Zeller + Gmelin GmbH & Co. KG,
Südöl Mineralöl-Raffinerie GmbH,
Südöl GmbH Umwelt Service-Recycling, Südöl Recycling GmbH and
ZG Fluidmanagement GmbH
in accordance with the General Data Protection Regulation (GDPR)
This document informs you about the processing of your personal data by Zeller + Gmelin GmbH & Co KG, Südöl Mineralöl-Raffinerie GmbH, Südöl GmbH Umwelt Service-Recycling, Südöl Recycling GmbH and ZG Fluidmanagement GmbH and the rights to which you are entitled under data protection law.
Responsible body/data protection
Zeller+Gmelin GmbH & Co KG
Schlossstrasse 20
73054 Eislingen
Germany
Phone: +49 7161 802 0
E-mail: info@zeller-gmelin.de
Website: www.zeller-gmelin.de
Contact Data protection
SÜDÖL Mineralöl-Raffinerie GmbH
SÜDÖL GmbH Environmental Service – Recycling
SÜDÖL Recycling GmbH
Schlossstrasse 20
73054 Eislingen/ Fils
Germany
Phone: 07161 802 301
E-mail: info@suedoel.de
Website: www.suedoel.de
ZG Fluidmanagement GmbH
Schlossstrasse 20
73054 Eislingen
Phone: +49 7161 802 0
E-mail: info@zg-fm.de
Website: www.zg-fm.de
Categories/origin of the data
We process the following personal data as part of the contractual relationship and for the initiation of the contract:
- Contact details (such as first and last names of the current and, if applicable, previous contact persons as well as name affixes, company name, mobile and landline telephone number (telephone number with extension), business e-mail address)
- Job-related data (e.g. function in the company, department)
We generally receive your personal data from you as part of the contract initiation process or during the ongoing contractual relationship. Exceptionally, your personal data may also be collected from other sources in certain constellations. This includes occasion-related queries regarding relevant information from credit agencies, in particular regarding creditworthiness and credit behavior.
In the IT environment, we rely on products from Microsoft Corporation, among others. The following categories of data may be processed in the course of using the IT systems:
- Functional data (data absolutely necessary for the provision of services)
- Content data (content data that is processed as part of the services)
- Diagnostic & log data (technically logged data required for maintenance, troubleshooting and, in some cases, further development)
These data categories are collected directly from you. We will be happy to provide you with further information on data processing in specific IT systems on request.
We process the following personal data as part of our online meetings using Microsoft Teams:
- Communication data (e.g. your e-mail address, if you provide it personally)
- Log files, log data
- Metadata (e.g. IP address, time of participation, etc.)
- Profile data (e.g. your user name, if you provide this yourself)
We would like to point out that we are not responsible for further data processing, for example in connection with accessing the MS Teams website and/or installing the MS Teams app.
Microsoft reserves the right to process customer data for its own business purposes. We have no influence on this data processing by Microsoft. To the extent that Microsoft Teams processes personal data in connection with its business purposes, Microsoft is an independent controller for these data processing activities and as such is responsible for compliance with all applicable data protection regulations. If you require information about the processing by Microsoft, please refer to the relevant Microsoft statement.
Purposes and legal bases of data processing
When processing your personal data, the provisions of the GDPR, the BDSG and other relevant legal provisions are always complied with.
Your personal data will be processed exclusively for the implementation of pre-contractual measures (e.g. for the preparation of offers for products or services) and for the fulfillment of contractual obligations (e.g. for the implementation of our service, the supplier contract or for order/order/payment processing) (Art. 6 para. 1 lit. b GDPR) or if there is a legal obligation to process (e.g. due to tax law requirements) (Art. 6 para. 1 lit. c GDPR). The personal data was originally collected for these purposes.
Your consent to data processing can, of course, also constitute a data protection authorization provision (Art. 6 para. 1 lit. a GDPR). Before granting consent, we will inform you about the purpose of the data processing and about your right of withdrawal in accordance with Art. 7 para. 3 GDPR. If the consent also relates to the processing of special categories of personal data in accordance with Art. 9 GDPR, we will expressly inform you of this in advance.
We are also interested in maintaining the customer relationship with you and sending you information and offers about our products/services by email. We therefore process your data in order to send you relevant information and offers (Art. 6 para. 1 lit. f GDPR). We use the email marketing tool Brevo for this purpose. It is provided by the newsletter dispatch service provider Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin.
We want to constantly improve and develop ourselves and our products. With the help of Brevo, we can better understand user behavior, as we receive information about whether and when the newsletter has been opened and whether and, if applicable, which links have been clicked on.
As part of the newsletter registration, the following data in particular, first name/surname, e-mail address, user behavior are processed and stored.
The legal basis for this is Art. 6 para. 1 lit. a GDPR.
You can find more detailed information at https://www.brevo.com/de/legal/.
You can revoke your consent at any time without giving reasons by e-mail to datenschutz@zeller-gmelin.de or by post or telephone using the contact details given above.
Your personal data will only be processed for the detection of criminal offenses under the conditions of Art. 10 GDPR.
Storage duration of the data
As soon as your data is no longer required for the above-mentioned purposes or you have withdrawn your consent, it will be deleted by us. Data will only be stored beyond the end of the contractual relationship in cases where we are obliged or entitled to do so. Regulations that oblige us to retain data can be found, for example, in the German Commercial Code or the German Fiscal Code. This may result in a retention period of up to ten years. Statutory limitation periods must also be observed.
Recipients of the data/categories of recipients
In our company and in our group of companies, we ensure that only those departments and persons receive your data who need it to fulfill our contractual and legal obligations.
In certain cases, service providers support our specialist departments in the fulfillment of their tasks. These include IT service providers, shipping service providers, payment services and collection service providers. The necessary data protection contracts were concluded with all service providers.
In addition, in cases prescribed by law, we are obliged to transmit certain information to public authorities, such as: Tax authorities, law enforcement authorities and customs authorities.
Third country transfer/intention to transfer to a third country
We transfer your personal data to service providers or group companies outside the European Economic Area. Compliance with the level of data protection is ensured by: e.g. EU standard contractual clauses/binding corporate data protection regulations and, if necessary, additional suitable guarantees, etc.
When selecting service providers, an attempt is made to use European service providers (service providers within the European Economic Area). However, this is not always possible – for example in the case of Microsoft. If service providers from third countries are used, care is taken to ensure that the configuration is as restrictive as possible.
(In the case of Microsoft, for example, data processing in Europe is agreed. In addition, the configuration is restricted by IT experts and individual processing operations are coordinated with the data protection officer).
Rights of the data subjects
Your rights as a data subject are standardized in Art. 15 – 22 GDPR.
This includes:
- Right to information (Art. 15 GDPR)
- Right to rectification (Art. 16 GDPR)
- Right to erasure (Art. 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to object to the processing (Art. 21 GDPR)
- Right to data portability (Art. 20 GDPR)
To assert these rights, please contact: datenschutz@zeller-gmelin.de. The same applies if you have any questions about data processing in our company or wish to withdraw your consent. You can also lodge a complaint against the data processing with a data protection supervisory authority.
If we process your data to protect legitimate interests, you can object to this processing at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions.
We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defense of legal claims.
If we process your personal data for the purpose of direct marketing, you have the right to object without giving reasons; this also applies to profiling insofar as it is associated with such direct marketing. If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes.
Obligation to provide the data
You are obliged to provide certain personal data in order to enter into or process a contractual relationship. This is necessary for the establishment, execution and termination of the contractual relationship and the fulfillment of the associated contractual and legal obligations. It is not possible to execute the contract without providing this data.
Automated decisions in individual cases
We do not use purely automated processing to reach a decision.
