1. Data protection at a glance

General information

The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data is any data that can be used to identify you personally. Detailed information on the subject of data protection can be found in our data protection declaration listed below this text.

2. General notes and mandatory information

Data protection

We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy. When you use this website, various personal data is collected. Personal data is data that can be used to identify you personally. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done. We would like to point out that data transmission over the Internet (e.g. when communicating by email) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.

Note on the responsible body

The controller responsible for data processing on this website is : 

Eagle Cable GmbH
Untermatten 12 - 14
79282 Ballrechten-Dottingen
Telephone: +49 7634 5610 0
E-Mail: service[at]eagle-cable.de

 Verantwortliche The controller is the natural or legal person who alone or jointly together with others, decides on the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).

Recipients of personal data

As part of our business activities, we work with various external external bodies. In some cases, it is also necessary to transfer of personal data to these external bodies is necessary. We only pass on personal data to external bodies if this is necessary this is necessary in the context of fulfilling a contract, if we are are legally obliged to do so (e.g. forwarding data to tax tax authorities), if we have a legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR or if another legal basis permits the legal basis permits the transfer of data. When using processors, we only disclose our customers' personal data on the basis on the basis of a valid contract for order processing. In the case of joint processing, a contract on joint processing joint processing is concluded.

Withdrawal of your consent to data processing

Many data processing operations are only possible with your express consent. consent. You can withdraw consent that you have already given revoked at any time. All you need to do is send us an informal e-mail us. The legality of the data processing carried out until the revocation processing remains unaffected by the revocation.

Right to object to the collection of data in special cases and to direct advertising (Art. 21 DSGVO)

IF THE DATA PROCESSING IS BASED ON ART. 6 ABS. 1 LIT. E OR F GDPR, YOU HAVE THE RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA AT ANY TIME ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE RESPECTIVE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA CONCERNED UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS OR THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE OR DEFENSE OF LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21 PARA. 1 GDPR). IF YOUR PERSONAL DATA ARE PROCESSED FOR THE PURPOSE OF DIRECT MARKETING, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR THE PURPOSE OF SUCH MARKETING; THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL SUBSEQUENTLY NO LONGER BE USED FOR THE PURPOSE OF DIRECT MARKETING (OBJECTION PURSUANT TO ART. 21 PARA. 2 DSGVO).

Right to lodge a complaint with the competent supervisory authority

If you believe that we are not handling your personal data in accordance with the law, you have the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority for data protection issues for our company is the State Data Protection Officer of Baden-Württemberg:

The State Commissioner for Data Protection and Freedom of Information
P.O. 10 29 32
70025 Stuttgart

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done to the extent that it is technically feasible.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Information, correction and deletion

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if necessary, a right to correction or deletion of this data. You can contact us at any time if you have further questions on the subject of personal data.

Objection to advertising e-mails

The use of contact data published in the context of the imprint obligation contact data for the purpose of sending unsolicited advertising advertising and information material is hereby objected to. The operators of this website expressly reserve the right to take legal case of the unsolicited sending of advertising information, for example through spam e-mails.

Right to restriction of processing

You have the right to request the restriction of the processing of your of your personal data. You can do this at any time contact us at any time. The right to restriction of processing exists in the following cases:

If you dispute the accuracy of your personal data stored by us, we generally data stored by us, we usually need time to check this. verify this. For the duration of the review, you have the right to restriction of the processing of your personal data for the request the restriction of processing.

If the processing of your personal data was/is carried out unlawfully happened/is happening unlawfully, you can request the restriction of data data processing instead of erasure.

If we no longer need your personal data, but you need it for the exercise the exercise, defense or assertion of legal claims, you have the legal claims, you have the right to request the restriction of the processing of your restriction of the processing of your personal data instead of erasure. request the restriction of the processing of your personal data

If you have lodged an objection in accordance with Art. 21 para. 1 GDPR, a balance must be struck between your interests and ours. be made. As long as it has not yet been determined whose interests prevail you have the right to demand the restriction of the processing of your processing of your personal data.

If you have restricted the processing of your personal data data - apart from its storage - may only be processed with your your consent or for the establishment, exercise or defense of legal of legal claims or for the protection of the rights of another natural or natural or legal person or for reasons of important public interest of the public interest of the European Union or of a Member State. are processed.

3. Data collection on our website

Cookies

Our Internet pages use so-called “cookies”. Cookies are small data packets and do not cause any damage to your end device. They are either stored temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your end device. stored. Session cookies are automatically deleted at the end of your visit. deleted. Permanent cookies remain stored on your end device, until you delete them yourself or they are automatically deleted by your web browser. deletion by your web browser.

Cookies may originate from us (first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies enable the integration integration of certain services from third-party companies within websites (e.g. cookies for the processing of payment payment services).

Cookies have various functions. Many cookies are technically necessary necessary, as certain website functions would not work without them would not work without them (e.g. the shopping cart function or the display of videos). Other cookies can be used to evaluate user behavior or be used for advertising purposes.

Cookies that are used to carry out the electronic communication process, for the provision of certain functions you have requested (e.g. for the shopping cart function) or to optimize the website (e.g. cookies to measure the web audience) (necessary cookies). cookies), are stored on the basis of Art. 6 para. 1 lit. f GDPR unless another legal basis is specified. The website operator has a legitimate interest in the storage of necessary cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies and of cookies and comparable recognition technologies has been requested technologies, the processing is carried out exclusively on the basis of this (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG); the consent can be revoked at any time. consent can be revoked at any time.

You can find out which cookies and services are used on this website in this privacy policy.

CookieFirst

Our website uses CookieFirst to obtain your consent to the storage of certain cookies on your end device or for the use of certain certain technologies and to document these in compliance with data protection documented. The provider of this technology is Digital Data Solutions B.V. (CookieFirst), Plantage Middenlaan 42A, 1018 DH Amsterdam, Netherlands (hereinafter referred to as “CookieFirst”).

When you enter our website, a connection to the servers of CookieFirst is CookieFirst servers in order to obtain your consent and other declarations regarding the use of cookies. Subsequently CookieFirst stores a cookie in your browser in order to be able to assign the to be able to assign the consents given or their revocation. In the process the IP address (anonymized), the user agent of the browser and operating operating system and the URL from which the consent was given, is processed and integrated into CookieFirst. The data collected in this way will be stored until you ask us to delete it, delete the delete the CookieFirst cookie yourself or the purpose for the data storage no longer applies. Mandatory statutory retention obligations remain unaffected.

CookieFirst transmits personal data to third-party providers. These include CDN from Slovenia, IP geolocalization from Romania and hosting at OHV in Germany and France. CookieFirst has its headquartered in Amsterdam, the Netherlands.

CookieFirst is used to obtain the legally required consent for the use of cookies. consent for the use of cookies. The legal basis for this is Art. 6 para. 1 sentence 1 lit. c GDPR.

Order processing: We have concluded an order processing contract (AVV) for the use of the above-mentioned service. This is a contract prescribed by data protection law, which ensures that the personal data of our website website visitors only in accordance with our instructions and in compliance with the DSGVO processed.

Server-Log-Data

This website is hosted externally. The personal data collected on this website collected on this website is stored on the hoster's servers. stored. This may include IP addresses, contact requests, meta and communication data, contract data, contact data, names, website accesses and other data generated via a website. generated via a website.

External hosting is carried out for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of secure, fast and efficient provision of our online offering by a professional provider provider (Art. 6 para. 1 lit. f GDPR). If a corresponding consent has been requested, the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent permits the storage of cookies or access to information in the user's end device (e.g. device fingerprinting) within the within the meaning of the TDDDG includes. Consent can be revoked at any time.

Our hoster will only process your data to the extent that this is necessary to necessary to fulfill its performance obligations and follow our follow our instructions in relation to this data.

We use the following hoster: Timme Hosting, 21335 Lüneburg

Order processing: We have concluded an order processing contract (AVV) for the use of the above-mentioned service. This is a contract prescribed by data protection law, which ensures that the personal data of our website website visitors only in accordance with our instructions and in compliance with the DSGVO processed.

Processing of customer and contract data

We collect, process and use personal customer and contract data to contract data for the purpose of establishing, structuring and amending our contractual relationships. Personal data about the use of this website use of this website (usage data) are only collected, processed and used only to the extent necessary to enable the user to use the service. enable or bill the user for the use of the service. The legal basis for this is Art. 6 para. 1 lit. b GDPR.

The customer data collected will be deleted after completion of the order or termination of the business relationship and expiry of any existing statutory statutory retention periods have expired. Statutory retention periods remain unaffected.

Data transmission upon conclusion of contract for online stores, retailers and shipping of goods

If you order goods from us, we will pass on your personal data to the data to the transport company entrusted with the delivery and to the payment payment service provider responsible for processing payments. This only such data will be disclosed as the respective service provider required to fulfill its task. The legal basis for this is Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the fulfillment of a contract or pre-contractual measures. If you have given corresponding consent in accordance with Art. 6 para. 1 lit. a GDPR we will pass on your e-mail address to the transport company entrusted with the company entrusted with the delivery so that it can inform you by e-mail about the about the shipping status of your order; you can revoke your revoke your consent at any time.

Credit checks

In the case of a purchase on account or any other payment method where we make advance payments, we can carry out a credit assessment procedure carry out (scoring). For this purpose, we transmit the data you enter (e.g. name, address, age or bank details) to a credit agency. On the basis of Based on this data, the probability of a payment payment default is determined. In the event of an excessive risk of non-payment we may refuse the type of payment in question.

The credit check is carried out on the basis of the fulfillment of the contract (Art. 6 para. 1 lit. b GDPR) as well as for the avoidance of payment defaults (legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR). Insofar as consent has been obtained, the credit check is carried out on the basis this consent (Art. 6 para. 1 lit. GDPR); the consent can be revoked at revocable at any time.

For details, see point 14 SCHUFA information. Click here

4. Analysetools und Werbung

Google Tag Manager

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The Google Tag Manager is a tool that we use to integrate tracking or statistical tools, statistics tools and other technologies on our website. on our website. The Google Tag Manager itself does not create any user profiles, does not store any cookies and does not carry out any independent analyses. It only serves to manage and display the tools integrated via it. integrated tools. However, the Google Tag Manager records your IP address, which may also be transmitted to Google's parent company in the United States may be transmitted.

The Google Tag Manager is used on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the fast and uncomplicated integration and management of of various tools on its website. If a corresponding consent has been requested, the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent permits the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the within the meaning of the TDDDG. Consent can be revoked at any time.

The company is certified in accordance with the EU-US Data Protection Privacy Framework” (DPF). The DPF is an agreement between the European European Union and the USA, which ensures compliance with European data protection standards for data processing in the USA. in the USA. Every company certified in accordance with the DPF undertakes to to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyze the behavior of website analyze the behavior of website visitors. In doing so, the website operator receives various usage data, such as page views, length of visit, operating systems used and the origin of the user. This data is assigned to the respective end device of the user. An assignment to a user ID does not take place.

Furthermore, we can use Google Analytics to record your mouse and scroll scrolling movements and clicks. Furthermore, Google Analytics uses various modeling approaches to supplement the data records collected and uses machine learning technologies to analyze the data. data analysis.

Google Analytics uses technologies that enable the recognition of the user for the purpose of analyzing user behavior (e.g. cookies or device fingerprinting). cookies or device fingerprinting). The information collected by Google information collected by Google about the use of this website is usually transferred to a Google server in the USA and stored there.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG. The consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the of the EU Commission. You can find details here: https://privacy.google.com/businesses/controllerterms/mccs/.

The company is certified in accordance with the EU-US Data Protection Privacy Framework” (DPF). The DPF is an agreement between the European European Union and the USA, which ensures compliance with European data protection standards for data processing in the USA. in the USA. Every company certified in accordance with the DPF undertakes to to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

IP Anonymisierung

Google Analytics IP anonymization is activated. This means that your IP address from Google within member states of the European Union or in other signatory states to the Agreement on the the European Economic Area prior to transmission to the USA. shortened. Only in exceptional cases will the full IP address be sent to a Google server to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your evaluate your use of the website, to compile reports on website compile reports on website activity and to provide other services services associated with the use of the website and the Internet to the website operator. The IP address transmitted by Google IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

Browser Plugin

You can prevent the collection and processing of your data by Google by downloading and installing the browser plugin available at the following link download and install the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de. More information on the handling of user data by Google Analytics can be found in Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=de.

Order processing: We have concluded an order processing contract with Google processing contract with Google and implement the strict requirements of the German data protection authorities when using Google Analytics completely

Google Analytics e-commerce measurement

This website uses the “e-commerce measurement” function of Google Analytics. With the help of e-commerce measurement, the website operator can analyze the purchasing behavior of website visitors to improve their analyze online marketing campaigns. Information is collected here, such as the orders placed, average order values, shipping costs orders placed, average order values, shipping costs and the time from viewing to purchasing of a product is recorded. This data can be summarized by Google under a transaction ID that is assigned to the respective user or their device. assigned to the respective user or their device.

Facebook Pixel

This website uses the visitor action pixel for conversion measurement from Facebook. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, the data collected Facebook, the data collected is also transferred to the USA and other third countries. transferred.

In this way, the behavior of site visitors can be tracked after they have been redirected to the provider's website by clicking on a Facebook ad. provider's website by clicking on an ad. This allows the effectiveness of the Facebook advertisements for statistical and market research purposes be evaluated and future advertising measures can be optimized.

The data collected is anonymous to us as the operator of this website, We cannot draw any conclusions about the identity of the users. The However, the data is stored and processed by Facebook, so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes, in accordance with the Facebook-Data usage policy can use. This allows Facebook to enable the placement of advertisements on Facebook pages and outside of Facebook. This use of the data cannot be influenced by us as the site operator. be influenced.

The use of Facebook Pixel is based on Art. 6 para. 1 lit. f GDPR. lit. f GDPR. The website operator has a legitimate interest in effective advertising measures including social media. Insofar as corresponding consent has been requested (e.g. consent to the storage of to the storage of cookies), the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the consent is revocable at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: www.facebook.com/legal/EU_data_transfer_addendum und de-de.facebook.com/help/566994660333381.

You can find further information on protecting your privacy in Facebook's privacy policy: de-de.facebook.com/about/privacy/

You can also activate the remarketing function “Custom Audiences” in the ad settings section under www.facebook.com/ads/preferences/ deactivate. You must be logged in to Facebook to do this.

If you do not have a Facebook account, you can view usage-based advertising from Facebook on the website of the European Interactive Digital Advertising Alliance website: www.youronlinechoices.com/de/praferenzmanagement/

5. Plugins und Tools

Youtube

Our website uses plugins from the site operated by Google YouTube. The operator of the pages is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you visit one of our pages equipped with a YouTube plugin equipped pages, a connection to the servers of YouTube is established. YouTube servers is established. The YouTube server is informed which of our pages which of our pages you have visited. If you are logged into your YouTube account are logged in, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account. The use of YouTube takes place in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. Further information on the handling of user data can be found in the YouTube's privacy policy at: www.google.de/intl/de/policies/privacy

Use of DooFinder

1. scope of the processing of personal data

We use functionalities of the search function plugin Doo-Finder of DooFinder S.L., Rufino Gonzalez 23, 28037, Madrid, Spain (hereinafter: DooFinder).

Doo-Finder offers an intelligent search technology that website visitors to help them navigate our website. on our website. Doo-Finder offers, for example, the possibility to complete search queries search queries, search for images or refine product searches using a filter. product searches using a filter.

Doo-Finder processes your IP address.

Further information on the processing of data by Doo-Finder can be found here: www.doofinder.com/de/privacy-policy

2. purpose of data processing

The IP address is processed for security reasons in order to detect and prevent conspicuous or suspicious behavior and to prevent it. We use the plugin to provide our website visitors with a reliable and fast search result. fast search results to our website visitors.

3. legal basis for the processing of personal data

The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest lies in the purposes listed under 2. purposes of data processing.

4. duration of storage

Your IP address will be deleted after 90 days. Your personal information will be stored for as long as is necessary to fulfill the purposes to fulfill the purposes described in this privacy policy or as required by law, e.g. for tax and accounting purposes. accounting purposes.

5. possibility of objection and removal

You can prevent the collection and processing of your personal data by data by DooFinder by preventing the storage of cookies from third-party third-party cookies on your computer, using the “Do Not Track” function of a supporting browser, disabling the execution of script code deactivate the execution of script code in your browser or by using a script blocker such as NoScript (https://noscript.net/) oder Ghostery (https://www.ghostery.com) in your browser.

You can find further information on objection and removal options vis-à-vis DooFinder at: www.doofinder.com/de/privacy-policy

Phonoent

In order to give visitors to our site the opportunity to listen to excerpts of recordings before buying, we have included content from PHONONET GmbH, Bei Pulverühle 7, D-22453 content from PHONONET GmbH, Bei der Pulvermühle 7a, D-22453 Hamburg, Germany. We do this on the basis of Art. 6 para. 1 lit. f GDPR. Our interest lies in providing the most comprehensive customer service.

Information on data processing by PHONENET can be found here: www.phononet.de/datenschutz/

6. Wenn Sie mit uns in eine Geschäftsbeziehung treten wollen

If you wish to enter into a business relationship with Eagle Cable as a business relationship, we require some basic information about the company before business relationship, we need some basic information about the company, including also includes personal data. In detail, we collect the following data with our customer master form the following data:

Data and legal basis:

Mandatory information:

  • Firma 
  • Owner / Managing Director / Legal form 
  • Street, postal code, city, telephone and fax number
  • Payment method and account details, if direct debit is requested 
  • Tax number / Tax office
  • HR entry (HR excerpt / business registration is required)
  •  ILN-Nr.

Further information, if available:

  • Internet / E-mail address
  •  Cooperation number / Cooperation 
  • Delivery address

We process this data on the basis of Art. 6 para. 1 lit. a (consent - you transmit this data to us voluntarily); Art. 6 para. 1 lit. b (contract or pre-contractual measures) and Art. 6 para. 1 lit. f (legitimate interests - Eagle Cable wants to ensure that only commercial customers are included in the customer base. are included in the customer base).

Disclosure of your data:

Your data will be passed on internally for checking. In addition In addition, we may carry out a credit check and make use of the services the services of Euler Hermes. Read the Euler Hermes privacy policy here: https://www.eulerhermes.de/datenschutz.html

Once a positive decision has been made, your data will be available to all employees involved in order processing.

As soon as you are registered with us as a specialist dealer, your contact details may be passed on to enquiring end customers, suppliers or other partners, insofar as this is necessary for the processing of our agreed contractual service is required.

Storage duration:

We will store your customer master data sheet for the duration of our business relationship. If no specialist trade contract is concluded your completed customer master data sheet will be destroyed immediately.

Your rights:

You have the right to withdraw your consent given above with effect for the the future. Mandatory statutory provisions - in particular in particular retention periods - remain unaffected. In addition the rights mentioned under point 2 of this privacy policy apply

7. If you would like to work with us as Contact private person

Feedback cards: 

We are very interested in what we can do better or which products you particularly like as a “users” particularly like. For this reason, we enclose feedback cards some of our products with feedback cards, which you can return to us voluntarily. can send back to us. The cards are collected by us. Your feedback will be stored electronically personal reference - electronically stored. The cards themselves are disposed of disposed of over the course of a year in accordance with data protection regulations. 

Registration and warranty cards: 

Some Products from Eagle Cable you can register with us. In doing so we process the data that you send us with the respective card. card. As a rule, this is your address and contact details. This data is managed by us in a separate database and is used exclusively to used by us exclusively for the purpose of safeguarding your claims (warranty processing) or to advise you (e.g. on the basis of your request for suitable supplementary products). We will send you a one-off one year after submitting your warranty or registration card, you will receive a registration card, we will send you a “birthday letter” with which we will inform you about suitable new products or give you the opportunity to to share your constructive criticism with us. 

Data processing for orders via our test hearing store 

Zur To process your order, we only process the data required for this necessary data that you have transmitted to us as part of the order form (hereinafter referred to as “contract data”). The contract data includes in particular 

  • Name
  • Address
  • E-Mail

The data processing for the aforementioned purpose is carried out on the basis of Art. 6 para. 1 lit. b) GDPR (fulfillment of contract). We store your contract data as long as this is necessary to fulfill the stated purpose (execution of your order, billing) is required. Thereafter we only store the contract data for as long as and to the extent that this is required or permitted by law (e.g. for the exercise of legal claims). legal claims).

Why do we process this data and what rights do you have? 

We process this data exclusively for the purpose of continuously continuously improve our services and our product quality (Art. 6 para. 1 lit. a GDPR - your consent (you provide us with this data voluntarily) and data voluntarily) and Art. 6 para. 1 lit. f GDPR - legitimate interests), or to process warranty services (Art. 6 para. 1 lit. b GDPR - fulfillment of the contract). A transmission by us to third parties will not take place unless you have expressly consented to this transfer. consented to this transfer. Automated decision-making does not take place. You have the right to withdraw your consent given above with effect for the future. the future. Mandatory statutory provisions - in particular in particular retention periods - remain unaffected. In addition the rights mentioned under point 2 of this privacy policy apply.

8. When you apply to us

Why do we process this data? 

We process your application data exclusively for the purpose of selecting suitable applicants applicants for recruitment - we do this on the basis of Art. 88 DS-GVO i.V.m. § 26 BDSG(new) “Data processing for the purposes of the employment relationship”.

Your application data may be forwarded internally to the following departments: Personnel department, management, specialist department with the corresponding personnel requirements or department requesting personnel. A transfer to countries outside the outside the EU takes place with us just as little as an automated decision-making.

Storage duration

 Your application data will be included in your personnel file if you are hired. if you are hired. In the event of non-employment, they will be deleted within six months, unless you expressly give us your consent in text form consent in text form to store your data in our applicant pool. pool. You can revoke this consent at any time. 

 Your rights 

 You have the right to withdraw your consent given above with effect for the the future. Mandatory statutory provisions - in particular retention periods - remain unaffected. In addition, the rights mentioned under point 2 of this privacy policy rights apply

9. When you visit our facebook or Instagram page

Data processing by social networks

We maintain publicly accessible profiles in social networks. networks. The individual social networks we use are listed below. below. 

Soziale Netzwerke wie Facebook, Instagram, etc. can usually analyze your user behavior comprehensively if you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). 

Visiting our social media presences triggers numerous data protection-relevant processing operations. 

In detail: 

If you are logged in to your social media account and visit our social media presence, the operator of the social media portal can social media portal can assign this visit to your user account. Your personal data may also be collected under certain circumstances even if you are not logged in or do not have an account with the respective social media portal. This data collection takes place in This data is collected, for example, via cookies that are stored on your or by recording your IP address. 

With With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and and interests are stored. In this way, they can interest-based advertising inside and outside the respective social media presence can be displayed. If you have an account with the respective social network, the interest-based advertising can be advertising can be displayed on all devices on which you are logged in are or were logged in. 

Please also note that we not be able to track all processing on the social media portals. can understand. Depending on the provider, further processing processing operations by the operators of the social media portals. may be carried out.

For details, please refer to the terms of use and data protection provisions of the respective social media portals.

Legal basis 

Our Our social media presence is designed to ensure the most comprehensive presence on the Internet. This constitutes a legitimate interest interest within the meaning of Art. 6 para. 1 lit. f GDPR. The analysis processes initiated by the social The analysis processes initiated by the social networks may be based on different legal basis, which must be specified by the operators of the social networks networks (e.g. consent within the meaning of Art. 6 para. 1 lit. a DSGVO).

Analysis processes may be based on deviating legal legal basis, which must be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 para. 1 lit. a DSGVO). 

Responsible party and assertion of rights 

When you visit one of our social media sites (e.g. Facebook), we are jointly responsible together with the operator of the social media platform for the data processing responsible for the data processing operations triggered by this visit. You can exercise your rights (information, rectification, erasure, restriction of processing processing, data portability and complaint) both vis-à-vis us and vis-à-vis to us as well as to the operator of the respective social media social media portal (e.g. Facebook).

Please please note that despite the joint responsibility with the social media social media portal operators, we do not have full influence on the data processing data processing operations of the social media portals. Our possibilities are largely determined by the corporate policy of the respective provider. 

Storage duration

The data directly data collected directly by us via the social media presence will be deleted from our systems as soon as the purpose for its storage no longer applies, you request us to delete it, revoke your consent to its storage or or the purpose for data storage no longer applies. Stored cookies remain on your end device until you delete them. Mandatory statutory provisions - in particular retention periods - remain unaffected. remain unaffected.

The storage period of your data, which is stored by stored by the operators of the social networks for their own purposes. purposes, we have no influence. For details on this, please directly from the operators of the social networks (e.g. in their their privacy policy, see below). 

Facebook 

We have a profile on Facebook. The provider is Facebook Inc, 1 Hacker Way, Menlo Park, California 94025, USA. 

Instagram 

We have a profile on Facebook. The provider is Facebook Inc, 1 Hacker Way, Menlo Park, California 94025, USA 

A joint Facebook and Instagram data policy can be found here: https://de-de.facebook.com/about/privacy/

10. Data processing when renting products for trial via our trial hearing shop

In order to process your order, we only process the data required for this necessary data that you have transmitted to us as part of the order form (hereinafter referred to as “contract data”). About the contract data zählen insbesondere

  • Name 
  • Anschrift 
  • E-Mail

If, after the rental period, you are interested in to purchase a device corresponding to the one you have rented on a trial basis from a recommended by us, we will forward your name, your address, the rental price address, the rental price and details of the tested device(s) to the dealer. to the specialist dealer. Data processing for the aforementioned purposes is carried out on the basis of Art. 6 para. 1 lit. b) GDPR (fulfillment of contract). We store your contract data for these purposes, as long as this is necessary for their fulfillment (execution of your order, billing) is required. Thereafter, we only store the contract data only as long as and to the extent that this is required or permitted by law permitted (e.g. for the exercise of legal claims).

Eagle Cable transmits personal data collected within the scope of this contractual relationship personal data collected in the context of this contractual relationship about the application and termination of this business relationship as well as data on non contractual behavior or fraudulent behavior to SCHUFA Holding AG, Kormoranweg Holding AG, Kormoranweg 5, 65201 Wiesbaden. The legal basis for this are Article 6(1)(b) and Article 6(1)(f) of the General Data Protection point (f) of the General Data Protection Regulation (GDPR). Transmissions on the basis of Article 6(1)(f) GDPR may only take place be made insofar as this is necessary to safeguard the legitimate interests of Eagle Cable or third parties and does not prejudice the interests or fundamental rights and fundamental rights and freedoms of the data subject which require the protection of of personal data prevail. The exchange of data with SCHUFA also serves to fulfill legal obligations to carry out credit creditworthiness checks of customers (§ 505a and 506 of the German Civil Code) of the German Civil Code).

SchUFA processes the data received and also uses it for the purpose of profiling (scoring). for the purpose of profiling (scoring) in order to provide its contractual partners in the European Economic Area and in Switzerland and, if applicable, other third countries (insofar as an adequacy decision of the European European Commission) information, among other things, to assessing the creditworthiness of natural persons. Further information on SCHUFA's activities can be found in the SCHUFA information sheet in accordance with Art. 14 GDPR or online at www.schufa.de/datenschutz can be viewed.

We would like to point out that, pursuant to Art. 6 para. 1 letter f GDPR, we transmit data on claims that have not been settled despite the due date to SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden, Germany, and that this data is taken into account there in the determination of probability values (scoring), provided that you have received at least two written reminders after the at least twice in writing after the claim became due, the first reminder reminder was sent at least four weeks ago and you have not disputed the claim. have not disputed the claim. You can obtain further information about SCHUFA from the SCHUFA information sheet further down on this page and at www.schufa.de/datenschutz

11. Zahlungsdienste

We integrate payment services from third-party companies on our website. on our website. When you make a purchase from us, your payment details (e.g. name, payment amount (e.g. name, payment amount, account details, credit card number) are processed by the payment service provider for the purpose of payment processing. For These transactions are subject to the respective contractual and data protection provisions of the respective providers apply to these transactions. The use of the payment service providers is based on Art. 6 para. 1 lit. b GDPR (contract processing) and in the interest of the smoothest possible smooth, convenient and secure payment process (Art. 6 para. 1 lit. f GDPR). lit. f GDPR). Insofar as your consent is requested for certain is requested for certain actions, Art. 6 para. 1 lit. a GDPR is the legal basis for data data processing; consent can be revoked at any time for the future. revocable at any time in the future.

We use the following payment services / payment service providers on this website:

PayPal

The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter referred to as “PayPal").

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: www.paypal.com/de/webapps/mpp/ua/pocpsa-full

Details entnehmen Sie der Datenschutzerklärung von PayPal: www.paypal.com/de/webapps/mpp/ua/privacy-full


Stripe

The provider for customers within the EU is Stripe Payments Europe, Ltd, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland (hereinafter referred to as hereinafter referred to as “Stripe”).

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: www.stripe.com/de/privacy und www.stripe.com/de/guides/general-data-protection-regulation

Details can be found in Stripe's privacy policy at the following link: www.stripe.com/de/privacy


Klarna (via Stripe)

The provider is Klarna AB, Sveavägen 46, 111 34 Stockholm, Sweden (hereinafter referred to as “Klarna”). Klarna offers various payment options (e.g. installment purchase). If you choose to pay with Klarna (Klarna checkout solution), Klarna will collect various personal data from you. collect personal data from you. Klarna uses cookies to facilitate the optimize the use of the Klarna checkout solution. Details on the use of Klarna cookies can be found at the following link: www.cdn.klarna.com/1.0/shared/content/policy/cookie/de_de/checkout.pdf

Details can be found in Klarna's privacy policy at the following link: www.klarna.com/de/datenschutz/

Instant bank transfer (via Stripe)

The provider of this payment service is Sofort GmbH, Theresienhöhe 12, 80339 Munich (hereinafter referred to as “Sofort GmbH”). With the help of the procedure “Sofortüberweisung” procedure, we receive a payment confirmation in real time from Sofort GmbH in real time and can immediately begin with the fulfillment of our liabilities immediately. If you have opted for the payment method “Sofortüberweisung” payment method, you transmit the PIN and a valid valid TAN to Sofort GmbH, with which they can log into your online log into your online banking account. Sofort GmbH will automatically check your automatically checks your account balance and carries out the transfer to us using the with the help of the TAN you have transmitted. Subsequently it immediately sends us a transaction confirmation. After log-in, your turnover, the credit limit of the overdraft facility overdraft facility and the existence of other accounts and their balances are automatically checked. In addition to the PIN and TAN, the payment data payment data entered by you as well as your personal data are transmitted to Sofort GmbH. The data relating to your person are first and last name, address, telephone number(s), e-mail address, IP address and any other data required for payment processing. The transmission of this data is necessary to establish your identity beyond doubt and to prevent attempts at fraud. Details for payment with Sofortüberweisung can be found in the following links: www.sofort.de/datenschutz.html und www.klarna.com/sofort/

Mastercard

The provider of this payment service is Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium (hereinafter referred to as “Mastercard”). “Mastercard").

Mastercard may transfer data to its parent company in the USA. to its parent company. The data transfer to the USA is based on the Binding Corporate Corporate Rules of Mastercard. Details can be found here: www.mastercard.de/de-de/datenschutzt und www.mastercard.us/content/dam/mccom/global/documents/mastercard-bcrs.pdf

VISA

The provider of this payment service is Visa Europe Services Inc, London Branch, 1 Sheldon Square, London W2 6TT, United Kingdom (hereinafter referred to as “VISA”).

The United Kingdom is considered a secure third country under data protection law. This means that Great Britain has a level of data protection that corresponds to the level of data protection in the European Union.

VISA may transfer data to its parent company in the USA. The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: www.visa.de/nutzungsbedingungen/visa-globale-datenschutzmitteilung/mitteilung-zu-zustandigkeitsfragen-fur-den-ewr.html

For more information, please refer to VISA's privacy policy: www.visa.de/nutzungsbedingungen/visa-privacy-center.html

American Express

The provider of this payment service is American Express Europe S.A., Theodor-Heuss-Allee 112, 60486 Frankfurt am Main, Germany (in the hereinafter referred to as "American Express").

American Express may transfer data to its parent company in the United States convey. The data transfer to the USA is limited to the binding Corporate Rules. Details can be found here: www.americanexpress.com/en-pl/company/legal/privacy-centre/european-implementing-principles/

For more information, please refer to American Express' privacy policy: www.americanexpress.com/de/legal/online-datenschutzerklarung.html

Diners Club

The provider of this payment service is the card complete Service Bank AG Lassallestraße 3, 1020 Vienna, Austria (hereinafter referred to as "Diners Club").

In the case of transactions abroad, a processing of the necessary information by the local credit card organisation of the respective country and by the "DFS Services LLC" and its subsidiaries "Diners Club International LTD" as well as "Pulse Network LLC" (based in the USA) and thus outside the EU or EEA. This transfer is for the Performance of the contract required in accordance with Art. 49 (1) (b) GDPR. The Data protection declaration of DFS Services LLC can be found at www.dinersclub.de/datenschutz

12. Wenn sie an einem unserer Webinare teilnehmen

Audio and video conferencing Data processing

For communication with our customers, we use, among other things: online conference tools. The specific tools we use are listed below. If you want to talk to us via video or audio conference, via the Internet, your personal data will be processed by us and the provider of the respective conference tool.

The conferencing tools collect all the data you need to use them. of the tools (email address and/or your telephone number). In addition, the conference tools process the duration of the Conference, start and end (time) of participation in the conference, number of participants and other "contextual information" related to the communication process (metadata).

Furthermore, the provider of the tool processes all technical Data required to handle online communications. This includes, in particular, IP addresses, MA

If content is exchanged, uploaded or uploaded to the provided in any other way, they will also be made available on the servers of the tool providers. Such content includes especially cloud recordings, chat/instant messages, voicemails uploaded photos and videos, files, whiteboards, and others Information shared while using the Service.

Please note that we do not have full influence on the data processing operations of the tools used. Ours opportunities are largely based on the corporate policy of the respective provider. Further information on data processing by the Conference tools can be found in the privacy policies of the respective tools that we have listed below this text.

Purpose and legal basis

The conference tools are used to work with prospective or existing contractual partners or to communicate certain services to our customers (Art. 6 para. 1 lit. b GDPR). Of Furthermore, the use of the tools serves the general simplification and Acceleration of communication with us or our company (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). As far as consent has been requested, the use of the relevant tools based on this consent; consent shall be given at any time revocable with effect for the future.

Storage period

The data collected directly by us via the video and conference tools Data is deleted from our systems as soon as you ask us to delete it. to withdraw your consent to the storage or the purpose of for data storage. Stored cookies remain on your device until you delete it. Mandatory legal requirements Retention periods remain unaffected.

The storage period of your data collected by the operators of the conferencing tools for our own purposes, we do not have any Influence. For details, please contact directly the operators of the conference tools.

Conference tools used

We use the following conference tools:

edudip

We use edudip from edudip GmbH, Jülicher Straße 306, 52070 Aachen. Information on data protection when using edudip can be found here: www.edudip.com/de/sicherheit

Conclusion of a contract for order processing: We have worked with the provider of edudip a contract for order processing completed.

Webinaris

We use the Webinaris software for hosting and processing of online webinars. The provider is Webinaris GmbH, Bussardstr. 5, 82166 Gräfelfing (hereinafter referred to as "Webinaris").

When you attend one of our Webinaris webinars, your personal data for the purpose of holding the event on the servers of Webinaris. These are: The following data:

  • Email address
  • Browser and system data
  •  IP address 
  • Language and time zone 
  • Chat data 
  • Other data entered by you (e.g. name, telephone number or customer number, support requests, chat messages) 
  • Usage data from webinars (e.g. access numbers, application histories, registration to and participation in a webinar, access to certain pages, etc.)

these Data will be stored by Webinaris for a specific purpose and stored according to Loss of purpose deleted. Legal basis for the use of Webinaris Art. 6 (1) (b) GDPR (performance of a contract) and our legitimate interest in the professional handling of our Webinars (Art. 6 para. 1 lit. f GDPR). Provided that a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 (1) (a) GDPR; consent is can be revoked at any time.

Order processing: We have a contract for Data Processing (DPA) with the above-mentioned provider. This is a data protection Contract that guarantees that the personal data will be processed of our website visitors only in accordance with our instructions and in compliance with GDPR.

13. Wenn sie unseren Newsletter abonnieren

Newsletterdaten

If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as information on which allow us to verify that you are the owner of the specified e-mail address and agree to receive the newsletter are. Further data will not be collected or will only be collected on a voluntary basis exalted. We use this data exclusively for the dispatch of the requested information and does not disclose it to third parties.

The processing of the data entered in the newsletter registration form Data is processed exclusively on the basis of your consent (Art. 6 (1) (a) GDPR). The consent given to the storage of the e-mail address and its use to send the You can revoke newsletters at any time, for example via the "Unsubscribe" link in the newsletter. The legality of the Data processing operations remain unaffected by the revocation.

The information you have deposited with us for the purpose of subscribing to the newsletter Data will be collected by us until you unsubscribe from the newsletter or the newsletter service provider and stored after unsubscribing of the newsletter or, after the purpose of the newsletter has ceased to exist, Newsletter distribution list deleted. We reserve the right to use e-mail addresses from our newsletter distribution list at our own discretion as part of our legitimate interest pursuant to Art. 6 (1) (f) GDPR or.

After you have unsubscribed from the newsletter distribution list, your e-mail address with us or the newsletter service provider, if necessary in a Blacklist saved to prevent future mailings. The data from blacklist are only used for this purpose and are not linked to other data. This serves both your interest and our interest in complying with the legal requirements of the Sending newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). The storage in the blacklist is not temporary. You can object to the storage if your interests outweigh our legitimate interest.

Rapidmail

This website uses Rapidmail to send newsletters. The provider is rapidmail GmbH, Augustinerplatz 2, 79098 Freiburg i.Br., Germany.

Rapidmail is a service that, among other things, allows you to send newsletters can be organized and analyzed. The information you have entered into for the purpose of When you subscribe to the newsletter, data will be stored on the servers of Rapidmail. stored in Germany.

Data analysis through Rapidmail

For the purpose of analysis, the emails sent with Rapidmail contain a so-called "tracking pixel", which is connected to the servers of Rapidmail. In this way, it can be determined whether a newsletter message has been opened.

Furthermore, with the help of Rapidmail, we can determine whether and which links in the newsletter message are clicked. For all Links in the e-mail are so-called tracking links, with which where your clicks can be counted. If you don't have an analysis by Rapidmail, you must unsubscribe from the newsletter. To this end, we will provide a corresponding link to the Decree.

For more information on the analysis functions of Rapidmail, please refer to the following link:www.rapidmail.de/hilfe/kategorie/statistiken

Legal basis

The data processing is carried out on the basis of your consent (Art. 6 (1) (a) GDPR). You can revoke this consent at any time revoke. The legality of the Data processing operations remain unaffected by the revocation.

Storage period

The information you have deposited with us for the purpose of subscribing to the newsletter Data will be collected by us until you unsubscribe from the newsletter or the newsletter service provider and stored after unsubscribing of the newsletter from the newsletter distribution list. Data that have been stored by us for other purposes shall remain untouched.

After you have unsubscribed from the newsletter distribution list, your e-mail address with us or the newsletter service provider, if necessary in a Blacklist saved to prevent future mailings. The data from blacklist are only used for this purpose and are not linked to other data. This serves both your interest and our interest in complying with the legal requirements of the Sending newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). The storage in the blacklist is not temporary. You can object to the storage if your interests outweigh our legitimate interest.

For more information, please refer to Rapidmail's data security information at: www.rapidmail.de/datensicherheit.

Conclusion of a contract for order processing: We have worked with Rapidmail has entered into a contract in which we to protect our customers' data and not to third parties. This contract can be found at the following link can be viewed: de.rapidmail.wiki/files/adv/muster-auftragsdatenverarbeitung.pdf

14. SCHUFA-Information

1. Name and contact details of the responsible body and the company data protection officer

SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden, Tel.: +49 (0) 6 11-92 78 0

The company data protection officer of SCHUFA is available under the above-mentioned address, for the attention of the Data Protection Department or by e-mail at datenschutz@schufa.de accessible.

2. Data processing by the SCHUFA

2.1) Purposes of data processing and legitimate interests pursued by SCHUFA or a third party.

SCHUFA processes personal data in order to information on the assessment of the creditworthiness of natural and legal persons. To this end, Score values are calculated and transmitted. It only provides the information if there is a legitimate interest in doing so in the individual case. credibly demonstrated and that processing was carried out after weighing up all interests. The legitimate interest is in particular entering into transactions with a financial risk of default. The Creditworthiness check serves to protect recipients from losses in the lending business and at the same time opens up the possibility of borrowers from excessive debt by advising them on excessive debt. preserve. The data is also processed for the purpose of fraud prevention, integrity checks, money laundering prevention, identity and age verification, address tracing, customer service or risk management as well as tariff or conditioning. In addition to any Changes in the purposes of data processing, SCHUFA will be subject to changes in accordance with Art. 14 (4) DSGVO.

2.2) Legal bases for data processing

SCHUFA processes personal data on the basis of the provisions of the General Data Protection Regulation. The processing is carried out on the basis of consents and on the basis of Art. 6 para. 1 (f) GDPR, insofar as the processing is necessary to safeguard the legitimate interests of the controller or a third party is necessary and does not prejudice the interests or fundamental rights and freedoms of the data subjects requiring the protection of personal data, outweigh. Consent may be given at any time to the person concerned. contractual partners. This also applies to consents, that were already issued before the GDPR came into force. The revocation of consent does not affect the lawfulness of the processed personal data.

2.3) Origin of the data

SCHUFA receives its data from its contractual partners. These are in the European Economic Area and Switzerland, as well as other third countries (provided that they are accompanied by an equivalent adequacy decision of the European Commission exists) institutions, financial companies and payment service providers that bear a financial default risk (e.g. banks, savings banks, cooperative banks, credit card, factoring and leasing companies) as well as other contractual partners who are among the parties mentioned in Section 2.1 SCHUFA products, in particular from the (Shipping)trade, eCommerce, service, rental, energy supply, telecommunications, insurance or Debt collection. In addition, SCHUFA processes information from generally accessible sources, such as public directories and official announcements (debtor registers, Insolvency Notices).

2.4) categories of personal data that are processed (personal data, Payment behaviour and contractual compliance)

  • personal data, e.g. name (possibly also previous names, the on separate request), first name, date of birth, Place of birth, address, previous addresses 
  • Information about the commencement and contractual execution of a transaction (e.g. Current accounts, installment loans, credit cards, garnishment protection accounts, Basic accounts)
  • Information on undisputed, due and multiple reminders or titled receivables and their settlement 
  • Information on abusive or other fraudulent behaviour such as identity or credit fraud 
  • Information from public directories and official announcements 
  • Score values

2.5) Categories of recipients of personal data

Recipients are in the European Economic Area, Switzerland and other third countries (if they are accompanied by a corresponding adequacy decision of the European Commission exists) resident contractual partners in accordance with Section 2.3. Other recipients can external contractors of SCHUFA in accordance with Art. 28 GDPR as well as external and internal SCHUFA offices. SCHUFA is also subject to the legal powers of intervention of state authorities.

2.6) Duration of data storage

SCHUFA stores information about individuals only for a definite time. Decisive criterion for determining this time is the necessity. In order to examine the necessity of the further storage or deletion of personal data, the SCHUFA standard deadlines. According to this, the basic Storage period of personal data for three years to the day after they have been completed. Deviating from this, for example, the following are deleted:

  • Information on enquiries after twelve months
  • of information to the day about trouble-free contract data about accounts that are not justified claim (e.g. current accounts, credit cards, telecommunications accounts or energy accounts), Information on contracts for which the verification of evidence is required by law (e.g. garnishment protection accounts, basic accounts) and Guarantees and commercial accounts that are managed creditorously, immediately after the announcement of termination.
  • Data from the lists of debtors of the central enforcement courts according to three years, but prematurely if SCHUFA has a deletion by the central enforcement court is proven 
  • Information on consumer/insolvency proceedings or residual debt discharge proceedings exactly three years after the end of the insolvency proceedings, or Granting of discharge of residual debt. In special individual cases an earlier deletion can also take place in a different way. 
  • Information on the dismissal of an insolvency application for lack of assets, the annulment of the precautionary measures or on the refusal of discharge of residual debt to the day after three years
  • Personal addresses remain stored for three years to the day; then the examination of the Necessity of continuous storage for a further three years. After that, they will be deleted on a day-to-day basis, unless for the purpose of Identification requires a longer period of storage.

3. Rights of data subjects

Every data subject has the right to SCHUFA to Information pursuant to Art. 15 GDPR, the right to rectification pursuant to Art. 16 GDPR, the right to erasure under Art. 17 GDPR and the right to erasure Restriction of processing in accordance with Art. 18 GDPR. The SCHUFA has for Concerns of data subjects a private customer service center which can be entered in writing at SCHUFA Holding AG, Private Clients ServiceCenter, P.O. Box 10 34 41, 50474 Cologne, by phone at +49 (0) 6 11-92 78 0 and via an internet form at www.schufa.de is achievable. In addition, there is the possibility to participate in the the supervisory authority responsible for SCHUFA, the Hessian Data Protection Officer. Consent can be revoked at any time vis-à-vis the contractual partner concerned.

According to Art. 21 para. 1 GDPR, data processing may be prohibited for reasons: arising from the particular situation of the data subject, can be contradicted. The objection can be made in any form and must be Address to SCHUFA Holding AG, Private Customer ServiceCenter, P.O. Box 10 34 41, 50474 Cologne.

4. Profile building

The SCHUFA report can be supplemented by so-called score values. Scoring is based on collected information and experience makes a forecast of future events from the past. The calculation of all score values is always done at SCHUFA on the basis of the data on a data subject stored at SCHUFA Information that is also disclosed in the information pursuant to Art. 15 GDPR become. In addition, SCHUFA takes into account the following factors in the scoring: Provisions § 31 BDSG. On the basis of the data stored on a person, entries are assigned to statistical groups of persons who are classified in had similar entries in the past. The process used is referred to as "logistic regression" and is a well-founded, long-tried-and-tested, mathematical-statistical method for Prediction of risk probabilities.

The following types of data are used by SCHUFA to calculate scores: although not every type of data is also included in each individual Score calculation: General data (e.g. date of birth, gender or number of addresses used in business transactions), previous payment disruptions, credit activity last year, credit usage, length of credit history and address data (only if little personal credit-relevant information is available). Certain information is neither stored nor used in the calculation of score values, e.g.: information on nationality or special categories of personal data such as ethnic origin or information on political or religious attitudes pursuant to Art. 9 GDPR. The assertion of rights under the GDPR, e.g. the inspection of the information stored at SCHUFA in accordance with Art. 15 GDPR, has no influence on the score calculation.

The transmitted score values support the contracting parties in the decision-making and enter into risk management there. The Risk assessment and assessment of creditworthiness is carried out solely by the direct business partner, as only the latter has numerous additional information - for example from a loan application - decreed. This applies even if he relies solely on the SCHUFA. One In any case, the SCHUFA score alone is not a sufficient reason to To refuse to conclude a contract.

Learn more about creditworthiness scoring or detection. conspicuous facts are available under www.scoring-wissen.de.