Information on data protection regarding our data processing in accordance with Articles (Art.) 13, 14 and 21 of the General Data Protection Regulation (DSGVO)
Part 1: privacy information about our data processing pursuant to Articles 13, 14 and 21 of the General Data Protection Regulation (GDPR).
We take data protection seriously and hereby inform you how we process your data and what claims and rights you are entitled to under data protection regulations, valid as of May 25, 2018.
entity responsible for data processing and contact details
|Responsible body in the sense of data protection law
KaTech Ingredient Solutions GmbH
|Contact details of our data protection officer:
HEC Harald Eul Consulting GmbH
- purposes and legal basis on which we process your dat
We process personal data in accordance with the provisions of the General Data Protection Regulation (DSGVO), the Federal Data Protection Act (BDSG) and other applicable data protection regulations (details below). Which data is processed in detail and how it is used depends largely on the services requested or agreed in each case. Further details or additions to the purposes of data processing can be found in the respective contractual documents, forms, a declaration of consent and/or other information provided to you (e.g. in the context of using our website or our terms and conditions). In addition, this data protection information may be updated from time to time, as you can see from our website www.katech-solutions.com.
2.1 Purposes for the fulfillment of a contract or pre-contractual measures (Art. 6 para. 1 b DSGVO)
The processing of personal data is carried out for the execution of our contracts with you and the execution of your orders, as well as for the implementation of measures and activities in the context of pre-contractual relations, e.g. with interested parties. In particular, the processing thus serves the provision of our services in accordance with your orders and requests and include the services, measures and activities necessary for this. This essentially includes contract-related communication with you, the corresponding billing and associated payment transactions, credit checks, the verifiability of transactions, orders and other agreements, as well as for quality control through appropriate documentation, goodwill procedures, measures for the control and optimization of business processes and for the fulfillment of general due diligence obligations, management and control by affiliated companies (e.g. parent company); statistical evaluations for corporate management, cost recording and controlling, reporting, internal and external communication, emergency management, billing and tax assessment of operational services, risk management, assertion of legal claims and defense in the event of legal disputes; ensuring IT security (e.g. system and plausibility tests) and general security, including building and facility security, safeguarding and exercising domiciliary rights (e.g., through access controls); ensuring the integrity, authenticity, and availability of data, preventing and investigating criminal acts; monitoring by supervisory bodies or control authorities (e.g., auditing).
2.2 Purposes within the scope of a legitimate interest of us or third parties (Art. 6 para. 1 f DSGVO)
Beyond the actual performance of the contract or preliminary contract, we may process your data if it is necessary to protect legitimate interests of us or third parties, in particular for purposes:
- advertising or market and opinion research, insofar as you have not objected to the use of your data;
- obtaining information and exchanging data with credit agencies, insofar as this exceeds our economic risk;
- the testing and optimization of demand analysis procedures;
- the further development of services and products as well as existing systems and processes;
- the disclosure of personal data as part of due diligence in company sale negotiations;
- for comparison with European and international anti-terrorism lists, insofar as this goes beyond the legal obligations;
- the enrichment of our data, including through the use or research of publicly available data;
- statistical evaluations or market analysis;
- the assertion of legal claims and defense in legal disputes that are not directly attributable to the contractual relationship;
- the limited storage of data if deletion is not possible or only possible with disproportionate effort due to the special nature of the storage;
- the development of scoring systems or automated decision-making processes;
- the prevention and investigation of criminal offences, insofar as not exclusively for the fulfillment of legal requirements;
- building and facility security (e.g. through access controls and video surveillance), insofar as this goes beyond general due diligence requirements;
- internal and external investigations, security audits;
- internal fraud or abuse prevention in connection with the fulfillment of a contract as well as pre-contractual measures, as far as not exclusively for the fulfillment of legal requirements;
- the possible listening in or recording of telephone conversations for quality control and training purposes;
- the receipt and maintenance of certifications of a private or official nature;
- safeguarding and exercising housekeeping rights through appropriate measures such as video surveillance to protect our customers and employees as well as to secure evidence in the event of criminal acts and their prevention as well as to provide evidence of illegal or unethical processes.
2.3 Purposes within the scope of your consent (Art. 6 para. 1 a DSGVO)
Processing of your personal data for certain purposes (e.g. use of your e-mail address for marketing purposes) may also be based on your consent. As a rule, you can revoke this at any time. This also applies to the revocation of declarations of consent given to us prior to the application of the GDPR, i.e. prior to May 25, 2018. You will be informed separately about the purposes and consequences of revoking or not granting consent in the relevant text of the consent.
As a general rule, the revocation of consent only takes effect for the future. Processing that took place before the revocation is not affected by this and remains lawful.
2.4 Purposes for the fulfillment of legal requirements (Art. 6 para. 1 c DSGVO) or in the public interest (Art. 6 para. 1 e DSGVO)
Like everyone involved in business, we are subject to a wide range of legal obligations. Primarily, these are legal requirements (e.g., commercial and tax laws), but also regulatory or other official requirements where applicable. The purposes of processing may include identity and age verification, fraud and money laundering prevention, the prevention, combating and investigation of terrorist financing and asset-threatening crimes, comparisons with European and international anti-terrorist lists, the fulfillment of control and reporting obligations under tax law, and the archiving of data for data protection and data security purposes as well as audits by tax and other authorities. In addition, the disclosure of personal data may become necessary in the context of official/court measures for the purposes of gathering evidence, criminal prosecution or enforcement of civil claims.
- the categories of data we process, insofar as we do not receive data directly from you, and their origin
Insofar as this is necessary for the provision of our services, we process personal data permissibly received from other companies or other third parties (e.g. credit agencies). In addition, we process personal data that we have permissibly taken, received and may process from publicly accessible sources (such as telephone directories, commercial and association registers, civil registers, debtor directories, land registers, the press, the Internet and other media).
Relevant personal data categories can be in particular:
- Personal data (name, date of birth, place of birth, nationality, marital status, profession/industry and comparable data)
- Contact data (address, e-mail address, telephone number and comparable data)
- Address data (registration data and comparable data)
- Payment/coverage confirmation for bank and credit cards
- Information about your financial situation (creditworthiness data including scoring, i.e. data for assessing economic risk)
- Customer history
- Data about your use of the telemedia offered by us (e.g., time of calling up our websites, apps or newsletters, pages/links clicked on by us or entries and comparable data)
- Video data
- Professional position
- recipients or categories of recipients of your data
Within our company, those internal departments or organizational units receive your data that require them to fulfill our contractual and legal obligations or in the context of processing and implementing our legitimate interests. Your data will only be passed on to external bodies in connection with the execution of the contract;
– for the purpose of fulfilling legal requirements under which we are obliged to disclose, report or pass on data, or where the disclosure of data is in the public interest (cf. Section 2.4);
– insofar as external service providers process data on our behalf as order processors or function transferees (e.g. external data centers, support/maintenance of EDP/IT applications, archiving, document processing, call center services, compliance services, controlling, data screening for anti-money laundering purposes, data validation and/or -(e.g., data validation or plausibility check, data destruction, purchasing/procurement, customer administration, lettershops, marketing, media technology, research, risk controlling, billing, telephony, website management, auditing services, credit institutions, printing companies or companies for data disposal, courier services, logistics);
– on the basis of our legitimate interest or the legitimate interest of the third party for the purposes mentioned in section 2.2 (e.g. to authorities, credit agencies, debt collection, lawyers, courts, appraisers, affiliated companies and committees and supervisory bodies);
– if you have given us permission to transfer data to third parties.
We will not pass on your data to third parties beyond this. Insofar as we commission service providers to process your data, they are subject to the same security standards as we are. In other cases, the recipients may only use the data for the purposes for which it was transmitted to them.
- Duration of storage of your data
We process and store your data for the duration of our business relationship. This also includes the initiation of a contract (pre-contractual legal relationship) and the processing of a contract.
In addition, we are subject to various storage and documentation obligations, which result, among other things, from the German Commercial Code (HGB) and the German Fiscal Code (AO). The periods specified there for storage and documentation are up to ten years beyond the end of the business relationship or the pre-contractual legal relationship.
Furthermore, special statutory provisions may require a longer retention period, such as the preservation of evidence within the scope of statutory limitation provisions. According to Sections 195 et seq. of the German Civil Code (BGB), the regular limitation period is three years; however, limitation periods of up to 30 years may also be applicable.
If the data is no longer required for the fulfillment of contractual or legal obligations and rights, it is regularly deleted, unless its – temporary – further processing is necessary for the fulfillment of the purposes listed under section 2.2 due to an overriding legitimate interest. Such an overriding legitimate interest also exists, for example, if deletion is not possible or only possible with disproportionate effort due to the special nature of the storage and processing for other purposes is precluded by appropriate technical and organizational measures.
- processing of your data in a third country or by an international organization
A transfer of data to countries outside the European Union (EU) or the European Economic Area (EEA) (so-called third countries) takes place if it is necessary for the execution of an order/contract from or with you, if it is required by law (e.g., tax reporting obligations), if it is in the legitimate interest of us or a third party or if you have given us your consent.
In this context, the processing of your data in a third country may also take place in connection with the involvement of service providers as part of commissioned processing. Insofar as no decision of the EU Commission on an adequate level of data protection exists for the country in question, there is a risk of access by public authorities without adequate legal remedies. In this context, appropriate contracts (such as EU standard contracts) and additional measures may be used as a basis for the transfer. Information on the appropriate or adequate safeguards and on the possibility of obtaining a copy from you can be requested from the company data protection officer.
- your data protection rights
Under certain conditions, you can assert your data protection rights against us
– Thus, you have the right to receive information from us about your data stored by us according to the rules of Art. 15 DSGVO (if necessary, with restrictions according to § 34 BDSG).
– Upon your request, we will correct the data stored about you in accordance with Art. 16 DSGVO if it is inaccurate or incorrect.
– If you wish, we will delete your data in accordance with the principles of Art. 17 DSGVO, provided that other statutory regulations (e.g., statutory retention obligations or the restrictions under Section 35 BDSG) or an overriding interest on our part (e.g. for the defense of our rights and claims) do not prevent this.
– Taking into account the requirements of Art. 18 DSGVO, you may request us to restrict the processing of your data.
– Furthermore, you may object to the processing of your data pursuant to Art. 21 DSGVO, on the basis of which we must terminate the processing of your data. However, this right of objection only applies in the case of very special circumstances of your personal situation, whereby rights of our company may possibly conflict with your right of objection.
– You also have the right to receive your data in a structured, common and machine-readable format under the conditions of Art. 20 DSGVO or to transfer it to a third party.
– In addition, you have the right to revoke your consent to the processing of personal data at any time with effect for the future (see section 2.3).
– Furthermore, you have the right to lodge a complaint with a data protection supervisory authority (Art. 77 DSGVO). However, we recommend that you always first address a complaint to our data protection officer.
Your requests to use your rights should, if possible, be addressed in writing to the address above or directly to our Data Protection Officer.
- scope of your obligations to provide us with your data
You only need to provide the data that is required for the establishment and implementation of a business relationship or for a pre-contractual relationship with us, or which we are required to collect by law. Without this data, we will generally not be able to conclude or execute the contract. This may also refer to data required later in the course of the business relationship. If we request additional data from you, you will be informed separately of the voluntary nature of the information.
- existence of automated decision-making in individual cases (including profiling)
We do not use any purely automated decision-making processes pursuant to Article 22 of the GDPR. If we do use such a procedure in individual cases in the future, we will inform you of this separately, insofar as this is required by law.
Under certain circumstances, we may process your data in part with the aim of evaluating certain personal aspects (profiling).
In order to be able to provide you with targeted information and advice on products, we may use evaluation tools. These enable needs-based product design, communication, and advertising, including market and opinion research.
Such procedures can also be used to assess your creditworthiness and credit standing and to combat money laundering and fraud. So-called “score values” can be used to assess your creditworthiness and credit standing. Scoring involves calculating the probability, using mathematical methods, that a customer will meet his or her payment obligations in accordance with the contract. Such score values thus support us, for example, in assessing creditworthiness, in decision-making in connection with product transactions, and are used in our risk management. The calculation is based on mathematically and statistically recognized and proven methods and is carried out on the basis of your data, in particular income, expenses, existing liabilities, occupation, employer, length of employment, experience from the previous business relationship, contractual repayment of previous loans and information from credit agencies.
Information on nationality and special categories of personal data according to Art. 9 DSGVO are not processed.
Information about your right to object Art. 21 DSGVO
Ø You have the right to object at any time to the processing of your data that is carried out on the basis of Art. 6 (1) f DSGVO (data processing on the basis of a balance of interests) or Art. 6 (1) e DSGVO (data processing in the public interest), if there are grounds for doing so that arise from your particular situation. This also applies to profiling based on this provision within the meaning of Art. 4 No. 4 DSGVO.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
Ø We may also process your personal data for the purpose of direct marketing. If you do not wish to receive advertising, you have the right to object to this at any time; this also applies to profiling, insofar as it is associated with such direct advertising. We will observe this objection for the future.
Ø We will no longer process your data for direct marketing purposes if you object to processing for these purposes.
The objection can be made form-free and should preferably be directed to:
KaTech Ingredient Solutions GmbH
Every citizen has the constitutionally guaranteed right to determine the use of his or her personal data. For this reason, it is our duty to protect the data you entrust to us when visiting our website. In the following, we would like to show you what data we have about you, what happens to this data and what security precautions we have taken to protect this data from misuse.
Area of validity
This data protection declaration applies to the entire Internet presence, but not to pages of other providers for which you may find links on our pages.
Processing of personal data
At some points on our website, we offer you the opportunity to contact us or to make use of certain services (e.g. enquiries). We use the personal data transmitted in this way only for the one purpose for which it was given to us. Your data will not be passed on to unauthorised third parties.
All employees of our company are trained on the DS-GVO and DSAnpUG-EU and are obliged to maintain data secrecy. Our in-house EDP is continuously adapted to the necessary technical security precautions, the current circumstances and the resulting requirements.
The domain khpartner.com<http://khpartner.com> (katech.info<http://katech.info>) is hosted by SmartHosting, Kemp House, 152 – 160 City Road, London EC1V 2NX. The data recorded during your visit to our Internet pages on this domain (inventory data) as well as traffic data (connection data) are collected, processed and used by SmartHosting in accordance with the statutory provisions. Further information can be found in the General Terms and Conditions of SmartHosting at: https://www.bestwebhosting.co.uk/terms.php.
This information may include your domain name, the pages you view, the time you spend on our website, the browser you use and the country you are in. Our web pages may also contain “cookies” which are sent to your web browser and allow our server to recognise you when you visit our website in the future. Generally, you can set your browser to notify you when you receive a cookie.
For more information about the cookies we use, please contact firstname.lastname@example.org.
Different types of cookies are used on our website for different purposes, referred to as essential cookies, performance cookies and functional cookies. Some cookies may be provided by external third parties to provide additional functionality to our website and these are listed below.
Strictly necessary cookies
These are cookies that are strictly necessary to perform an action you have requested, such as recognising that you are logged in. If you prevent these cookies by adjusting your browser settings, we cannot guarantee that our websites will function during your visit.
On our website we use Google Maps (API) from Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Google Maps is a web service for displaying interactive (land) maps in order to visually present geographical information. By using this service, our location is shown to you and a possible journey is made easier.
When you call up those sub-pages in which the Google Maps map is integrated, information about your use of our website (such as your IP address) is transmitted to Google servers in the USA and stored there. This takes place regardless of whether Google provides a user account via which you are logged in or whether no user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not want your data to be associated with your Google profile, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and evaluates them. Such an evaluation is carried out in particular in accordance with Art. 6 para. 1 lit. f DSGVO on the basis of Google’s legitimate interests in the display of personalised advertising, market research and/or needs-based design of its website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.
Google LLC, based in the USA, is certified for the us-European data protection agreement “Privacy Shield”, which ensures compliance with the level of data protection applicable in the EU.
You can prevent the collection by Google Analytics by clicking on the following link. An opt-out cookie will be set, which will prevent the future collection of your data when visiting this website:
Deactivate Google Analytics
If you have any questions regarding data protection, please do not hesitate to contact us. In this context, we would like to point out that you generally have a free right to information and, if applicable, a right to correction, blocking and deletion with regard to the processing and use of your data. You can revoke your consent at any time.
In detail, you have the right
to request information about your personal data processed by us in accordance with Art. 15 DS-GVO
in accordance with Art. 16 DS-GVO, to demand the correction of incorrect or incomplete personal data stored by us without delay
in accordance with Art. 17 DS-GVO, to demand the deletion of your personal data stored by us, insofar as this does not conflict with overriding laws
demand the justified restriction of the processing of your personal data in accordance with Art. 18 DS-GVO
pursuant to Art. 20 DS-GVO, to receive your personal data that you have provided to us in a structured and machine-readable format or to request that it be transferred to another controller
to lodge a justified objection to processing pursuant to Art. 21 DS-GVO
revoke your consent at any time in accordance with Art. 7 (3) of the German Data Protection Regulation (DS-GVO)
complain to a supervisory authority in accordance with Art. 77 DS-GVO.
In all these cases, please contact the data protection officer of Katech Ingredient Solutions GmbH directly:
HEC Harald Eul Consulting GmbH
Data protection + data security
Auf der Höhe 34
State Data Protection Commissioner
Ms Marit Hansen
ULD – Independent Centre for Data Protection Schleswig-Holstein Holstenstraße 98
Information on the processing of your personal data
Within our company, your data is sent to those internal departments or organisational units that need it to fulfil our contractual and legal obligations (such as managers and specialists who are looking for a new employee or are involved in the decision on filling a position, the personnel department, accounting department, company doctor, occupational safety, etc.) or in the context of processing and implementing our legitimate interests. In this context, we reserve the right in particular to pass on your application to individual employees of companies of the Ingredion Group or KaTech Group in Germany or the United Kingdom in individual cases. Exemplary cases include constellations in which the manager intended for the position is employed by a company other than the appointing company or cases in which employees of the HR department of another group company provide support in the application process.
We will not disclose your data to third parties beyond this unless we inform you of this separately.
Data protection information for applicants can be found here.
Changes to this data protection statement
Due to current circumstances, such as an amendment to the Federal Data Protection Act, we will – if – necessary, update this data protection declaration.