Data protection information for customers (Art. 13 GDPR)
Information about the collection and processing of your personal data
The following information provides you with an overview of the collection and processing of your personal data by us and your associated rights. The data we process from you and the purpose for which this is done depends on the respective contractual relationship.
1. Who is responsible for data processing (controller)?
The controller of the personal data is:
IME-DC GmbH
Fuhrmannstraße 11
95030 Hof
Germany
2. How can I reach the data protection officer (DPO)?
You can nreach our data protection officer (DPO) at:
eyeDsec Information Security GmbH
Friedrichstraße 25
95444 Bayreuth
Germany
Phone.: +49 921/23059935
Email: datenschutz@eyedsec.de
3. Which of your personal data do we process?
We process personal data that we receive from you mainly in order to carry out our contractual relationships.
In detail, this is the following personal data:
Name, address, ordered items, payment information.
4. What purposes do we process your data for and on what legal basis?
a) For the fulfilment of a contract (Art.6 Para.1 b GDPR)
We sell our product range directly to end customers who enter into a purchasing agreement with us when ordering. The purpose of processing your personal data is to provide our products and fulfil the contract.
b) For the fulfilment of legal obligations (Art.6 Para.1 c GDPR)
Personal data processed by us may be subject to legal obligations. In particular, this includes statutory retention obligations, which primarily result from German tax and commercial law (e. g. § 257 HGB (German Commercial Code), § 147 AO (German Fiscal Code) , etc.). In the event of an external audit by the tax authorities, we are also obliged to provide the tax authorities with tax-relevant documents (§ 29c (1) AO).
c) Based on a legitimate interest (Art.6 Para.1 f GDPR)
In certain cases, we process your data to protect our legitimate interests or those of third parties.
This occus in the following cases:
- The transfer and storage of personal data with IT service providers is based on the legitimate interest of ensuring a higher level of resilience and data security.
- The use of contact data for the purpose of direct advertising serves the legitimate interest of informing existing customers about new products or offers.
- The disclosure of personal contact data to local distribution partners, whereby the legitimate interest also arises from the long-term supply of customers in areas in which IME-DC does not have its own registered office, and in particular the supply of end customers in the respective national language.
- The forwarding of personal data to debt collection service providers or to check the creditworthiness of customers, insofar as there is a corresponding necessity for this.
5. Who receives my data?
- German tax authorities, if applicable
- Law enforcement authorities
- Billing service providers
- Technical and medical-technical service providers
- Transport service providers
- Financial service providers
- Debt collection service providers
- Auditors, lawyers, tax consultants
- Credit agencies
- Distribution partners abroad
- To ensure the best possible supply, we may pass on your name and contact details to local distribution partners who take over sales and support on our behalf.
6. Will my data be transferred to countries outside the European Union?
7. How long will my data be stored?
8. What rights do I have in connection with the processing of my data?
If you have given us your consent for certain data processing in accordance with Art. 6 para. 1 lit. a) GDPR, you have the right to withdraw this consent from us at any time. This also applies to the revocation of declarations of consent that were given to us before the General Data Protection Regulation came into force, i.e. before 25 May 2018. Please note that the revocation is only effective