Dear Customer, Dear Visitor,
your privacy is very important to us at EUROPART. Therefore, we have updated our privacy policy to comply with the strict requirements of the General Data Protection Regulation (GDPR), which will come into force on 25 May 2018. As you may know, the GDPR applies to all companies that collect and/or process personal data from citizens of the European Economic Area. In accordance with our long-term commitment to protect our customers' most confidential information, we have created a comprehensive GDPR information which you can access under this link. As always, you can be sure that EUROPART processes your personal data in a transparent and secure manner and in compliance with the applicable laws.
1. General
Your privacy is important to us and therefore we take the protection of your data and its confidential treatment very seriously. Your personal data will only be processed in accordance with the applicable statutory provisions of data protection law, in particular the General Data Protection Regulation (hereinafter "GDPR"). With this data protection declaration, we inform you about the processing of your personal data and about your data protection rights in the context of our business relationship.
1.1 Responsible for data processing
Responsible for the processing of your Personal Data as described below is:
EUROPART Group GmbH
Martinstr. 13
58135 Hagen, Germany
Phone: (+49) 2331/3564-0
E-mail: info@europart.net
If you have any questions or comments on data protection, please do not hesitate to contact us. You can contact our data protection officer as follows:
EUROPART Holding GmbH
Data Protection Officer
Martinstr. 13
58135 Hagen, Germany
Phone: (+49) 2331/3564-0
Datenschutz@europart.net
2 Subject of data protection
Subject of data protection are personal data. This is all information that relates to an identified or identifiable natural person (so-called data subject). This includes, for example, information such as name, postal address, e-mail address or telephone number. But also data on orders, offers, deliveries, invoice information, financial data, business correspondence, warranty claims, etc..
3. Purposes and legal bases of data processing
Below you will find an overview of the purposes and legal bases of data processing within the scope of your employment.
3.1 Initiation and execution of a contract
We process your personal data if this is necessary for the preparation and execution of a contract with you. The purposes depend on the specific contract and include in particular:
- Preparation and processing of offers
- The execution of the concluded contracts
- Support and service before, during and after the business relationship
Data processing shall be carried out on the basis of Article 6(1)(b) GDPR. You must provide the personal data required to prepare and conduct our business relationship with you. Without this information we will not be able to process your request or fulfill the contract.
The data will be deleted if it is no longer necessary for the purposes of preparation or execution of a contract and no other legal basis intervenes. If the latter is the case, we will delete the data once the other legal basis has ceased to apply.
3.2 Fulfilment of legal obligations
We process your personal data, also in order to comply with legal obligations to which we are subject. The obligations may arise, for example, from commercial, tax, money laundering, financial or criminal law. The purposes of the processing result from the respective legal obligation; as a rule, the processing serves the purpose of fulfilling state control and information obligations such as:
- Accounting based on legal requirements
- Archiving based on legal requirements.
- etc.
Data processing shall be carried out on the basis of Article 6(1)(c) GDPR. If data is collected on the basis of a legal obligation, you must provide information on personal data that is necessary for the fulfilment of the legal obligation. Without the provision we may not be able to process your request.
We delete the data after the legal obligation has lapsed, unless any other legal basis interferes. If the latter is the case, we will delete the data once the other legal basis has been removed to apply.
3.3 Protection of justified interests
However, we also process your personal data to protect the legitimate interests of us or third parties. We pursue the following interests, which are also the respective purposes:
- Ensuring technical operation
- Answering inquiries not relevant to the contract
- Credit assessments
- Guarantee of data security
- Guarantee of data availability
- Elimination of faults and malfunctions
- Prevention of criminal offences
- Business management
- Direct marketing, unless objections have been raised (paragraph 9)
- Data processing shall be carried out on the basis of Article 6(1)(f) GDPR
We delete your data if it is no longer necessary for the purposes we pursue and if no other legal basis interferes. If the latter applies, we will delete the data once the other legal basis has been removed to apply.
3.4 Consent
If you have given your consent for certain purposes, the purposes result from the respective content of this consent.
Data processing shall be carried out on the basis of Article 6(1)(a) GDPR. You can revoke your consent at any time without affecting the legality of the processing carried out on the basis of the consent until revocation.
We delete your data if it is no longer necessary for the purposes we pursue and if no other legal basis interferes. If the latter applies, we will delete the data once the other legal basis has ceased to apply.
4 Recipient of personal data
Internal receivers:
Within EUROPART Group GmbH only those persons have access who need it for the purposes mentioned under point 3. have access.
External receivers:
We will only pass on your personal data to external recipients outside EUROPART Group GmbH if this is necessary to process your request, if we have another permission or if we have your consent to do so.
External receivers can be:
a. contract processors
Group companies of EUROPART Group GmbH or external service providers that we use for the provision of services, for example in the areas of technical infrastructure and maintenance for the services offered by EUROPART Group GmbH or the provision of contract-relevant content. These contractors are carefully selected and regularly reviewed by us to ensure that your privacy is protected. The service providers may only use data for the purposes specified.
b. Public authorities
Authorities and state institutions, such as public prosecutor's offices, courts or tax authorities, to which we must transmit personal data for legally compelling reasons
c. Private bodies
Dealers, cooperation partners or auxiliary persons to whom data is transmitted on the basis of consent or a legal basis.
Deutsche Factoring Bank GmbH & Co. KG
Langenstr. 15 – 21
28063 Bremen, Germany
Phone: +49 421 32930
www.deutsche-factoring.de
Payment experience pool:
Bisnode Deutschland GmbH
Robert-Bosch-Str. 11
64293 Darmstadt, Germany
Phone: +49 6151 380 777
www.bisnode.de
5. Sources and data categories for third party collection
Our company regularly checks your creditworthiness when concluding contracts and in certain cases where there is a justified interest. For this purpose we work together with:
Creditreform Hagen Berkey & Riegel KG
Riemerschmidstr. 1-3
58093 Hagen, Germany
Phone: +49 2331 7828 0
E-mail: info@hagen.creditreform.de
from which we receive the necessary data. Further information on the Data processing at Creditreform is available at
www.creditreform-hagen.de/EU-DSGVO
We transfer personal data collected in the context of this contractual relationship about the application, the execution and termination of this business relationship[name, address, date of birth and data about non-contractual behavior (e.g. due claims or claim amount after termination) or fraudulent behavior.
The legal basis for these transfers is Art. 6 para. 1 b) and Art. 6 para. 1 f) GDPR. Transmissions on the basis of Art. 6 para. 1 f) GDPR may only take place if this is necessary to protect our legitimate interests or third parties and does not outweigh the interests or fundamental rights and freedoms of the data subject which require the protection of personal data. The above-mentioned credit agencies process the data received for the purpose of scoring in order to provide their contractual partners in the European Economic Area and in Switzerland and, where applicable, other third countries (if an adequacy decision of the European Commission exists for these) with information, inter alia, for the purpose of assessing creditworthiness. Further information on the activities of the credit agencies can be found in the information sheets of the credit agencies.
In the case of contractual offers, we carry out a credit assessment insofar as this is necessary to protect our legitimate interests or the interests of third parties and does not outweigh your interests. In order to check your creditworthiness, we transmit your personal data (names, addresses, date of birth) provided at the conclusion of the contract to the above-mentioned credit agencies and, for this purpose, obtain information about your creditworthiness from them, on which we base our decision to conclude a contract.
In order to be able to clearly determine the identity of a customer, we transmit personal data (names, addresses, date of birth) provided during the conclusion of the contract to the credit agencies and obtain information from them for this purpose. This check serves to protect against misuse of external data by unauthorized persons ("data theft"), e.g. the use of external bank data for orders by telephone or Internet. Based on the results of the creditworthiness and identity check and the scoring procedure, we decide whether and under what conditions the contract is concluded with the interested party or the customer is enabled to use the direct debit procedure. If there is a reason to reject the contract, e.g. suspicion of abuse or insufficient creditworthiness, an employee can check the assessment and the underlying indications. If you have specific indications that our decision is based on personal data that you cannot understand or is incorrect, you are welcome to explain your position, which we will take into account in a new review. You can also obtain information about your personal data and the information and scoring procedure directly from the credit agencies.
6. Automated decision making and profiling
We do not use automated decision making or profiling.
7. Storage time
Please refer to the respective chapter 3 on data proce ssing for the duration of the storage of the personal data:
We store your personal data only as long as this is necessary for the fulfilment of the purposes or - in the case of a consent - as long as you have not revoked the consent. In the event of an objection, we will delete your personal data, unless further processing is permitted by law.
Furthermore, we delete your personal data if we are legally obliged to do so.
- Delivery notes 10 years
- Offer documents without business transaction 6 years
- Business correspondence 6 years
- Documents relating to judicial/legal proceedings for 30 years
- Orders 10 Years
8. Rights of the persons concerned
You have the following rights regarding processing of your Personal Data:
d. Right of access:
You have the right to obtain from us confirmation as to whether or not Personal Data about you is being processed by us, and, where
that is the case, access to the Personal Data and further information about the processing.
e. Right to rectification:
You have the right to obtain from us rectification of inaccurate Personal Data and to have incomplete Personal Data completed.
f. Right to erasure (right to be forgotten):
Under certain circumstances, you have the right to obtain from us erasure of Personal Data. For example, you may have a right to erasure
where the Personal Data is no longer necessary in relation to the purposes for which it was collected or otherwise processed, or
if the Personal Data has been unlawfully processed.
g. Right to restriction of processing:
Under certain circumstances, you have the right to obtain from us restriction of processing of your Personal Data, meaning that we will only store
the Personal Data, process it with your consent or process it for the limited purposes allowed by the GDPR for restricted Personal Data.
For example, you may have a right to restriction of processing if you have contested the accuracy of the Personal Data.
h. Right to data portability:
You have the right to receive from us the Personal Data that you have provided to us for the performance of a contract in a common and
machine-readable format. You have the right to transmit or have transmitted, where feasible, that Personal Data to another Controller.
i. Right to object:
Under certain circumstances you may have a right to object to the processing of your Personal Data, meaning that we will only continue
to process that Personal Data on compelling legitimate grounds or in the context of legal claims. The right to object is explicitly brought
to your attention clearly and separate from any other information below at section
Contact person for questions:
If you have any questions regarding the processing of your personal data and any consents, you can contact the data protection officer:
EUROPART Holding GmbH
Data protection officer
Martinstr. 13
58135 Hagen, Germany
Phone: +49 2331 3564-0
Datenschutz@europart.net
Please make sure that we can clearly identify you.
9 Third-party offers
Services of other providers to which our business relationship refers have been and are designed and provided by third parties. We have no influence on the design, content and function of these third- party services. We expressly distance ourselves from all contents of all third-party offers. If necessary, please contact the providers of these third party offers directly.
10. Status
The latest version of this data protection declaration applies.
Status: 23.05.2018