FISCHER Deutschland GmbH

Langenfeld, Germany

Privacy Policy for Business Partners

Fischer Deutschland Gmbh
Information on the processing of personal data of business partners


The protection of your personal data is taken into account in all of our business processes. In the following, you will find a detailed overview of how we process your personal data.

Personal data refers to all information relating to an identified or identifiable natural person. We use these data protection notices to inform you about the nature, scope and purpose of our collection of personal data and how we handle this data. You will also be informed about which rights you have with regard to the processing of your personal data.

The following information applies to all natural persons whose personal data is stored and who are associated with the supplier business relationship (e.g. authorised representatives).

1      Who is responsible for processing my data and who can I contact about data protection?

The body responsible for the processing of personal data described below is:

FISCHER Deutschland GmbH
Marie-Curie-Strasse 2
40764 Langenfeld, Germany
Tel.: +49 (0)2173 2053 510

You can contact our Data Protection Officer as follows:

Eva-Daniela Jung
Haus Gravener Strasse 96
40764 Langenfeld, Germany
Tel.: +49 (0)172 2527 359

2      Where does my data come from and which data is processed?

We process personal data (‘data’) in accordance with the principles of data protection law and only to the extent that it is necessary, permitted by applicable legal requirements or that we are obligated to do so.

Unless otherwise stated in the following, the terms ‘process’ and ‘processing’ include, in particular, the collection, use, storage, disclosure and transfer of personal data (see Article 4 No. 2 of the EU General Data Protection Regulation [‘GDPR’]).

2.1      Voluntariness of data submissions

The provision of your personal data is generally voluntary. For the conclusion and performance of the business relationship, however, it is absolutely necessary to process certain data about you.

2.2      General data from the business relationship

We process the data that you make available to us within the framework of our business relationship. This includes, in particular, the following:

  • contact details of the business partner’s contact person(s), in particular title, name, business address, function, telephone number and email address; bank and billing information, changes that you make to master data, e.g. changes of address

2.3      Data from other sources

We process personal data from publicly accessible sources (e.g. commercial register, authorities, Internet) only to the extent that this is legally permissible, such as because this is necessary for the provision of our services.

This includes, in particular, the following:

  • name and business address of the managing directors and shareholders, as far as can be seen from public sources and the commercial registers.

3      What is my data used for (purpose of processing) and on what basis (legal basis) does this happen?

3.1      Collection and processing within the scope of a business relationship

We collect and process your personal data, described in more detail above, within the framework of the acceptance and fulfilment of our contractual obligations towards you (Article 6 [1] [b] GDPR). We process your contact details when contacting you to conclude a contract, for example.

By entering into a business relationship as an interested party, supplier or customer (business partner), we will store your contact details as well as information about business processes and communication with you, and will process it at least for the duration of the business relationship.

3.2      Processing based on a legitimate interest

We also process your personal data to the extent that this is necessary to safeguard our legitimate interests or those of a third party (Article 6 [1] [f] GDPR). In order to process the contractual relationship, we have a legitimate interest in processing the data in order to carry out credit checks and collect receivables, also within the framework of mandates from collection agencies.

3.3      Processing based on legal requirements

Furthermore, we process your data to the extent that this is necessary for the assertion of legal claims and defence in legal disputes, and is necessary for the fulfilment legal obligations (Article 6 [1] [c] GDPR).

4      Will my data be passed on?

We employ data processors to provide special services. Your data is passed on to them in strict compliance with the obligation of confidentiality as well as with the requirements of the GDPR. The processors commissioned by us, who may only process the data for us and not for their own purposes, are obliged to comply with the requirements of the General Data Protection Regulation. The responsibility for data processing remains with us in these cases.

5      For how long will my data be stored?

We delete the collected data after the purpose for its storage has ceased to exist or we restrict the processing to the extent that legal retention obligations exist.

A lot of personal data is tax-relevant and is therefore generally retained for ten years following the end of the year in which the invoice was issued or the booking made, in accordance with the retention periods under commercial and tax law pursuant to § 147 of the German Fiscal Code and § 257 of the German Commercial Code.

6      Your rights

You have extensive rights with regard to the processing of your personal data.

Right to information: You have the right to information about the data stored with us, in particular about the purpose for which the data is processed and for how long it is stored (Article 15 GDPR).

Right to correct inaccurate data: You have the right to request that we correct without delay any of your personal data if it is inaccurate (Article 16 GDPR).

Right to deletion: You have the right to request that we delete your personal data. These conditions stipulate that you can request the deletion of your data if, for example, we no longer need the personal data for the purposes for which it was collected or otherwise processed, if we process the data unlawfully or if you have submitted a legitimate objection to the processing and storage of your data or if there is a statutory obligation to delete the data (Article 17 GDPR).

Right to restrict processing: You have the right to request a restriction of the processing of your data. This right exists, in particular, for the duration of the verification if you have disputed the accuracy of your data, and in the event that you request limited processing instead of deletion in the case of an existing right to deletion. Furthermore, the processing will be restricted if the data is no longer required for the purposes pursued by us, but you need the data to assert, exercise or defend legal claims, or if the successful exercise of an objection between us and you is disputed (Article 18 GDPR).

Right to data transferability: You have the right to receive from us in a structured, established, machine-readable format the personal data relating to you that you have provided to us (Article 20 GDPR), unless it has already been deleted.

Right of objection: You have the right to object at any time to the processing of your personal data for reasons arising from your particular situation (Article 21 GDPR). We will stop processing your personal data unless we can demonstrate compelling and legitimate grounds for processing that outweigh your interests, rights and freedoms, or if the processing serves the assertion, exercise or defence of legal claims. If you wish to object to the processing of your personal data, please send us an email or write to the above-mentioned contact address of the body responsible.

Right to complain to the supervisory authority: You have the option of contacting the above-mentioned Data Protection Officer or a data protection supervisory authority if you are of the opinion that the processing of your personal data violates the General Data Protection Regulation. A list of the data protection supervisory authorities can be found here: