Data protection and protecting your personal information is a top priority for us. The following will inform you about how our company processes your personal information. Personal data is processed in accordance with the provisions of the new German Federal Data Protection Act (BDSG-new), valid from 25/05/2018, and the General Data Protection Regulation (GDPR), valid from 25/05/2018.
Westfalen AG, Industrieweg 43, 48155 Münster
Executive Board: Dr Thomas Perkmann (CEO), Dr Meike Schäffler, Jesko von Stechow
Tel. 0251 6950, E-mail: info@westfalen.com
Westfalen AG Data Protection Officer, Industrieweg 43, 48155 Münster
E-Mail: datenschutz@westfalen.com
We process personal information that we have received from you as part of information requested; enquiries, initial business contacts, contract processing, online orders or business relationships. We also process personal information that we have received from other companies or other permitted third parties (e.g. for executing orders, for contract compliance or for another reason for which you have given consent), insofar as it is required for contract compliance. Relevant personal
information is personal data (name, address and other contact details). Furthermore, it could also be order information, data relating to the fulfilment of our contractual obligations, advertising and sales information, documentation data, and other information of a comparable nature.
Data that is processed primarily to provide a service commissioned or requested by you.
1.1. The processing is required to fulfil a contract or to implement preliminary measures (article 6 para. 1 point b of GDPR).
1.2. The processing is done as part of the balancing of interests (article 6 para. 1 point f of GDPR). Where necessary, we process your data beyond simple contract fulfilment in order to safeguard our own, or a third party‘s, legitimate interests
1.3. You have consented to your personal information being processed for one or more specific purposes (article 6 para. 1 point A of GDPR).
1.4. The processing is necessary to fulfil a legal obligation that we are subject to (article 6 para. 1 point C of GDPR).
2.1. Within the company, each department receives the pieces of your data that they need to fulfil our contractual and statutory obligations. Data processors employed by us (article 28 of GDPR) may also receive data for the purposes stated. These are companies that provide credit services, IT services, printing services, telecommunications, advice, consulting, distribution and marketing.
2.2. Outside the company, if necessary, companies could receive your data, where this is required as part of our contractual obligations. In these circumstances, recipients of personal data could be, for example:
Where necessary, we process and store your personal data for the duration of our business relationship, including, for example, the preparation and execution of a contract.
Upon termination of a contract the data is deleted upon expiry of the statutory retention periods.
If the purpose for storing the data ceases to apply, the data will be blocked or deleted, insofar as this does not contravene statutory retention requirements.
As per the GDPR, each person concerned has the following rights:
To exercise any of the above-mentioned rights or to withdraw consent, please contact the above-mentioned responsible authority.
You have the right to complain to a regulatory authority. You can lodge your complaint with a regulatory authority in the Member State of your place of residence, your place of work or the place of the alleged infringement.
We would ask that you try and resolve any issues with our data protection officer, before you submit a complaint to the relevant regulatory authority.
As part of our business relationship, we must receive all the personal data required to establish and implement a business relationship and to fulfil all the related contractual obligations and to collect any statutorily required information. Without this data we will be unable to agree or implement a contract.