POEM Information in accordance with the General Data Protection Regulation (GDPR)
The protection of personal data is very important to POEM GmbH (POEM). Via the following information we would like to inform you about how POEM processes personal data.
1. Names and contact details
Contact details for the data controller:
Sohler Weg 65
56564 Neuwied - Germany
Tel: +49 2631 84-0
Contact details of the data protection officer:
Sohler Weg 65
56564 Neuwied - Germany
Tel: +49 2631 84-0
2. Nature and origin of the data processed
We process personal data of natural persons only to the extent necessary to fulfil our contractual and legal obligations in the context of our business relationship with our corporate customers.
The data we process includes, for example:
- Business address and contact data such as name, address, telephone number, e-mail address, function and department of the contact persons at our customers and suppliers, etc.
- Data we need for proper invoicing, such as bank details, tax number, etc.
We receive the personal data processed by us within the framework of and in the course of our business relationship with our customers. In some cases, we also receive personal data from affiliated POEM companies.
In some cases, we also process personal data that we have received in other ways in accordance with the applicable data protection laws:
- from publicly accessible sources, e.g. trade and business registers, trade fairs, exhibitions, Internet sources, newspapers, trade directories, etc.,
- from third parties not associated with POEM, e.g. business associations, credit agencies, insurance companies, etc.
3. Purposes of processing and legal basis
We only process personal data for permitted purposes and in accordance with the applicable legal provisions.
4. We process data to fulfil our contractual obligations
We process personal data to fulfil our contractual obligations towards our customers and suppliers or to carry out pre-contractual measures in response to a specific request.
In these cases, the purpose of data processing is determined by the contract we have concluded with our customers or suppliers and the services that must be provided as a result. This also includes, for example, the processing of personal data for sending information on our range of services or the preparation of specific offers.
5. We process data to protect legitimate interests
We process personal data insofar as this is necessary to safeguard legitimate interests.
This includes in detail e.g.:
- Customer service
- Processing of complaints
- Service improvement
- Strengthening our customer relationship, e.g. with customer surveys
- Cooperation with credit agencies, e.g. for the purpose of credit assessment
- Video surveillance of publicly accessible rooms at our locations
6. We process data with consent
We also process your personal data in individual cases if we have been given consent. Any consent given to us can be revoked at any time.
This includes, for example:
- Newsletter distribution
7. We process data for the fulfilment of legal obligations
We must process certain data in order to comply with legal obligations. Such an obligation may arise from certain provisions of national and international trade, commercial, customs, tax or social law as well as European and international legislation, e.g. in connection with regulations to avoid the financing of terrorism. In detail, this may also result in retention, storage, reporting and data collection obligations for POEM, which as a rule serve the control purposes of the respective competent offices and authorities.
8. Information about changes of purpose
Should we process your personal data for a purpose other than that for which we originally collected it, we will inform the data subjects of this new purpose to the extent permitted by law.
9. Recipients of the personal data
Personal data will only be made available to other POEM companies if and insofar as this is necessary to protect our legal and contractual rights and obligations or if there is a justified interest in a specific case. This can be the case, for example, for the coordination of our contractual services towards our customers. A typical case is, for example, the necessary cooperation between POEM GmbH and the other POEM companies to fulfil the contract.
We work together with external service providers to fulfil certain contractual obligations. Insofar as we involve external service providers, this always takes place within the limits and in compliance with the applicable data protection regulations.
Furthermore, we only transmit personal data to other recipients if we are legally obliged to do so. In all other cases, we will only transfer your data to other third parties if you have given us your corresponding consent.
10. Transfer to third countries or international organisations
We do not transfer personal data to recipients in countries without an adequate level of data protection (third countries). If a transfer to third countries is necessary, an adequate level of data protection is guaranteed in advance by contractual arrangements, e.g. EU standard contract clauses.
11. Storage and retention periods
We process personal data only for as long as it is necessary for the fulfilment of our contractual obligations. As soon as the data concerned is no longer required for this, it is deleted.
In order to comply with certain legal requirements, we must also store individual data beyond the termination of contractual relationships. This includes, for example, documentation, proof and retention obligations under national commercial and tax law. In these cases, we are legally obliged to store or keep the data for the periods provided for in these regulations.
Since the life cycle of the machines and systems manufactured and delivered by us exceeds the legal retention periods for personal data by far, we store personal data for the protection of our legitimate interests and the legitimate interests of our customers over a longer period of time. The nature and scope of personal data is such that the interests, fundamental rights and freedoms of the data subject are not restricted.
12. Requirement to provide personal data
In order to provide our services to our customers, we must process certain personal data or are legally obliged to process it. We collect the relevant data from the data subject (e.g. address, business contact data such as e-mail, telephone etc. and function) or have it made available to us on first contact with a view to concluding a future contract.
Without this data, we cannot conclude contracts with our customers.
13. Automated decision-making and profiling
We do not use automated decision-making processes for decisions that could have legal effects on data subjects or significantly affect them in a similar way.
Profiling within the meaning of Art. 4 No. 4 GDPR does not take place.
14. Data protection rights
In connection with the processing of personal data by POEM, data subjects have the following rights under the GDPR:
- The right to access, rectification and erasure;
- The right to restriction of processing;
- The right to data portability;
- The right to object.
Furthermore, data subjects have the right to revoke their consent to the processing of their personal data at any time with future effect. Such revocation has no effect for the past, i.e. it does not affect the effectiveness of data processing up until the revocation.
If data subjects are of the opinion that the processing of personal data by POEM is not in accordance with the data protection regulations or if they are not satisfied with information provided by us, they have the right to complain to the competent supervisory authority in accordance with Art. 77 GDPR.
The contact details of the competent supervisory authority are as follows:
The State Commissioner for Data Protection and Freedom of Information of Rhineland-Palatinate
PO Box 30 40
55020 Mainz - Germany
Tel: +49 6131 208-2449
Fax: +49 6131 208-2497
Information about your right of objection
Data subjects have the right to object at any time to certain types of processing of their data. This right applies to data processing in the public interest and to data processing to protect legitimate interests. In the event of a contradiction, we will no longer process the personal data. However, this does not apply if we can prove compelling reasons worthy of protection for the processing which outweigh the interests, rights and freedoms of the data subject, or if the processing is for the purpose of enforcing, pursuing or defending legal claims.