Data protection declaration for customers, suppliers and users of the website of MERCOM Außenhandelsgesellschaft mbH

MERCOM Außenhandelsgesellschaft mbH (hereinafter “the Company”)  is grateful for your interest in our company and our products and welcomes you to our website. With the following information, we would like to give you as a customer or potential customer of our products/services, as a supplier or visitor to our website an overview on the processing of your personal data by us and your rights under data protection law.

The protection of personal data is of great importance to us. Personal data are provided on a voluntary basis. The Company processes such data in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the German Data Protection Act (BDSG).

In the following, we will describe how your data are processed in connection with our business relationship while you are on our website.

  1. Controller

The controller in terms of processing your data is the Company. Exceptions in this connection will be explained in this data protection declaration.

Our contact data are as follows:

MERCOM Außenhandelsgesellschaft mbH
Leopoldsweg 4 a
61348 Bad Homburg
Tel.: +49 6172 76198 40

  1. Personal data

Personal data are individual data on personal or factual circumstances of an identified or identifiable natural person. This includes information such as IP address, your correct name, address, telephone number and date of birth. Information that cannot be matched directly to your real identity such as favoured websites or the number of users of a website is not personal data.

  1. Data categories processed

Within the scope of our business relationship and the use of our website, the following data categories are processed:

  • Personal master data (name, date of birth, place of birth, nationality)
  • Contractual master data (e.g. contractual relationship, interest in products or a contract)
  • Communication data (e.g. telephone, E-mail, address, IP address)
  • Customer history
  • Contract billing and payment data
  • Planning and control data
  • Advertising and sales data (including webscores)
  • Documentation data (e.g. minutes of meetings)
  • Information provided (by third parties such as credit agencies or from public records)
  • Connection details of the computer making the enquiry  (e.g. the date and duration of the visit to the website)
  • Identification data of the Internet browser used
  1. Legal basis and purposes of data processing

Both we and providers working for us will process your personal data on the following legal basis and only for specific purposes:

4.1 A contractual basis (preparation, performance, termination) according to Article 6, paragraph 1, lit. b), GDPR

  • Answering queries and performing pre-contractual measures
  • Preparation, negotiation and performance of a contract with you
  • Granting access to certain information and offers

4.2 Legal obligation, Article 6 paragraph 1 sentence 1 lit. c) GDPR

  • Decree by an official authority or a court-of-law
  • Compliance with statutory obligations of retention

4.3 A legitimate interest of [Company], Article 6, paragraph 1, sentence 1, lit. f) GDPR)

  • Direct marketing
  • Improving products and services
  • Communication with customers when contact is first made by E-mail
  • To establish or protect legal claims or as a defence against legal action
  • To prevent improper use or other unlawful activities
  • Protection of data integrity
  • Measures for securing buildings and systems (such as admission control)
  • Exchange of data with credit bureaus (such as SCHUFA) so as to determine credit standing or default risks

4.4 Consent, Article 6 paragraph 1 lit. a) GDPR

  • Sending information on pricing
  • Possibility to make contact through the website

4.5 Necessity, Section 25 (2) No. 2 TTDSG

  • Storage and retrieval of consent-free cookies

4.6 Consent, Section 25 (1) TTDSG

  • Data processing for cookies that require consent
  1. Transfer of data

Your personal data will not be transferred to third parties unless this is required for the purpose of performing the contract, you have given your express consent or we have a legitimate interest in such data transfer.

Within the Company, those units will be granted access to your data that need them in order to comply with our contractual and statutory obligations. Service providers and agents appointed by us under contract data processing arrangements may also receive the data for these purposes. Among others, these are companies in the categories IT services, logistics, printing services, telecommunication, collection of receivables, consulting as well as sales and marketing.

As far as passing on data to recipients outside our Company is concerned, it must first be kept in mind that we will pass on only necessary personal data, observing all regulations on data protection. As a matter of principle, we may pass on information about you only if this is required by law, you have given your consent or we have otherwise been granted authority. Under these circumstances, recipients of personal data may, for example, be:

• Public authorities and institutions (such as tax authorities, judicial bodies, authorities prosecuting criminal acts) if based on a statutory or regulatory obligation

• Auditors

• Service providers whom we involve in connection with contract data processing relationships

To the extent we use external providers, these will be selected carefully and committed to comply with all data protection rules pursuant to Article 28 GDPR.

  1. Transfer of personal data to third countries

Data transfer to bodies in states outside the European Union (so-called third countries) will take place to the extent

  • this is required for performance of the contractual relationship (such as shipment orders),
  • it is required by law (such as obligatory reporting under tax law) or control of criminal acts),
  • it is required for maintaining the IT operation of the Company
  • we have a legitimate interest in such a data transfer, or
  • you have given us your consent.

When data are transferred to a body in a third country, relevant guarantees ensure that the data protection level of the European Union is observed.

  1. Pricing information

For personalisation of pricing information, we will store personal data such as the first name, last name and company name. These data will exclusively be used for sending the requested information and for documenting your consent. You may revoke your consent to storing data, the E-mail address and its use for sending pricing information at any time with an effect for the future, for example by clicking on the link “Unsubscribe” in the newsletter.

  1. Cookies

We use cookies on our website which are technically required for the individual presentation of its contents. Cookies are small text files which are filed on your computer when you visit our website. This enables us to customise our website for the user. The data used by a cookie, for example language settings, are stored on your computer. If you do not wish the use of cookies, please change the settings in your Internet browser on cookie management.

  1. External links

Our online offering may contain links to third-party websites – i.e. providers not connected to us in any way. Once you have clicked on the link, we have no influence on the collection, processing and use of personal data possibly transferred to the third party as a result of clicking (such as the IP address or the URL of the website on which the link is located) any longer since we naturally have no control over the behaviour of third parties. We cannot accept any responsibility for the processing of such personal data by third parties.

  1. Data security

Our staff and the providers we have hired are committed to confidentiality and compliance with the provisions of the applicable data protection laws. The Company takes adequate technical and organisational security measures to protect your personal data against loss, modification, destruction, access by unauthorised persons or unlawful transfer. Our security measures are being improved on an ongoing basis in accordance with technological development.