Back

Data protection information according to Art. 13, 14 of the EU General Data Protection Regulation

Dear Sir or Madam,

Data protection is important to us. Therefore, the handling of personal data of our business partners is in compliance with legal data protection regulations. This data protection information is aimed at our contacts with customers, suppliers, service providers, cooperation partners, partner companies as well as other business partners and public authorities.

Responsible body in the sense of the EU data protection regulation is:
GiB Gesellschaft für innovative Bautechnologie mbH
Simbacher Straße 8
94424 Arnstorf, Germany
Phone: +49 8723/20-32 88
Fax: +49 8723/20-26 68
E-mail: info[at]gib-gmbh.com

You can reach our data protection officer by post or electronically using the following contact data:
GiB - Gesellschaft für innovative Bautechnologie mbH
Data Protection Officer
Aufhausener Straße 3
94424 Arnstorf, Germany
Phone: +49 8723/20-32 88
Fax: +49 8723/20-26 68
E-mail: Datenschutzbeauftragter[at]gib-gmbh.com

We collect, process and use personal data if you provide us with this data (eg by telephone, electronic or written transmission, by transferring a business card, by contact requests), or if your employer or client provides us this information (eg when you are named as contact) and if we are entitled to their collection, use and processing on the basis of your consent or on the basis of a legal provision.

Personal data is any information that relates to an identified or identifiable natural person (hereinafter referred to as "data subject").

Personal data is for example:
Name, first name, home address, date of birth, employer, personal interests, telephone numbers, e-mail addresses, bank details, and any other information you may provide us in the course of the relationship that is relevant for optimal business partner and customer service.

The above-mentioned personal data will be processed for the following purposes:

  • Initiation, planning, execution and administration of the business relationship
  • Contact for sales and processing of consulting projects and other orders
  • Communication with you about our services, projects and technical issues
  • Contact for inquiries for information, quotation, and, if necessary, transfer of your data to cooperation partners, e.g. to contact you
  • Project consulting and support in project development, planning and announcement
  • Compliance with legal requirements (for example, tax and commercial retention requirements) or existing obligations to carry out compliance screenings (to prevent white-collar crime or money laundering)

The processing of personal data is necessary to achieve the above purposes, including the execution of the (contractual) business relationship with the customer. Legal basis for data processing is - unless otherwise stated - Article 6 (1) (b), and (c) of the General Data Protection Regulation or your expressly granted consent (Article 6 (1) (a) of the General Data Protection Regulation).

We also process your above-mentioned data in order to protect our legitimate interests or the legitimate interests of a third party, unless your personal interests prevail (Article 6 (1) (f) of the General Data Protection Regulation). For example, we have an interest in defending or legally enforcing our legal and economic claims, securing ourselves against economic or financial or legal risks, protecting our corporate knowledge and property, marketing ourselves, satisfying you as a client or partner of GIB and to maintain a long-term and close business relationship with you.

The data processing is for the following purposes:

  • Settling litigation, enforcing existing contracts and asserting, exercising and defending legal claims
  • Maintaining and protecting the security of our products and services as well as our websites, to prevent and detect security risks, fraud, or other criminal or intentionally harmful acts
  • Providing advertising and information about our projects, products and services
  • Information and invitations to trade fairs and other events
  • Conducting customer surveys, marketing campaigns, market analysis, competitions or similar promotions and events
  • Making other contacts to improve cooperation and strengthen cooperation
  • Checking the creditworthiness and hedging the risks of default

Direct marketing based on our legitimate interest

In some cases, we process your legitimately collected personal data for the purposes of promotional communication on the basis of our legitimate interest pursuant to Art. 6 (1) lit. f GDPR. In this context, our legitimate interest is non-harassing direct advertising and your rights and freedoms are not to be regarded as predominant in comparison.

If we send you advertising via electronic mail (e-mail), we will only use e-mail addresses that we have collected in the context of a sale of goods or services, will only send direct advertising for our own similar goods or services and will only use your e-mail address as long as you have not objected to the sending of direct marketing. To exercise your right of objection in accordance with Article 21 (2) GDPR and § 7 of the  German Fair Trade Practices Act (UWG) with regard to a specific advertisement sent at regular intervals (newsletter), please click on the unsubscribe link provided in each mailing. If you wish to object to all forms of direct marketing in accordance with Art. 21 (2) GDPR, § 7 UWG (German Fair Trade Practices Act), please contact the responsible body (controller). If we send you direct advertising by post on the basis of our legitimate interest, we will use your data for this purpose until you have objected to this form of direct advertising.

The data you submit to us will be kept confidential. Your personal data will not be sold to third parties or otherwise marketed by us.

In principle, the data will not be made available to third parties for use, unless you have given your consent or we are legally entitled and / or obliged to disclose this data.

To the extent permitted by law and required to comply with applicable law or to enforce, exercise or defend legal rights, we transfer personal information to courts, tax authorities, regulators. However, we take all measures to ensure appropriate and adequate safeguards for the protection of your personal information.

Your personal data will be forwarded to the following companies and organizations for the above purposes:

  • Testing institutes, laboratories, universities, government agencies if it is necessary for the fulfillment of the contract
  • Cooperation partners if it is necessary for the fulfillment of the contract
  • IT service providers and processors who provide us with infrastructure or applications or maintain their proper operation

When transferring data to non-EU and European Economic Area (third country) recipients, we ensure that the recipient has an adequate level of data protection or that you have given your express consent. An appropriate level of data protection may be ensured e.g. with adequacy decisions by the European Commission, by the agreement of the EU standard contractual clauses or by appropriate guarantees such as the recipient's certification under the EU-US Privacy Shield.

If no explicit retention period is specified during the collection (eg as part of a declaration of consent), the personal data is deleted insofar as these are no longer required to fulfill the purpose of the storage, unless there are statutory retention requirements (eg commercial and tax-related retention requirements) against a deletion.

Rights of affected persons:  Right to information, correction, deletion or restriction of your personal data, right to object and right to data transferability

Upon request, we will inform you in writing in accordance with applicable law whether and which personal data about you are stored with us. If you are registered with us as a user, you have the option of viewing your personal information, changing it if necessary, or deleting it. If, despite our efforts for data security and data accuracy, incorrect information is stored, we will correct it to your request.

In addition, you have the right to demand that we restrict the processing of personal data. You may also request that you receive the data you provide us in a structured, common and machine-readable format. 

You have the right to object at any time to the processing of your personal data on the basis of legitimate interests pursuant to Art. 6 paragraph (1) lit. (f) GDPR. We will then no longer process the personal data unless we can prove compelling reasons worthy of protection which outweigh the interests, rights and freedoms of the data subject. In the case of processing for direct marketing purposes, you have an unlimited right of objection, so that we will stop processing in any case if you have objected.

You have the right to request the deletion of your personal data, provided that statutory retention periods do not conflict. We will delete your data if we no longer need it for the purpose for which we collected and processed it, or if you revoke your consent and there is no other legal basis for the further processing of your data. In addition, we will delete your data if the processing has been unlawful for reasons unknown to us or if you object to the processing and there are no legitimate interests for processing. A deletion of your data also takes place internally if we are legally obliged to do so. All links, copies and replications of your personal data shall be deleted.

If you have consented to the processing of your personal data, you have the right at any time to revoke the consent with effect for the future. The revocation of consent does not make past data processing illegal.

You are free to submit your data to us. However, these data are required for the further conclusion of the contract or to answer your inquiries. If you do not want to disclose your data, the contract cannot be concluded or your requests can not be answered. The provision of the data is necessary for the conclusion of the contract.

You also have the right to complain to the responsible regulatory authority about the processing of data by our company.

The data protection authority responsible for our company is: 
Data Protection Authority of Bavaria for the Private Sector
Promenade 27 (Schloss)
91522 Ansbach, Germany
Web: www.lda.bayern.de 

If you have any questions about the processing of your personal data by GiB - Gesellschaft für innovative Bautechnologie mbH, you can contact our responsible data protection officer at the above-mentioned contact details.