Data Protection Information

Business Relationships with the Bitkom Group

Overview of the processing of personal data when maintaining a business relationship with the Bitkom Group

Responsibility

Controller

The Bitkom Group company with which you are seeking or maintaining a business relationship is responsible for processing your personal data. The contact details are as follows:

Bitkom Servicegesellschaft mbH
Albrechtstraße 10
10117 Berlin
E-Mail: info@bitkom-service.de

Bitkom e.V.
Albrechtstraße 10
10117 Berlin
E-Mail: bitkom@bitkom.org

DFA Digital für alle gGmbH
Albrechtstraße 10
10117 Berlin
E-Mail: info@digitaltag.eu

(hereinafter jointly referred to as "we")

Contact details of the data protection officer

You can address questions about the processing of your data to the data protection officer at any time:

datenschutz nord GmbH
Standort Berlin
Kurfürstendamm 212
10719 Berlin
E-Mail: office@datenschutz-nord.de

Purposes and legal basis of data processing

Management of the business relationship

Below we provide you with an overview of the type, scope, purposes and legal basis of data processing if you are seeking or maintaining a business relationship with a company of the Bitkom Group.

The type and scope of data processing depends on the content of the business relationship that you seek or maintain with a Bitkom Group company. In principle, we process these categories of personal data in this context: Name, e-mail address (business), telephone number (business), company, position, address (business). We process your data for these purposes in particular:

Contract processing and fulfillment of supply and service agreements
Communication and business correspondence
Invoicing and payment processing
Supplier and service provider management
Law enforcement and defense

The described data processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR (fulfillment of contract) and Art. 6 para. 1 lit. f GDPR (protection of legitimate interests, based on our interest in initiating and properly conducting the business relationship).

Further information on the processing of your data

Access to personal data

Within the companies of the Bitkom Group, only persons who need your data to carry out the tasks assigned to them will have access to it. In addition, service providers or other persons who support us in the fulfillment of our tasks may have access to your data. These are service providers or persons in the following categories:

Hosting service provider for the operation of our servers
E-mail dispatch service provider for sending e-mails
Banks and payment service providers for the processing of payments
Consulting firm for support in legal, tax or business issues
Authorities and public bodies (e.g. to fulfill tax obligations)
other Bitkom Group companies for internal administrative purposes

Service providers used by us must meet special confidentiality requirements. They will only have access to your data to the extent and for the period of time required to fulfill their tasks.

Data processing outside the European Union

To process your data, we use Microsoft Corporation (USA), a service provider located in a third country outside the European Union. Countries outside the European Union handle the protection of personal data differently than countries within the European Union. We have therefore taken special measures to ensure that your data is processed just as securely in third countries as it is within the European Union. Microsoft Corporation is certified in accordance with the EU-U.S. Data Privacy Framework. This ensures an appropriate level of data protection when data is processed by Microsoft in the USA.

Storage duration

We store your data until the purposes described in this data protection notice have been fulfilled, unless a longer retention period is required by law. As a rule, we delete your data no later than ten years after termination of the business relationship.

Rights of the data subject

Information

You can request information about your personal data processed by us in accordance with Art. 15 GDPR.

Correction

If your data is not (or is no longer) correct, you can request the correction of your data in accordance with Art. 16 GDPR. If your data is incomplete, you can request that it be completed.

Deletion

In accordance with Art. 17 GDPR, you have the right to request the erasure of your data.

Restriction of processing

In accordance with Art. 18 GDPR, you have the right to request the restriction of the processing of your data.

Contradiction

In accordance with Art. 21 GDPR, you have the right to object to the processing of your data on grounds relating to your particular situation. In the event of a justified objection, we will no longer process your data.

Objection to the processing of your data for direct marketing purposes
You have the right to object at any time to the processing of your data for direct marketing purposes. This also applies to profiling in connection with direct advertising. You can address your objection to us informally, preferably using datenschutz@bitkom.org.

Right of appealerecht

You are entitled to lodge a complaint with a data protection supervisory authority if you do not agree with the processing of your data.

Data portability

In accordance with Art. 20 GDPR, you have the right to receive personal data that you have provided to us in an electronic format.

Revocation of your consent

You have the right to withdraw any consent you have given us to process your data at any time. The easiest way to withdraw your consent is to send an e-mail to datenschutz@bitkom.org. The withdrawal of consent does not affect the lawfulness of the processing of your data up to the time of withdrawal.