Skip to main content

Data protection information for customers, suppliers and service providers

Last update: 21/01/2021

The data processing of SENSETORY GmbH, Lindenstraße 14, 50674 Cologne, (represented by the managing directors Hanswerner Bendix and Christian Frens), as the responsible person in the sense of Art. 4 No. 7 GDPR shall be based on the legal provisions.

When concluding a contract with us for business purposes, for example with customers, suppliers, service providers and commercial buyers of our services, personal data in the sense of Art. 4 No. 1 GDPR may also arise. Regarding the business relationship with the contractual partner, this may be in particular its name and contact details if the contractual partner is a natural person, or corresponding data on persons authorised to represent and employees and organs and / or vicarious agents or deviating recipients of our services are processed by us. In the following, the group of persons affected by our data processing is referred to as a whole as “business partners”.

1. Use of data for contract processing and internal organisation
Contract initiation and processing

When a business partner makes an inquiry with us or enters into a contract with us, we require and process certain data. In particular, the following data shall be processed:

Data of the business partner as well as of organs and employees of the business partner

  • Company name and, if applicable, addition of legal form,
  • First name and surname of the owner and / or authorised representative,
  • Address data (invoice address, delivery address),
  • Telephone number, fax number, mobile number if applicable, email address,
  • Tax data (VAT ID No.),
  • Commercial register details,
  • Management,
  • Branches (addresses, opening hours),
  • If applicable, bank details (IBAN, BIC),
  • If applicable, sales information (business partner logo, pictures of persons and objects, graphics, brief description of the business partner),
  • Legal information (terms of contract, data protection declaration,
  • Registration date with us,
  • Data on the admission, exclusion and termination of the business partner (reason for exclusion, exclusion date, exclusion period if applicable, reason for termination, termination date, termination declarations or corresponding data on admission),
  • Article data (test objects),
  • If applicable, subscription rights, transfer rights
  • If applicable, qualifications,
  • Data from marketing (reactions to offers, etc.),
  • Data for pricing
  • the customer number
  • if applicable, user and access data for online accesses created by us as well as related usage data (such as login times, page views, file retrievals, etc.).

Transaction-related data

  • Transaction data for the individual orders, (if applicable, purpose of the order, tender data, order performance status, invoice address, delivery address, creation time of the order, execution date of the services, designations and identifications for the order and / or reason for the order and the item to be checked and / or matched, such as item designation, item number, award),
  • Statistical data on transactions,
  • Communication content with the business partner and / or third parties named as recipients of invoices and services,
  • Settlement data for payments (for example, payment obligations, payment amount, settlement period, payment type),
  • If applicable, ratings and tasting results,
  • Data on open items,
  • Credit notes (number, reason, business partner, payment types),
  • If applicable, data on different producers, clients or invoice recipients,
  • If applicable, data on authorised recipients of test results,
  • Metadata relating to the retrieval or receipt of services that we have provided (dispatch, receipt, login details where applicable, etc.)

We use and store personal data within the framework of the legally permissible possibilities for the initiation of the contract and the contract processing and related services, warranties and guarantees as well as for the handling of your other requests and pass on data only to the extent necessary for these purposes (such as to logistics companies, payment service providers, different invoice recipients), (legal basis Art. 6 para. 1 sentence 1 lit. b GDPR).

Passing on of test results
In particular, we shall pass on the test results of our services together with details of the test object and the corresponding client data to the recipients approved by you for the purposes specified in the test order or shall make the test results accessible to these recipients and / or to employees designated by them, e. g. via online access. For this purpose, we use the help of service providers (see Internal Organisation below). The recipients may also be located in third countries, i. e. countries outside the European Union, as determined by you. In this case, if personal data are included in the transfer, we shall rely on Art. 49 para. 1 a) of the GDPR and shall provide you with information about existing possible risks of such data transfers without an adequacy decision being available and without providing appropriate warranties. Ask for them if necessary. If you have indicated a recipient in a third country and we have not informed you of any risks, this is a case in which we only transfer anonymised data to this recipient.

Operational organisation
Furthermore, it is used for legal defence and the pursuit of claims in the protection of our legal interests (Art. 6 para. 1 sentence 1 lit. f GDPR), in the context of legal obligations (such as recall cases, receipts for tax authorities) on the basis of Art. 6 para. 1 lit. c GDPR and within the framework of our interests in a legally compliant and efficient implementation of the operational organisation (also by transferring it to persons bound to professional secrecy, such as tax advisors or lawyers; Art. 6 para. 1 sentence 1 lit. f GDPR) or by transferring it to organisationally engaged service providers, which we have contractually obligated to comply with data protection basics according to Art. 28 GDPR.

Internal organisation

We use IT software and hosting services from service providers within the framework of providing services and fulfilling your requests and our contractual obligations in pursuit of our interests in efficient and secure business and contract performance. Your data concerning your requests, orders and logins shall also be processed with the help of the services of these service providers.

As far as required by law and not already secured by professional confidentiality regulations, we have contractually secured the access and the secure as well as confidential treatment of your data in order processing cases (legal basis Art. 6 para. 1 lit. f GDPR).

3. Duration of data processing
Your personal data shall be stored until the stated purposes have been achieved and / or for as long as we have a legitimate interest in storing it.

Afterwards, the data shall be deleted unless other agreements have been made with them or statutory archiving obligations exist (e. g. due to commercial or tax law). In the case of legally required archiving, the data shall be blocked for other accesses. These documents shall be deleted and destroyed after expiry of the legal retention periods within the framework of regular campaigns in accordance with data protection regulations.

If you have consented to the collection, processing and use of your data, we will store and use your data for an indefinite period of time until you revoke your consent or the purpose for which you gave your consent no longer applies. Afterwards, the consent and processing data shall be archived until the statute of limitations expires (regularly three years) for legal defence purposes (legal basis Art. 17 para. 3 lit. e GDPR). No contractual obligation to store data shall arise from this information.

4. Advertising and marketing
We are interested in maintaining the customer relationship with you, acquiring new customers, reactivating old customers and providing information and offers to our customers and the contact persons working for them. In order to safeguard these legitimate interests, we process your data on the basis of Art. 6 para. 1 lit. f of the GDPR (also with the help of service providers) in order to provide you with information and personalised offers from us and to improve our information and offers. We may also provide for your separate consent to be obtained outside of this document (e. g. for an email newsletter) and in these cases base our use of data on Art. 6 para. 1 lit. a GDPR. In safeguarding these interests, we use and store your personal data within the framework of the legally permissible possibilities for advertising purposes, insofar as this is legally permissible without separate consent or within the framework of a separate consent granted by you.

You may object to the use or disclosure of your personal data for advertising purposes at any time with effect for the future from the date of receipt and / or revoke your consent accordingly. Data processing carried out prior to the receipt of the objection or revocation shall remain unaffected.

5. Your rights
You have the right to information, correction, deletion, restriction of processing as well as transferability of personal data. Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, your place of work or the place of the alleged infringement, if you are of the opinion that the processing of personal data concerning you infringes legal provisions.
For a detailed description of these rights, please refer to our data protection information on the use of data when visiting our website. You can find this representation at: www.sensetory.com/datenschutz or feel free to request them from us.

6. Contact
If you have any questions or wish to exercise your rights, please contact our customer service.

SENSETORY GmbH
Lindenstraße 14
Hinterhaus, 4. OG
50674 Cologne

Email: mail@sensetory.com
Telephone: +49 (0)221 – 92428-243