Register of procedures for processing personal data
The German Data Protection Act (BDSG) prescribes that certain details of automated procedures for processing personal data must be made available to anyone in a suitable manner. We maintain a detailed register of procedures for this purpose. We have summarised the following information for you as an initial guide. If you would like more detailed information, please contact our data protection office. This office will be able to tell you whether we have saved data concerning your person and, if so, the nature of these.
Please note: the following disclosures concern the entire scope of personal data processing in our enterprise. Special notes concerning the processing of personal data on our Internet site can be found here.
1. Name and address of the responsible office
Maria Clementine Martin Klosterfrau
Phone: +49 221-1652-0
Fax: +49 221-1652-430
Dr. Stefan Koch
Dr. Jaana Saarteinen-Erben
Dr. Markus Unkauf
3. Head of data processing at the responsible office
Head of the main IT department
4. Contact details of the data protection office
By e-Mail to firstname.lastname@example.org or at the aforesaid postal address
5. Intended purpose of recording, processing or using the data
We distribute and sell pharmaceuticals, cosmetics products and other pharmacy and drug store goods. We process personal data to serve this main purpose. In addition, we process data on behalf of other enterprises, above all companies in the Klosterfrau Group. This is done for their purposes and under their responsibility.
6. Description of the groups of people concerned
We record, process and use data concerning various groups of people. Some typical types of data are stated below:
Name, contact data, bank account details, details of creditworthiness and data on orders, deliveries, terms and payments
Concerning interested parties
Name, contact data, interest in products, data concerning newsletter subscriptions and participation in prize competitions
Concerning contractors and suppliers
Name, contact data, bank account details and data concerning orders, deliveries and services, terms of contract, payments
Name, contact data, position in the organisation, status as employee, pensioner etc., details of wages, salary or pension, data concerning working hours and those derived from work processes, consumption settlements (e.g. from the canteen) as well as other data required to execute the employment relationship.
Name, contact data, position applied for, qualifications, other data from applications, data concerning the course and outcome of the application procedure.
7. Recipients or categories of recipients of the data
Internal recipients of the aforesaid data are our internal departments, insofar as they require these to fulfil the duties in their spheres of responsibility. External recipients receive personal data if this is required by law or if it is necessary to fulfil contractual relationships. Some examples of recipients include social security schemes, tax offices, supervisory authorities, banks, insurers and service providers who process data on our behalf in accordance with § 11 BDSG.
8. Statutory deadlines for the deletion of data
Personal data are deleted once the pertinent retention periods prescribed by law have expired, or if the data are no longer needed for the purposes stated above.
9. Transmission of data to third countries
Data are not transmitted to states outside the European Union or the European Economic Area (third countries).