Description and scope of data processing

In addition to business contact information that we receive through active contact, e.g. via contact form, e-mail, telephone, employees and managing directors of our company receive business cards or lists of participants at events that contain contact information. In addition, business contact information is collected and processed during the registration of business partners and from publicly accessible sources.

These personal business contact data will be transferred to the contact database/CRM system

• Title
• First and last name
• Company
• Position
• Company address
• Email address
• web address
• Telephone number
• Mobile phone number
• Fax number

In addition, the time and purpose of the handingover of contact data and, if applicable, further information from business communication are stored, e.g.:

• Line of business
• Appointment details
• History of contacts
• Customer reference number, customer type
  Data on business partners
  Sales related data
  Communication content
• Date of birth, if applicable

The data will be processed exclusively within the context of our business relationship. The data will not be passed on to third parties unless you expressly agree.

Legal basis for data processing
The legal basis for the processing of data processed in the context of the collection and storage of business contact data is Article 6(1)(f) GDPR for members and employees of companies or organizations. We have a legitimate interest in appropriate and effective communication with our customers for the stated purposes.

If the contact is based on pre-contractual measures or aims at the conclusion of a contract with the data subject (e.g. individual companies), Article 6(1)(b) GDPR is the legal basis.

The sending of information, which is generally classified as direct advertising, is carried out on the basis of Art. 6 (1) (f) in conjunction with Recital 47 GDPR.

In case of the user’s consent, the legal basis for processing of the data, is Article 6 (1) (a). GDPR

Joint Controllers

The processing of personal data for the implementation of advocacy projects and related services is carried out by the companies of the EUTOP Group (EUTOP International GmbH, EUTOP Europe GmbH, EUTOP Berlin GmbH, EUTOP Brussels SRL, EUTOP Düsseldorf GmbH, EUTOP Frankfurt GmbH) as joint controllers on the basis of Art. 26 GDPR.
EUTOP International GmbH assumes all obligations of the General Data Protection Regulation and other national data protection laws of the member states as well as other provisions of data protection law. This relates in particular to the exercise of the rights of the data subject and the information obligations pursuant to Articles 13 and 14 GDPR. Irrespective of this, you may assert your rights as a data subject against each of the controllers.

Purpose of data processing
Administration and provision of contacts to individuals, companies, employees of companies or public authorities. The processing of business contact data may be used for one or more of the following purposes. These purposes also constitute the necessary legitimate interest in processing the data.

• Efficient management of copntacts
  Maintenance of contact
• Information exchange/transmission of information material
• Cooperation/ business cooperation
  Analysis of business cooperation
• Prospective future cooperation / business cooperation
• Offer preparation and contract processing
  Optimisation of our services
• Financial statement
• Project management
• Sending of birthday greetings per mail

Purposes with prior consent

•  Transmission of the EUTOP newsletter by email
•  Sending birthday message by email/SMS
• Sending of birthday greetings by email/SMS

Duration of storage
After a period of four years (at the end of each calendar year), the system will check whether additional storage of personal data is required in contact management. Data will be deleted unless they need to be stored longer depending on the purpose. The check is carried out in accordance with the respective purpose.

If you withdraw your consent to the further processing of your contact data, the data will be deleted immediately.

The data will be deleted after four years or objection, if no legal consideration (retention periods, traceability) prevents this. This data is blocked for further processing.

Right to object and right to rectification
You have the possibility of withdrawing your consent to the processing and storage of your personal business contact data. The objection can be made by post, fax or e-mail.

If you have given your consent to the processing of personal business contact data, you have the possibility to withdraw your consent for processing at any time.

In both cases, the data processing is stopped and all personal data stored in the context of contact management will be deleted, unless there are legal reasons to the contrary (retention periods, verifiability). In the lastmentioned case, the data will be blocked.

In case of deletion or blocking of data existing processing for the specified purposes cannot be continued or future contact cannot be established.

Information on your further rights can be found here.