of your daily business.
Our contribution to your safety
Our handling of your data and your rights
Information under Articles 13, 14 and 21 of the Basic Regulation on data protection (DSGVO)
Dear business partner,
the protection of your data is very important to us. In the following we inform you about the processing of your personal data by us and the claims and rights to which you are entitled according to the data protection regulations.
Which data is processed in detail and in which way it is used depends largely on the services requested or agreed upon.
1. Who is responsible for data processing and who can I contact?
Horn & Bauer GmbH & Co. KG
Industrial area Treysa-North
e-mail address: info(at)horn-bauer.com
You can reach our company data protection officer at the e-mail address: dataprivacy(at)horn-bauer.com.
2. Which sources and data do we use?
We process personal data that we receive from you in the course of our business relationship. On the other hand, we process personal data which we have obtained and are permitted to process from publicly accessible sources such as the press, media, trade fairs, conferences, market companions and sales organisations.
The following personal data is collected and processed:
Name, first name, title, address, telephone numbers, e-mail address, IP address of the computer, fax number, industry sector and other data comparable to the categories mentioned.
3. What do we process your data for (purpose of processing) and on what legal basis?
We process personal data in accordance with the provisions of the European Data Protection Basic Regulation (DSGVO) and the Federal Data Protection Act (BDSG):
3.1 For the fulfilment of contractual obligations (Article 6 para. 1b DSGVO)
The processing of personal data (Article 4 No. 2 DSGVO) is carried out in particular for the purpose of fulfilling enquiries and implementing our contracts or pre-contractual measures with you, as well as all activities necessary for the operation and administration of the company.
The purposes of data processing are primarily based on the specific product (e.g. films and merchandise) and may include, among other things, needs analyses, consulting and support, and the execution of transactions.
Further details regarding the purpose of data processing can be found in the respective contract documents and terms and conditions.
3.2 Within the scope of the balancing of interests (Article 6 Paragraph 1f DSGVO)
As far as necessary, we process your data beyond the actual fulfilment of the contract in order to protect legitimate interests of us or third parties, such as in the following cases:
- Consultation of and data exchange with credit agencies (e.g. SCHUFA) to determine credit or default risks
- Examination and optimization of procedures for demand analysis and direct customer approach;
- advertising or market and opinion research, provided that you have not objected to the use of your data;
- Assertion of legal claims and defence in the event of legal disputes;
- Ensuring the IT security and IT operation of the company;
- Prevention and clarification of criminal offences;
- Video surveillance serves to collect evidence in the event of criminal offences. They thus serve to protect business partners and employees.
- Measures for building and plant safety (e.g. access controls);
- Measures to ensure the right to the premises;
- Measures for business management and further development of services and products.
3.3 Based on your consent (Article 6 para. 1a DSGVO)
If you have given us your consent to process personal data for specific purposes (e.g. sending newsletters, product information, company information and trade fair invitations), the legality of this processing is based on your consent. A given consent can be revoked at any time. Please note that the revocation is only effective for the future. Processing that took place before the revocation is not affected.
3.4 Due to legal requirements (Article 6 para. 1c DSGVO) or in the public interest (Article 6 para. 1e DSGVO)
In addition, as a company we are subject to various legal obligations, i.e. legal requirements, e.g. tax and commercial law, tax code, Union customs code or requirements for AOE certification. The purposes of processing include, among other things, checking your VAT or turnover tax number, EORI number, monthly Intrastat filing with the tax office, the fulfilment of fiscal control and reporting obligations as well as the assessment and management of risks.
4. Who gets my data?
Within our company, access to your data is granted to those entities that need it to fulfil our contractual and legal obligations. Processors commissioned by us (Article 28 DSGVO) may also receive data for the aforementioned purposes. These are companies in the categories: IT services, logistics, printing services, customs services, telecommunications, debt collection, consultancy and advisory services, and sales and marketing.
Other data recipients may be those entities for which you have given us your consent to the transfer of data or for which a legal obligation exists.
5. How long will my data be stored?
As far as necessary, we process and store your personal data for the duration of our business relationship, which also includes, for example, the initiation and execution of a contract.
In addition, we are subject to various storage and documentation obligations, which result from the German Commercial Code (HGB) or the German Civil Code (BGB), among others. The periods of retention or documentation stipulated there range from two to ten years.
Finally, the storage period is also assessed according to the statutory periods of limitation, which, for example, according to §§ 195 ff. of the German Civil Code (BGB), can generally be three years, but in certain cases up to thirty years.
6. Is data transferred to a third country or to an international organisation?
Data will only be transferred to third countries (countries outside the European Economic Area - EEA) if this is necessary to execute your orders (e.g. payment and securities orders), if it is required by law or if you have given us your consent. We will inform you separately about details, if required by law.
7. What data protection rights do I have?
Every data subject has the right of access under Article 15 DSGVO, the right of rectification under Article 16 DSGVO, the right of deletion under Article 17 DSGVO, the right to restrict processing under Article 18 DSGVO and the right to data transferability under Article 20 DSGVO. With regard to the right of information and the right of deletion, the restrictions under Articles 34 and 35 BDSG apply. In addition, there is a right of appeal to a data protection supervisory authority (Article 77 DSGVO in conjunction with Article 19 BDSG).
8. Is there an obligation to provide data?
Within the scope of our business relationship, you only have to provide personal data that is necessary for the establishment, execution and termination of a business relationship or that we are legally obliged to collect. Without this data, we will usually have to refuse to conclude the contract or execute the order, or we will no longer be able to execute an existing contract and may have to terminate it.
9. To what extent is there automated decision-making in individual cases?
As a matter of principle, we do not use any fully automated decision making in accordance with Article 22 DSGVO to establish and execute the business relationship. Should we use these procedures in individual cases, we will inform you of this separately if this is required by law.
10. To what extent will my data be used for profiling (scoring)?
We process some of your data automatically with the aim of evaluating certain personal aspects (profiling). We use profiling for example in the following cases:
Is profiling used?
• e.g. to be able to inform and advise you about products in a targeted manner, we use evaluation tools. These enable communication and advertising to be tailored to your needs, including market and opinion research.
• We use scoring to assess your creditworthiness. This involves calculating the probability with which a customer will meet his payment obligations in accordance with the contract. The calculation may include, for example, income, expenses, existing liabilities, occupation, employer, length of employment, experience from the previous business relationship, contractual repayment of previous loans and information from credit agencies. The scoring is based on a mathematically-statistically recognised and proven procedure. The calculated score values support us in the decision-making process in the context of product deals and are included in the ongoing risk management.
Information about your right of objection
according to Article 21 of the Basic Regulation on data protection (DSGVO)
1. You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data relating to you which is carried out on the basis of Article 6 paragraph 1e DSGVO (data processing in the public interest) and Article 6 paragraph 1f DSGVO (data processing based on a balancing of interests); this also applies to profiling within the meaning of Article 4 No. 4 DSGVO based on this provision, which we use for credit rating or for advertising purposes.
If you lodge an objection, we will no longer process your personal data unless we can prove compelling reasons for processing that are worthy of protection and outweigh your interests, rights and freedoms, or unless the processing serves to assert, exercise or defend legal claims.
2. In individual cases, we process your personal data for the purpose of direct marketing. You have the right to object at any time to the processing of personal data concerning you for the purpose of such direct marketing, including profiling, insofar as it is related to such direct marketing.
If you object to processing for the purposes of direct marketing, we will no longer process your personal data for those purposes.
The objection can be made without any formality and should be addressed if possible to:
Horn & Bauer GmbH & Co. KG