nach oben

B Data protection information for communication

Please also note our applicable general data protection information and the definitions/provisions.

1 General processing purposes, legal basis

Personal data (hereinafter referred to as "DATA") is processed in order to communicate with data subjects by post, telephone or electronically (e.g. by email, web form, chat, video conference, newsletter).

(A)    Contractual communication

We mainly communicate with data subjects in order to conclude a contract.

  • to fulfil,
  • to initiate or
  • to be processed.

The legal basis for this processing is Article 6  (1) b) GDPR.

(B)    Mandatory communication

In the context of contractual processing, but not exclusively, it may be necessary to communicate with you or third parties, for example with insurance carriers, in order to fulfil a legal obligation to which we are subject.
The legal basis for this processing is Article 6 (1) c) GDPR.

(C)    Other communication

In rare cases, it may be necessary for us to communicate with you or third parties in order to protect the vital interests of a natural person.
The legal basis for this processing is Article 6 (1) d) GDPR.
Also in rare cases, communication may be necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
The legal basis for this processing is Article 6 (1) e) GDPR.

(D)    Authorised communication

We occasionally inform customers about new products, services (e.g. training dates), trade fairs or promotions on the basis of our legitimate interest in advertising similar/kindred products or related services in accordance with Article 6 (1) f) GDPR.

If you violate our rights or the rights of third parties, including during communication, we may process the DATA for legal defence in accordance with Article 6 (1) f) GDPR, which is also our legitimate interest.

(E)    Voluntary communication

In all other cases, communication is voluntary, for example if you send us an unsolicited message or subscribe to a newsletter.
The legal basis for this processing is Article 6 (1) a) GDPR.
You give your consent through an explicit act of confirmation, which may also consist of you providing us with DATA that is not required and not mandatory (voluntary information). You are also free to use data that does not reveal your identity.

2 Recipients

Recipients are all persons/departments that are involved in the communication in accordance with its purpose. These are all internal departments involved in the purpose of the communication, e.g. specialist department(s), HR and management in the case of an application, but may also be external parties (third parties) in individual cases, e.g. in the case of legal advice related to the purpose of the communication.

If a recipient (third party) is not subject to a statutory duty of confidentiality, in particular in accordance with Section 203 of the German Criminal Code (StGB), or was not included in the communication with the knowledge of the data subject, DATA will only be transferred to them if the data subject has given their prior consent.

  • has given consent or
  • has been informed about the recipient, the scope of the transfer and the legal grounds, or

a legal ground authorises the transfer and the recipient has been informed of any existing obligation to provide information in accordance with Article 14 GDPR.

In email communication, all servers used for message transport receive at least sender and recipient information; however, the content is only readable if it is not encrypted. This data is also sent to all recipients who (also) receive the email.

3 Data transfer to a third country

We do not intend to transfer DATA to a third country or an international organisation outside of the communication expressly requested by you. Please note, however, that in the case of communication/data transmission via/on the Internet, it may be technically possible for a message to be routed from us to you or vice versa via a server in an insecure third country, especially if you are located in a third country yourself. As far as possible, we have therefore taken appropriate technical and organisational measures to ensure the security of processing.

4 Data security

Our e-mail service is located on servers in Germany. DATA is always transmitted in encrypted form. To protect the security of your DATA during transmission, we use state-of-the-art encryption methods.

We recommend using a secure postal service for particularly sensitive data.

5 Specific deletion periods

A statutory retention period of six or ten years applies to contract/balance sheet-related communication. After expiry of this period(s), the DATA is automatically deleted.

6 Web form

Website contact form (https://www.dsd-steel.com/de/direkter-kontakt)

To process an enquiry, we require at least an e-mail address and the reason for the enquiry (message).
If the enquiry relates to a product or service offered by us, the processing is carried out to initiate a contract in accordance with Article 6 (1) b) GDPR, otherwise in accordance with Article 6 (1) a) GDPR (consent).
You give your consent by voluntarily entering the personal data not required in this respect in the form fields and then clicking on "Request now!" [see also number 1 (E)].

Status of the data protection information: October 2023