Data protection declaration for customers, service providers and interested parties of ERCHINGER AG

Information on the processing of your data in accordance with Article 13 of the European General Data Protection Regulation (GDPR):

1. Scope:

The following information gives you an overview of how we handle your personal data (hereinafter: data) and your data protection rights.

Which of your data we specifically process depends on the respective business relationship.

2. Accountability:

Responsible for the processing of personal data is:

Rudolf-Diesel-Strasse 20
78532 Tuttlingen

3. Company data protection officer:

The following has been appointed as the data protection officer of ERCHINGER AG:

Achim Barth
Theodor-Veiel-Strasse 94
70374 Stuttgart

4. We use the following data:

In principle, we collect your data directly from you. As a rule, you provide us with this data with your order and as part of the business relationship that results from the request for an offer.

In doing so, we only collect the mandatory data that is necessary for the respective contractual purpose.

Additional information is voluntary.


In certain cases, we may receive data from third parties to the extent necessary to conduct our business relationship:

  • As part of the order acceptance by ERCHINGER AG
  • As part of an external recommendation

In particular, we collect and process

  • Customer master data such as name, address, place of residence
  • Billing data (different billing address)
  • Bank details for payment processing
  • Contract / service data
  • Communication data for establishing and maintaining a contractual relationship via electronic communication channels, e.g. E-mail address, telephone, mobile phone number
  • voluntary information on special features when preparing the offer
  • Information on consent to advertising, use of your e-mail address or telephone number for advertising
  • Anonymous or pseudonymised data for our own statistical analyzes and marketing reports

5. What do we process your data for (purpose of processing) and on what legal basis:

We collect and process your data in accordance with the legal provisions, in particular the GDPR and the BDSG -2018, as well as other legal bases, such as B. the Telemedia Act (TMG) for the following purposes:

  • the conclusion and execution of the contract (Art. 6 Para. 1 b GDPR). The purposes of data processing are primarily based on the specific order. Further details on the purposes of data processing can be found in the relevant contractual documents and terms and conditions (general terms and conditions)
  • To fulfill legal obligations or official requirements. The processing takes place in accordance with the statutory provisions, e.g. to fulfill commercial and tax regulations (Art. 6 Para. 1 c GDPR)
  • If necessary, we process your data to protect our legitimate interests or those of third parties (Art. 6 Para. 1 f GDPR):
  • Assertion of Legal Claims and Defense in Legal Disputes
  • for information about our products and services (advertising or market and opinion research)
  • Measures for business management and further development of services and products
  • Ensuring IT security and IT operations

We also use your e-mail addresses, which we received in connection with the conclusion of a contract, e.g. for orders, to inform you about our products, services and current developments, Article 6 (1) sentence 1 lit. f GDPR in conjunction with § 7 para. 3 UWG.

You can prohibit this advertising use at any time without incurring any costs other than the transmission costs according to the basic tariffs.

6. Disclosure of personal customer data:

We store all the data required for contract fulfillment and customer care in our IT systems. Within our company, those departments that need your data to fulfill the above-mentioned purposes, in particular our contractual obligations, have access to your data.

In order to provide our contractual services, we use selected service providers (processors) and vicarious agents of the categories mentioned below, who can access your data to the extent required in each case, and use them to fulfill the orders we have placed.

Any further data transfer to recipients outside the company will only take place if this is required by law or
allow or you have consented.

Under these conditions, recipients of your data can e.g. B. be:

  • Public bodies and institutions where there is a legal or official obligation (e.g. tax authorities)
  • Other companies and service providers (processors) / vicarious agents in the following areas
  • IT service and consulting company
  • File and data destruction
  • Customer care companies (e.g. call centers)
  • Logistics
  • Print Service Providers/Letter Shops
  • Telecommunications Service Provider
  • Billing Service Provider
  • Financial Institutions
  • Collection agency
  • Sales and Marketing
  • Sales representative
  • Management consultancies, as well as accounting and tax auditing companies

There is no data transfer to offices in countries outside the European Union (so-called third countries).

7. Storage duration:

We process and store your data for as long as it is necessary to fulfill the above purposes, in particular our contractual and legal obligations. If the data is no longer required for the fulfillment of these purposes and our obligations, they are regularly deleted, unless their – temporary – further processing is necessary for the following purposes:

  • Fulfillment of commercial and tax retention obligations:

The German Commercial Code (HGB) and the Tax Code (AO) should be mentioned in particular.

The storage and documentation periods stipulated there are six to ten years.

  • Preservation of evidence within the framework of the statutory statute of limitations. According to §§ 195ff. of the German Civil Code (BGB), these limitation periods can be up to 30 years, with the regular limitation period being three years.

8. Your data subject rights

Every data subject has the right to information under Article 15 GDPR, the right to rectification under Article 16 GDPR, the right to erasure under Article 17 GDPR, the right to restriction of processing under Article 18 GDPR, the right to object under Article 21 GDPR as well as the right to data transferability from Article 20 GDPR insofar as there are no legal requirements to the contrary (in particular according to Articles 15, 17 GDPR, Sections 34 and 35 BDSG).

To assert your rights, please write to, stating your business partner data

In addition, there is a right of appeal to a data protection supervisory authority (Article 77 GDPR in conjunction with Section 19 BDSG).

9. Obligation to provide data

As part of our business relationship, you must provide us with the data that is necessary for the establishment and implementation of a business relationship and the fulfillment of the associated contractual obligations or that we are legally obliged to collect.

Without this data, we will generally not be able to conclude or execute the contract.

The provision of further data is voluntary.

Information about your right of objection according to Article 21 GDPR


10. Matomo Analytics

You may choose to prevent this website from aggregating and analyzing the actions you take here. Doing so will protect your privacy, but will also prevent the owner from learning from your actions and creating a better experience for you and other users.


Individual right of objection

You have the right, for reasons that arise from your particular situation, at any time against the processing of data concerning you, which is based on Article 6 Para. 1 e GDPR (data processing in the public interest) and Article 6 Para. 1 f GDPR (data processing on the basis of a balance of interests) to file an objection.

Right to object to the processing of data for advertising purposes

You have the right to object at any time to the processing of data relating to you for direct marketing purposes. This also applies to profiling insofar as it is associated with such direct advertising.

The objection can be made informally and should be addressed to:

This privacy policy is updated at irregular intervals

Status of the data protection information: 08/2022