This Data Protection Notice explains how SAʴý uses your personal data and which rights and options you have in this respect. It applies to Personal Data that you provide to SAʴý or which are derived from your contractual relationship or other interaction with SAʴý. How we use information that is gathered by cookies or other web-tracking or analytics technologies is explained in our . Please note that where this notice explains applicable law and your rights, this applies only to personal data which is processed under the EU General Data Protection Regulation. Where the processing of your personal data is not subject to this regulation, different rules may apply under your applicable law.
WHO is Responsible for your personal data?
We, SAʴý GmbH, Leopoldstraße 21, 80802 Munich, Germany are the responsible controller for any personal data you provide to us in connection with our business relationship.
Which categories of Personal data Do We process?
Depending on the nature of our business relationship with you or your organization, we may collect and process in particular the following categories of personal data:
For which purposes do we use your personal data?
Depending on the nature of our business relation, we may process your personal data for the following purposes (“Permitted Purposes“):
Where you have given us your consent or otherwise legally permitted, we may process your personal data also for the following purposes:
Please note: Under the European General Data Protection Regulation (Article 21 (2)) you have the right to object to the use of your personal data for direct marketing purposes, including the profiling described above. Please refer to ” Your data protection rights” below for further explanation of your rights and how to exercise them.
Where your explicit permission is required for any marketing-related communication, we will only provide you with such information if you have opted in. You may opt out at any time if you do not want to receive any further marketing-related types of communication from us. We will not use your personal data for taking any automated decisions affecting you or creating profiles other than described above.
If you have given us your explicit consent in each case, we may also use your special categories of personal data for the following purposes:
On which basis do we process your information?
We will process your personal data for the above Permitted Purposes only
The legal bases for processing of your personal data are set forth in Article 6 of the European General Data Protection Regulation.
How do we collect your personal data?
We may collect this personal data in various ways, including:
Directly from you when you interact with us (e.g., when you voluntarily submit information to our website, or send us an email or other written correspondence or otherwise provide us with information in the course of our business or other relationship).
Indirectly from other sources (e.g., from public records or from a counterparty, typically acting with your consent, who is in possession of the data).
Where do we process personal data?
SAʴý is a globally active enterprise. In the course of our business activities, we may transfer your personal data also to recipients in countries outside of the European Economic Area (“third countries”), in which applicable laws do not offer the same level of data protection as the laws of your home country. When doing so we will comply with applicable data protection requirements and take appropriate safeguards to ensure the security and integrity of your personal data, in particular by entering into the EU Standard Contractual Clauses which are available and by applying other measures required by applicable law. You may contact us anytime using the contact details below if you would like further information on such safeguards.
How do we Protect Your personal data
We maintain physical, electronic and procedural safeguards in accordance with the technical state of the art and legal data protection requirements to protect your personal data from unauthorized access or intrusion. These safeguards include implementing specific technologies and procedures designed to protect your privacy, such as secure servers, firewalls and SSL encryption. We will at all times strictly comply with applicable laws and regulations regarding the confidentiality and security of personal data.
With Whom do we share your PERSONAL DATA?
We may share your personal data as follows:
Otherwise, we will only disclose your personal data when you direct (e.g., if you instruct us to disclose your personal data to a specific third party) or give us (explicit) permission, when we are required by applicable law or regulations or judicial or official request to do so, or when we suspect fraudulent or criminal activities.
How long do we store PERSONAL DATA?
We will hold your personal data as long as required to provide you with the products, services or information you have requested and to execute and administer your business relationship with us. If you have asked us not to communicate with you, we will hold this information as long as required to comply with your request. We are also required to keep certain of your personal data (e.g. relating to business or tax relevant transactions) for certain retention periods under applicable law. Your personal data will be promptly deleted when it is no longer required for these purposes.
YOUR RIGHTS
Subject to certain legal conditions, you may request access to, rectification, erasure or restriction of processing of your personal data. You may also object to processing or request data portability. In particular you have the right to request a copy of the personal data that we hold about you. If you make this request repeatedly, we may make an adequate charge for this. Please refer to Articles 15 to 22 of the EU General Data Protection Regulation for details on your data protection rights.
If you have given us your consent for the processing of your personal data, you may withdraw your consent at any time with future effect, i.e. the withdrawal of the consent does not affect the lawfulness of processing based on the consent before its withdrawal. If you withdraw your consent, we will only continue processing your personal information where there is another legal ground or where we are legally required to do so.
For any of the above requests, please send a description of your personal data concerned and appropriate proof of identity (e.g. your customer number) to the contact details below. We may require additional proof of identity to protect your personal data against unauthorized access. We will carefully consider your request and may discuss with you how it can best be fulfilled.
If you have any concerns about how your personal data is handled by us or wish to raise a complaint on how we have handled your personal data, you can contact us at the contact details below to have the matter investigated. If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the competent data protection supervisory authority in your country.
Are you required to provide personal data?
As a general principle, you will provide us with your personal data entirely voluntary; there are generally no detrimental effects on you if you choose not to consent or to provide personal data. However, there are circumstances in which SAʴý cannot take action without certain of your personal data, for example because this personal data is required to process your orders, provide you with access to a web offering or newsletter or to carry out a legally required compliance screening. In these cases, it will unfortunately not be possible for SAʴý to provide you with what you request without the relevant personal data.
Changes To This Notice
This Data Privacy Notice was last updated in Juli 2022. From time to time, we may make change or amend it as required to reflect any changes to the way in which we use your personal data or changing legal requirements. So you may wish to check back from time to time or whenever you make available personal data to us. Any amended Data Privacy Notice will apply from the date it is posted on our website.
How to get in touch with us
For any questions and comments or in case you want to assert your rights, please contact us directly at legal@alasco.de or our data protection officer: DataCo GmbH, Dachauer Straße 65, 80335 München, E-Mail: datenschutz@dataguard.de