nFrames Business contact
This is the right place for you if you are a business contact of nFrames and would like some further information about your case.
1. Purpose of data collection, processing or use
Your personal data will be processed in accordance with the provisions of the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and other relevant data protection regulations. Our contractual documents, forms, declarations of consent and other information provided to you (e.g. on the website) contain further details and additions for processing purposes. Excluding applicants and employees, the processing and use of the individual data depends on the agreed or requested service.
Contact maintenance. So that we can contact you for business purposes.
2. Legal basis for processing (Art. 6 GDPR)
Depending on the phase of our contact, different legal bases are conceivable:
• Implementation (also) of pre-contractual measures, which take place at the request of the data subject.
• The person concerned consents voluntarily. This is the case through a declaration of intent.
• The processing is necessary to fulfil contractual obligations (e.g. for services of nFrames).
• If necessary, also the protection of the legitimate interests of the nFrames
nFrames fundamentally observes the rules of data avoidance and data economy regarding the intended purposes of processing, considering the legitimate interests of the data subjects.
3. Description of the groups of persons concerned and the relevant data or data categories
Affected group of persons: Business contacts of nFrames; e.g. contact persons of customers, service providers, partners.
Data protection information for customers and interested parties as well as suppliers and service providers according to Articles 13, 14 and 21 of the General Data Protection Regulation (GDPR).
Data protection information for employees according to Art. 13 and Art.14 of the General Data Protection Regulation (GDPR). Concerning the employees, they will be provided with an information sheet attached to the employee contract.
Usual and necessary contact details (name, first name, title, company affiliation, department, telephone number, e-mail address, if applicable). Transaction data such as history entries can be linked to these contacts as proof and information basis for meetings, for example.
4. Recipients or categories of recipients to whom the data may be communicated
All employees who are authorized internally to perform the specific tasks. In the case of payment transactions, credit institutions receive the necessary information. External contractors as subcontractors within the meaning of § 11 BDSG (commissioned data processing) or Art. 28 GDPR. As a rule, access to personal data is not the purpose of the order but cannot be excluded.
5. Storage period or standard periods for the deletion of data
The legislator has enacted a variety of storage obligations and periods. After expiry of these periods, the corresponding data is routinely deleted if it is no longer necessary to fulfil the contract. Thus, in accordance with legal regulations, the commercial or financial data of a closed financial year is deleted after a further ten years, unless longer retention periods are prescribed or required for legitimate reasons. If data are not affected by this, they are deleted when the purposes for which they were stored cease to apply. Contacts of persons known to be retired in their companies are deactivated and no longer appear in normal searches.