First name
- Last name
- Street
- Postal code, town
- Telephone
In addition, it may become necessary to collect the birth date in connection with sponsored projects.
2.1 Customer contact information
As part of the business initiation phase and during the business relationship, particularly through personal, phone or written contacts initiated by you or one of our employees, other personal data arises, e.g. information about contact channel, date, occasion and result; (electronic) copies of correspondence and information about participation in direct-marketing activities.
2.2 Trade fairs/events
In connection with a trade fair/event, we collect data (salutation, title, last name, first name, company, address, postal code, town, email, possibly industry information) that we use for the purpose individually agreed upon with you.
2.3 Credit information
Credit documents, commercial: income statements, balance sheets, business analysis, type and duration of self-employment.
3. For what purposes are your data processed and on what legal basis?
We process the aforementioned personal data in conformity with the provisions of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG):
Where we process personal data for which we have obtained the consent of the data subject, Article 6(1)(a) GDPR serves as the legal basis.
Where the processing of personal data is necessary for the performance of a contract to which the data subject is party, the legal basis is Article 6(1)(b) GDPR. This also covers processing operations that are necessary in order to take steps prior to entering into a contract.
Where the processing of personal data is necessary for compliance with a legal obligation to which our company is subject, the legal basis is Article 6(1)(c) GDPR.
Where the processing of personal data is necessary for the purposes of the legitimate interests pursued by our company or by a third party, and such interests are not overridden by the interests or fundamental rights and freedoms of the data subject, the legal basis is Article 6(1)(f) GDPR. The legitimate interest of our company is the performance of our business activity.
4. Transfer of data to third parties
Within our company, your personal data are given only to persons and offices that require them in order to fulfill our contractual and legal obligations.
We transfer data to third parties if we need them in order to fulfill a contractual obligation.
In addition, we transfer data to third parties if a legal obligation to do so exists. This is the case when government agencies (e.g. law enforcement authorities) make a written request for information, when a court order is in place or when a legal basis permits the transfer.
Transfer to third parties beyond the scope of the purposes set forth in No. 3 does not take place.
5. Transfer of data to third countries
Personal data are not transferred to third countries outside of the EU/EEA.
6. Data storage period/erasure deadlines
We process and store your personal data for as long as is necessary for the fulfillment of our contractual obligations and for all other purposes listed under No. 3 or as envisaged in the retention periods specified by the legislators.
If the data are no longer required for fulfilling contractual or legal obligations, they are routinely blocked or erased for further processing in accordance with statutory requirements.
7. Data protection rights of the data subject
If you have questions about your personal data, you can contact us in writing at any time.
Under the GDPR, you have the following rights:
- Right to obtain information (Article 15 GDPR)
- Right to rectification (Article 16 GDPR)
- Right to erasure (Article 17 GDPR)
- Right to restriction of processing (Article 18 GDPR)
- Right to data portability (Article 20 GDPR)
- Right to object (Article 21 GDPR)
- Right to lodge a complaint with a supervisory authority (Article 77 GDPR in conjunction with Section 19 of the German Federal Data Protection Act [BDSG])
- Right to withdraw consent to data processing (Article 7(3) GDPR)
8. Statutory or contractual requirements concerning the provision of personal data and possible consequences of failure to provide them
Please be aware that the provision of personal data is required by statute in certain cases (e.g. tax laws) or may result from contractual arrangements (e.g. details about or from the contracting partner). For instance, in order to conclude a contract, it may be necessary for the data subject/contracting partner to provide their personal data so that we can handle their concern (e.g. order). Personal data are required to be provided particularly when contracts are concluded. If personal data are not provided in this case, the contract cannot be concluded with the data subject. Prior to providing personal data, the data subject can contact our data protection officer or the controller in charge of processing. The data protection officer or the controller in charge of processing will then explain to the data subject about whether the provision of the needed personal data is mandated by statute or contract or is required for contract conclusion and whether the concern of the data subject gives rise to an obligation to provide personal data and the consequences for the data subject when not providing the requested data.
9. Statutory existence of automated decision-making (including profiling)
As a responsible company, we do not engage in automated decision-making or profiling in our business relationships.
Last updated: October 2021