Thank you very much for your interest in BeA GmbH (hereinafter referred to as "BeA" or we/us/our). Data protection is of great importance to our management. Accordingly, the protection of your privacy in the processing of personal data and the use of our webpages is a particularly important concern.
The use of our website is generally possible without providing personal information. If you make use of special services of our company via our website or wish to contact us, it may be necessary to process personal data. If the processing of personal data is necessary and there is no prior legal basis for such processing, the data subject generally must consent to our processing their data.
The processing of personal data (such as the name, address, email address or telephone number of a data subject) is always in accordance with the EU General Data Protection Regulation (GDPR) and in accordance with other data protection rules applicable in Germany.
1. Contact details of the data controller
The data controller as defined in GDPR and national data protection regulations is:
Dr. Jörg Dalhöfer
HR: Lübeck HRB 21320HL
St.-Nr.: 30/293 80 781
VAT-ID: DE 342/809/873
WEEE-Reg.-Nr.: DE 94007702
2. Contact details of the data protection officer
The data protection officer at BeA is
Contact person: Daniel Nyhof LL.M., LL.B.
23843 Bad Oldesloe, Germany
3. Website use, collection of general data and information
The BeA website collects a series of general data and information every time a person or an automated system accesses the website. This general data and information is stored in the log files of the server.
This data includes the name of the requested website, file, date and time of access, amount of data transferred, notification of successful retrieval, browser type along with version, the operating system of the user, referrer URL (previously visited), IP address and the requesting provider, as well as other similar data and information used to avert danger in the event of attacks on our information technology systems.
This general data and information does not allow BeA to draw any conclusions about the data subject. Rather, this information is required in order to deliver the contents of our website correctly, to optimize the content of our website, to ensure the long-term operability of our information technology systems and the technology behind our website, and to provide law enforcement agencies with the information they need to investigate and prosecute cyber attacks. This anonymously collected data and information is therefore evaluated by it statistically with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal level of protection for the personal data processed by us. The data of the server log files is stored separately from all personal data provided by a data subject.
By means of a cookie, the information and offers on our website can be optimized for the user. Cookies enable us to recognize the users of our website pseudonymously. The purpose of this recognition is to make it easier for users to use our website and to save technical settings. The data subject can prevent cookies being set by our website at any time by using an appropriate setting of the browser used and thus permanently object to cookies being set. Furthermore, cookies that have already been set can be deleted at any time using an Internet browser or other software programs. This is possible in all common internet browsers. If the data subject deactivates the setting of cookies on the Internet browser used, not all functions of our website may be fully usable.
Other cookies used by BeA help make the site user-friendly and are deleted when the browser session is closed (session cookies).
3.2. Use of Google Analytics
Our web pages use Google Analytics, a web analytics service provided by Google, Inc. ("Google"). This use on the basis of Art. 6 para. 1 lit. f) GDPR and §15 para. 3 of the German Telemedia Act (TMG) is in our legitimate interest in analysing, optimising, and operating our online present economically. Google Analytics uses "cookies," text files that are stored on your computer and enable an analysis of how you use the website. The information generated by the cookie regarding your use of the website, such as
is generally transmitted to a Google server in the USA and stored there. The IP address transmitted by your browser as part of Google Analytics is not associated with other data by Google. We have also added the "anonymizeIP" code to the Google Analytics used on this website. As a result, your IP address will be truncated by Google within the member states of the European Union or European Economic Area. Only in exceptional cases will the entire IP address be transmitted to a Google server in the USA and truncated there.
On our behalf, Google will use this information to evaluate your use of the website, to compile reports on website activities, and to provide us with other services relating to website and internet use. You can refuse the storage of cookies by selecting the appropriate settings on your browser; however, please be advised that in this case, you may not be able to use all the features of this website.
You can also prevent the data generated by cookies regarding your website use (incl. your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout. As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking this link: Disable tracking. This sets an opt-out cookie which prevents any future collection of your data when visiting this website. The opt-out cookie applies only in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.
3.3. Integration of third-party services and content
On the basis of our legitimate interests (i.e. interest in the analysis, optimisation, and economic operation of our website within the meaning of Art. 6 para. 1 lit f. GDPR, we include content or service offerings of third parties such as videos, navigation services, or fonts (hereinafter uniformly referred to as "content").
You should assume that the third-party providers of this content can see your IP address, since without the IP address they would not be able to send the content to your browser. Your IP address is therefore necessary to display this content. We strive only to use content from providers who use the IP address to deliver content, and for nothing else. Third-party providers may also use "pixel tags" (invisible graphics, also known as "web beacons") for statistical or marketing purposes. "Pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may include technical information about the browser and operating system, referring websites, visiting time, and other information about the use of our website. It may also be linked to such information from other sources.
4. Contractual relationships, regulations regarding disclosure of data
Within BeA, those offices, departments, and employees as well as affiliated companies of the BeA Group receive personal data (e.g. your name, address, billing address, telephone number, email address, etc.) as needed to fulfil our contractual and legal obligations. Third-party data processors we have hired (Art. 28 GDPR) may also receive data for these purposes. These include companies providing IT services , technical services, logistics, printing services, telecommunications, collections, consulting, and sales/marketing services. In addition, data may be disclosed to external persons (e.g. lawyers) if this is necessary to enforce our legal interests.
Data will only be disclosed to other recipients outside BeA if required by law or you have given your consent. Under these conditions, recipients of personal data may be public authorities and institutions (supervisory authorities, tax authorities, social insurance companies) if a legal or official obligation exists or any other recipient we indicated when asking your consent.
BeA will also transfer data to third countries or international organisations within the framework described above (e.g. Google) or if customers are located in third countries and this is necessary for us to process the contracts; the legal basis is Art. 6 para. 1 lit. b) and Art. 44, 49 GDPR.
5. Data categories and legal bases for processing
The categories of personal data collected include the following:
5.1. Master data and contract data:
Master and contract data includes all data collected to establish, arrange, design, change, or terminate a contractual relationship and the services it covers. This includes the name, address, billing address, telephone and fax number(s), start of contract, if applicable the bank details for the purpose of direct debiting, email address, powers of attorney, contact details of authorised representatives, complaints submitted, etc. The processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR.
You are hereby informed that BeA may use the data legally collected within the scope of an existing customer relationship for the purpose of direct mail advertising of its own offers unless you have expressly objected to the same. When collecting or storing the data for the first time and each time an advertising message is sent to the customer's address, BeA will clearly remind you that you can object to the sending of further messages by sending written notice to BeA at any time. The processing is carried out on the basis of Art. 6 para. 1 lit. f) GDPR.
5.2. Billing data
BeA collects and processes billing data (in particular product data, delivery data, quantities) arising within the scope of the respective contractual relationship. The use of the data essentially serves billing purposes; in particular, the data is processed further for invoicing and dispatching as well as collections, payment processing, and reminders. The processing is carried out on the basis of Art. 6 para. 1 lit. GDPR.
5.3. Other processing and storage obligations:
In addition, data must be partially restricted in the processing and archived in the context of legal fiscal and commercial storage obligations. The processing is carried out on the basis of Art. 6 para. 1 lit. c GDPR.
5.4. We also process your data beyond the actual fulfilment of the contract in order to protect our legitimate interests or those of third parties.
Examples: Examination and optimisation of procedures for needs analysis and direct customer approach; advertising or market and opinion research, provided that they have not objected to the use of your data; assertion of legal claims and defence in legal disputes; guarantee of IT security and IT operation; measures for business management and further development of services and products.
The processing is carried out on the basis of Art. 6 para. 1 lit. f) GDPR.
When you contact BeA (e.g. via the contact form or e-mail), your data from the contact form including the contact details you provide (mandatory and voluntary data are marked accordingly on the respective form) will be processed by us for the purpose of processing the enquiry and in the event of follow-up questions. On completion of the inquiry/resulting contract, your data will be blocked from further use unless you are one of our customers or statutory requirements dictate otherwise.
No further processing or use of your data for other purposes will take nor will we disclose it without your consent. The processing is carried out on the basis of Art. 6 para. 1 lit. a), b) or f) GDPR.
7. Privacy for job applicants
BeA collects and processes the personal data of job applicants. Processing may also be carried out electronically. This is particularly the case if an applicant sends the relevant application documents to us electronically, for example by email. If an employment relationship is established with an applicant, the data will be further processed and stored for the purpose of processing the employment relationship in compliance with the statutory provisions.
The processing is carried out on the basis of Art. 6 para. 1 lit. b) GDPR in conjunction with §26 of the Federal Data Protection Act (BDSG).
If no employment relationship is established, the application documents will be deleted six months after notification of that decision, unless some other legitimate interest prevents its deletion. Other legitimate interests in this sense include retaining evidence for use in proceedings under the German General Equal Treatment Act (AGG).
The processing is carried out on the basis of Art. 6 para. 1 lit. f) GDPR.
8. Routine deletion and blocking of personal data
BeA processes and stores personal data of the data subject only for the period of time necessary to achieve the storage purpose or as provided for by European or national law to which BeA is subject.
If necessary, we process and store your personal data for the duration of our business relationship, which also includes, for example, the initiation and processing of a contract.
In addition, we are subject to various retention and documentation obligations on the basis of the German Commercial Code (HGB) and the Tax Code (AO). The time limits for storage and documentation specified there are up to ten years.
Finally, the retention period is also assessed according to the statutory limitation periods, which, for example, according to Art. 195 ff. of the German Civil Code (BGB) may, as a rule, be three years, but in certain cases also up to thirty years.
If the storage purpose no longer applies or if a storage period prescribed by European or national legislation expires, the processing of personal data shall be restricted or deleted routinely and in accordance with the statutory provisions.
9. Rights of the data subject
You may exercise the following rights at any time:
Right to object: If we process data to safeguard our legitimate interests, you have the right to object to this processing at any time for reasons arising from your particular situation. This includes in particular the right to object to processing for advertising purposes. Any objection will only have future effect. The right to information and the right to cancellation are subject to the restrictions set out in §§34 and 35 BDSG (New Version). In addition, there is a right of appeal to a data protection supervisory authority per Art. 77 GDPR and §19 BDSG (New Version).
To exercise your rights, you can contact our data protection officer or BeA at any time.
10. Security of processing the data
BeA implements technical and organizational security measures in accordance with Art. 32 GDPR to protect your personal data against destruction, loss, or alteration, whether accidental or unlawful, or unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed. This includes in particular the encryption of website access by means of common and state-of-the-art procedures.
In addition, BeA has implemented a procedure for the regular review, analysis, and evaluation of the effectiveness of the technical and organizational measures taken in order to be able to continuously improve our security measures in line with technological developments.
11. Scope of information per Art. 13 and 14 GDPR
Our website pages may contain links to other websites. As BeA has no influence on the content, design, or application of data protection regulations by these third-party providers, we recommend that you inform yourself about the applicable guidelines when visiting their websites.