Data Protection Information for Customers/Other Contract Partners and Interested Parties
(Information on data protection about our processing of customer and interested party data in accordance with Articles 13, 14, and 21 of the General Data Protection Regulation (GDPR))
cloudfood GmbH
Obere Bachgasse 9
93047 Regensburg
Germany
Dear Customers & Potential Prospects,
In accordance with the requirements of Articles 13, 14, and 21 of the General Data Protection Regulation (GDPR), we hereby inform you about the processing of your personal data and your related data protection rights. The specific data that is processed and how it is used depends largely on the services requested or agreed upon. To ensure that you are fully informed about the processing of your personal data as part of fulfilling a contract or implementing pre-contractual measures, please review the following information.
RESPONSIBLE BODY IN TERMS OF DATA PROTECTION LAW
cloudfood GmbH
Obere Bachgasse 9
93047 Regensburg
Germany
Phone: +49 (0)941 46 39 200
E-mail: hey@cloudfood.de
Website: https://cloudfood.de
PURPOSES AND LEGAL BASIS OF PROCESSING
We process your personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG) as necessary to establish, execute, and fulfill a contract or to carry out pre-contractual measures. If personal data is necessary to initiate or carry out a contractual relationship, processing is lawful under Article 6(1)(b) GDPR.
If you have given us explicit consent to process personal data for specific purposes (e.g., transfer to third parties, marketing evaluation, or advertising by email), the legality of this processing is based on your consent under Article 6(1)(a) GDPR. Any consent you have given can be revoked at any time with future effect (see section 9 of this data protection information).
In cases where processing is necessary to fulfill legal obligations, this is carried out in accordance with Article 6(1)(c) GDPR. Furthermore, data may be processed to safeguard legitimate interests or to defend and assert legal claims, as outlined in Article 6(1)(f) GDPR. We will inform you separately, if necessary, about the legitimate interest when required by law.
CATEGORIES OF PERSONAL DATA
We only process data relevant to establishing a contract or pre-contractual measures. This may include general information about you or persons in your company (such as name, address, contact details) as well as any additional data you provide to us as part of the contractual relationship.
SOURCES OF DATA
We process personal data that we receive from you during contact initiation, establishing a contractual relationship, or during pre-contractual measures. We may also process data you provide publicly on your company website.
RECIPIENTS OF DATA
We only pass on your personal data within Cloudfood GmbH to individuals and departments that need the data to fulfill contractual and legal obligations or to pursue our legitimate interests.
Your personal data may be processed on our behalf under data processing agreements per Article 28 GDPR. In these cases, we ensure the processing complies with GDPR provisions. Categories of recipients may include internet service providers and customer management system providers. Data may be passed to external recipients such as external tax consultants or public authorities, only as required by law or contract.
TRANSFER TO A THIRD COUNTRY
There is no transfer of data to countries outside the European Economic Area (EEA).
DURATION OF DATA STORAGE
We process and store your personal data for the duration of our business relationship or as necessary to fulfill contractual purposes. This includes the initiation and execution of contracts. Additionally, we are subject to various retention and documentation obligations according to the Commercial Code (HGB) and the Tax Code (AO), with prescribed storage periods ranging from two to ten years. Statutory limitation periods, such as those under Sections 195 et seq. of the Civil Code (BGB), may also require storage for up to 30 years in certain cases.
YOUR RIGHTS
Every data subject has the following rights:
The competent supervisory authority for data protection issues in Germany is:
The Bavarian Data Protection Authority
Promenade 27 (Schloss), 91522 Ansbach
Phone: +49 (0)981 1800930
Email: poststelle@lda.bayern.de
RIGHT TO WITHDRAW CONSENT
If processing is based on your consent, you have the right to withdraw this consent at any time under Article 7 GDPR. Please note that the withdrawal is effective for the future, and processing conducted prior to the withdrawal remains lawful.
RIGHT TO OBJECT
If we process your personal data on the basis of legitimate interests as outlined in Article 6(1)(f) GDPR, you have the right to object at any time, for reasons arising from your particular situation, under Article 21 GDPR. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights, and freedoms or the processing serves to assert, exercise, or defend legal claims.
To exercise your rights, simply email us at hey@cloudfood.de.
NECESSITY OF PROVIDING PERSONAL DATA
Providing your personal data is voluntary. However, if you do not provide the personal data required to initiate or fulfill a contract, we may not be able to make a contractual decision or execute the contract.
AUTOMATED DECISION MAKING
We do not use fully automated decision-making as outlined in Article 22 GDPR to establish, fulfill, or manage business relationships or for pre-contractual measures. If we do employ such procedures in individual cases, we will inform you separately and, where required, obtain your consent.
CHANGES TO OUR PRIVACY POLICY
We reserve the right to update this privacy policy as needed, in line with applicable data protection regulations. This ensures that we adapt to current legal requirements and reflect changes to our services, such as the introduction of new services. The latest version of the privacy policy applies to your visit.
For readability, the masculine form has been used in this policy. However, all references to individuals apply equally to all genders.