Notice about Business Information
Updated: May 24, 2018
This Notice explains how Schmedes as a data controller uses Personal Information about you in a business context if you are:
- a Supplier or if you represent an organization that is a Supplier;
- a Customer or if you represent an organization that is a Customer; or
- Web Users.
We refer to this as “Business Information".
“Schmedes” means Schmedes Industrie- und Handelsausrüstung GmbH. Supplier” means a current or prospective vendor, supplier, subcontractor or partner of Schmedes. “Customer” means a customer, prospective customer or target customer of Schmedes. “Web User” means a user of a Schmedes internet website. “Third Party Service Provider” means a third party vendor or supplier outside Schmedes who may have access to Business Information in providing services to Schmedes. “Personal Information” means information relating to an identified or identifiable natural person that is processed by or on behalf of Schmedes by automatic means.
1. What Business Information does Schmedes collect?
The type of Business Information that Schmedes collects and uses depends on the particular business context and the purpose for which it was collected. It may include:
- contact details (such as your name, job title, gender, work address, telephone numbers, email address, fax numbers and so on);
- details of your relevant experience and/or academic and professional qualifications (for example, if you are employed by a vendor);
- details of your business and other interests and opinions (for example, where information is held in a Customer Relationship Management database);
- for Web Users, information relating to your use of the Schmedes website, including the content of web forms, contributions made to any discussion forums and browsing history, IP addresses and your path through the Schmedes website;
- credit card details, credit worthiness, and other financial-related information, such as your bank account number and other relevant payment-related information collected in support of a business transaction;
- CCTV images and visit information for visitors to Schmedes sites.
2. What will Schmedes do with your Business Information?
Generally, Schmedes only uses Business Information for one or more of business-related purposes below:
- Negotiating, concluding and performing contracts with Customers (including the provision of financial services and advice);
- Managing Schmedes accounts and records;
- Advertising, marketing and public relations (including direct marketing);
- Market Research and competitor analysis;
- Negotiating, concluding and performing contracts with Suppliers;
- Communicating with Individuals that are, or who represent, Customers, Suppliers or Web Users;
- Operating the Schmedes website, including the use of analytics software;
- Supporting Schmedes’s corporate social responsibility activities;
- Facilitating the security of Schmedes sites, websites and other assets;
- Legal and regulatory compliance and internal control evaluations and audits (including where conducted by Schmedes’s internal and external audit service providers);
- Debt administration; and/or
- Obtaining legal advice, including for legal proceedings and litigation and also in connection with the sale, purchase or merger of a business.
We process Business Information for the above purposes as necessary for our legitimate business interests and those of third parties that we interact with. Certain aspects of our processing are also necessary for us to comply with the law or are based on your consent, or other available legal grounds for processing.
3. Schmedes data privacy principles
Schmedes observes the following principles in relation to Business Information:
- We process it fairly and lawfully;
- We process it for a specific legitimate business purpose and do not process in a manner incompatible with that purpose without your knowledge and/or consent;
- We use Business Information that is adequate, relevant and not excessive for the purpose for which it is processed;
- We keep it accurate and, as necessary, up to date;
- We keep it in a form which permits identification for no longer than necessary for the purpose for which it was collected;
- We protect it against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, using appropriate technical and organizational measures;
- We process it in accordance with an Individual’s rights;
4. Who is your Business Information disclosed to?
(a) Within Schmedes
Schmedes restricts access to Business Information to people within the company who have a “need to know” that information.
(b) Outside Schmedes
Schmedes shares Business Information with authorized Third Party Service Providers. Where it does so, Schmedes imposes appropriate contractual obligations regarding Business Information on such Third Party Service Providers.
Beyond its Third Party Service Providers Schmedes will only disclose your Business Information to third parties outside Schmedes:
- when required to do so by law;
- Bei einer Anfrage auf Rechtshilfe durch die Polizei oder eine andere Vollzugsbehörde
- in response to a legitimate request for assistance by the police or other law enforcement agency;
- to protect an individual’s vital interests;
- to seek legal advice from Schmedes’s external lawyers or in connection with litigation with a third party;
- in connection with the sale, purchase or merger of a business; or
- to engage external auditors to validate Schmedes’s financial accounts.
Your Business Information will not be transferred to non-EU countries.
5. Exercising your rights
(i) Web Users, Customers and those representing Customers
If you would like a copy of any of your Business Information or if you would like to update or correct it or you would like to request Schmedes to stop sending you marketing materials either generally or via a particular media, please contact Schmedes. However, please note that we may continue to send you non-marketing communications (such as service related communications, market reports, prices), and that we will keep a record of your request as well as your contact details to ensure that your request is respected.
If you have a concern about how Schmedes has used your Business Information, as a first step, you should raise the concern in writing to the relevant contact or department at Schmedes.
In some circumstances, you have a right to request the erasure of your Business Information or a restriction to its use, to object to its use, to receive it in a portable format or to have it transmitted to another organization. If you wish to exercise any of these rights, please contact Schmedes.
If your concern relates to Business Information subject to the laws of the European Economic Area and it has not been fully resolved, you are entitled to lodge your concern with your local Data Privacy Authority or before the courts in your country where you may seek compensation from Schmedes for any loss or damage that you have suffered.
(ii) Suppliers and those representing Suppliers
If you would like a copy of any of your Business Information or if you would like to update or correct it, please contact Schmedes.
If you have a concern about how Schmedes has used your Business Information, as a first step, you should raise the concern in writing to the relevant contact at Schmedes with which you do business.
6. Retaining your Business Information
Depending on the purposes for which we are processing your Business Information, we may keep your Business Information for as long as is necessary for these purposes, and in particular to protect ourselves in the event of a legal claim.
Contact to Schmedes
If you have questions about this Notice or our privacy practices, or if you want to exercise your rights or withdraw your consent:
Write to us at:
Schmedes Industrie- und Handelsausrüstung GmbH