For your convenience, we have provided a translation of this page. This translation is for informational purposes only, and the definitive version of this page is the German version.

Privacy Policy

We take the protection of your personal data very seriously. We always treat your personal data confidentially and in accordance with the statutory data protection regulations. Therefore, we would like to inform you here why we collect, use and process certain data from you and what rights you are entitled to.

Who is responsible for data processing and whom can I contact?

The responsible party is:

Martin Melzer
Tracking3.io
Schimmelstr. 17
06108 Halle (Saale), Germany
martin.melzer@tracking3.io

Data protection information for business partners and interested parties

  1. What sources and data do we use?

    1. We process the data that is required in connection with the establishment, implementation and/or termination of our business relationships. We usually collect this data directly from you, e.g. in the context of an offer enquiry or order placement as well as through your contact via our website, by e-mail, at trade fairs or comparable events.

    2. Sometimes we may first receive your data from another person, e.g. a colleague in your company who names you as a contact person. If this happens, we will tell you our source when we first communicate with you.

    3. The personal data we process include:

      • Surname, first name and gender (for salutation).
      • company affiliation and company address
      • usually two contact details in your company (e.g. telephone number and email address)
      • records of business transactions as well as relevant correspondence
      • depending on the nature of the business, possibly also user IDs for protected areas on our website.
  2. What do we process your data for (purpose of processing) and on what legal basis?

    1. We use the data listed above for the preparation and fulfilment of business transactions as well as for the establishment and maintenance of effective business communication, which also includes the sending of e.g. newsletters. The legal basis for these processing operations is usually Art. 6 (1) lit. f GDPR if you represent another organisation as our business partner. Our legitimate interest here is to achieve the aforementioned purposes. If you as a person are directly our contractual partner, we process your data instead of on the basis of Art. 6 (1) lit b GDPR, which permits the processing of personal data for the performance of a contract or pre-contractual measures.

    2. If you do not wish to receive newsletters etc., you can exercise your right to object and inform us of this informally by e-mail or post (see also point 11 of this data protection notice). The legality of the use of your data up to the point of objection remains unaffected by the objection.

    3. It may happen that we want to collect further data from you at a later date or use it in a different way. Should this occur, we will ask you for your consent in accordance with Art. 6 Para. 1 lit. a in conjunction with Art. 7 GDPR and inform you accordingly. If you give us this consent, it can be revoked informally at any time.

    4. If your data is required for legal prosecution, it may be processed to protect our legitimate interests in accordance with Art. 6 (1) f GDPR. Our interest then consists in asserting or defending claims, for example in the context of the duty of proof in proceedings.

  3. Who receives my data?

    1. In our company, only those persons have access to your data who need it for the smooth implementation of our business relationship. This can also involve several specialist departments in our company, depending on which services or products you obtain from us. Furthermore, our IT department has access to your data for exclusively technical processing.

    2. Service providers used by us may also be recipients of your personal data within the scope of commissioned processing pursuant to Art. 28 GDPR.

    3. Within the scope of processing your orders, it is sometimes necessary for us to transmit certain data to our corresponding suppliers, manufacturers or distributors who are based in Germany, other European countries or the European Economic Area. This involves, for example, your name, your first name if applicable and your organisational affiliation as well as your contact details in your organisation.

    4. We may be required to disclose certain data to the relevant authorised bodies as part of our legal obligations.

  4. Is data transferred to a third country or to an international organization?

    1. As a rule, data is not transferred to countries outside the European Economic Area (so-called third countries). Nevertheless, data may be transferred to third countries in individual cases, insofar as:

      • it is required by law,
      • you have given us your consent or
      • this is legitimised by the legitimate interest under data protection law and no higher interests of the data subject worthy of protection are opposed to this.
    2. Beyond this, we do not transfer any personal data to bodies in third countries or international organisations.

    3. However, we use service providers for certain tasks, most of which also use service providers that may have their registered office, parent company or data centres in a third country. A transfer is permitted if the European Commission has decided that an adequate level of protection exists in a third country (Art. 45 GDPR). If the Commission has not made such a decision, we or our service providers may only transfer personal data to a third country if appropriate safeguards are in place (e.g. standard data protection clauses adopted by the EU Commission or the supervisory authority in a specific procedure) and enforceable rights and effective remedies are available.

    4. We have concluded appropriate contracts with our service providers and have also contractually agreed that data protection guarantees must always be in place with their contractual partners as well, in compliance with the European level of data protection.

  5. How long will my data be stored?

    1. We store your data for the entire duration of the business contact between us and your organisation, which includes in particular the existence of a contract or pre-contractual measures. If no contract currently exists or the term of a contract ends, your data will be deleted from our customer database after one year without business contact.

    2. Furthermore, we only store your data to the extent and insofar as we are obliged to do so due to mandatory legal regulations, such as retention periods under commercial or tax law. This generally concerns a period of ten years. Insofar as we no longer need your data for these purposes described above, it will be stored separately during the respective statutory retention period and not processed for other purposes. After the expiry of the statutory retention periods, all data that still exists will be securely deleted or destroyed immediately.

  6. What data protection rights do I have?

    1. Every data subject has the right to information under Article 15 of the GDPR, the right to rectification under Article 16 of the GDPR, the right to erasure under Article 17 of the GDPR, the right to restriction of processing under Article 18 of the GDPR, the right to object under Article 21 of the GDPR and the right to data portability under Article 20 of the GDPR. With regard to the right to information and the right to erasure, the restrictions pursuant to Sections 34 and 35 BDSG apply. In addition, there is a right of appeal to a competent data protection supervisory authority (Article 77 GDPR).

    2. You may revoke your consent to the processing of personal data at any time. This also applies to the revocation of declarations of consent given to us before the applicability of the General Data Protection Regulation, i.e. before 25 May 2018. Please note that the revocation only takes effect in the future. Processing that took place before the revocation is not affected.

  7. Is there an obligation to provide data?

    1. Initially, the provision of your personal data is neither legally nor contractually required, nor are you obliged to provide this data.

    2. However, if you yourself are in a direct business relationship with us, you must provide those personal data that are necessary for the establishment and implementation of a business relationship and the fulfilment of the associated contractual obligations. Without this data, we will usually have to refuse to conclude the contract or execute the order or will no longer be able to perform an existing contract and may have to terminate it.

    3. Insofar as a business relationship with a company represented by you towards us is concerned, you must provide us with those personal data which are necessary for the commencement and execution of a representation/authorisation and the fulfilment of the associated contractual obligations. Without this data, we will usually have to reject you as a representative/authorised agent or cancel an existing representative/authorised agent.

  8. To what extent is there automated decision-making?

    We do not use automated decision-making pursuant to Article 22 of the GDPR for the establishment, implementation and termination of the business relationship. Should we use these procedures in individual cases, we will inform you separately about this and about your rights in this regard, insofar as this is required by law.

  9. Does profiling take place?

    We do not process your data with the aim of automatically evaluating certain personal aspects.

  10. Information about your right to object according to Article 21 GDPR

    1. Individual right of objection.

      1. You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Article 6(1)(f) GDPR (data processing based on a balance of interests). This also applies to profiling based on this provision within the meaning of Art. 4 No. 4 GDPR.

      2. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

    2. Recipients of an objection

      1. The objection can be made informally with the subject "Objection", stating your name and organisation, and should be addressed to the contact details mentioned in point 1.

  11. Changes to this privacy policy

    We revise this data protection notice in the event of changes to data processing or other occasions that make this necessary. You will always find the current version on this website.

© 2022 Martin Melzer, All rights reserved.