Customer Information
Our handling of your data and your rights
Information according to Art. 13, 14 and 21 of the General Data Protection Regulation (GDPR)
Information according to Art. 13, 14 and 21 of the General Data Protection Regulation (GDPR) With the following information, we would like to give you an overview of how your personal data is processed by us and your rights according to data protection law. Which specific data are processed and how they are used depends largely on the requested or agreed-upon services. Therefore, not all sections of this information will apply to you.
Furthermore, this data protection information may be updated periodically. You'll find the latest version on this page at any time.
Responsible parties
Müller-BBM VibroAkustik Systeme GmbH
Helmut-A.-Müller-Strasse 1 - 5
82152 Planegg (Munich), Germany
Tel. +49 89 264860-0
Email: info.de (at) mbbm-vas.com
You can reach our Data Protection Officer at:
Müller-BBM VibroAkustik Systeme GmbH
c/o activeMind AG Management- und Technologieberatung
Potsdamer Str. 3
80802 Munich, Germany
Tel. +49 89 418560170
Email: datenschutz (at) mbbm-vas.com
The joint responsibility is regulated by an agreement between the companies. ActiveMind AG Management- und Technologieberatung holds the mandate for data protection at Müller-BBM VibroAkustik Systeme GmbH. As far as necessary, the companies access the same personal data as part of the execution of the GDPR. Both companies are hereby independently responsible for the lawful processing of personal data and ensuring data subjects' rights, including the provision of compulsory information. If necessary, the companies support each other during this process.
We process your data for the following purposes and on the following legal basis:
We process personal data in accordance with the GDPR regulations and the Federal Data Protection Act (FDPA) [Bundesdatenschutzgesetz (BDSG)]:
To fulfil contractual obligations (Art. 6 Para. 1 (b) GDPR)
Data processing occurs in order to carry out our service contract with you. This also includes sending out the newsletter by email, which is a contractual service.
Due to statutory requirements (Art. 6 Para. 1 (c) GDPR)
We are subject to various legal obligations that result in data processing. These include, for example, tax laws, as well as the respective statutory accounting, responding to inquiries and meeting the requirements of supervisory or law enforcement authorities and compliance with tax audits and reporting obligations. In addition, the disclosure of personal data within the context of administrative/judicial measures may be required for purposes of gathering evidence, prosecuting or enforcing civil claims.
Within the scope of weighing interests (Art. 6 Para. 1 (f) GDPR)
If required, we process your data beyond actual contractual compliance for the protection of our legitimate interests or those of third parties. Examples of such cases are:
- If you contact us by e-mail or telephone, the data you enter will be stored for the purpose of individual communication with you,
- Enforcement of legal claims and defense in legal disputes, and
- Saving additional contacts in the CRM system for communication.
Who receives your data?
In our company, employees receive your data in order to contact you and for contractual collaboration (including the implementation of pre-contractual measures). Your data will only be forwarded to service providers (processors) when necessary to perform our contractual duties (e.g. support/ EDP maintenance /IT applications, accounting, data erasure). All service providers are obliged to handle your data confidentially pursuant to a commissioned processing contract.
With regard to the data transfer to recipients outside of our company, it should be noted that we only forward required personal data in compliance with the applicable data protection regulations.
Subject to these conditions, recipients of personal data may be:
- public bodies and institutions (e.g. tax authorities, law enforcement authorities) when presented with a statutory or regulatory obligation,
- credit and financial services institutions (processing payment transactions)
- tax consultants, certified public accountants and income/corporate tax auditors (statutory audit mandate).
Is data transferred to a third country or to an international organization?
Your data will only be processed within the European Union and states within the European Economic Area (EEA).
How long will your data be stored?
We process and store your personal data as long as this is necessary to fulfil our contractual and legal obligations. If the data are no longer required for the fulfilment of contractual or legal obligations, these are deleted on a regular basis.
Exceptions to the above-mentioned deletion criteria are for,
- Data required to fulfil the statutory retention requirements, e.g. German Commercial Code [Handelsgesetzbuch (HGB)] and Fiscal Code [Abgabenordnung (AO)]. The respective stipulated periods for retention or documentation are usually six to ten years.
- Data for maintaining evidence in accordance with the legal statute of limitations. According to §§ 195 ff of the German Civil Code [Bürgerlichen Gesetzbuches (BGB)], these statutes of limitations can be up to 30 years, whereby the regular limitation period is three years.
If the data processing takes place in our legitimate interest of that of a third party, the personal data will be deleted as soon as this interest no longer exists. The aforementioned exceptions also apply here.
Which data protection rights do you have?
Every data subject has the right of access pursuant to Art. 15 GDPR, right to rectification pursuant to Art. 16 GDPR, right to erasure pursuant to Art. 17 GDPR, right to restriction of processing pursuant to Art. 19 GDPR, right to object from Art. 21 GDPR as well as the right to data portability from Art. 20 GDPR.
With the right to access and the right to erasure, the restrictions in accordance with §§ 34 and 35 BDSG apply. In addition, there is a right to lodge a complaint with a competent data protection supervisory authority (Art. 77 GDPR). Our supervisory authority is:
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 27
91522 Ansbach, Germany
Tel. +49 (981) 53 1300 | Fax +49 (981) 53 98 1300 | poststelle@lda.bayern.de
Am I obligated to provide data?
Under the terms of the contractual relationship, you may provide the personal information necessary to initiate, carry out and terminate the contractual relationship and to fulfil the respective contractual obligations or those that we are required to collect by law. Without this data, we will not be able to contact you, enter into a contract with you or perform the services detailed therein.
Information on your right to object according to Art. 21 Para. 1 S. 1 GDPR
Case-specific right to object
You have the right to object to the processing of your personal data at any time for reasons arising from your particular situation, provided that this objection was filed in accordance with Art. 6 Para. 1 (f) GDPR (data processing based on a weighing of interests).
If you file an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or if the processing is for the purpose of enforcing, carrying out or defending legal claims.
Recipient of an objection
The objection can be made without any formal requirements with 'Objection' in the subject line, your name and address and should be addressed to:
Müller-BBM VibroAkustik Systeme GmbH
c/o activeMind AG Management- und Technologieberatung
Potsdamer Str. 3
80802 Munich, Germany
Tel. +49 89 418560170 | Email: datenschutz (at) mbbm-vas.com
or by mail to:
Müller-BBM VibroAkustik Systeme GmbH
Data Protection Coordinator
Helmut-A.-Müller-Strasse 1 - 5
82152 Planegg (Munich), Germany
As of: 02.2021