Public index of procedures in accordance with § 4g, para. II, clause 1 in conjunction with § 4e, clause 1, No. 1-8 - Federal Data Protection Act (BDSG) - Status 01.01.2007
The BDSG stipulates in § 4 g that the following data are to be disclosed by the data protection representative to any third party using suitable methods.
1. Name or company of the applicable agency
EschmannStahl GmbH & Co. KG for all Eschmann Group companies
2.1 Proprietors, boards of directors, managing directors or other heads appointed under the company?s constitution
Managing directors Bernd Vogel and Bernd Wagner
2.2 Persons engaged to head data process operations
Klaus Schlagheck, p.p
3. Address of the applicable agency
Dieringhauser Str. 161 - 18351645 Gummersbach, Germany
4. Purpose of acquiring, processing or using data
Sale or raw steel; prefabrication of steel; surface treatment of steel
5. Affected groups and related data or data categories
The personal data and/or data categories stated below on the following groups are acquired, processed and used for fulfilling the purposes stated under 4:
- Customer/supplier: address data, contact coordinates incl. phone, fax and email data, contractual data; billing and payment data
- Potential customers/non-customers: address data, quotation data,
- Employees, field workers, candidates, trainees, apprentices, retireers, former employees and dependents: essentially application data; data on professional career, education and qualification; contractual, master and billing data (data on private and business address, sphere of activity, salary, name and age of dependents where relevant for welfare payments, wage tax data, bank account details, asset items entrusted to the employee; contact information; employee status; qualifications; performance appraisals; professional career; data on personal administration and control; timekeeping data and access control data; schedule management data; data for communication and for processing and monitoring transactions and for technical systems; emergency contact data on persons selected by the employee, who are to be contacted in an emergency;
- Agent: address, business and contract data; contact information, data
- Advisory board members/member representatives/interest group representatives/press representatives: address, contact coordinates; schedule management data; participation and/or task-related information; bank account details where applicable; billing and payment data
- Tenants: address data, bank account details, contract data; schedule management data; billing and payment data
- Points of contact in the aforementioned groups
- Non-assignable groups of persons: Video recordings
Under commercial law, business letters and recordings of meetings relating to the aforementioned group of persons can be stored for documentation and evidence purposes.
6. Recipients or categories of recipients to whom the data can be communicated
- Public agencies that receive data on the basis of legal regulations (e.g. social insurance agencies, financial authorities, supervisory authorities)
- Internal agencies involved in the execution of business processes (essentially: personnel management, bookkeeping, accounting, purchasing, marketing, auditing, sales, telecommunications and IT)
- External contractors (service providers) as defined by § 11 BDSG
- Other external agencies such as banks (salary payments), affiliated companies insofar as the affected party has provided their written consent or communication is permitted due to a largely justified interest.
7. Fixed terms for the deletion of data
The legislators have adopted a host of retention obligations and terms. At the end of these terms, the data concerned are routinely deleted if no longer required to fulfil contractual purposes. Hence, the commercial or financial data for a past business year are, by law, deleted after 10 years unless any longer periods of retention are specified or justified reasons exist. Shorter deletion periods are used in certain areas (e.g. in personnel management for declined applications or warnings etc.) Data thus unaffected will be deleted if they fall under the purposes stated in 5.
8. Planned data transfer outside of the EU
Data are transferred outside of the EU only for the contractual fulfilment of essential communication purposes and for the exclusions stipulated in the BDSG. Otherwise, no data are transferred outside of the EU; neither is any such transfer planned.
EschmannStahl GmbH & Co. KG
Data Protection Representative