Information obligations pursuant to Art. 13 and 14 GDPR

We, AZ Direct GmbH, are pleased that you have contacted us and are interested in our company and our range of services. Data protection has top priority at AZ Direct GmbH and is more than a matter of course. As an employer and service provider, we strictly adhere to current legislation.

Data protection for business correspondence

We stand for security and transparency - day after day, in everything we do. We have also developed Data SecureTTP, a patented, unique process that makes data processing even more secure.
As a member of the German Dialog Marketing Association (DDV), we guarantee compliance with data security standards as well as the highest level of professionalism and quality.
The data protection information fulfills the information obligations in accordance with the requirements of Art. 12 ff. of the EU General Data Protection Regulation (hereinafter referred to as “GDPR”) and gives you an overview of the processing of your personal data (hereinafter referred to as “data”).

1. Who is responsible for the processing of my data?

AZ Direct GmbH
Carl-Bertelsmann-Str. 161s
33311 Gütersloh
Germany
Telefon: +49 5241 80-70800
Telefax: +49 5241 80-9317
E-Mail: az(at)bertelsmann.de

is responsible for the processing of your data mentioned below. When reference is made below to “we” or “us”, this always refers to AZ Direct GmbH. We process personal data in accordance with the provisions of the European General Data Protection Regulation (hereinafter referred to as “GDPR”) and the German Federal Data Protection Act (hereinafter referred to as “BDSG”).

You can reach the AZ Direct data protection officer at

AZ Direct GmbH
Data protection officer
Carl-Bertelsmann-Str. 161s
33311 Gütersloh
Germany
Telefon: +49 5241 5274730
Telefax: +49 5241 80-66909
E-Mail: datenschutz(at)az-direct.com

2. What categories of personal data are processed in the process?

We process your “communication data”. By this we mean your address, your telephone numbers, your e-mail address and other communication data in connection with correspondence with you (e.g. e-mails, correspondence).

In addition, information that is necessary for processing the order is stored. This may include, for example, function and affiliation to a company or contract and billing data (e.g. bank details, goods ordered, invoice data). We may also process other data if you provide it to us.

On the other hand, we process data that we have legitimately obtained from publicly accessible sources (e.g. commercial register, press, internet).

3. What is my data processed for (purpose of processing) and on what legal basis?

For contract processing (if you are a contracting party):

We need this data so that we can identify you as a customer, process the order, answer your request, submit an offer and contact you, as well as for invoicing purposes.

The data processing is required in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR for the purposes mentioned for the appropriate processing of your request or for the mutual fulfillment and obligation arising from the contractual relationship.

For the receipt of newsletters (in the case of consent):

The processing of your data is necessary for advertising the goods and/or our services. The legal basis for the processing of data when registering for the newsletter is consent in accordance with Art. 6 para. 1 lit. a GDPR with reference to Section 7 para. 2 no. 3 of the German Act against Unfair Competition (hereinafter referred to as “UWG”).

For business customer advertising

The processing of your data may also be necessary for the advertising of our services. The legal basis for the processing of your data after the purchase of services or in the course of acquisition efforts is our legitimate interest in customer advertising in accordance with Art. 6 para. 1 lit. f GDPR in conjunction with Recital 47 sentence 7.

Furthermore, data may also be processed on the basis of legal requirements (Art. 6 para. 1 lit. c).

4. Do I have an obligation to provide the data?

As part of our business relationship, you must provide the data that is necessary for the commencement and execution of the relationship and for the fulfillment of the contractual obligations associated with it or that we are legally obliged to collect. Without this data, we will generally not be able to correspond with you or conclude or execute the contract with you.

5. Who receives my data?

Within AZ Direct GmbH, those departments that need your data to fulfill the purposes described in section 3 will have access to it. Service providers used by us may also receive access to your data (so-called “processors”, e.g. data centers, service providers for sending newsletters, customer service or accounts receivable management). Contracts for order processing ensure that these service providers are bound by instructions, data security and the confidential handling of your data.

Data is only passed on to other recipients (so-called “third parties”) if this is required by law or if you have given your consent.

If service providers and/or third parties outside the EU or the EEA process your data for the purposes set out in section 4, this may result in your data being transferred to a country in which a level of data protection appropriate to the EU or the EEA cannot be guaranteed. However, such a level of data protection can be ensured with a suitable guarantee. Suitable guarantees include standard contractual clauses provided by the EU Commission. You can request a copy of these guarantees using the contact details provided in section 1. Any guarantees may be waived in exceptional cases if you give your consent or if the transfer to a third country is necessary for the performance of your contract with AZ Direct. The EU Commission has also recognized certain third countries as safe third countries, so that suitable guarantees on our part can also be waived here.

6. Duration of storage or criteria for determining this duration

The data will be stored until the contractual and/or legal obligations have been fulfilled and statutory retention periods do not prevent deletion. It should be noted that our business relationship is generally long-term. If the data is no longer required for the fulfillment of contractual or legal obligations, it must be deleted regularly, unless its temporary further processing is required for the following purposes:

  • Fulfillment of retention periods under commercial and tax law, e.g. according to the German Commercial Code or Fiscal Code. The periods specified there are 2 to 10 years

  • Preservation of evidence within the framework of the statute of limitations (e.g. §§ 195ff. BGB).

7. What rights do I have regarding my data?

You have the right to information about the personal data we have stored about you at any time. If your personal data is incorrect or no longer up to date, you have the right to request that it be corrected. You also have the right to request the deletion or restriction of the processing of your data in accordance with Art. 17 or Art. 18 GDPR. You may also have the right to receive the data you have provided in a commonly used and machine-readable format (right to data portability).

If you have given your consent to the processing of personal data for specific purposes, you can withdraw your consent at any time with effect for the future. The revocation must be addressed to AZ Direct GmbH at the contact address stated in section 1. Consent that you have given on the website can also be revoked using the contact details provided in section 1.

In accordance with Art. 21 GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of your data which is carried out on the legal basis of Art. 6 para. 1 lit. f GDPR. You also have the right to object at any time to the processing of your personal data for the purpose of direct marketing.

You also have the option of contacting a data protection authority and lodging a complaint there. The authority responsible for AZ Direct GmbH is

Landesbeauftragte für Datenschutz und
Informationsfreiheit Nordrhein-Westfalen
Kavalleriestr. 2-4
40213 Düsseldorf
Germany
Telefon:+49 211/38424-0
Fax:+49 211/38424-10
E-Mail: poststelle@ldi.nrw.de

8. What is the source of my data?

The data is provided to us by you directly or by your company. We supplement this data in part with information from publicly accessible sources or with data from other data providers.

9. To what extent is there automated decision-making?

We do not use fully automated decision-making.

10. Does profiling take place?

We do not use profiling.

11. Conclusion/version information

Changes to this data protection notice may become necessary in the course of legal or business developments. We therefore recommend that you re-read this data protection notice from time to time. You can find the current data protection information here:

Status: October 2020