1. Who is the responsible Controller for the Data? Who can I turn to?
Name and address of Data Controller & Data Protection Officer:
Company Check Ltd
Caspian Point One,
Contact: submit a ticket
2. Which categories of Data does Company Check process for which purposes?
We process the following categories of data on customers and suppliers: Company name, legal form, business address, legal representatives and contact persons (name, given name, e-mail address and phone / fax numbers) as well as invoicing data.
We store and process such data as far as necessary
- to prepare and execute a contract (including customer relationship management);
- for billing purposes and
- to offer you as a customer any other services that may be of interest to you, unless you have objected to the use of your data for marketing purposes.
3. Where does the data originate from?
The information we process has either been collected directly from the customer/supplier and the respective contacts at the customer / supplier or via publicly available information sources such as commercial registers or the website of the customer/ supplier.
4. What is the legal basis for processing the data?
The legal basis for the processing of personal data is the General Data Protection Regulation, in particular
- Art. 6 (1) (b) GDPR, which permits processing for purposes of entering into and performance under a contract, and
- Art. 6 (1) (f) GDPR, which permits processing for the protection of our legitimate interests, unless there is an outweighing interest of the natural person concerned which prohibits such processing.
In addition, personal data is also processed by us on the basis of the consent given by the relevant data subjects. You can revoke your consent at any time. This has no retroactive effect. However, due to your revoked consent we are then no longer allowed to process your data. The other regulations permitting data processing (Art. 6 (1) (b) GDPR, Art. 6 (1) (f) GDPR) remain unaffected.
5. Who do we share your data with? Where is personal data stored?
We share personal identifiable information with recipients within the Company Check group who need to know this information to perform their functions and obligations as well as other third parties which process the data on our behalf as a service provider bound by contracts pursuant to data protection law or to whom Company Check has to pass on information to fulfill statutory obligations.
Personal data is stored on Company Check servers within the EU.
6. Is data transferred to a recipient outside of the European Union or the European Economic Area (i.e. a so-called third country) or an inter¬national organisation?
Personal data from customers / suppliers will only be transferred to recipients in third countries to the extent necessary for the execution of the contract.
7. How long does Company Check keep the data?
We store personal data only for as long as necessary to achieve the purposes described above and delete the data thereafter but in any event upon expiration of the relevant statutory retention periods.
8. What are my rights as a Data Subject? Where can I raise a complaint?
According to Art. 15 GDPR you have the right to obtain information regarding all data we stored about you.
In the event that you discover outdated or incorrect information about yourself, you have the right in accordance with Art. 16 GDPR to have it updated and corrected by us at any time.
Furthermore, in accordance with Art. 17 GDPR, you may also have the right to have your personal data deleted provided that we have no right or authority for the continued processing of the data.
Finally, under the conditions set out in Art. 18 GDPR, you have the right to restrict processing of your personal data.
Please direct any inquiries for information about the data we store about you, their rectification, deletion or restriction of processing, to the contact address mentioned in point 1.
In addition, you may require that you obtain the information you provided to us in a structured, common and machine-readable format, or that this information should transmitted to a third party.
In addition, you are entitled to the right of objection pursuant to Art. 21 GDPR. Please see the separate information box below.
In addition, you can contact our supervisory authority, the Information Commissioners Office https://ico.org.uk/global/contact-us/.
9. Do I have an obligation to share or update data?
You do not have to give us any data. However, as long as we have a contract or a pre-contractual relationship, we are entitled to process your data for the contract for the aforementioned use purposes (see above under 2. 'Which categories of Data does Company Check process for which purposes?' and under 4. 'What is the legal basis for processing the data?').
10. Is my data used for any automated decision making?
As a matter of principle we do not use any customer / supplier data for automated decision making in the meaning of Art. 22 GDPR.
11. Is my data used for Profiling and/or Scoring?
Right to object according to Art GDPR:
1. Right to object on grounds relating to the particular situation:
According to Art. 21 (1) GDPR you have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data.
If you object we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms (e.g. to assert or defend ourselves against legal claims)
2. Right to object against marketing:
In addition, pursuant to Art. 21 (2) DS-GVO, you may also object against the use of your data for direct marketing purposes. In this case, we will no longer use your personal information for advertising purposes.
An objection does not require a particular form and should be directed to the address stipulated in paragraph 1.