Data Protection

Information to be provided according to Article 13 of the GDPR 
Data processing controller according to Article 13(1)(a) 

Company name according to Article 17(1) of the German Commercial Code (HGB), including contact details of the controller (management board) 

pro-beam AG & Co. KGaA 
Zeppelinstraße 26
82205 Gilching
Tel: +49 (0) 89 / 899 233-0 
Munich District Court, HRB 122635 
Chairman of the Supervisory Board: Dr. Harald Lindemann

Contact details of the data protection officer according to Article 13(1)(b) of the GDPR 
Helbig Datenschutz GmbH 
Michaela Helbig 
Bergstraße 11 
91207 Lauf an der Pegnitz
Tel: +49 9123 70275-10 

Purposes of processing and legal basis for processing according to Article 13(1)(c) of the GDPR 
The personal data is processed for the purpose of performing contracts or to implement pre-contractual measures. This includes the customer master data with contact persons, as well as the contact history, quotations, orders, invoices, and other statutory obligations of the controller. The legal bases are set out in Article 6 of the GDPR. Other key legal bases are set out in the Commercial Code (HGB), tax legislation, the Act on Limited Liability Companies (GmbHG), and other statutory provisions relevant to pro-beam AG & Co. KGaA. These also include contractual provisions. Newsletters are processed on the basis of consent given by the data subject. 

Processing is to safeguard the legitimate interests pursued by the controller or a third party according to Article 13(1)(d) of the GDPR 
If necessary, we process your data to an extent greater than required to perform the contract in order to safeguard our or a third party’s legitimate interests. These include: 
- sales management and sales controlling 
- ensuring IT security and IT systems  
- building and plant security measures (e.g. access control) and to safeguard on-site regulations 
- business management and development measures 
- enforcement of legal claims and defense in the event of legal disputes 

Categories of recipients of personal data (data transmission) according to Article 13(1)(e) of the GDPR 
Within Germany, the European Union, and the European Economic Area 

Tax authorities, social insurance agencies, trade associations, Federal Employment Agency, auditors, bailiffs, and other creditors, as well as other government agencies, to meet legal obligations and for requested certificates. Institutions for company pensions and payments to employees' savings schemes. Logistics companies, customers, suppliers, and other agencies.  

Third countries, including adequacy decision, according to Article 13(1)(f) of the GDPR  
In the context of international business relationships, data is transferred for the performance of contacts or for pre-contractual measures according to Article 6(1)(b). No adequacy decision is required for this purpose. 

Period of storage according to Article 13(2)(a) 
The applicable purposes arise from the legal requirements and relevant industry-specific regulations. Personal data is deleted when the purpose for which it was used has been fulfilled. 

Rights of the data subject according to Article 13(2)(b) 
You may exercise your rights at any time by contacting us using the details above. If we process your personal data, you are a data subject under the GDPR and have the following rights with regard to the controller: 

References to the rights of the data subject 
The data subject has the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information specified in Article 15 of the GDPR. The data subject has the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her and, if applicable, to have incomplete personal data completed (Article 16 of the GDPR). The data subject has the right to obtain from the controller the erasure of personal data concerning him or her without undue delay where one of the grounds applies in Article 17 of the GDPR applies, e.g. if the data is no longer required for the purposes for which it was collected (right to erasure). The data subject has the right to obtain from the controller restriction of processing where one of the grounds set out in Article 18 of the GDPR applies, e.g. if the data subject objects to processing, pending verification by the controller. The data subject has the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her. The controller will no longer process the personal data, unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject or for the establishment, exercise, or defense of legal claims (Article 21 of the GDPR). 

Rights of the data subject according to Article 13(2)(c) of the GDPR 
If you have granted us permission to process your personal data for specific purposes (e.g. editing images of the data subject), the legality of this processing is based on the consent you have provided.  You may withdraw your consent at any time. This also applies to declarations of consent granted to us prior to entry into force of the GDPR, i.e. before May 25, 2018.  Please note that the withdrawal of consent only applies to the future. Data processing prior to a withdrawal of consent is not affected. 

Right to lodge a complaint with a supervisory authority according to Article 13(2)(d) of the GDPR  
Without prejudice to any other administrative or judicial remedy, every data subject has the right to lodge a complaint with a supervisory authority if the data subject considers that the processing of personal data relating to him or her infringes the GDPR (Article 77 of the GDPR). The data subject can lodge this complaint with a supervisory authority in the Member State of his or her habitual residence, place of work, or place of the alleged infringement. 

The supervisory authority responsible for Bavaria:  
Bavarian Data Protection Authority (Bayerisches Landesamt für Datenschutzaufsicht)  
Office address 
Promenade 27 (Schloss) 
91522 Ansbach 
Postal address 
PO box 606 
91511 Ansbach 
Contact details 
Phone: +49 (0) 981 53 1300 
Fax: +49 (0) 981 53 98 1300 
Email: poststelle(at)  

Provision of personal data according to Article 13(2)(e) of the GDPR 
In the context of our business relationship, you only need to provide the personal data that is required to commence, establish, and terminate the employment relationship, or that we are legally required to collect. Without this data, we cannot normally maintain an employment relationship. 

Amendment of the privacy statement 

Change of purpose  
We reserve the right to amend this privacy statement in compliance with data protection legislation. The most recent version can be found under “Data privacy” on our intranet page and in the relevant HR department. If we intend to process your data for purposes other than those for which it was collected, we will inform you of this in compliance with legal regulations. Last updated 2018-05-03

Legal Information 

The operator of this website takes the protection of your personal data very seriously. We treat your personal data as confidential and in accordance with statutory data protection regulations and this Privacy Policy. You can generally use this website without providing any personal data. Any personal data (e.g. name, address, email address) that is collected on this website is always collected on a voluntary basis. This data will not be disclosed to third parties without your express permission. Please note that the transmission of data on the internet (e.g. when communicating by email) may not be secure. It is not possible to protect data completely against access by third parties.

This website uses cookies in some instances. Cookies do not harm your computer and do not contain any viruses. They are used to make our website more user-friendly, effective, and secure. Cookies are small text files that are created on your computer and saved by your browser. Most cookies we use are session cookies, which are automatically deleted when you leave our website. Other cookies remain saved on your device until you delete them. These cookies allow us to recognize you the next time you visit our website. You can configure your browser to inform you when a cookie is set and only allow cookies on a one-off basis, to accept cookies in specific cases, to generally prevent cookies being created, or to enable automatic deletion of cookies when you close your browser. However, if you disable cookies you may not be able to use all the features of this website. 

Server log files 
The website provider automatically collects and stores information in server log files, which are transmitted to us automatically by your browser. This information includes:   

• Browser type/version

• Operating system you are using

• Referrer URL

• Host name of the computer accessing the website

• Date and time of server request

This data cannot be associated with a specific person. This data is not combined with any other data sources. We reserve the right to check this information if we become aware of specific indications of illegal use. 

Contact form 
If you send us queries via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your query and any follow-up questions. We will not share this information without your permission. 

Google Analytics 
This website uses features provided by Google Analytics, a web analytics service. The operator of Google Analytics is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, U.S. Google Analytics uses cookies, which are text files saved on your computer and that are used to analyze how visitors use the site. The information generated by the cookie about your use of the website is generally be to and stored by Google on servers in the United States.
More information on how Google Analytics uses personal data can be found in the Google privacy policy:

Browser plugin 
You can prevent cookies being saved by selecting the appropriate settings in your browser. However, please note that if you do this, you may not be able to use all the features of this website. You can also prevent Google collecting and using the data (including your IP address) generated by the cookie by downloading and installing the browser plugin available at:  

Objecting to the collection of data 
You can object to Google Analytics collecting your data by clicking the following link. This creates an opt-out cookie on your computer, which prevents your data from being collected in the future when you visit this website. Disabling Google Analytics .
More information on how Google Analytics uses personal data can be found in Google´s privacy policy: Disable Google Analytics. 

Data processing on our behalf 
We have concluded an agreement with Google for the processing of data on our behalf and we fully implement the strict requirements stipulated by the German data protection authorities when using Google Analytics. 

Demographics for Google Analytics 
This website uses the “Demographics” feature of Google Analytics. Demographics can be used to create reports with information on the age, gender, and interests of website visitors. The data comes from Google’s personalized advertising and from visitor data provided by third-party providers. This data cannot be associated with a specific person. You can disable this feature at any time by going to the display settings in your Google account or you can generally prevent your data being collected by Google Analytics by following the steps described under “Objecting to the collection of data”.

SSL encryption 
This website uses SSL encryption for security and to ensure that confidential information, e.g. queries that you send to us as website operator, is transmitted securely. You can see whether a connection is encrypted in your browser’s address bar, which changes from “http://” to “https://” and displays a lock symbol. 
When SSL encryption is enabled, the data you transfer to us cannot be read by third parties. 

Right to access, erasure and blocking 
You have the right at any time and free of charge to access your stored personal data as well as to be informed of its origin, recipients of the data, and the purpose for which it is processed. You also have the right for this data to be rectified, blocked, or erased. You can contact us at the address given in our legal notice at any time if you have any questions on this issue or on personal data in general. 

Objection to marketing emails 
We hereby object to the use of the contact details published in our legal notice for the purpose of sending marketing and information materials that we have not expressly requested. The operators of this website reserve the right to take legal action in the event that unsolicited marketing is received, e.g. in spam emails.

Source (original in German):