bvl image

Information for

Visitor

Information for persons affected about the processing of their personal data as per Article 13 GDPR by Bernard van Lengerich Maschinenfabrik GmbH

Category: Visitor (M/F/X)

To comply with our information obligations as per Art. 13 of the General Data Protection Regulations (GDPR), we are pleased to provide you with the following information about data protection:

 

I. Name and contact details of the Controller

In accordance with Art. 4(7) GDPR and other national data protection laws of Member States and other data protection regulations, the Controller is:

Bernard van Lengerich Maschinenfabrik GmbH & Co. KG
Grenzstraße 16
48488 Emsbüren, Germany
Tel.: +49 (5903) 951-0
Fax: +49 (5903) 951-34
Email: info@bvl-group.de
Website: https://www.bvl-group.de/

 

II. Contact details of the Data Protection Officer

Email: datenschutzbeauftragter@bvl-group.de

or our postal address with the addition of “F.A.O. The Data Protection Officer”:
Bernard van Lengerich Maschinenfabrik GmbH & Co. KG (hereinafter referred to as BvL)
Grenzstraße 16
48488 Emsbüren, Germany

 

III. Purposes for processing your personal data

  1. We collect and store data – as far as is necessary – to keep a record of external visitors visiting our company and thus establish who is within our business premises.
  2. Furthermore, we may collect and store your data as part of any safety training we provide. In this respect, we have undertaken for you to visit our production facilities – should you have the opportunity to do so.

 

IV. Legal grounds for processing your personal data

Re. 1: Collection and storage is on the basis of our legitimate interests as per point (f) of Art. 6(1) GDPR. Our legitimate interests relate to us being able to prove which persons were at our business premises during which period. This information is required should it be necessary to evacuate in the event of a fire, for example.

Re. 2: As part of safety training to be undertaken, processing has the following legal basis: Point (c) Art. 6(1) GDPR.

 

V. Description of the personal data categories

For these purposes, we process the following personal data about you:

Last name, first name, company, date of visit and your signature.

 

VI. Categories of recipients with whom personal data was shared or will be shared

Re. 1: Your data is retained by Reception. Should there be legitimate interest, the responsible department and/or responsible company employee and senior management may access the data.

Re. 2: Under certain circumstances, it may be necessary for us to pass on your data relating to safety training to third parties. This may include the employers’ liability insurance association or trade supervisory board, for example.

 

VII. No transfer to third countries and no transfer to an international organisation

Your personal data is not transferred to a third country or an international organisation, and is not intended.

 

VIII. Deletion periods of different data categories and storage criteria

Your personal data will be stored for a retention period of 18 months and then destroyed in a manner that is data-protection compliant.

 

IX. Rights of persons affected

If your personal data is processed, you are considered a Data Subject as per GDPR and you are entitled to the following rights vis-à-vis the Controller (BvL):

  1. Right of access
    Under the provisions of Art. 15 GDPR, you shall have the right to obtain from the Controller at any time confirmation as to whether or not, and how, your personal data is being processed by us.
  2. Right to rectification
    Under the provisions of Art. 16 GDPR, you shall have the right to obtain from the Controller the rectification and/or completion of incomplete data, provided the processed personal data that affects you is incorrect or incomplete. The Controller must rectify the data without undue delay.
  3. Right to restriction of processing
    Under the provisions of Art. 18 GDPR, you shall have the right to obtain from the Controller restriction of processing.
  4. Right to erasure and the “right to be forgotten”
    Under the provisions of Art. 17 GDPR, you shall have the right to obtain from the Controller the erasure of your personal data and to exercise the right to be forgotten.
  5. Right of notification
    If you have exercised your right to obtain from the Controller rectification, erasure or restriction of processing, they are obligated to communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom the personal data has been disclosed, unless this proves impossible or involves disproportionate effort. Under the provisions of Art. 19 GDPR, you shall have the right to be informed of those recipients.
  6. Right to data portability
    Under the provisions of Art. 20 GDPR, you shall have the right to receive your personal data, which you provided to the Controller, in a structured, commonly used and machine-readable format.
  7. Right to object
    Under the provisions of Art. 21 GDPR, you shall have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on point (e) or (f) of Art. 6(1) GDPR, including profiling based on those provisions. As the Controller, BvL shall no longer process your personal data unless BvL demonstrates legitimate grounds for the processing which override your interests, rights and freedoms as the Data Subject or for the establishment, exercise or defence of legal claims.
  8. Right to lodge a complaint with a supervisory authority
    Without prejudice to any other administrative or judicial remedy, you shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or place of the alleged infringement if your consider that the processing of your personal data infringes GDPR. The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Art. 78 GDPR.

    The State Data Protection Supervisory Authority responsible for BvL is:
    The State Data Protection Commissioner for Lower Saxony
    Prinzenstraße 5
    30159 Hanover, Germany
    Telephone: +49 511 120 45 00
    Telefax: +49 511 120 45 99
    E-Mail: poststelle@lfd.niedersachsen.de

 

XI. Requirement to provide data

The provision of your personal data is neither required by law nor by contract. However, the provision of your personal data is required to fulfil any appointments with our company. If you do not provide your personal data, we cannot grant you access to our business premises.