General Information Obligation pursuant to Article 13 EU‑GDPR
GDPR Information for Business Partners of Donau Carbon GmbH
Controller
Donau Carbon GmbH, represented by the Managing Director.
A Data Protection Officer has been appointed.
Purpose of Data Processing
Processing and transmission of data within the scope of a business relationship with customers and suppliers, including automatically generated and archived text documents (such as correspondence) pertaining to these matters.
The legal basis for data processing is the performance of a contract.
Categories of Recipients
Banks for processing payment transactions
Legal representatives in business matters
Tax consultants and auditors
Courts
Competent administrative authorities, in particular tax authorities
Contractual or business partners involved in or required for the delivery or service
Debt collection agencies
Insurance companies in connection with the conclusion of an insurance contract for the delivery/service or in the event of an insurance claim
Federal Statistical Office for the preparation of legally required (official) statistics
Corporate management of the client, for suppliers as well as commercial customers and key accounts
Customers (recipients of services)
Data Sources
Data is primarily processed that is collected or provided during the business relationship, for example via email, business cards, contact forms, business correspondence, telephone calls, or similar communication.
Additionally, data may be supplemented by information from publicly accessible sources (e.g., company websites, telephone directories, industry directories, public registers, etc.).
Processors
Personal data may be transferred to processors commissioned by us (cloud services, IT services).
In accordance with Article 28 of the EU‑GDPR, we only work with processors with whom we have concluded a corresponding processing agreement and who are also committed to complying with the GDPR.
Retention Period
The storage period of personal data is based on the duration of the respective business relationship and any associated rights and claims. In addition, statutory retention periods are observed.
Your Rights
You generally have the rights to access, rectification, deletion, restriction, data portability, withdrawal, and objection (see Privacy Policy).
If you believe that the processing of your data violates data protection law or that your data protection rights have otherwise been infringed, you may lodge a complaint with the supervisory authority.