Privacy Notice for Business Partners Pursuant to Article 13 of the General Data Protection Regulation (GDPR)

We wish to provide you with information in the following document with respect to the collection and processing of your data in connection with the business relationship with OpenSynergy as well as your rights in this regard.

 

  1. Controller. The controller under the terms of the General Data Protection Regulation (GDPR) with respect to the data processing described below is OpenSynergy GmbH, Rotherstrasse 20, 10245 Berlin, Germany (‘OpenSynergy,’ ‘we’), e-mail: info@opensynergy.com.
  2. Data privacy officer. If you have any questions regarding data protection at OpenSynergy, please feel free to send an e-mail to our data protection officer at datenschutz@opensynergy.com.
  3. Data processing in connection with the business relations with OpenSynergy. We process your personal data as well as the personal data of your employees as part of the business relationship with OpenSynergy.
    • Customer management. In order to manage our business contacts, we process information about your company (in particular, the address, branch offices (where applicable), authorized representatives and their contact details; (hereinafter referred to collectively as: company details), as well as information about the respective contact person (in particular, their name, position, professional contact information; hereinafter referred to collectively as: contact details) and any communication with you. We use this data in order to be able to reach the appropriate contact person, to process your requests and orders properly, and to maintain our business relationship. The legal basis is Article 6(1)(c) GDPR. The data shall be stored for the duration of the business relationship.
    • Orders, order management, and billing. As part of order processing and billing, we collect information on quotes, orders, and invoice items as well as bank account details. The contact details of contact persons can also be processed in this context. The legal basis is Article 6(1)(c) GDPR. The data shall be stored for the duration of the business relationship, and at least for the duration of the period established in the statutory and accounting requirements. If necessary, we shall request a credit check on your company from the credit agency Bisnode D&B Deutschland GmbH. This credit check helps us more effectively assess your liquidity in order to minimize the risk of default. Information regarding data processing by the credit agency can be found in a separate information sheet. The legal basis for the data processing described above is Article 6(1)(f) GDPR.
    • Product liability and warranty. In order to validate legal and contractual claims, we may need information on the products covered by the contract and their use, as well as information on invoices. The legal basis is Article 6(1)(c) GDPR. Once processing is completed, the data shall be stored for documentation purposes for a further six months, and at least for the duration of the period prescribed under the statutory and accounting requirements.
    • Controlling and reporting. We also use information on orders and invoice items for internal cost and activity accounting, controlling, and internal reporting, which we use for business management and planning. The legal basis is Article 6(1)(f) GDPR. No personal data shall be processed in this context.
    • Use for marketing purposes and newsletter. We use your company details and contact details as well as information about previous orders, where applicable, to send you further information relevant to you about our products and services, as well as related news, promotions, and offers by post or via e-mail. We will use your contact details which we have stored to contact you for this purpose. You can object to the use of your data for marketing purposes at any time by sending a message using the contact details specified in Clause 1 (e.g., by e-mail or post). The legal basis for the data processing described above is Article 6(1)(f) GDPR. We also offer the OpenSynergy newsletter which provides regular updates on our technologies, products, and solutions and their relevant applications. You can unsubscribe to the newsletter at any time by clicking the unsubscribe link found in every newsletter. It is sufficient to send an informal message using the contact details (e.g., by e-mail or post) found in the newsletter or specified under Clause 1. The legal basis for the data processing described above is Article 6(1)(a) GDPR.
  1. Recipients. The contact details will be processed exclusively by OpenSynergy and will not be passed on to third parties. By way of exception, data shall be passed on to third parties where required by law or obligatory (e.g., within the scope of a tax audit by the tax authorities or as part of efforts to prevent money laundering). In certain cases, it may be necessary to pass on your data to third parties in order to protect your interests or our interests or to fulfill our contractual obligations. Such a transfer shall occur in particular when we integrate external service providers into our internal processes. In these cases, the service provider is bound by instructions and receives data only to the extent and for the period necessary for the provision of the services. We also pass on the contact details to our local sales partners (independent regional representatives, OpenSynergy subsidiaries and branch offices) in order to ensure the best possible support with your requests. In addition, we also employ external consultants and auditors in some cases. Agreements are always concluded with them to ensure the confidentiality of all information.
  2. Your rights. You have various rights under data protection law. You have the right at any time to request an overview of the data stored by us and to have this rectified if necessary. You also have the right to request the erasure of your data. You can also have the processing of your personal data restricted if, for example, you have any doubts or concerns regarding the accuracy of the data or if you object to the processing where this is based on our legitimate interests. You also have the right to data portability, i.e., the right to have us send you a digital copy of the personal data provided by you upon request. Lastly, we are obligated to inform you of your right of appeal to the competent data protection supervisory authority (Berliner Beauftragte für Datenschutz und Informationsfreiheit (Data Protection and Freedom of Information Commissioner of the State of Berlin), Friedrichstrasse 219, 10969 Berlin, Germany).


You have the right to object to the use of your data for marketing purposes.

You can unsubscribe to our newsletter at any time as described above and revoke any consent you may have given. To assert your rights, please use the (e-mail) address listed in Section 1 above.


March 2019