​Art. 12 GDPR Transparent Information

​1. Contact details of the person responsible for processing
​The person responsible within the meaning of the General Data Protection Regulation is:
​SAMAG Deutschland GmbH
Mr. Michael Saur, Mr Thomas Haberland
Poststraße 37, 73033 Göppingen, Germany
Telephone: 07161/98333-0
E-Mail: info@samag-gmbh.de

The data protection officer has been appointed:
Mr. Stephan Hartinger
Coseco GmbH
Telephone: +49 8232 80988-70
E-Mail: datenschutz@coseco.de


​2. Which sources are used to collect personal data?
​We process personal data that we receive directly from our customers as part of our business relationship. We also process personal data that we receive from other companies, e.g. B. for the execution of orders, for the fulfillment of contracts or on the basis of a consent given by you.


Personal data relevant to us can be:
​•    Company
•    First name
•    Last name
•    Street
•    ZIP / City
•    Email
•    Telephone

​Additionally, it may be necessary that the date of birth must be recorded within the framework of funded projects.

​2.1 Customer Contact Information
​In the course of the business initiation phase and during the business relationship, in particular through personal, telephone or written contacts, initiated by you or one of our employees, additional personal data is generated, e.g. B. Information about the contact channel, date, occasion and result; (Electronic) copies of correspondence and information about participating in direct marketing activities.


​3. What purposes your data is processed for and for what legal basis?
​We process the aforementioned personal data in accordance with the provisions of the EU-General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG):

​When processing personal data for which we obtain the consent of the data subject, Article 6 (1) (a) GDPR serves as the legal basis.

​When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Article 6 (1) (b) GDPR serves as the legal basis. This regulation also includes processing operations that are necessary to carry out pre-contractual measures.

​With regards to the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 Para. 1, lit. c) GDPR serves as the legal basis.

​If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Article 6 (1) (f) GDPR serves as the legal basis for.


​4. Transfer of data to third parties
​Within our company, only those persons and departments receive your personal data who need it to fulfill our contractual and legal obligations.

​We transfer data to third parties if we need them to fulfill a contractual obligation.

​In addition, we transfer data to third parties if there is a legal obligation to do so. This is the case when state institutions (e.g. authorities and offices) request information in writing, there is a court order or a legal basis allows the disclosure.


​5. Storage duration of data/deletion deadlines
​We process and store your personal data as long as it is necessary to fulfill our contractual obligations and for all other purposes mentioned in 3, or as provided by the retention periods required by law.

​If the data is no longer required for the fulfillment of contractual or legal obligations, it will be regularly blocked or deleted in accordance with legal regulations for further processing.


​6. Data protection rights of the data subject
​If you have any questions about your personal data, you can contact us in writing at any time.

​According to the GDPR, you have the following rights:
​•    The right to information (sub-item Art. 15 GDPR)
•    The right to rectification (Art. 16 GDPR)
•    The right to erasure (Art. 17 GDPR)
•    The right to restriction (Art. 18 GDPR)
•    The right to data portability (Art. 20 GDPR)
•    The right to object (Art. 21 GDPR)
•    Right of appeal to the data protection supervisory authority (Art. 77 GDPR in conjunction with Section 19 BDSG)
•    Right to withdraw consent under data protection law (Art. 7 Para. 3 GDPR)


​7. Statutory or contractual regulations for the provision of personal data as well as possible consequences of non-provision
​We would like to point out that the provision of personal data is required by law in certain cases (e.g. tax regulations) or can result from a contractual arrangement (e.g. information on the contractual partner). For example, it may be necessary for the conclusion of a contract that the person concerned/the contractual partner must provide their personal data so that we can process their request (e.g. order) at all. There is an obligation to provide personal data, especially when concluding contracts. If no personal data is provided in this case, the contract cannot be concluded with the person concerned. Before the data subject provides personal data, the data subject can contact our data protection officer or the person responsible for processing. The data protection officer or the person responsible for processing then informs the data subject whether the provision of the required personal data is required by law or contract or is necessary for the conclusion of a contract and whether the concerns of the data subject result in an obligation to provide the personal data or what consequences a failure to provide the requested data has for the person concerned.


​8. Legal existence of automated decision-making (including profiling)
​As a responsible company, we do not use automatic decision-making or profiling in our business relationships.