Last revised: 07.07.2020
If you have an inquiry, ask for a quote from us or conclude a contract with us, we will process your personal data. We also process your personal data among other things in order to meet statutory obligations, to protect a legitimate interest in the business relationship with you or on the basis of consent granted by you.
Depending on the legal basis, the personal data will fall under the following categories:
The processing of the aforementioned categories of personal data is necessary in order to achieve the following purposes:
The legal basis for the processing is provided by Article 6 (1)(b), (c) and (f) GDPR or your express consent pursuant to Article 6 (1)(a) GDPR. The processing of personal data is necessary in order to achieve the aforementioned purposes, including the execution of the (contractual) business relationship with the business partner. Our legitimate interest is established by the aforementioned purposes of data collection.
If the aforementioned personal data is not provided or if it cannot be collected, it may be the case that the individual purposes described cannot be achieved.
If an express retention period is not stated at the time of collection (e.g. in accordance with a declaration of consent), your personal data will be erased if it is no longer required in order to fulfil the purpose for which it is stored, unless statutory retention requirements (e.g. retention periods required by tax and commercial law) require otherwise.
Some processing is performed by companies within the STIHL Group. Data is therefore transferred regularly within the Group. As a rule, the data is transferred on the basis of a contract data processing agreement. In other cases, the legal basis for the data transfer is provided by Art. 6 (1)(f) GDPR, whereby our legitimate interest lies in the efficient design of our processes.
We transfer personal data to courts, supervisory authorities or law firms insofar as this is permitted by law and necessary in order to comply with applicable law or assert, exercise or defend legal rights.
When we work with service providers (so-called contract data processors), e.g. IT maintenance service providers, these only act in accordance with our instructions and are required by contract to comply with the applicable requirements under data protection law.
If the service providers are located in countries outside of the European Economic Area (“third countries”), personal data is only transferred if the data transfer is made in accordance with the principles of the so-called Privacy Shield, on the basis of so-called standard contractual clauses of the EU Commission or if an adequacy decision by the EU Commission exists.
In addition to the right to withdraw the consents you have given us, you have the following further rights provided the respective statutory requirements are met:
Under the conditions of Art. 21 (1) GDPR, the data processing can be objected to on grounds relating to the particular situation of the data subject.