Data Privacy


PRIVACY POLICY FOR OUR CUSTOMERS

Our handling of your data and your rights

– Information pursuant to Articles 13, 14 and 21 of the General Data Protection Regulation (GDPR/DSGVO) –

Dear Customer,
Below we inform you about the processing of your personal data by us and the claims and rights to which you are entitled according to the data protection regulations.

Which data is processed in detail and how it is used depends largely on the requested or agreed services.

1. Who is responsible for data processing and whom can I contact?

The responsible body is:
Robbe & Berking Silbermanufaktur seit 1874 GmbH & Co. KG
Zur Bleiche 47
24941 Flensburg
Phone: +49 (0)461 90306-0
E-mail address: info@robbeberking.de

You can reach the data protection officer at:
Phone: +49 (0)4841 8968-20
E-mail: info@datensicherheit-nord.de

2. What sources and data do we use?
We process personal data that we receive from you in the course of our business relationship. In addition, we process – insofar as necessary for the provision of our services – personal data that we have received from other companies (e.g. SCHUFA, Creditreform) or authorities in a permissible manner (e.g. for the execution of orders, for the fulfilment of contracts or on the basis of consent given by you). We also process personal data that we have permissibly obtained from publicly accessible sources (e.g. debtors' registers, land registers, commercial and association registers, press, media) and are allowed to process.

Relevant personal data are personal details (name, address and other contact details, date and place of birth and nationality) and identification data (e.g. ID card data). In addition, this may also include order data (e.g. payment order, purchase contract, service contract), data from the fulfilment of our contractual obligations (e.g. turnover data in goods transactions, credit line, product data, information about your financial situation (e.g. creditworthiness data, scoring/rating data, data from credit agencies), advertising and sales data (including advertising scores), documentation data (e.g. advice protocol), register data, data about your use of the telemedia we offer (e.g. time of calling up our websites,apps or newsletters, pages clicked on by us or entries) as well as other data comparable with the categories mentioned.

3. What do we process your data for (purpose of processing) and on what legal basis?
We process personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG):

3.1. For the fulfilment of contractual obligations (Article 6(1)(b) GDPR/DSGVO)
The processing of personal data (Article 4(2) GDPR/DSGVO) is carried out for the provision and mediation of services or goods transactions, printing orders, lettering, trade fair equipment and, in particular, for the performance of our contracts with you and the execution of your orders, as well as all activities necessary with the operation and administration of our company.
The purposes of the data processing primarily depend on the specific contract/product and may include, among other things, needs analyses, advice, contract administration and support as well as the commissioning of third parties to fulfil the contract or based on your request. Further details on the purpose of data processing can be found in the respective contract documents and terms and conditions.

3.2. Within the framework of the balancing of interests (Article 6(1)(f) GDPR/DSGVO)
Where necessary, we process your data beyond the actual performance of the contract to protect the legitimate interests of us or third parties, such as in the following cases:

  • Measures for business management and further development of services and products
  • Testing and optimisation of procedures for direct customer contact
  • Advertising or market and opinion research, insofar as you have not objected to the use of your data
  • Ensuring the IT security and operation of the company
  • Assertion of legal claims and defence in legal disputes
  • Prevention and investigation of criminal offences
  • Video surveillance is used to collect evidence of criminal offences. They thus serve to protect customers and employees as well as to exercise domiciliary rights
  • Measures for building and facility security (e.g. access controls)
  • Measures to ensure the right of domicile
  • Consultation of and data exchange with credit agencies (e.g. SCHUFA, Creditreform) to determine creditworthiness or default risks

3.3. Based on your consent (Article 6(1)(a) GDPR/DSGVO)
Insofar as you have given us consent to process personal data for certain purposes (e.g. passing on data to other companies), the lawfulness of this processing is based on your consent. Consent given can be revoked at any time. This also applies to the revocation of declarations of consent given to us prior to the application of the GDPR/DSGVO, i.e. prior to 25 May 2018. Please note that the revocation is only effective for the future. Processing that took place before the revocation is not affected by this.

3.4. Due to legal requirements (Article 6(1)(c) GDPR/DSGVO) or in the public interest (Article 6(1)(e) GDPR/DSGVO)
In addition, as a company we are subject to various legal obligations, i.e. statutory requirements (e.g. tax laws). The purposes of the processing include, among others, the fulfilment of control and reporting obligations under tax law, but also reports to other authorities resulting from the nature and content of the contract between us.

4. Who gets my data?
Within the company, access to your data is granted to those departments that need it to fulfil our contractual and legal obligations. Processors used by us (Article 28 GDPR/DSGVO) may also receive data for these purposes. These can be companies in particular from the categories of accounting services, IT services, crafts, insurance, logistics, printing services, telecommunications, debt collection, advice and consulting as well as sales and marketing.

We may only pass on information about you if this is required by law, you have consented or we are authorised to provide information. Under these conditions, recipients of personal data may be, for example:

  • Public bodies and institutions (e.g. tax authorities) in the event of a legal or official obligation.
  • Other companies or comparable institutions to which we transfer personal data in order to carry out the business relationship with you (depending on the contract: e.g. companies of our suppliers, service providers and credit agencies).
  • Further data recipients may be those bodies for which you have given us your consent to transfer data.


5. How long will my data be stored for?
Insofar as necessary, we process and store your personal data for the duration of our business relationship, which also includes, for example, the initiation and execution of a contract.

In addition, we are subject to various storage and documentation obligations resulting from the German Commercial Code (HGB), the German Fiscal Code (AO) and tax law, among others. The time limits for storage and documentation specified there are two to ten years.

Finally, the storage period is also assessed according to the statutory limitation periods, which, for example, according to Sections 195 et seq. of the German Civil Code (BGB), are usually three years, but in certain cases can be up to thirty years.

6. Is data transferred to a third country or to an international organisation?
Data is only transferred to third countries (countries outside the European Economic Area – EEA) if this is necessary to execute your orders (e.g. payment orders, purchase orders, etc.), is required by law or you have given us your consent. The transfer will only take place if the third country has been confirmed by the EU Commission to have an adequate level of data protection or if other adequate data protection guarantees (e.g. binding internal company data protection regulations or EU standard contractual clauses) are in place. We will inform you separately about the details, if required by law.

7. Is there an obligation to provide data?
Within the scope of our business relationship, you only have to provide the personal data that is required for the establishment, implementation and termination of a business relationship or that we are legally obliged to collect. Without this data, we will usually have to refuse to conclude the contract or carry out the order, or we will no longer be able to carry out an existing contract and may have to terminate it.

8. To what extent is there automated decision-making in individual cases?
As a matter of principle, we do not use fully automated decision-making pursuant to Article 22 GDPR/DSGVO to establish and implement the business relationship. Should we use these procedures in individual cases, we will inform you of this separately, insofar as this is required by law.

9. To what extent will my data be used for profiling (scoring)?
We sometimes process your data automatically with the aim of evaluating certain personal aspects (profiling). We use profiling in the following cases, for example:

  • In order to be able to inform and advise you about products in a targeted manner, we use evaluation tools. These enable needs-based communication and advertising, including market and opinion research.
  • As part of the assessment of your creditworthiness, we use scoring (e.g. Schufa score). This calculates the probability that a customer will meet his payment obligations in accordance with the contract. The calculation may take into account, for example, income, expenses, existing liabilities, occupation, employer, length of employment, experience from the previous business relationship, repayment of previous loans in accordance with the contract and information from credit agencies. The scoring is based on a mathematically-statistically recognised and proven procedure. The calculated score values support us in decision-making in the context of product transactions and are included in ongoing risk management.


10. What rights do you have?
As a customer of ours, you have the following data protection rights according to Art. 15-22, 34 GDPR/DSGVO, depending on the situation in the individual case, which you can exercise at any time by contacting us or our data protection officer at the data stated in Article 1:

  • Information about the stored data and its processing (Art. 15 GDPR/DSGVO).
  • Correction of inaccurate personal data (Art. 16 GDPR/DSGVO).
  • Deletion of stored data (Art. 17 GDPR/DSGVO). The right to deletion is restricted insofar as the processing is necessary: o For compliance with a legal obligation which requires processing under European Union or Member State law to which we are subject. o For the assertion, exercise or defence of legal claims.
  • Restriction of data processing if data may not yet be deleted due to legal obligations (Art. 18 GDPR/DSGVO).
  • OBJECTION to the processing of the data (Art. 21 GDPR/DSGVO) and
  • Data portability, provided that the data processing has been consented to or a contract has been concluded (Art. 20 GDPR/DSGVO).
  • Consents to processing that have been given may be revoked at any time with effect for the future.
  • Right of appeal to a data protection supervisory authority (Article 77 GDPR/DSGVO in conjunction with Section 19 BDSG).


The supervisory authority in Schleswig-Holstein is
Unabhängiges Landeszentrum für Datenschutz (ULD)
Holstenstraße 98
24103 Kiel
Phone: +49 (0)431 988 1200
Fax: +49 (0)431 988 1223
mail@datenschutzzentrum.de
www.datenschutzzentrum.de

You can also contact our data protection officer.
 

Information about your right to object

In accordance with Article 21 of the General Data Protection Regulation (GDPR/DSGVO)

1. You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Article 6(1)(e) GDPR/DSGVO (data processing in the public interest) and Article 6(1)(f) GDPR/DSGVO (data processing on the basis of a balance of interests); this also applies to profiling based on this provision within the meaning of Article 4(4) GDPR/DSGVO which we use for credit assessment or advertising purposes.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

2. In individual cases, we process your personal data in order to carry out direct advertising. You have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising.

If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes.

The objection can be made without formalities and should preferably be addressed to:
Robbe & Berking Silbermanufaktur seit 1874 GmbH & Co. KG
Zur Bleiche 47
24941 Flensburg

11. Newsletter
If you want to subscribe to the newsletter offered on the website, we need your email address and information to verify that you are the owner of the provided email address and agree to receive the newsletter. No further data will be collected, or only voluntarily. We use Mailchimp to manage the newsletter.

Mailchimp
This website uses the services of Mailchimp for sending newsletters. The provider is Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA. Mailchimp is a service that allows the organization and analysis of newsletter delivery, among other things. If you enter data to subscribe to the newsletter (e.g., email address), this data will be stored on Mailchimp's servers in the USA.

With the help of Mailchimp, we can analyze our newsletter campaigns. When you open an email sent through Mailchimp, a file contained in the email (called a web beacon) connects to Mailchimp's servers in the USA. This allows us to determine whether a newsletter message has been opened and which links have been clicked. Additionally, technical information such as the time of access, IP address, browser type, and operating system is collected. These pieces of information cannot be attributed to the respective newsletter recipient. They are solely used for the statistical analysis of newsletter campaigns. The results of these analyses can be used better to tailor future newsletters to the recipients' interests.

 If you do not want analysis by Mailchimp, you must unsubscribe from the newsletter. We provide a corresponding link in each newsletter message for this purpose.

Data processing is based on your consent (Art. 6 (1) (a) of the General Data Protection Regulation). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of data processing operations that have already occurred remains unaffected by the revocation.

The data you provide us to subscribe to the newsletter will be stored by the newsletter service provider or us until you unsubscribe from the newsletter, and they will be deleted from the newsletter distribution list after unsubscribing. This does not affect data that we have stored for other purposes.

Data transfer to the USA is based on the standard contractual clauses of the European Commission. Details can be found here: https://mailchimp.com/eu-us-data-transfer-statement/and https://mailchimp.com/legal/data-processing-addendum/#Annex_C_-_Standard_Contractual_Clauses
After you unsubscribe from the newsletter distribution list, we may store your email address or the newsletter service provider in a blacklist, if necessary, to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with legal requirements for newsletter delivery (legitimate interest within the meaning of Art. 6(1) (f) of the General Data Protection Regulation). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interests. For more information, please refer to Mailchimp's privacy policy at https://mailchimp.com/legal/terms/.

 12. Competitions

From time to time, Robbe & Berking organizes competitions where participation is possible voluntarily. Participation in the competition and the associated consent to receive our newsletters is voluntary and can be revoked at any time. We inform you about the purposes of processing your data in connection with the competition we have organized and about additional goals, particularly regarding sending newsletters.

1. Data processing in the competition: In the context of the competition, personal data is collected, processed, and used to ensure that the competition runs smoothly, including managing participants, notifying winners, and sending prizes.

2. Data processing for the newsletter: Participation in the competition requires a subscription to our newsletter. The Personal Data is processed to send information, promotional materials, offers, and other content related to our products, services, or company. Consent to receive the newsletter can be revoked anytime by clicking on the unsubscribe link in each email or by contacting us.

3. Processing and disclosing data: We treat personal data confidentially and take appropriate security measures to ensure integrity and security. In cases where it is necessary to fulfil the purposes mentioned, we can pass on data to third parties. This includes service providers such as shipping service providers for the delivery of prizes or marketing platforms for sending newsletters. If your data is passed on to third parties, we ensure they take appropriate data protection measures and only use your data by our instructions. Read more above at point 11. Newsletter.

Download as PDF