Sandler AG  » Privacy statement  » General information on data protection

GENERAL INFORMATION ON DATA PROTECTION

PURSUANT TO ART. 12 ff. GDPR

Data Controller:
Sandler AG
Lamitzmühle 1
95126 Schwarzenbach/Saale, Deutschland
Location: Schwarzenbach/Saale
Registration Court: Hof/Saale HRB 3434

Executive Board:
Dr. Christian Heinrich Sandler (President & CEO)
Dipl.-Ing. (FH) Wolfgang Höflich
Dr. Ulrich Hornfeck

Chairman of the Supervisory Board:
Dipl.-Kfm. Ellen Ebbinghaus

Tax Identification Number:
DE 132945288

Contact:
Phone: +49 (0) 9284 / 60 - 0
Fax: +49 (0) 9284 / 60 - 205
E-mail: info@sandler.de
Web: www.sandler.de

Data Protection:
Tobias Schödel
Data Protection Officer
Sandler AG
Lamitzmühle 1
95126 Schwarzenbach/Saale, Germany
E-mail: datenschutz@sandler.de

Purpose of collecting, processing or using data (business objective)

The business objective of Sandler AG is the development, production and sale of nonwoven materials in differentiated market segments.
Sandler AG is entitled to undertake all commercial operations, and undertake all measures that relate to its business objective, or which appear directly or indirectly conducive to it, as well as occasional advertising measures. In particular, this includes the improvement of Sandler AG products and articles and the improvement of customer satisfaction. In this context, Sandler AG sends their "In Bewegung" journal to their contacts twice a year by electronic means or post to inform them of news, company developments and company initiatives.
This business objective requires that Sandler AG collect, process and use personal data in close cooperation with development, production, sales and service partners. The support provided to international customers, suppliers and business partners takes place through the sales and service organisations at Sandler AG, as well as the partners employed.
Every instance of collecting, processing and using personal data takes place on the basis of legal provisions exclusively and for the fulfilment of the business objective defined above.

Services

The following partners are involved within the scope of the provision of services by Sandler AG:

  1. Customer-specific and non-custom specific production, development, service and distribution partners
  2. Product manufacturers within the scope of their product responsibility as suppliers

Legal basis for the processing of personal data by Sandler AG

In principle, the legal basis for processing personal data arises from Art. 6 GDPR. These specifically include the following principles, which also arise from the aforementioned business objective of Sandler AG:

  1. Sandler AG processes personal data in order to fulfil an existing contractual relationship and undertake pre-contractual measures, since a contract cannot be concluded without this data and it would be impossible to fulfil the resulting obligations. (Art. 6 (1) (b) GDPR)
  2. Furthermore, Sandler AG, processes personal data based on its legitimate interest or the interest of a third party, provided that it is reasonable and necessary. (Art. 6 (f) GDPR) The legitimate interest of Sandler AG arises exclusively from the aforementioned business objective.
  3. If required, Sandler AG processes personal data in order to comply with a legal obligation, e.g. tax laws. (Art. 6 (1) (c) GDPR)
  4. Sandler AG processes personal data based on consent alone, if required, such as for certain advertising measures. (Article 6 (1) (a) GDPR)

Description of the data subject group and the associated data or data categories

On request, Sandler AG shall provide you with information on the methods used for the eventual storage or processing of your data and also which data is the subject in individual cases. The following data subject groups are affected within the procedures used or employed by Sandler AG:

  1. Existing customers
  2. Potential customers
  3. Prospective customers
  4. Suppliers
  5. Commercial agents
  6. Partners
  7. Employees
  8. Job applicants and, in certain cases, former employees of Sandler AG
  9. Visitors

Sandler AG principally uses the following data or data categories in the procedures used:

  1. Personal master data (e.g. first name, title, address)
  2. Communications data (e.g. telephone, mobile phone, email, fax)
  3. Contract master data (contractual relationship, interest in the product and contractual fulfilment)
  4. Customer history
  5. Contract billing and payment data (e.g. bank details, account number or credit card number, if applicable)
  6. Planning and control data
  7. Information from third parties (e.g. credit reference agencies or public registers)

Within the legal framework and in a very limited scope (mainly in internal relation to the employment relationship between Sandler AG and their employees), Sandler AG also collects, stores, processes and uses special categories of personal data pursuant to Art. 9 GDPR.
Within the framework of their own IT infrastructure and special applications, Sandler AG also works with IT service providers.
Insofar as Sandler AG works with data processing companies within the scope of the aforementioned business objective, written data processing contracts shall be concluded with each of the partners employed. These contracts take into account and include the principles of data protection and the pertinent data protection regulations.

Potential recipients of data or recipient categories

Within Sandler AG, those employees and offices receive access to data that is required for fulfilling the aforementioned business objective. This also applies to any service providers and vicarious agents who are employed and are necessary. Personal data is only disclosed to third parties if it is required for fulfilling the aforementioned business objective, or if the data subject has given his consent. External recipients of personal data can include:

  1. Service providers and suppliers within the scope of contract data processing or based on a legitimate interest taking into account the aforementioned business objective.
  2. Authorities, provided that legal provisions are in place that are of central importance.

Transmission of data to recipients in third countries (non-EU countries)

The communications data is available to Sandler AG employees worldwide, and therefore also in third countries. Customer data, supplier data and data from service providers is only communicated or disclosed within the legal framework. In principle, data is transmitted to recipients in third countries based on suitable guarantees.

Technical and organisational measures

Sandler AG undertakes the necessary technical and organisational measures with the aim of protecting the personal data and information Sandler AG stores. Technical and organisational measures include the following measures where necessary and appropriate:

  • Access control,
  • Media control,
  • Storage control,
  • User control,
  • Access control,
  • Disclosure control,
  • Input control,
  • Transport control,
  • Recoverability,
  • Data integrity,
  • Job control,
  • Availability control,
  • Separation requirement,
  • Access control.

Storage duration and deletion of personal data

Sandler AG stores personal data in the context of the aforementioned business objective. The personal data is processed for the first time from the time it is recorded, if it is communicated to Sandler AG. Sandler AG deletes the personal data, if the corresponding contractual relationship has come to an end, all interests arising from it have been fulfilled and no other statutory retention periods or justifications for storage or processing exist.

Your rights as a data subject

Please direct information enquiries or data subject rights’ assertions to datenschutz@sandler.de

According to the data protection regulations, you have the right to request information about the personal data Sandler AG processes on your person. You also have the right to have inaccurate data corrected, restrict processing and have your personal data deleted, as well as the right to object and to data portability. We would like to point that, in individual cases, Sandler AG will be able to prove an overriding legitimate or public interest, in particular with regard to the right to object to the respective data processing instance. Consent granted to Sandler AG to process personal data for the specific purposes may be revoked at any time for the future.
In addition, each data subject has the right to complain to a supervisory authority. The contact details for the supervisory authority responsible for Sandler AG can be found at the end of this statement.

The Data Protection Officer at Sandler AG is always at your disposal if you have any questions.

You can contact him under:
Sandler AG
Lamitzmühle 1
95126 Schwarzenbach Saale, Germany
E-Mail: datenschutz@sandler.de

Further information and statements concerning the rights mentioned here can be found on the website "Rights for citizens" from the European Commission and obtained from:

Bayerisches Landesamt für Datenschutzaufsicht
Promenade 27 (Schloss)
91522 Ansbach, Germany
Phone: +49 (0) 981/53-1300
Fax: +49 (0) 981/53-5300
E-mail: poststelle@lda.bayern.de
Internet: http://www.lda.bayern.de

Modification of terms
Since data processing at Sandler AG is subject to change, Sandler AG intends to adapt this General Data Protection Policy from time to time. This Data Protection Policy in the most recent amended version can be accessed at any time here.