LEGAL INFORMATION

KRIEGER + PARTNER GmbH 
Printmanagement + Production

Uhlenhorster Weg 5
22085 Hamburg
Tel.: +49 (0) 40 22 92 94 -0
Fax: +49 (0) 40 22 92 94 -44
Email: info@kriegerpartner.de

Management: Anja Mehnert, Roy Hübeler

Business purpose: Print production

Trade register:
Registry Court of Hamburg HRB 40 755

VAT ID no.:
VAT ID no, DE 118533491

NOTES ON DATA PROTECTION

General Data Protection Regulation
On 25 May 2018 a new European data protection law came into force, the General Data Protection Regulation, with new rights and obligations, which we are going to tell you about http://eur-lex.europa.eu/legal-content/DE/TXT/PDF/?uri=CELEX:32016R0679&from=de.

Responsible party
The responsible party for this website is:

KRIEGER + PARTNER GmbH 
Herbert-Weichmann-Straße 7
22085 Hamburg
Management Anja Mehnert, Roy Hübeler

Data protection contact
If you have any questions about data protection, please contact Datenschutz@kriegerpartner.de. Emails sent to this address are forwarded directly to our internal contact person for data protection to ensure confidential communication. 

Supervisory authority
The supervisory authority responsible for our company on matters of data protection is the Hamburg regional commissioner for data protection https://www.datenschutz-hamburg.de/. You can contact the authority if, for example, you want to make a complaint regarding data protection. Our regional Bar Council is responsible for matters of ethics.

Personal data / individuals concerned
Personal data is all information that relates to an identified or identifiable natural person (hereinafter ‘person concerned’). A natural person is considered identifiable if they can be directly or indirectly identified in particular by reference to an identifier such as a name, an ID number, location data, online identifier or several specific features that are related to the physical, physiological, genetic, mental, financial, cultural or social identity of this natural person. 

This includes, for example, your customer number with us or IP address. An IP address is an address in a computer network that, like the internet, is based on the internet protocol (IP). It is assigned to devices that are connected to the network and makes the devices addressable and therefore reachable. The IP address is also personal data.

Individuals concerned are either you as our customer, as a person contacting us, or as a contact person in a company with which we have a customer relationship. 

Order processing
If we have data processed on behalf of the data controller, we are obliged to sign a special agreement with the service provider on order processing and check that they have implemented the appropriate security measures, article 28 GDPR. But not every deployment of service providers is subject to article 28 GDPR. With every deployment we check whether article 28 GDPR applies or not.

Our services
Use of our services does not constitute order processing pursuant to article 28 GDPR. We only require your data to carry out the service and to bill you.

If we process address lists for your customers for mailings, or your staff data for business cards, for example, then we are a contractor in the sense of article  28 GDPR.

Lawfulness of processing
The data processing is only lawful, if

  • it is required to fulfil a contract whose contract party is the individual concerned, or to carry out pre-contractual measures related to an enquiry from the individual concerned (article 6 para. 1 sentence 1 lit b GDPR);
  • it is required to safeguard the legitimate interests of the party responsible or a third party, except where such considerations are overridden by the need to protect the interests or fundamental rights and freedoms of the individual concerned, who requires the protection of personal data, in particular if the person concerned is a child (article 6 para. 1 sentence 1 lit f GDPR); or
  • the person concerned has given their consent for processing their personal data for one or several specific purposes (article 6 para. 1 sentence 1 lit a GDPR).

For customers as the person concerned, article 6 para. 1 sentence 1 lit b GDPR applies as the legal basis, for promotional measures or to state your name as reference or by email we require your consent under article 6 para. 1 sentence 1 lit a GDPR).

Objection until revoked
In the case of objection, data processing is considered permissible on a legal basis until you file an objection. Objection comes into effect for data processing that is related to article 6 para. 1 sentence 1 lit f GDPR. In the case of objection we have a right to check whether the justified reasons outweigh the reasons for data handling. In this case, processing will be restricted at your request.

If you have given consent for data processing, you have the right to revoke your consent. Our data processing is only based on consent if we expressly inform you or if you expressly have to give your consent.

For objections or revocation, please contact Datenschutz@kriegerpartner.de.

Storage period
We store your data for as long as we require it in order to implement the mandate relationship. Tax regulations oblige us to store invoice and payment data for a period of ten years, eg. § 14 b VAT Law https://www.gesetze-im-internet.de/ustg_1980/__14b.html. 

Your rights
You have the following rights regarding personal data:
  the right to information
  the right of access,
  the right to rectify or erase data,
  the right to restrict processing,
  the right to data portability,
  the right to opposition and revocation.

Contact
If you contact us by email, we will store all the necessary data so that we can answer your query. 

If you contact us by telephone, we will store information such as your phone number and information about your query. Your phone number is stored on the phone system, insofar as you transfer it and is regularly overwritten.

Customer relationship
Insofar as you enter into a customer relationship with us, we store all information arising as part of the customer relationship in our customer administration software and in paper form in the customer file. 

Reference
We will seek your consent to use your name as a reference.

Possible recipients
Possible recipients of your data are, for example, printing companies.

Email communication
We regularly communicate by email in the interests of quick processing. Email communications are not encrypted, unless you expressly request another form of communication.

Version of data protection notes
This is the first version of the data protection notes, valid from 05/2018.

DeutschEnglish