85551 Kirchheim, Germany
represented by its managing directors Matthias Ochs and Marc Tesch.
genua GmbH (hereinafter "genua") places a particularly high importance on the protection of your personal data. In this statement we would like to clearly describe the data we process as our web-site is visited.
2. Processing of Personal Data
Personal data is information that can be used either directly or indirectly to identify a person. Typical examples would be a name or a postal address. Personal data may be processed in one of the following cases:
This privacy notice fulfills the requirements laid out in Article 13 ff of the GDPR (General Data Protection Regulations). concerning the information to be provided when personal data is collected. Personal data is information that can be used either directly or indirectly to identify a person. Typical examples would be a name or a postal address. Personal data may be processed under the following conditions:
When consent is granted (in accordance with Art. 6, para. 1 (a) of the GDPR)
The purposes of processing personal data are defined by the consent granted. Once granted, consent can be permanently revoked at any time. Consent granted before the GDPR came into effect can also be revoked. Processes that have occurred before consent is revoked remain unaffected by the revoking of consent. For example: sending a newsletter.
When contractual obligations have to be met (in accordance with Art. 6, para. 1 (b) of the GDPR)
The purposes of the data processing are defined by the introduction of pre-contractual obligations preceding a contractually regulated business relationship or the fulfillment of obligations laid out in a closed contract.
When legal requirements have to be met (in accordance with Art. 6 para.1 (c) of the GDPR) or when it is in the public interest (in accordance with Art. 6 para.1 (e) of the GDPR)
The purposes of processing personal data are defined by the need to meet legal compliance (for example, fulfilling obligations to retain data).
When conflicting interests are to be weighed up (in accordance with Art. 6, para. 1 (f) of the GDPR)
The purposes of the processing are defined by weighing up our legitimate interests. It may be necessary to process user data over and above meeting the original contractual obligations. Our legitimate interests can justify further processing of user data, in so far as the user’s interests or fundamental rights and freedoms do not prevail. Our legitimate interests may include exercising legal claims or defending liability claims.
genua processes the following categories of personal data for the above-mentioned purposes:
- contact information such as first and family names, address, land line and cell/mobile telephone numbers, fax number and e-mail addresses;
- payment details that are necessary for the settlement of payment transactions or are required to prevent fraud;
- information that is required for the completion of a project or the processing of a contractual relationship with genua or that is freely provided by one of our contact persons.
We process personal data that we have acquired within the framework of our business relationship with users. We process personal data that we obtain or are legitimately forwarded by third parties from publicly accessible sources such as lists of debtors, land and real estate registers, commercial and associations registries, the press and the Internet, as far as is necessary for us to render our performance.
3. Categories of Data recipients
Personal data may be transferred to the following categories of recipients:
- public authorities, as required by statutory regulations;
- associated companies, as required by the company to meet contractual obligations or ensure the provision of services;
- information processors as laid out in Art. 28 of the GDPR for the purpose of order processing;
- third parties as a result of functional transfer.
4. Transfer of Data to a Third Country
In general, data is not transferred to countries outside the EU or the European Economic Area ("third countries"). Data transfer to third countries can only occur as part of the administration, development or operation of IT systems. Transfer only occurs in the following situations:
- when such a transfer is generally permitted because a legal requirement has been met or because the user has given their consent for the transfer and
- there is a particular case for transferring the data to a third country.
Personal data will not be used for automated by-case decisions, including profiling, as laid out in Art. 22, paras. 1 and 4 of the GDPR.
genua meets the legally required technical and organizational requirements to protect personal data from loss, deletion, manipulation and unauthorized access.
7. Data Retention Period
Personal data is only retained for as long as is required for the purposes described in the current document or as required by statutory regulations. genua is required to retain data until the end of any legally required retention periods. genua deletes such data after legal retention periods – which are primarily determined by commercial and tax regulations – have expired. Particularly relevant here are sections 147 of the German tax code and 257 of the German commercial code.
genua retains personal data for marketing measures until the user revokes their consent for a particular use of this data, for its use in general or until a measure is no longer legal. Any other user data is only retained as long as it is required for the purpose at hand (for example, until a contract has been fulfilled or settled) and delete this data once this purpose has been fulfilled.
8. User Rights
Users have the right to the following at all times:
- access to information as laid out in Art. 15 of the GDPR;
- correction of information as laid out in Art. 16 of the GDPR;
- deletion of information as laid out in Art. 17 of the GDPR;
- restriction of processing as laid out in Art. 18 of the GDPR;
- transfer of information as laid out in Art. 20 of the GDPR;
- appeal as laid out in Art. 21 of the GDPR.
Users wishing to exercise any of the above rights should send an e-mail to firstname.lastname@example.org or send a letter to the postal address listed under #1 above. In addition, users also have the right to complain to an ombudsman or other regulatory authority as laid out in Art. 77 para. 1 of the GDPR. Further information can be obtained from the relevant ombudsman or other regulatory authority.
9. Data Privacy Officer
Projekt 29 GmbH & Co. KG
Phone: + 49 941 2986930