Download

en

Download

en

Obligation to Provide Information pursuant to Article 13 GDPR

Protecting your personal data is very important to us. We process your personal data (hereinafter referred to as "data") exclusively in accordance with legal regulations. With this privacy policy, we aim to inform you about how we process your data in our company and the data protection rights to which you are entitled under Article 13 of the European General Data Protection Regulation (EU GDPR).

 

1. Who is responsible for data processing, and whom can you contact?

The responsible party is:

The Data Protection Officer is
Christian Volkmer
Projekt 29 GmbH & Co. KG
Ostengasse 14
93047 Regensburg
E-mail: c.volkmer(at)projekt29.de
Phone: +49 941-2986930

 

2. What data is processed, and where does it come from?

We process the data that we receive from you in the course of initiating or executing a contract, based on consent, as part of your application, or during your employment with us.

Personal data includes:

Your basic/contact information, which includes, for example, for customers: first and last name, address, contact details (e-mail address, phone number, fax), and banking information.

For applicants and employees: first and last name, address, contact details (e-mail address, phone number, fax), date of birth, resume and job references, banking details, religious affiliation.

For business partners: the names of legal representatives, company name, commercial register number, VAT ID, company ID, address, contact details of the contact person (e-mail address, phone number, fax), banking details.

In addition, we also process the following personal data:

  • Information about the type and content of contract data, order data, sales and billing data, customer and supplier history, and consulting documentation.
  • Advertising and sales data.
  • Information from your electronic interactions with us (e.g., IP address, login data).
  • Other data that we receive from you in the course of our business relationship (e.g., during customer meetings).
  • Data that we generate from basic/contact data and other data, such as customer needs and potential analysis.
  • Documentation of your consent for receiving, for example, newsletters.

 

3. For what purposes and on what legal basis is the data processed?

We process your data in accordance with the provisions of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act 2018 in its current version:

  • For the fulfillment of (pre-)contractual obligations (Art. 6 para. 1 lit. b GDPR):
    Your data is processed for contract execution online or in one of our branches, as well as for processing your employment relationship in our company. Data is processed particularly during contract initiation and execution with you.
  • To fulfill legal obligations (Art. 6 para. 1 lit. c GDPR):
    Processing of your data is required to comply with various legal obligations, such as those from the Commercial Code or the Tax Code.
  • To protect legitimate interests (Art. 6 para. 1 lit. f GDPR):
    Data processing may be carried out beyond contract fulfillment to protect our or third-party legitimate interests. Examples of such processing include:
    • Advertising or marketing (see section 4),
    • Measures for business management and the further development of services and products,
    • Maintaining a company-wide customer database to improve customer service,
    • Legal enforcement.
  • Based on your consent (Art. 6 para. 1 lit. a GDPR):
    If you have given us consent to process your data, such as for receiving our newsletter.

 

4. Processing of personal data for advertising purposes

You can object to the use of your personal data for advertising purposes at any time, either entirely or for specific measures, without incurring any costs beyond standard transmission costs.

We are legally permitted under Section 7 para. 3 UWG to use the e-mail address you provided when concluding a contract for direct advertising of our similar goods or services. These product recommendations are sent regardless of whether you have subscribed to a newsletter.
If you do not wish to receive such recommendations via e-mail, you can object at any time without incurring any additional costs. A simple written message is sufficient. Every e-mail also contains an unsubscribe link.

 

5. Who receives my data?

If we use a service provider for processing on our behalf, we remain responsible for protecting your data. All service providers are contractually obligated to handle your data confidentially and process it only within the scope of service provision. Our contracted service providers receive your data only if they require it to fulfill their respective services. These include, for example, IT service providers we need for the operation and security of our IT systems, as well as advertising and address publishers for our own marketing campaigns.

Your data is stored in our customer database. The database helps improve data quality (e.g., duplicate removal, change of address indicators) and enriches data from public sources.

These data are made available to corporate affiliates when necessary for contract execution. Data storage is company-specific and separate, with our parent company acting as a service provider for the affiliated companies.

If legally required, government authorities, courts, and external auditors may receive your data.
Furthermore, for contract initiation and fulfillment purposes, insurance companies, banks, credit agencies, and service providers may receive your data.

 

6. How long will my data be stored?

We process your data until the termination of the business relationship or until the expiration of applicable statutory retention periods (e.g., from the Commercial Code, Tax Code, or Labor Law); beyond that, until any legal disputes where the data is needed as evidence are resolved.