Data protection information for suppliers
according to Art. 13, 14 and 21 of the General Data Protection Regulation DSGVO

 Data protection is an important concern for us. Below we inform you how we process your data and what rights you have.

1. who is responsible for data processing and who can you contact?

Fluitronics GmbH
Managing Director: Torsten Nickel, Lidong Peng
Europark Fichtenhain B2
47807 Krefeld
Phone: +49 (0) 2151 4589-0
Fax: +49 (0) 2151 4589-9

2. contact details of the data protection officer


3. processing purposes and legal basis

Your personal data will be processed in accordance with the provisions of the General Data Protection Regulation (DSGVO), the Federal Data Protection Act BDSG and other relevant data protection regulations. The processing and use of individual data depends on the agreed or requested service. You can find further details and additions to the processing purposes in our contract documents, forms, consent forms and the other information provided to you (e.g. the website).
3.1 Consent (Art. 6 para. 1 letter a DSGVO).
If you have given us consent to process personal data, the respective consent is the legal basis for the processing mentioned therein. You can revoke consent at any time with effect for the future.
3.2 Fulfillment of contractual obligations (Art. 6 para. 1 letter b DSGVO).
We process your personal data for the performance of our contracts with you, in particular in the context of our order processing and service utilization. Furthermore, your personal data is processed for the implementation of measures and activities in the context of pre-contractual relationships.
3.3 Fulfillment of legal obligations (Art. 6 para. 1 c DSGVO).
We process your personal data if this is necessary for the fulfillment of legal obligations (e.g. commercial, tax laws).
Furthermore, we process your data, if necessary, for the fulfillment of control and reporting obligations under tax law as well as the archiving of data for purposes of data protection and data security as well as audits by tax and other authorities. In addition, the disclosure of personal data may be necessary in the context of official/court measures for the purposes of gathering evidence, criminal prosecution or enforcement of civil claims.
3.4 Legitimate interest of us or third parties (Art. 6 para. 1 f DSGVO).
We may also use your personal data on the basis of a balance of interests to protect the legitimate interest of us or third parties. This is done for the following purposes:
  • for advertising or market research, if you have not objected to the use of your data.
  • for obtaining information and exchanging data with credit agencies, if this exceeds our economic risk.
  • for the limited storage of your data, if deletion is not possible or only possible with disproportionate effort due to the special nature of the storage.
  • for the disclosure of personal data in the context of due diligence, e.g. in the case of company sales.
  • for the enrichment of our data by using or researching publicly available data.
  • for statistical evaluations or for market analyses.
  • for benchmarking.
  • for the assertion of legal claims and defense in legal disputes that are not directly related to the contractual relationship.
  • for internal and external investigations and/or security audits.
  • for certifications of private law or official matters.
  • for securing and exercising our domiciliary rights through appropriate measures (e.g. video surveillance).
4. categories of personal data processed by us.
The following data are processed:
  • Personal data (name, date of birth, marital status, profession/industry, position in the company, and comparable data).
  • Contact data (company address and department affiliation, e-mail address, telephone number and comparable data)
  • supplier history
We also process personal data from public sources (e.g. Internet, media, press, commercial and association registers, civil registers, debtors' registers, land registers). If necessary for the provision of our services, we process personal data that we have lawfully received from third parties (e.g. address publishers, credit agencies).

5. who receives your data?

We pass on your personal data within our company to the areas that need this data to fulfill contractual and legal obligations or to implement our legitimate interest.
In addition, the following entities may receive your data:
  • Order processors used by us (Art. 28 DS-GVO), service providers for supporting activities and other responsible parties within the meaning of the DS-GVO, in particular in the areas of IT services, logistics, courier services, printing services, external data centers, support/maintenance of IT applications, archiving, document processing, accounting and controlling, data destruction, purchasing/procurement, customer management, letter stores, marketing, telephony, website management, tax consulting, auditing services, credit institutions.
  • Public bodies and institutions in the event of a legal or official obligation requiring us to provide information, report or pass on data, or if the passing on of data is in the public interest.
  • bodies and institutions on the basis of our legitimate interest or the legitimate interest of the third party for the purposes mentioned in section 3.4 (e.g. to authorities, credit agencies, debt collection, lawyers, courts, appraisers, companies belonging to the group and committees and supervisory bodies);
  • other bodies for which you have given us your consent to the transfer of data.

6. transfer of your data to a third country or to an international organization.

A transfer of data to bodies in countries outside the European Union (EU) or the European Economic Area (EEA), so-called third countries, takes place if it is necessary for the execution of an order/contract from or with you, it is required by law (e.g. tax reporting obligations), it is within the scope of a legitimate interest of us or a third party (e.g. group matters).
In this context, the processing of your data in a third country may also be carried out in connection with the involvement of service providers as part of commissioned processing. We will provide you with corresponding detailed information upon request.

7. how long do we store your data?

As far as necessary, we process your personal data for the duration of our business relationship, this also includes the initiation and execution of a contract.
In addition, we are subject to various storage and documentation obligations, which result, among other things, from the German Commercial Code (HGB) and the German Fiscal Code (AO) as well as industry-specific certification requirements. The periods specified there for storage and documentation are up to fifteen years beyond the end of the business relationship or the pre-contractual legal relationship. Ultimately, the storage period is also assessed according to the statutory limitation periods, which, for example, according to §§ 195 et seq. of the German Civil Code (BGB), are generally three years, but in certain cases can be up to thirty years.

8. To what extent is there automated decision-making in individual cases

    (including profiling)?
We do not use any purely automated decision-making procedures pursuant to Article 22 DSGVO. Should we use these procedures in individual cases, we will inform you about this separately, provided this is required by law.

9. your data protection rights

You have the right to information according to Article 15 DSGVO, the right to rectification according to Article 16 DSGVO, the right to erasure according to Article 17 DSGVO, the right to restriction of processing according to Article 18 DSGVO and the right to data portability from Article 20 DSGVO. In addition, there is a right of appeal to a data protection supervisory authority (Art. 77 DSGVO). In principle, the right to object to the processing of personal data by us exists under Article 21 DSGVO. However, this right of objection only applies in the case of very special circumstances of your personal situation, whereby rights of our company may possibly conflict with your right of objection. If you wish to exercise one of these rights, please contact our data protection officer (

10. scope of your obligations to provide us with your data

You only need to provide us with the data that is required for the establishment and implementation of a business relationship or for a pre-contractual relationship with us, or which we are legally obliged to collect. Without this data, we will generally not be able to conclude or execute the contract. This may also refer to data required later in the course of the business relationship. If we request additional data from you, you will be informed separately of the voluntary nature of the information.

11. Information about your right of objection Art 21 DSGVO

You have the right to object at any time to the processing of your data that is carried out on the basis of Art. 6(1)(f) DSGVO (data processing on the basis of a balance of interests) or Art. 6(1)(e) DSGVO (data processing in the public interest), if there are grounds for doing so that arise from your particular situation. This also applies to profiling based on this provision within the meaning of Art. 4 No. 4 DSGVO.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
The objection can be made informally to the address listed under point1.

12. your right to complain to the competent supervisory authority

You have a right of appeal to the data protection supervisory authority (Art. 77 DSGVO). The supervisory authority responsible for us is:
State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia.
Kavalleriestr. 2-4
40213 Düsseldorf
Telephone: 0211/38424-0
Fax: 0211/38424-10