European B2B Privacy Information

DB Composites Limited (“DBC”) has created this Privacy Information in order to inform our business partners about the data processing in the course of a business relationship with DBC. For further Information regarding data privacy please visit European B2B Privacy Information.

Who is the controller of the personal data that are being processed?

DBC is the controller. You can directly contact DBC’s Data Protection Officers by sending an email to: support@dbcomposites.com

What personal data are processed?

Typically, the personal data processed by us in the course of your business relationship includes, but is not limited to:

Personal data such as title, name, customer /supplier reference number, contact details (telephone number, E-mail address)

Order and contract details for the fulfilment of our contractual obligation (turnover and invoice data), banking details and payment terms;

Authentication data such as ID data and VAT No.; if necessary, data concerning the beneficial owner; order number, invoice number and delivery number;

Data in relation to business transactions such as order details, delivery quantity, sales figures and complaints;

Credit rating data (such as credit score) in order to determine your creditworthiness;

Publicly available business data such as UID number, business purposes, industrial sector, and
ownership structure;

Data in relation to legal and regulatory compliance and audit requirements;

Documentation such as project records, conversation and consultation protocols; and

Advertising and sales data including data from customer loyalty programs and statements from customer surveys.
DBC does not generally process sensitive personal data, but may do so occasionally, if legally required or if needed to secure the personal safety or security of a data subject, DBC personnel, DBC premises, or in the public interest.

For what purpose is the data processed?

We process your data for the following purposes:

Initiation and handling of a business relationship;

Replying to requests, tenders, and notifications;

Complaint management and handling of complaints;

Fulfillment and invoicing of contractual obligations:

Verification of the accuracy of the data processed by DBC;

Contractual performance via customer and supplier portals;

Conduct of compliance audits and investigations;

Fulfillment of legal obligations;

Operation, administration, analysis and refinements of our websites;

Providing DBC services such as supplier and customer portals;

Direct marketing, including the provision of product information, the mailing of newsletters and event invitations and the organization of events; and

Performing voluntary customer surveys and sweepstakes;

On which legal basis is your data processed?

We process your personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR):

Within the scope of your consent (Art 6 (1) (a) GDPR):

In the context of consent to the processing of your personal data, processing will take place only in accordance with the purposes set out in the declaration of consent and to the extent agreed therein. This applies if no other legal basis is applicable to the process.

For the fulfilment of contractual obligations (Art 6 (1) (b) GDPR):

Personal data is processed in order to perform our contractual obligations with you. This particularly includes the above-mentioned contract data, including data for documentation and billing, as well as communication data necessary for contract performance.

For the fulfilment of legal obligations (Art. 6 (1) (c) GDPR):

Personal data may be processed for the purpose of fulfilling various legal obligations such as the preparation of annual accounts, the compliance with fiscal obligations as well as inspections by the authorities.

For the protection of legitimate interests (Art 6 (1) (f) GDPR):

If necessary, within the framework of balancing of interests of DBC or a third party, data may be processed, by us or by third parties, beyond the actual fulfilment of the contract, in order to safeguard legitimate interests. In the following cases, data is processed to safeguard legitimate interests:

Data exchange with credit agencies in order to identify creditworthiness;

Examination and optimization of procedures for analyzing needs;

Advancement of our product range;

Direct customer approach procedures;

Market and opinion research;

Enforcement of legal claims;

Customer satisfaction surveys;

Processing of damages claims.

Who will receive data?

We transfer your data if necessary to the following entities:

DBC and its affiliates;

External service providers and partners such as IT service providers, financial service providers, insurance companies, business and legal consultants;

Public authorities such as tax authorities, regulatory authorities, security authorities or courts

Potential buyers and interested parties (in the case of supplier data)

Other persons, provided you give your consent to the transfer

How long will my data be stored?

The above listed categories of personal data are stored for the period of the contractual relationship and for statutory periods as provided for in the applicable laws. As far as the processing of collected personal data is necessary for accounting, controlling or tax purposes, the storage period is defined in accordance with the legal requirements. Processing activities based on your consent are conducted until consent is withdrawn. If there is no further legal basis for the storage of personal data, we ensure its erasure and anonymization so that they can no longer be accessed for processing.