Data protection guidelines
BILSTEIN SERVICE GmbH - the responsible entity for data processing of this website - processes personal data in accordance with the EU General Data Protection Regulation (GDPR) and the supplementary provisions under German law. The GDPR provides us – the controller – with diverse requirements to help us to protect your information and privacy, which we comply with extensively using state-of-the-art technology.
In order to provide the necessary level of transparency when handling your personal data as prescribed by the GDPR, we would like to share the following information with you:
‘Personal data’ means any information relating to an identified or identifiable natural person. Unless otherwise stated below, the term ‘processing’ encompasses the collection, use, storage, disclosure and transmission of personal data. For detailed definitions and explanations, see Art. 4 of the GDPR.
When you share personal data with us, we will handle it in a responsible manner an only use it for the purposes for which it was provided.
1. Name and contact information
1.1. ... of the controller
BILSTEIN SERVICE GmbH
Im Weinhof 36
Telefon: 02334 82-0
1.2. ... of the data protection officer
Tel.: 0203 93297-0
2. Purposes for which the personal data is processed and lawfulness of the processin
Pursuant to German data protection law, we process personal data only insofar as it is required, to the extent that we are permitted by law or where we are legally obliged to do so.
Processing your data is required as part of our collaboration with you. Without the necessary data, it is not possible to form a business relationship or conclude a contract. Furthermore, it is not possible for us to provide information or services to prospects or business partners.
2.1.Where processing personal data is necessary for the initiation or fulfilment of business relationships, the performance of a contract or in order to take steps prior to entering into a contract, Art. 6, Par. 1(b) of the GDPR shall be the lawful basis for the processing.
2.2. Where processing personal data is necessary for compliance with a legal obligation, Art. 6, Par. 1(c) of the GDPR shall be the lawful basis for the processing.
2.3. Where processing is necessary for safeguarding the legitimate interests pursued by the controller or a third party, Art. 6, Par. 1(f) of the GDPR shall be the lawful basis for the processing. In this instance, the legitimate interests of BILSTEIN SERVICE GmbH are the presentation of its service portfolio and the acquisition of business partners.
2.4. Where the consent of the data subject is obtained for the processing of his or her personal data, Art. 6, Par. 1(a) of the GDPR shall be the lawful basis for the processing.
The data you provide shall not be used as the basis for automated individual decision-making, including profiling.
3. Recipients or categories of recipients of the personal data
3.1. Internal recipients of your personal data may include individuals or teams that require your data
for the performance of contractual or legal obligations.
3.2. Where required for the delivery of services, your data will be shared with other companies within the BILSTEIN GROUP for this purpose.
3.3. External recipients of your personal data may include processors contracted by us, service providers, government authorities, tax consultants, banks, financial services institutions and credit bureaus.
4. Transfers of personal data to third countries
No transfers of data are planned at this time to third countries that are viewed by the EU as “unsecure” (i.e. countries that do not ensure an adequate level of data protection). Should such a transfer become necessary, e.g. for the use of Cloud services, BILSTEIN SERVICE GmbH shall take all necessary safeguards to secure your data in third countries, as prescribed by the GDPR.
5. Period for which personal data is stored and criteria for defining this period
5.1. We shall store your data for as long as we can assume there is potential interest on your part.
When this is no longer the case, we will erase your information.
5.2. During an ongoing contractual relationship and during a relationship prior to concluding a contract, the data will be stored for the legally required periods. Data that is no longer required for the performance of contractual or legal obligations is periodically erased.
6. Use of our website
Our web pages feature links to the websites of external providers that are not covered by this data protection guideline.
6.1. Stored Data and cookies
When you visit our websites, our web servers store the IP address of your Internet service provider, the website you came to us from, the websites/web pages you visit, as well as the date and duration of your visit. It is not possible for us, as the website operator, to identify you based on the information we collect.
Cookies do not represent a danger to your computer. Some companies that use this technology collect your data for market research and advertising purposes. Our cookies only serve the purpose described above.
You can either set your browser to allow our cookies or you can use our websites without cookie functions. In this case, however, any information you have already provided will not be stored for later visits, and you will be asked to re-enter it.
Your browser may be set so that it displays a warning whenever it receives a cookie. Because the identification cookie must be sent each time a page on a BILSTEIN website is accessed, this message can be bothersome. You have the option of disabling these warnings in your browser settings.
6.2. Contact page and email
Our website features a contact page for automatic electronic communication. If a user decides to use this page, the information they enter into the relevant fields is transmitted to us and stored. Before submitting their data, a user must consent to its processing and is made aware of this data protection guidelines.
Alternatively, users can contact us at the email address provided. In this case, the personal data of the individual sending the email will be stored.
You are in no way obliged to provide us with your personal data. However, if you choose not to, we may not be able to deliver the services referenced as the purpose of the processing.
7. Your data privacy rights
7.1. Right of access:
Pursuant to Art. 15 of GDPR, you have the right to obtain information about the personal data concerning you, the purposes of the processing, the envisaged period for which the data will be stored, and about recipients to whom your data will be disclosed.
You have the right to obtain information about whether the provision of your personal data is required by law of for the performance of a contract, whether provision of the personal data is mandatory, and the potential consequences should you choose not to provide your data.
7.2. Right to rectification:
Pursuant to Art. 16 of the GDPR, you have the right to demand the rectification of completion of any personal data concerning you and stored by us.
7.3. Right to erasure:
Pursuant to Art. 17 of the GDPR, you have the right to demand the erasure of personal data concerning you, insofar as this request does not conflict with legal requirements on data storage and retention.
7.4. Right to restriction of processing:
Pursuant to Art. 18 of the GDPR, you have the right to demand the restriction of processing of your personal data.
7.5. Right to object to the processing:
Pursuant to Art. 21 of the GDPR, you have the right to object to the processing of the personal data concerning you.
7.6. Right to data portability:
Pursuant to Art. 20 of the GDPR, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format, and to transmit this data to another controller.
7.7. Right to withdraw consent at any time:
Pursuant to Art. 7, Par. 3 of GDPR, you have the right to withdraw your consent to the processing of your personal data, with no effect on the lawfulness of processing based on consent before its withdrawal.
7.8. Right to lodge a complaint with a supervisory authority:
Pursuant to Art. 77 of the GDPR, you have the right to lodge a complaint with a supervisory authority, if you consider that the processing of the personal data concerning you infringes the GDPR. Of course, in the first instance you may also contact the data protection officer named above.