Responsible provider due to § 5 TMG
MENTOR GmbH & Co. Präzisions-Bauteile KG
Handelsregister Amtsgericht Wuppertal, HRA 18913
Ust.-IdNr. according to § 27 a Umsatzsteuergesetz Ust-IDNr. DE 121648770
Content of the Website
The respective author of the website is responsible for the content of the websites of MENTOR GmbH & Co Präzisions-Bauteile KG. Should contents violate applicable legal regulations, please inform us immediately. We will then remove the page or the respective content as soon as possible. These regulations correspond analogously to § 7 of the TMG (Telemediengesetz).
Links to external Websites
The websites of MENTOR GmbH & Co. Präzisions-Bauteile KG contain references (links) to information on servers that are not subject to the control and responsibility of MENTOR GmbH & Co. MENTOR GmbH & Co. Präzisions-Bauteile KG does not take any responsibility or guarantee for this information and does not approve or support it in terms of content. These regulations correspond to § 8 of the TMG (Telemediengesetz).
We are strongly committed to protecting your privacy and handling your data carefully. Our Privacy Notice provides information on how we use your personal data and what your rights are in this regard. It contains detailed information about the data we process, the purpose behind this data processing, the legal basis on which we process data and for how long we store the data.
In principle, we collect, store and use personal data only to keep you informed about our work, to provide the services we offer and to ensure the functionality and user-friendliness of our website. The data processed, and the processing method and scope, are determined according to the respective purpose and the underlying legal relationship. Specifically, we process your data in the cases listed in this Privacy Notice. We process personal data in agreement with the applicable statutory provisions and, in particular, the European General Data Protection Regulation (Regulation (EU) 2016/679, hereinafter referred to as GDPR). We only share your personal data with third parties if there is a legal basis to do so.
“Personal data” (hereinafter in part also referred to simply as “data”) is all information that relates to a known or identifiable person; it therefore means all information that can be attributed to you as a person. This applies, for example, to your name, address, exact location or IP address.
“Processing” is any process associated with personal data; the main examples are the collection, storage and use of your data.
The provider of this website and the responsible body (“controller”) within the meaning of the GDPR and other statutory provisions is:
MENTOR GmbH & Co. Präzisions-Bauteile KG
Phone: 0211- 20002-0
Data Protection Officer
Data Protection Officer required by law
We have appointed a data protection officer for our company.
Boris Nicolaj Willm
Monschauer Straße 12
Tel: +49 (0) 211 695289 92
Scope and legal bases for processing personal data
We are only permitted to process the personal data of our users and customers if there is a legal basis to do so, and data processing therefore only occurs if this is the case. Below, we provide detailed information on why we are permitted to process your personal data, making reference to the following legal bases:
Provided that we obtain your consent to process your personal data, Article 6(1)(a) GDPR shall serve as the legal basis.
For processing of personal data which is required for fulfilment of an agreement to which you are a contracting party, Article 6(1)(b) GDPR shall serve as the legal basis. This also applies to the performance of pre-contractual measures.
To the extent that processing of personal data is required to fulfil a legal obligation to which our company is subject, Article 6(1)(c) GDPR shall serve as the legal basis.
If processing is required to protect a legitimate interest of our company or of a third party and if your interests, basic rights and basic freedoms do not outweigh the afore-mentioned interest, Article 6(1)(f) GDPR shall serve as the legal basis for processing.
The legal bases for collection and use of your personal data are discussed in detail below.
Your rights in connection with your personal data
At your request, you can obtain information at any time, free of charge and within a maximum of one month, regarding the personal data we store about you, its origin, recipients, storage period, the purpose of data processing and the existence of a right to lodge a complaint (Article 15 GDPR).
You have the right to have your personal data corrected if it is incorrect or incomplete (Article 16 GDPR).
Under certain circumstances, you can also demand erasure of your personal data (Article 17 GDPR) or restriction of processing (Article 18 GDPR). This is possible, amongst other things, if your personal data no longer needs to be processed for the purposes for which it was collected, or if you revoke your consent and there is no other legal basis for processing of the data.
These rights do not exist if we are required to process the data in order to fulfil a legal obligation or to assert, exercise or defend legal claims.
If you assert your right to correction, restriction or erasure, we will, where possible, notify all recipients of your personal data.
You have the right to receive the personal data we store about you in a current, machine-readable format and to send this data to another controller or have it sent by us, if processing is based on consent or is required for performance of a contract and processing is carried out using automated methods.
You have the right to revoke privacy consent that you have given at any time. However, this revocation will not affect the legality of processing up to this time or processing based on other legal principles.
In accordance with Article 21 GDPR, you can also object to the processing of your personal data if this is carried out based on Article 6(1)(f) GDPR, i.e. based on our legitimate interests or the legitimate interests of third parties. In this case, we will only continue to process your data to the extent that our compelling legitimate interests outweigh your interests.
You have the right to complain to a data protection supervisory authority. To do this, you can also contact the supervisory authority of your usual place of residence or place of work.
All rights listed here can be asserted by notifying us of this at the address specified at the beginning of this Privacy Notice.
Data erasure and storage period
The personal data relating to the person concerned will be deleted or blocked as soon as the storage purpose has expired. Data will only be stored beyond this time if the controller is legally obligated to do so. Data will also be blocked or deleted if a retention period prescribed by the specified standards elapses, unless there is a requirement for further storage of the data for the purpose of contractual completion or performance of a contract.
Provision of the website/log files
- a) Provider/web host:
We use the services of a Provider for the provision of our website. In particular, the Provider provides us with the necessary storage space and technical infrastructure for the secure operation of this website. On our behalf, the Provider stores most of the data specified in this Privacy Notice, in order to make this data available to us for the respective specified purposes. The Provider’s compliance with the statutory data protection regulations is also contractually guaranteed.
- b) Server log files:
When you visit our website, your browser automatically sends information to our system. Our web host, who processes data on our behalf (“data processor”), collects and stores the following data as server log files:
- The user’s IP address
- Browser ID (see also browser type and version, plug-ins used),
- The user’s operating system,
- Internet service provider,
- Date and time of access,
- The Internet address of the website from which the user arrived at the current page by clicking on a link (“Referrer URL”),
- Websites, which are called up by the system from our website.
Log files are usually saved without any assignment to the individual user. However, some of the data contained in the log file, in particular the IP address, can enable assignment to the user. However, such assignment is only carried out if there is a legal obligation or basis to do so. In particular, we reserve the right to review log data retrospectively if there are specific indications of a legitimate suspicion of illegal use of our website.
We collect and process the data contained in the log files solely for the purpose of guaranteeing the functionality of our website, protecting ourselves against attacks and enabling communication between our servers and your device. This is a legitimate interest in the meaning of the legal basis set out in Article 6(1)(f) GDPR: We have an interest in presenting our offering on the Internet in a secure and efficient manner and use a specialist provider for this purpose.
The access data is stored only for as long as is necessary for the specified purpose or for as long as is prescribed by law. As a general rule, the log files are deleted after 7 days. If log files are required to track a breach of legal regulations or misuse of our homepage, they will be stored for as long as is required for the purposes of tracking.
It is not possible to object to the collection of server log files if you wish to use our website.
- c) Log data with other providers
In addition, log data is also stored by other providers, in particular Google. See details under Points 12 and 13 of this Privacy Notice.
- d) SSL encryption and data security:
We use the widely used SSL method (Secure Socket Layer) on our website, with the respective highest level of encryption. Therefore, data transmission between our server and your browser is encrypted. The encryption level is usually 256-bit encryption. If your browser does not support 256-bit encryption, we will instead use 128-bit v3 technology.
You can identify an encrypted connection by the fact that the address line in the browser changes from http to https and a padlock icon appears in your browser bar. If SSL encryption is activated, any data you send to us cannot be intercepted by third parties.
We also use technical and organisational security measures to protect your data against accidental or intentional manipulations, partial or complete destruction or against authorised access by third parties. Our security measures are continuously improved in line with technological development.
- a) Provider/web host:
The legal basis on which we process your personal data using cookies depends on the respective cookie. Data processed using technically required cookies is processed on the basis of our legitimate interests or to comply with our contractual obligations. In all other cases, your consent is the legal basis for processing. The storage period for cookies can be up to two years unless another storage period for cookies is explicitly stated by us.
b) Technically required cookies:
Our website uses technically required cookies. These cookies are used to store certain user settings, in order to guarantee the display on the website, and also for filling in the contact form and the memo-list. The cookie we use is therefore required to ensure the full functionality of this website. The legal basis for using the cookies is Article 6(1)(f) GDPR: there is a legitimate interest in presenting our offering on the Internet and in enabling you to contact us; this is only possible by using technically required cookies.
You may object to your personal data being processed if our legitimate interest is the basis for processing your data. To do so, you can select the corresponding settings in your browser. If you do not wish data to be recorded, you can go to your Privacy settings and specify that all or certain cookies should be rejected or that the cookies should be deleted when the browser session ends. However, to obtain the full functionality of our website, it is necessary to allow technically required cookies. If you do not allow these cookies, complete use of our website, in particular using the contact form and memo-list, is no longer possible. In that case, the cookies are deleted as soon as the browser is closed.
c) Technically not required cookies:
Reset cookie settings
You can contact us by post, telephone, fax, e-mail or using the contact form on our website.
If you contact us by post, we can collect and process all data that you provide us with in your correspondence, including in particular your name and address.
If you contact us by telephone, we can collect and process your telephone number, any personal data provided to us during the call, such as name and e-mail address, time of call and other details regarding your concern.
If you contact us by fax, the fax number, sender ID and the data resulting from the fax will be processed.
If you contact us by e-mail, we will process the e-mail address and the data sent by you in the e-mail.
On our website, you can also find a contact form, which you can use to contact us. If you complete and submit this form, any data that you enter in the corresponding fields on our website will be sent to us. Your name, e-mail address and message are required fields. In addition, your computer’s IP address as well as the date and time of submission will be stored.
In all cases, the processing purpose is correspondence with you in the context of fulfilling the order placed with us or of responding to your request. The data in your contact form will only be processed in order to get in contact with you and to handle your request. If your message is connected to an order that you have placed with us or wish to place with us, Article 6(1)(b) GDPR is the legal basis for processing your data: The use of your data for correspondence is required and therefore permissible as a pre-contractual measure before completion of an agreement or for fulfilment of obligations in connection with the contractual relationship. In all other cases, the legal basis is the one set out in Article 6(1)(f) GDPR: We have an interest in answering the queries that we receive by post, fax, telephone or by visitors to our website, and in making and remaining in contact with said visitors, also due to the fact that the data is transmitted voluntarily and at the visitor’s own initiative. In addition, we assume that, by making contact, the users consent to the processing of their data, and hence Article 6(1)(a) GDPR is the legal basis. This also applies to any data that you send to us and that is not required for correspondence with you.
We will store your data for as long as is necessary to achieve the respective purpose or for as long as there is a requirement by law to retain the data. The purpose of making contact is achieved when the matter about which you first contacted us has been resolved.
The data will only be shared with third parties to the extent that this is technically required or is required for processing of your request. We will not share it with third parties for any other purpose, in particular for advertising purposes.
Please note that transferring data on the Internet, such as when communicating by e-mail, can involve security gaps.
You have a right to object if your data is collected on the legal basis of Article 6(1)(f) GDPR. You can submit your objection to us at any time, e.g. by e-mail to firstname.lastname@example.org. If data processing is based on your consent, you can revoke your consent at any time.
We offer customers and prospective customers the option of subscribing to a newsletter in which we regularly provide information by e-mail about our company and the products and services we offer. If you wish to receive the newsletter, we will require your e-mail address. In the course of sending the newsletter, we will definitely process your e-mail address and will potentially process other information that you provide us with during registration (in particular name, company).
We send the newsletter using the services of the shipping provider Sendinblue GmbH, Köpenicker Str. 126, 10179 Berlin, Germany, who works on our behalf in this respect. Compliance with the data protection regulations is also contractually guaranteed. Sendinblue is forbidden to sell your data and to use it for any purpose other than sending newsletters. Sendinblue is a German certified provider, which was selected in accordance with the requirements of GDPR and the German Federal Data Protection Act (Bundesdatenschutzgesetz). For more information on this, see here: https://de.sendinblue.com/informationen-newsletter-empfaenger/?rtype=n2go.
We only send the newsletters if you have consented to the corresponding use of your personal data for advertising purposes. We use the so-called double opt-in method to guarantee that newsletters are sent by agreement. For this, the potential recipient allows himself to be included in a distribution list. The user is then given the opportunity, by means of a confirmation e-mail, to confirm the registration legally. The address is only actively included in the distribution list if this confirmation is received. The newsletter registrations are logged in order to be able to prove the registration process in accordance with legal requirements. This includes storing the time of registration and time of confirmation, as well as the IP address. Likewise, changes to your data stored by the shipping provider are also logged.
The legal basis for processing your data for the purpose of sending the newsletter is your consent and thus Article 6(1)(a) GDPR. At any time, you can revoke your consent to store the data, the e-mail address and their use for shipping of the newsletter by using the “Unsubscribe” link in the newsletter. The legal basis for logging the registration procedure is our legitimate interest and thus Article 6(1)(f) GDPR: We have an interest in the efficient sending of information about our company and our products, protected against misuse.
We store your data in connection with the newsletter registration for up to three years, in order to be able to prove consent and defend any legal claims asserted against us. The legal basis for storage in this connection is, in particular, Article 6(1)(c) GDPR. After revocation of your consent, the data will no longer be processed for other purposes.
We present our company on the social networks Xing (xing.com) and LinkedIn (linkedin.com) in order to present ourselves to registered users there and to make contact with them.
Xing is a service provided by XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany.
LinkedIn is a service provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.
If you are a member of these social networks, Xing or LinkedIn can assign your visit to our website to your user profile. If you do not wish this to happen, you must log out before visiting our website.
The social networks process your data in agreement with their respective Privacy Notices, which you can view here:
We ourselves process the data that you provide to us on Xing or LinkedIn only for communication with you and to inform you about our offering. In doing so, we only process the data that you yourself have published on Xing or LinkedIn.
By using Xing and/or LinkedIn, you have consented to the processing of your personal data by the respective operator of the social network and the legal basis for data processing is therefore your consent in accordance with Article 6(1)(a) GDPR. From our perspective, there is a further interest in efficiently informing our existing and potential customers about our product offering; this interest outweighs your interest in not having your data processed not least of all because your use of the social networks is voluntary. To the extent that you have not consented to data processing, and in relation to our processing of your data, the legal basis for data processing is therefore Article 6(1)(f) GDPR.
You can object to the processing of your data by the operator of the respective social network. You can make the corresponding settings on the following websites:
The easiest way to assert your rights in connection with the processing of your personal data is directly to the operator of the respective social network, as the operator has all information about the processing of your data. If you wish to do this, we would be pleased to assist you.
On our website, we use various services provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as “Google”. Google is a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. In the context of its involvement in these services, Google collects and processes personal data. It cannot be ruled out that Google also transmits the information to servers in the USA. The transmission of personal data to third countries, such as the USA, is permissible if a reasonable level of data protection is guaranteed. This is the case in the USA due to the Privacy Shield Agreement, provided the recipient of the data is certified under the Agreement. Google is certified under the Privacy Shield Agreement, and transmission of data to the USA by Google is therefore permissible.
If you are logged into your Google account, Google can add the processed information to your account regardless of your account settings and treat it as personal data, see also in particular https://www.google.de/policies/privacy/partners. You can prevent the direct addition of this data by logging out of your Google account or by making the corresponding account settings in your Google account.
For more information, see the Google Privacy Notice, which you can access here: https://www.google.com/policies/privacy/. For information on the Google privacy settings, see https://privacy.google.com/take-control.html. You can also change your cookie settings, see Point 8.
b) Google Analytics:
This website uses Google Analytics to analyse the use of our website. To this end, a direct connection to Google’s servers is established when you visit our website, and server log files are sent to Google. Google also places corresponding cookies on your device, which generate information such as browser type/version, operating system used, referrer URL (previously visited website), host name of the accessing PC (IP address) and time of the server query, and send this information to Google.
The data is generally sent to a Google server in the USA and stored there. The IP address sent from your browser for Google Analytics is not merged with other data from Google. We have also extended Google Analytics with the code “anonymizeIP” on this website. This guarantees the anonymisation of your IP address, so that all data is collected anonymously. Only in exceptional cases is the full IP address sent to a Google server in the USA and abbreviated there. On behalf of the operator of this website, Google uses this information to evaluate your use of the website, to produce reports about website activities and to provide other services to the website operator with regard to website use and Internet use.
The legal basis for processing personal data in this connection is Article 6(1)(f) GDPR. By being able to evaluate the use of our website, we are able to respond to market behaviour in a targeted manner and position and adapt our offerings in the best possible manner for prospective users. This enables us to design our offering more attractively and increase awareness of our company. Google also has a legitimate interest in the collected (personal) data to improve its own services.
You can prevent the storage of cookies by making the appropriate setting in your browser software (see Point 8); however, please note that if you do this, you may not be able to use all functions of this website in their full scope.
You can also prevent the collection of the data generated by the cookie and relating to your use of the website (including your IP address) by Google and the processing of this data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de. As an alternative to the browser add-on, in particular for browsers on mobile devices, you can also prevent the collection of data by Google Analytics by clicking on this link: Deactivate Google Analytics. An opt-out cookie is set, which prevents future collection of your data when you visit this website. The opt-out cookie only applies in this browser and only for our website, and is saved on your device. If you delete the cookies in this browser, you must set the opt-out cookie again. We also use Google Analytics to evaluate data from DoubleClick cookies and AdWords for statistical purposes. If you do not agree to this, you can deactivate the setting via the ad preferences manager (http://www.google.com/settings/ads/onweb/?hl=de).
c) Google AdWords and Google DoubleClick:
We use the Google AdWords online marketing method to position advertisements in the Google advertising network (e.g. in search results, in videos, on websites, etc.) so that they are shown to users with a suspected interest in the advertisement. This allows us to display advertisements for our offering specifically to users who have a potential interest in our offering. In this connection, we also use the services of DoubleClick by Google.
For this, this website uses the Conversion Tracking associated with Google AdWords to analyse the advertisements used. We receive an individual “Conversion Cookie” through use. If you click on an advertisement placed by Google, a “cookie” is stored on your device, enabling analysis of the use of the websites you visit. The information in the cookie indicating that you have used this website (including your IP address) is sent to Google servers, possibly in the USA, and stored there. Google abbreviates the IP address by the last three digits so that unique assignment of the IP address is no longer possible. The validity of the cookie expires after 30 days. If you visit our website and the cookie has not yet expired, we and Google can see that somebody has clicked on our advertisement. Every AdWords customer receives a different cookie, so that it is possible to track customers via the AdWords websites. Google uses the information collected through the cookies to create conversion statistics for us. We ourselves only find out the anonymous total number of users who have clicked on our advertisement and been forwarded to a website provided with a Conversion Tracking Tag. We do not receive any data with which users can be personally identified.
In this connection, we also use Remarketing services from Google and DoubleClick by Google. With this technology, users who have already visited our website and shown an interest in the offering are addressed again through targeted advertising on the websites of the Google Partner network. To this end, when calling up our website, and other websites on which the Google advertising network is active, Google will immediately execute a Google code and incorporate (re)marketing tags in the website. These tags are used to set an individual cookie on the user’s device (instead of cookies, other comparable technologies may also be used). This file contains information regarding which websites the user visits, the type of content he is interested in and which offers the user has clicked on, as well as technical information on the browser and operating system, referring websites, visit time and other information on the use of the online offering.
To the extent that Google records the user’s IP address in the context of the Google advertising network, this will be truncated within the Member States of the European Union or the EEC and only transferred to and stored on Google’s servers in the USA in exceptional cases. The user data is processed in a pseudonymised form within the Google advertising network. Google does not store and process the names or e-mail addresses, but only the relevant data based on the cookies within pseudonym user profiles. Google does not, therefore, manage and display the advertisements for a specifically identified person, but for a cookie owner, regardless of who this cookie owner is. This does not apply if a user has explicitly allowed Google to process the data without pseudonymisation. The information collected about the user is sent to Google and stored on Google’s servers, potentially in the USA. Google can also link the above-mentioned information with similar information from other sources. If the user then visits other websites, advertisements tailored to his suspected interests, based on his user profile, can be displayed to him.
The legal basis for processing personal data in this connection is Article 6(1)(f) GDPR. By being able to evaluate the success of individual offerings, we are able to respond specifically to market behaviour and position and adapt our offerings in the best possible manner for prospective users. This enables us to design our offering more attractively and increase awareness of our company. Google also has a legitimate interest in the collected (personal) data to improve its own services.
You have a right to object. In particular, see Google’s Privacy Notice in this regard: https://www.google.com/policies/privacy/. You can also deactivate the settings for personalised advertisements at https://adssettings.google.com/. In addition, you can change the setting of cookies by third party providers, such as Google, in the cookie settings, see Point 8.
We use YouTube on our website to also show videos as a way of presenting our company and our products. YouTube is a video portal of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as “Google”. Google is a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. YouTube is covered by Google LLC’s EU-US Privacy Shield certification (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active). Hence, the transmission of data is permissible even if the data is processed in the USA.
We use YouTube in a way that allows us to embed YouTube videos in our website. When you access the video, a direct contact is established between you and the servers of Google. This connection is required to be able to display the respective video on our website via your Internet browser. In the course of this, YouTube collects and processes at least your IP address, the date and time as well as the website visited by you. In addition, a connection to the “DoubleClick” advertising network by Google is established.
Google processes usage and communication data of visitors to the website while they are using the website. The purpose of processing your personal data is to enable us to present our offering in an appropriate and contemporary manner on our website. The legal basis is your consent, which is given via the Borlabs service (see Point 8: Cookies). Our legitimate interest lies in improving the quality of our Internet presence.
We use YouTube in connection with the “Privacy-Enhanced Mode”, in order to be able to show you videos. According to YouTube, its “Privacy-Enhanced Mode” means that the data described in greater detail below is only sent to the YouTube servers if you actually start a video. Without this “Privacy Enhanced Mode”, a connection is established to the YouTube server in the USA as soon as you visit one of our websites on which a YouTube video is embedded.
If you are also logged into YouTube at the same time, YouTube assigns the connection information to your YouTube account. To prevent this, you must either log out of YouTube before visiting our website or make the corresponding settings in your YouTube user account.
For the purposes of functionality and for analysis of user behaviour, YouTube stores cookies on your device via your Internet browser. If you do not agree to this processing, you can prevent the storage of cookies via the settings in your Internet browser. For more information, see above under “Cookies”.
We use ReCaptcha by Google on our website to prevent the misuse of our contact form. This enables us to distinguish whether forms are being used by natural persons or whether they are being misused by machine or automated processing. Your e-mail address and, if relevant, other data, in particular regarding your browser and your use of the website, are sent to Google. In addition, ReCaptcha sets cookies in order to identify you again the next time you visit. For more information, see Google’s data protection information: In particular, see Google’s Privacy Notice in this regard: https://www.google.com/policies/privacy/.
This service is used on the basis of our legitimate interests and the legal basis is therefore Article 6(1)(f) GDPR: We have an interest in guaranteeing the security of our servers and IT systems and protecting ourselves against attacks.
On our website, we publish job vacancies, for which you can apply. The application can also be completed by submitting your application documents by e-mail. To this extent, the information under Point 9 of this Privacy Notice applies. When selecting applicants, we process any data that you send to us in your application solely for the purpose of filling job vacancies within our company.
Data processing in the context of the application procedure is based on the fact that you voluntarily provide us with your data for the purpose of applying for a position and we therefore assume that you consent to data processing. The legal basis for data processing is therefore primarily your consent and thus Article 6(1)(a) GDPR. Your data is also processed in view of employment within our company; it is therefore to be considered as a pre-contractual measure, so that Article 6(1)(b) GDPR also serves as a legal basis for processing. When selecting applicants, we do not use any automated decision-making method in accordance with Article 22 GDPR.
Your data will be deleted immediately upon completion of the application procedure, unless you have explicitly given consent for us to save your data in our pool of applicants and store it for this purpose.
Even if you revoke your consent, complete erasure of the data is only possible if you withdraw your application, as we cannot process your application without processing your data.
Customers and contractual partners
In the context of business relationships with us, we collect and process the following personal data regarding natural persons: Name, address, telephone number, e-mail address (if relevant) and account number (in the context of bank transfers). As a general rule, we process this data to fulfil the contract between us or between us and the company by which the person concerned is employed, to provide our work according to agreement and to be able to assess and, if relevant, fulfil claims which may result from the contract. In addition, we are legally obligated to retain certain contractual documents, including the data contained within it, even after processing of the contract. In principle, we only share your data with third parties if this is required for the specified purposes or if we have a duty to disclose the information. In any case, data will only be transferred to the required extent.
To the extent that we have received your data from third parties, in particular from your landlord or a property management company, we will assume that the transfer of the data to us is covered by the corresponding legal relationship or your consent. In this case, processing of your data is required to be able to fulfil the contract with the respective third party.
The legal basis for processing your data is generally Article 6(1)(b) GDPR: processing is required in order to fulfil the contract between us. In addition, we are subject to the legal obligation to retain invoices and other documents and hence Article 6(1)(c) GDPR is also a legal basis for storage.
In principle, we retain data connected to a contract for a period of 3 years following fulfilment of all mutual obligations from the contract, in case of possible claims arising from the contract. For commercial reasons, we must retain our correspondence for 6 years, and for tax purposes, we must retain invoices for 10 years. This also concerns the respective data contained therein.
To the extent that we offer links to other sites on our website, we have first carefully checked the corresponding websites. However, this notwithstanding, we are not responsible for compliance with the privacy regulations and other legal provisions by the providers of the websites to which we provide links. Therefore, please make your own check of the Privacy Notices of these websites.
Changes to this Privacy Notice
This Privacy Notice is currently valid and was last changed in July 2020.
Through the further development of our website or due to changed legal or official requirements, it may be necessary to amend this Privacy Notice. The respective current Privacy Notice can be viewed at any time on this website.