Data Privacy


PRIVACY POLICY FOR OUR CUSTOMERS

Our handling of your data and your rights

– Information pursuant to Articles 13, 14 and 21 of the General Data Protection Regulation (GDPR/DSGVO) –

Dear Customer,
Below we inform you about the processing of your personal data by us and the claims and rights to which you are entitled according to the data protection regulations.

Which data is processed in detail and how it is used depends largely on the requested or agreed services.

1. Who is responsible for data processing and whom can I contact?

The responsible body is:
Robbe & Berking Silbermanufaktur seit 1874 GmbH & Co. KG
Zur Bleiche 47
24941 Flensburg
Phone: +49 (0)461 90306-0
E-mail address: info@robbeberking.de

You can reach the data protection officer at:
Phone: +49 (0)4841 8968-20
E-mail: info@datensicherheit-nord.de

2. What sources and data do we use?
We process personal data that we receive from you in the course of our business relationship. In addition, we process – insofar as necessary for the provision of our services – personal data that we have received from other companies (e.g. SCHUFA, Creditreform) or authorities in a permissible manner (e.g. for the execution of orders, for the fulfilment of contracts or on the basis of consent given by you). We also process personal data that we have permissibly obtained from publicly accessible sources (e.g. debtors' registers, land registers, commercial and association registers, press, media) and are allowed to process.

Relevant personal data are personal details (name, address and other contact details, date and place of birth and nationality) and identification data (e.g. ID card data). In addition, this may also include order data (e.g. payment order, purchase contract, service contract), data from the fulfilment of our contractual obligations (e.g. turnover data in goods transactions, credit line, product data, information about your financial situation (e.g. creditworthiness data, scoring/rating data, data from credit agencies), advertising and sales data (including advertising scores), documentation data (e.g. advice protocol), register data, data about your use of the telemedia we offer (e.g. time of calling up our websites,apps or newsletters, pages clicked on by us or entries) as well as other data comparable with the categories mentioned.

3. What do we process your data for (purpose of processing) and on what legal basis?
We process personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG):

3.1. For the fulfilment of contractual obligations (Article 6(1)(b) GDPR/DSGVO)
The processing of personal data (Article 4(2) GDPR/DSGVO) is carried out for the provision and mediation of services or goods transactions, printing orders, lettering, trade fair equipment and, in particular, for the performance of our contracts with you and the execution of your orders, as well as all activities necessary with the operation and administration of our company.
The purposes of the data processing primarily depend on the specific contract/product and may include, among other things, needs analyses, advice, contract administration and support as well as the commissioning of third parties to fulfil the contract or based on your request. Further details on the purpose of data processing can be found in the respective contract documents and terms and conditions.

3.2. Within the framework of the balancing of interests (Article 6(1)(f) GDPR/DSGVO)
Where necessary, we process your data beyond the actual performance of the contract to protect the legitimate interests of us or third parties, such as in the following cases:

  • Measures for business management and further development of services and products
  • Testing and optimisation of procedures for direct customer contact
  • Advertising or market and opinion research, insofar as you have not objected to the use of your data
  • Ensuring the IT security and operation of the company
  • Assertion of legal claims and defence in legal disputes
  • Prevention and investigation of criminal offences
  • Video surveillance is used to collect evidence of criminal offences. They thus serve to protect customers and employees as well as to exercise domiciliary rights
  • Measures for building and facility security (e.g. access controls)
  • Measures to ensure the right of domicile
  • Consultation of and data exchange with credit agencies (e.g. SCHUFA, Creditreform) to determine creditworthiness or default risks

3.3. Based on your consent (Article 6(1)(a) GDPR/DSGVO)
Insofar as you have given us consent to process personal data for certain purposes (e.g. passing on data to other companies), the lawfulness of this processing is based on your consent. Consent given can be revoked at any time. This also applies to the revocation of declarations of consent given to us prior to the application of the GDPR/DSGVO, i.e. prior to 25 May 2018. Please note that the revocation is only effective for the future. Processing that took place before the revocation is not affected by this.

3.4. Due to legal requirements (Article 6(1)(c) GDPR/DSGVO) or in the public interest (Article 6(1)(e) GDPR/DSGVO)
In addition, as a company we are subject to various legal obligations, i.e. statutory requirements (e.g. tax laws). The purposes of the processing include, among others, the fulfilment of control and reporting obligations under tax law, but also reports to other authorities resulting from the nature and content of the contract between us.

4. Who gets my data?
Within the company, access to your data is granted to those departments that need it to fulfil our contractual and legal obligations. Processors used by us (Article 28 GDPR/DSGVO) may also receive data for these purposes. These can be companies in particular from the categories of accounting services, IT services, crafts, insurance, logistics, printing services, telecommunications, debt collection, advice and consulting as well as sales and marketing.

We may only pass on information about you if this is required by law, you have consented or we are authorised to provide information. Under these conditions, recipients of personal data may be, for example:

  • Public bodies and institutions (e.g. tax authorities) in the event of a legal or official obligation.
  • Other companies or comparable institutions to which we transfer personal data in order to carry out the business relationship with you (depending on the contract: e.g. companies of our suppliers, service providers and credit agencies).
  • Further data recipients may be those bodies for which you have given us your consent to transfer data.


5. How long will my data be stored for?
Insofar as necessary, we process and store your personal data for the duration of our business relationship, which also includes, for example, the initiation and execution of a contract.

In addition, we are subject to various storage and documentation obligations resulting from the German Commercial Code (HGB), the German Fiscal Code (AO) and tax law, among others. The time limits for storage and documentation specified there are two to ten years.

Finally, the storage period is also assessed according to the statutory limitation periods, which, for example, according to Sections 195 et seq. of the German Civil Code (BGB), are usually three years, but in certain cases can be up to thirty years.

6. Is data transferred to a third country or to an international organisation?
Data is only transferred to third countries (countries outside the European Economic Area – EEA) if this is necessary to execute your orders (e.g. payment orders, purchase orders, etc.), is required by law or you have given us your consent. The transfer will only take place if the third country has been confirmed by the EU Commission to have an adequate level of data protection or if other adequate data protection guarantees (e.g. binding internal company data protection regulations or EU standard contractual clauses) are in place. We will inform you separately about the details, if required by law.

7. Is there an obligation to provide data?
Within the scope of our business relationship, you only have to provide the personal data that is required for the establishment, implementation and termination of a business relationship or that we are legally obliged to collect. Without this data, we will usually have to refuse to conclude the contract or carry out the order, or we will no longer be able to carry out an existing contract and may have to terminate it.

8. To what extent is there automated decision-making in individual cases?
As a matter of principle, we do not use fully automated decision-making pursuant to Article 22 GDPR/DSGVO to establish and implement the business relationship. Should we use these procedures in individual cases, we will inform you of this separately, insofar as this is required by law.

9. To what extent will my data be used for profiling (scoring)?
We sometimes process your data automatically with the aim of evaluating certain personal aspects (profiling). We use profiling in the following cases, for example:

  • In order to be able to inform and advise you about products in a targeted manner, we use evaluation tools. These enable needs-based communication and advertising, including market and opinion research.
  • As part of the assessment of your creditworthiness, we use scoring (e.g. Schufa score). This calculates the probability that a customer will meet his payment obligations in accordance with the contract. The calculation may take into account, for example, income, expenses, existing liabilities, occupation, employer, length of employment, experience from the previous business relationship, repayment of previous loans in accordance with the contract and information from credit agencies. The scoring is based on a mathematically-statistically recognised and proven procedure. The calculated score values support us in decision-making in the context of product transactions and are included in ongoing risk management.


10. What rights do you have?
As a customer of ours, you have the following data protection rights according to Art. 15-22, 34 GDPR/DSGVO, depending on the situation in the individual case, which you can exercise at any time by contacting us or our data protection officer at the data stated in Article 1:

  • Information about the stored data and its processing (Art. 15 GDPR/DSGVO).
  • Correction of inaccurate personal data (Art. 16 GDPR/DSGVO).
  • Deletion of stored data (Art. 17 GDPR/DSGVO). The right to deletion is restricted insofar as the processing is necessary: o For compliance with a legal obligation which requires processing under European Union or Member State law to which we are subject. o For the assertion, exercise or defence of legal claims.
  • Restriction of data processing if data may not yet be deleted due to legal obligations (Art. 18 GDPR/DSGVO).
  • OBJECTION to the processing of the data (Art. 21 GDPR/DSGVO) and
  • Data portability, provided that the data processing has been consented to or a contract has been concluded (Art. 20 GDPR/DSGVO).
  • Consents to processing that have been given may be revoked at any time with effect for the future.
  • Right of appeal to a data protection supervisory authority (Article 77 GDPR/DSGVO in conjunction with Section 19 BDSG).


The supervisory authority in Schleswig-Holstein is
Unabhängiges Landeszentrum für Datenschutz (ULD)
Holstenstraße 98
24103 Kiel
Phone: +49 (0)431 988 1200
Fax: +49 (0)431 988 1223
mail@datenschutzzentrum.de
www.datenschutzzentrum.de

You can also contact our data protection officer.
 

Information about your right to object

In accordance with Article 21 of the General Data Protection Regulation (GDPR/DSGVO)

1. You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Article 6(1)(e) GDPR/DSGVO (data processing in the public interest) and Article 6(1)(f) GDPR/DSGVO (data processing on the basis of a balance of interests); this also applies to profiling based on this provision within the meaning of Article 4(4) GDPR/DSGVO which we use for credit assessment or advertising purposes.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

2. In individual cases, we process your personal data in order to carry out direct advertising. You have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising.

If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes.

The objection can be made without formalities and should preferably be addressed to:
Robbe & Berking Silbermanufaktur seit 1874 GmbH & Co. KG
Zur Bleiche 47
24941 Flensburg


Download as PDF