Data protection information for our customers

With this data protection information we inform you about the processing of your personal data by us as well as about your rights.

3. Why do we process your data (purpose of processing) and on what legal basis?

a) On the basis of your consent to data processing (Art. 6 Para. 1 lit. a GDPR)
If and to the extent that you have given your consent to the processing of personal data, the respective consent is the legal basis for the processing specified in it. This concerns e.g. the receipt of electronic customer information. You can revoke your consent at any time with the effect for the future. This also applies to declarations of consent which you gave us before the GDPR came into force, i.e. before 25 May 2018.

b) For the fulfilment of contractual obligations (Art. 6 Para. 1 lit. b GDPR)
Your data will be processed for the initiation or performance of our contracts with you, i.e. for the provision of our services (e.g. maintenance and support, sale of products via the shop, etc.). The specific purposes of data processing depend in detail on the respective service and product descriptions and the associated contract documents.

c) In the context of balancing of interest (Art. 6 Para. 1 lit. f GDPR)
Your data may also be used by us or by third parties on the basis of a balancing interests to protect legitimate interests. This is done e.g. for the purpose of further developing our services or systems and products, ensuring IT security and IT operations, advertising, market research and opinion polling, asserting legal claims and defending against legal disputes, preventing and clarifying criminal offences, as well as risk management and fraud prevention.

d) Based on the legal requirements (Art. 6 Para. 1 lit. c GDPR)
We are subject to various legal obligations which entail data processing. These include e.g. tax laws, as well as statutory accounting, the fulfilment of inquiries and requirements from national or foreign supervisory or criminal prosecution authorities as well as the fulfilment of control and reporting obligations under tax law.

4. Who do we share the data with?

Your data will only be passed on by us within the company to those departments which need it to fulfil their contractual and legal obligations or to fulfil their respective tasks (e.g. customer service, IT, sales and marketing). In addition, the external entities will receive your data without exception only if they have been contractually bound by us to their obligations as order processors (Art. 28 GDPR) and guarantee that they process your data in accordance with our instructions. These include e.g. service providers in the areas of customer care, accounting, IT and logistics. In addition, we only pass on data to the persons or entities for which you have given us your consent for data transmission.

5. Do we transfer data to third countries?

Your data will only be processed within the European Union and countries within the European Economic Area (EEA). Otherwise we will always inform you separately in advance, including of the right to object to such data transmission separately at any time.

6. How long do we store your data?

We only store your personal data for as long as it is necessary for the provision of the associated contractual services. In addition to the duration of the actual business relationship, this also includes data processing in the context of initiating and performance of contracts. In addition, we are subject to various storage and documentation obligations arising from the Commercial Code and tax regulations (Tax code – (AO)). The time limits for storage and documentation specified there are five to ten years. Finally, the storage period is also judged according to the statutory limitation periods, which, according to §§ 195ff of the Civil Code (BGB) for example can generally be three years, but in certain cases also up to 30 years.

7. Is there an obligation to provide personal data?

In the context of our business relationship, you only need to provide the personal information necessary to establish, conduct and terminate a business relationship. Otherwise the conclusion of the contract or the performance of the contract is not possible.

8. To what extent is there an automated decision-making in individual cases?

As a matter of principle, we do not use automated decision-making under Art. 22 GDPR for the establishment and implementation of the business relationship. Should we use these procedures in individual cases, we will inform you of this separately.

9. To what extent do we use your data for profile building?

We partially process your data automatically with the aim of evaluating certain personal aspects (so-called "profiling" according to Art. 4 No. 4 GDPR). Profiling is used, for example, to determine your potential interest in our products and services. This evaluation is carried out by using for example statistical methods based on current customer data and the data from the past. We use the results to be able to address you in a more need- and target-oriented way.

10. What data protection rights do you have?

You have the right under the respective legal requirements to request confirmation at any time as to whether we process personal data as well as the right to information (Art. 15 GDPR, § 34 BDSG (German Federal Data Protection Act)) about this personal data. In addition, you also have the right to correction (Art. 16 GDPR), deletion (Art. 17 GDPR, § 35 BDSG) and restriction of data processing (Art. 18 GDPR), as well as the right to object to the processing (Art. 21 GDPR) of personal data at any time, to revoke your consent to the data processing at any time or to demand data transmission (Art. 20 GDPR). Moreover, you have the right to complain to a supervisory authority in the event of data protection violations (Art. 77 GDPR, § 19 BDSG).

Separate reference to your right of objection

The right of objection in individual cases
For reasons related to your particular situation, you have the right at any time to object to the processing of personal data that concerns you, carried out under Art. 6 Para. 1 lit. f GDPR (data processing based on a balancing of interests). This also applies to profiling based on this provision within the meaning of Art. 4 No. 4 GDPR, which for example may be undertaken for the purposes of customer advice and customer service and for distribution purposes. If you file an objection, your personal data will no longer be processed unless SHD can prove compelling reasons meriting protection for processing which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

The right to object to the processing of data for direct marketing purposes
SHD may also process your data for direct marketing within the context of the statutory provisions. You have the right at any time to object to the processing of your personal data for the purpose of such advertising without incurring any costs other than the transmission costs according to the basic tariffs. This also applies to profiling in so far as it is related to such direct marketing. If you object to the processing for purposes of direct marketing, we will no longer process your personal data for these purposes. The objection can be made without any formal requirements. Contact details can be found under point 1.

ERP

Warenwirtschaft

hey.kitchen

Lagerorganisation

Groupware

Kassen

SHD ECORO e-commerce

SHD ECORO CRM

Finanzen & Personal

Finanzbuchhaltung

Zeiterfassung

Personaleinsatzplanung

Planung & Visualisierung

Planungssoftware

Omnichannel-Tools

Produktdaten

hey.kitchen

Technologie

Cloud-Leistungen

IT-Dienstleistungen

IT-Infrastruktur

Networking

SHD Security

Service

Support

SHD Kundenportal

Teamviewer

Dienstleistung

Schulung

Starte Deine Karriere hier und jetzt

Arbeiten bei SHD

Ausbildung bei SHD

Arbeiten in der Region Mittelrhein

Das SHD Bewerberportal

SHD

Über SHD

Die Unternehmensgruppe

Referenzen

News/Presse

Veranstaltungen

Newsletter