We process our customers’ data as part of our contractual services, which include conceptual and strategic consulting, campaign planning, software and design development/consulting or maintenance, execution of campaigns and processes/handling, server administration, data analysis/consultancy services, and training services.
This involves us processing inventory data (e.g. basic customer data, such as names or addresses), contact data (e.g. email, telephone numbers), content data (e.g. text, photographs, videos), contractual data (e.g. contract subject, term), payment data (e.g. bank details, payment history), and usage data & metadata (e.g. as part of analysing and rating the success of marketing measures). We do not generally process special categories of personal data unless this is part of contractual processing. The data subjects include our customers, interested parties and their customers, users, website visitors or staff and third parties. The purpose of the processing is to render contractual services, bill these services, and provide customer service. The legal basis for the processing is Art. 6 Para. 1 b GDPR (contractual services), and Art. 6 Para. 1 f GDPR (analysis, statistics, optimisation, security measures). We process data necessary to justify and fulfil contractual services, and expressly cite the need for this data to be provided. It is only disclosed to external parties if this is required as part of a job order. When processing the data provided to us as part of a contract, we follow the client’s instructions and the legal regulations for data processing as per Art. 28 GDPR, and only process the data for the specific contractual purposes.
We erase the data once the legal guarantee and similar duties have elapsed. The need for the data to be stored is reviewed every three years. In the event of legal archiving obligations, the data is erased once these obligations have elapsed (6 J, as per Section 257 Para. 1 of the German Commercial Code (HGB), 10 J, as per Section 147 Para. 1 of the German Tax Code (AO)). In the event data has been disclosed to us by the client as part of a job order, we generally erase the data at the end of the order, as per the order specifications.