The European General Data Protection Regulation (GDPR) came into force immediately on 25 May 2018.
The following information concerns the processing of your personal data.
Data is personal if it can be assigned to a natural person. Processing refers mainly to when the data is collected, stored, used, transmitted, made available or deleted.
Protecting your privacy is important to us when processing your personal data. The following provides information on how we handle your data. We also provide information about your rights and how you can contact us.
This information applies to all persons with whom the German Social Insurance Working Group Europe e.V. or its liaison office in Brussels (European Representation of the German Social Insurance) works or is in contact. This includes contact persons at the European institutions, authorities, associations, members, contractual partners, service providers etc.
I. Who is responsible for data processing? Who are your contact persons?
The responsible body is
The German Social Insurance Working Group Europe e.V.
c/o Deutsche Rentenversicherung Bund, GB 0300
You can find more information on the German Social Insurance Working Group Europe e.V., including authorised representatives, in our Legal Notice.
II. What is the purpose of processing data?
We only process your data for the purpose for which we received it. This is usually to contact you about working together and other business dealings, about the Association’s business, and as part of work as representative for the interests of the umbrella associations of Germany’s social security system (for example, invitation to events, general information).
Data processing for other purposes is only considered if the legal requirements stipulated in Article 6(4) of the GDPR apply. We will meet any information obligations pursuant to Article 13(3) and Article 14(4) of the GDPR.
III. What is the legal basis for collecting and processing your data?
Data processing is permitted if a legal regulation allows it or if the person whose data is to be processed consents to the use of their data.
- to fulfil a contract to which you are party (Article 6(1)(b) and 6(2) GDPR).
- to comply with legal obligations to which the German Social Insurance Working Group Europe e.V. is subject (Article 6(1)(c) and 6(2) GDPR).
- on the basis of legitimate interests (Article 6(1)(f) and 6(2) GDPR). Our legitimate interest lies in processing personal data for the purposes set out in Article 6(2).
2) Consent: (Article 6(1)(a) and Article 9(2)(a) GDPR). In this case, you have the right to withdraw consent (see IX).
IV. What categories of personal data are processed?
Only personal data that is required in individual cases will be processed:
- personal information such as name of your organisation, first name, last name and role.
- contact data such as address, telephone number and email address.
- if applicable, settlement data (bank details, etc).
V. Who has access to your data?
Our work processes are organised in such a way that only employees and other people working in the European Representation of the German Social Insurance have access to your personal data if they need it to fulfil a task.
We only transmit your personal data to third parties outside of the German Social Insurance Working Group Europe e.V. or its liaison office in Brussels (European Representation of the German Social Insurance) if there is a legal obligation or authorisation (for example, legitimate interests) or you have given us consent.
Recipients of your personal data outside the German Social Insurance Working Group Europa e.V. or its liaison office in Brussels (European Representation of the German Social Insurance) are mainly employees of our member associations, in the event that this necessary for cooperation (e.g. working groups).
It may also be that your data is passed on to our service providers or cooperation partners, for example our event coordinators. In these cases, we have privacy agreements in place to ensure your privacy.
VI. Is your data transmitted to a third country or international organisation?
Your data is not transmitted to a country outside of the European Union or to a country without an adequate level of data protection or to an international organisation.
VII. How long is your data stored?
We must store your personal data for as long as we need it to contact you, to fulfil our contract or to fulfil our duties, including storage requirements. The storage period depends on various factors. Examples of legal storage periods are 6 or 10 years for billing data.
We regularly check whether the contact data stored by us is up-to-date and still needed. If this is not the case, it will be deleted (especially as part of our central address management system).
VIII. What are your data protection rights?
You have different rights under the GDPR.
You always have the right to know about personal data concerning you and which we process.
If the data concerning you is no longer applicable, you have the right to correct it. Similarly, you have the right to complete any incomplete data.
In addition, you have a right to have your personal data erased. However, this right depends on whether the data to be erased is still needed by us to fulfil our contractual or legal obligations.
If erasure is not possible due to the special way it is stored, you have the right to request that processing of your personal data be restricted.
In addition, you have a right to object (Article 21 GDPR) if the data processing takes place on the basis of legitimate interests (Article 6(1)(f) GDPR). In this case, we no longer process your personal data unless there are compelling legitimate reasons on our part that outweigh your interests, rights and freedoms, or the processing is for establishing, exercising or defending legal claims.
IX. Right to withdraw consent
In the event that data processing is based on your consent, you have the right to withdraw this consent at any time. Please note that withdrawal has no retroactive effect, that is, data processing remains legal until consent is withdrawn. You can withdraw consent via e-mail at: firstname.lastname@example.org.
X. Right to lodge a complaint
If you believe that your rights have been infringed by processing your personal data, you have the right to complain to a supervisory authority in accordance with Article 77 GDPR. Generally speaking, you can contact the supervisory authority in your usual place of residence or work as well as our registered office.
If you have any questions or require further information, you are welcome to contact us at: email@example.com.