Data protection information for members, customers and all interested
Data protection information for members, customers and all interested for download
Data protection declaration for the website of the Bundesverband Materialwirtschaft, Einkauf und Logistik e. V. (Federal Association for Materials Management, Purchasing and Logistics) (BME)
The Federal Association of Materials Management, Purchasing and Logistics e. V. (BME) an the companys of the BME-Group (hereinafter referred to as the "Association") appreciates your visit to our website and your interest in our products. The protection of personal data is important to us. The provision of personal data is voluntary. The BME processes these data in accordance with the provisions of the European General Data Protection Regulations, the German Telemedia Act and the German Data Protection Act.
In the following, we describe which data is processed during your visit on the company's website.
1. Data Controller
Responsible for the processing of your data is the Bundesverband Materialwirtschaft, Einkauf und Logistik e. V. (Federal Association for Materials Management, Purchasing and Logistics). (BME) and its affiliated companies consisting of BME Akademie GmbH, BMEnet GmbH, BME Marketing GmbH and BMÖ GmbH - hereinafter BME Group. Exceptions in this context are explained in this data protection declaration.
Our contact details are as follows:
Frankfurter Straße 27, 65760 Eschborn, Germany
You will find the contact details of the data protection officer further down in section 22.
2. Personal data
Personal data are individual details about personal or factual circumstances of a specific or identifiable natural person. This includes information such as your IP address, your real name, your address, your telephone number and your date of birth. Information that is not directly associated with your real identity - such as favorite websites or the number of users of a site - is not personal data.
3. Processing of personal data
When you visit the BME website, we temporarily process and store data of various kinds in order to provide our services. This includes the connection data of the requesting computer, the Internet pages that you select from our site as well as the date and duration of the visit. Furthermore, we determine the IP address of the requesting computer, the access date, the identification data of the Internet browser and operating system type used, the file request of the client (file name and URL), the HTTP response code, the website from which you are visiting us and the number of bytes transferred during the connection. These data are deleted after the end of the respective Internet session. Additional personal data such as your name, address, telephone number or e-mail address will only be collected if you have given your consent, e.g. as part of an online order for a product or service, a survey, an information request or a competition. If you are a subscriber to one of our e-mail newsletters, we as the website operator ensure that your e-mail address is not passed on to the URL. Your e-mail address will also not be passed on to our service providers.
4. Earmarked use and forwarding of personal data
BME uses the personal data you provide for the purposes of technical administration of the website, for services, for customer and member administration, for product-related surveys and for marketing only to the extent necessary in each case.
5. Legal basis for data processing
The legal basis for processing your personal data depends on the underlying purpose of the data processing.
- Technical administration of the website
The legal basis for the processing of personal data for the above-mentioned purpose is Art. 6 para. 1 lit. b) GDPR, insofar as a contractual relationship exists with you. If there is no contractual relationship between the association and you, the legal basis for data processing is Art. 6 para. 1 lit. f) GDPR. The transmission of personal data (e.g. the IP address) is necessary to establish the connection and to display the contents of the website.
- Services and event bookings
The legal basis for the processing of personal data for the above-mentioned purpose is Art. 6 para. 1 lit. b) GDPR. We provide our services and events within the framework of the fulfilment of contractual obligations. Without the processing of personal data, we cannot fulfil or execute the existing contract with you.
- Google Analytics
The legal basis for the processing of personal data in the context of the use of Google Analytics is Art. 6 para. 1 lit. f) GDPR. We need statistical information about the use of our online offer in order to make it more user-friendly, to make range measurements and to conduct market research.
- Online orders
When you place an online order on our website, we collect various data required to conclude the contract. The legal basis is the conclusion and implementation of a contract in accordance with Art. 6 para. 1 sentence 1 b GDPR. The data will be stored for the duration of the contract.
- BME Webinars
When you register for a BME webinar, we collect certain data to enable you to participate in the webinar. The legal basis for the processing is your consent pursuant to Art. 6 para. 1 sentence 1 a GDPR. We store the data for this purpose until the webinar has taken place. We use order data processor to collect the registration and host the webinar, which are recipients of your personal data accordingly.
In addition, we use the data you enter for marketing purposes as described, which is hereby included as a reference.
- Data processing for general advertising purposes
We process personal data of our customers as well as other entrepreneurs and companies not in a business relationship with us, and in this connection, where appropriate, also from the contact persons there for the purpose of direct advertising, insofar as legally permissible. If we have not collected this data directly from the respective data subject, we may also obtain contact data of the data subject from public sources, such as in particular the website of the respective company, trade directories or advertisements placed by the company. In connection with these direct advertising purposes we can also take into account the previous contracts concluded by our members, customers and company specifics such as sector affiliation or company size of the respective entrepreneur/company in order to design the advertising as appropriately as possible. The legal basis is a legitimate interest within the meaning of Art. 6 para. 1 sentence 1 f GDPR. The legitimate interest is the processing of personal data for the purpose of direct marketing itself (see recital 47 GDPR). The data subjects have the right to object at any time to the processing of personal data concerning them for the purpose of such advertising. You can file this objection any time using the contact data specified in section 23, in the case of advertisement by e-mail you find an Opt Out link also directly in the respective e-mail. We store the data for this purpose as long as we are interested in concluding a contract with the company concerned or until an objection has been declared.
- Cloudflare Security Solutions
We use the DNS services distributed by Cloudflare, Inc. and using proxy, firewall and scrape shield. Cloudflare Security Solutions is a comprehensive suite of products to secure all resources connected to the Internet. Cloudflare secures and ensures the reliability of outbound resources such as websites, APIs and applications and protects internal resources such as applications, teams and devices behind the firewall.
The legal basis for the processing of personal data for the above-mentioned purpose is Art. 6 para. 1 lit. b) GDPR, insofar as a contractual relationship exists with you. Insofar there is no explicit contractual relationship, the legal basis for data processing is Art. 6 para. 1 lit. f) GDPR. The transmission of personal data (e.g. the IP address) is necessary to guarantee security services such as DDos Protection.
6. Information disclosure
Your personal data will not be passed on to third parties unless this is necessary for the purpose of contract processing or you have expressly consented. Your personal data will only be passed on within the BME Group with your consent. If we commission external service providers, they are carefully selected and obliged to comply with all data protection regulations in accordance with Article 28 GDPR.
7. Registration feature
We offer you the possibility to register on our site. The data entered in the course of this registration process, which can be seen from the input mask of the registration form, will be collected and stored exclusively for the use of our offer. When you register on our site, we will also store your IP address, the date and time of your registration and your last login. In the event that a third party misuses your data and registers on our site with this data without your knowledge, this serves as a safeguard on our part. The data will not be passed on to third parties. A cross-referencing of the data collected in this way with data that may be collected by other components of our site does not take place either.
If you would like to subscribe to the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter (double opt-in procedure). In order to personalize the newsletter, we store personal data such as first name, surname and e-mail address. We use this data exclusively for the dispatch of the requested information and for the documentation of your consent. You can revoke your consent to the storage of the data, the e-mail address as well as their use for sending the newsletter at any time and with effect for the future, for example via the "unsubscribe" link in the newsletter. We use an external service provider to manage and send our newsletter. This service provider has of course been carefully selected and obliged to comply with all data protection regulations in accordance with Article 28 of the GDPR.
In order to make our website as user-friendly as possible, we - like many well-known companies - use so-called cookies. Cookies are small text files that are stored on your computer when you visit our website. This allows us to design our website more individually for the user. This means you do not have to log in to a service every time and we can adapt the offers on our web portal to your interests. You can agree to the use of these cookies on our site.
Users of our website use different browsers and different computers. To make your visit as pleasant as possible with the technology you use, we collect information about the browser type (e.g. Chrome, Internet Explorer, Mozilla, Netscape) and its operating system (e.g. Windows or Mac) used by a visitor, the domain name of his/her Internet provider and the width and height of the browser window, screen resolution and color depth.
Information and objection:
10. Statistical Evaluation
We need statistical information about the use of our online offer in order to make it more user-friendly, to make range measurements and to conduct market research. For this purpose we use the web analysis tools described in this section.
10.1 Google Analytics
Google Analytics is provided by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). This analysis software is configured in accordance with data protection regulations. In particular, we use Google Analytics with the additional function offered by Google for anonymizing IP addresses. Google's IP address is usually already shortened within the EU and only in exceptional cases only in the U.S. and in any case only stored in shortened form.
You can object to the collection and/or evaluation of your data by this tool by downloading and installing the browser plugin available under the following link: tools.google.com/dlpage/gaoptout
11. Data protection
Our employees and the service companies commissioned by us are bound to secrecy and compliance with the provisions of the applicable data protection laws. The company takes appropriate technical and organisational security measures to protect your personal data from loss, alteration, destruction and from access by unauthorised persons or unauthorized disclosure. Our security measures are constantly improved in line with technological developments.
12. Duration of data storage
We store your data as long as this is necessary for the provision of our online offer and the associated services or we have a legitimate interest in further storage (e.g. we may still have a legitimate interest in postal marketing even after fulfillment of a contract). The data will be deleted upon expiry of the statutory or contractual retention periods (e.g. tax and commercial retention periods). Data that is not subject to the obligation to retain will be deleted after the described earmarking has ceased to apply.
13. Rights as user
As a user of our website, you have various rights. Please use the information in the Contact section to assert your rights. Please ensure that we can uniquely identify you.
14. Rights to information, correction or deletion of data
In accordance with the General Data Protection Regulation (GDPR), you will receive written information at any time upon request and free of charge about which personal data (e.g. name, address) is stored. Furthermore you have the right to correction or deletion of this data, as far as the legal requirements are fulfilled. Excluded from the claim for deletion are, for example, stored data on business processes that are subject to the legal obligation to retain data.
15. Right to restrict data processing
You have the right to restrict the processing of your personal data.
16. Right of objection
You also have the right to object to our processing of your data at any time. We will then stop processing your data unless we can - in accordance with legal requirements - prove compelling reasons worthy of protection for further processing, which outweigh your rights.
17. Right to data transferability
Furthermore, on request, we guarantee the transferability of the personal data transmitted by you by providing it in a common and machine-readable data format.
18. Revocation of consent
You have the right to revoke your consent for the processing of your personal data at any time with effect for the future, which you have given us for one or more specific purposes. Legitimacy of the processing of your data until revocation remains unaffected by this.
19. Obligation to provide personal data
Insofar as a contract exists between the BME Group and you, you must provide those personal data which are required for the establishment, execution and termination of the contractual relationship and for the fulfillment of the associated contractual obligations or which we are legally obliged to collect. Without the provision of this information, we will generally not be able to enter into, execute and terminate a contract with you.
As far as the data processing within the scope of the use of this website is not necessary for the establishment, execution and termination of a contractual relationship or for the fulfillment of contractual obligations, the provision of your data is voluntary. Please note that certain functionalities of the website or services cannot be used if the necessary data is not provided.
20. Automatic processing of personal data
Your personal data will only be processed exclusively automatically if this is necessary for the conclusion or performance of a contract and this has no legal or similar effect for you.
21. Complaint to supervisory authorities
In the event of complaints regarding the processing of your personal data, you have the right to contact the competent supervisory authorities. You can contact the data protection authority responsible for your place of residence or federal state or the data protection authority responsible for us. This is:
The Hessian Data Protection Commissioner
65189 Wiesbaden, Germany
22. Contact Details
If you have any questions regarding the processing of your personal data, suggestions or complaints, please contact our data protection officer. We recommend that you send confidential information only by post.
Data Protection Officer of the BME: Kirstin Scheel
Frankfurter Straße 27
65760 Eschborn, Germany
E-Mail: [email protected]
Tel. +49 6196 5828-165
Date: 27 June 2018