October 2025

This data protection notice applies to the processing of your personal data as our business partner.

1. Data Controller 

The data controller is 

Technoform Tailored Solutions Holding GmbH
An den Lindenbäumen 17
34277 Fuldabrück, Germany

Email:             post [dot] htsde [at] technoform [dot] com

For any questions regarding data protection, feel free to contact us at any time using the contact details mentioned above.

2. Purpose and legal basis

We process your data on the basis of the EU General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and all other laws relevant to us in terms of data protection.

2.1 Contract management

We process the following categories of personal data to carry out pre-contractual measures or to fulfil and manage the contractual agreement:

• names,
• addresses,
• contact details,
• payment data,
• order data,
• contract data.

The legal basis for this data processing Art. 6 (1) lit. b GDPR. Without the provision of personal data, the contract cannot be fulfilled. The data is stored for the duration of the corresponding contractual relationship. It will be deleted after the end of the contractual relationship and/or after the expiration of statutory retention periods.

2.2 IT security

As part of our security measures, we maintain various log protocols in IT systems. These are used for troubleshooting purposes and to provide evidence of data collection, modification, and deletion. The following data is logged here for:

• device data,
• access data,
• user data.

The legal basis for this processing is, on the one hand, our legitimate interest pursuant to Art. 6 (1) (f) GDPR in the secure operation of IT systems and, on the other hand, legal requirements pursuant to Art. 6 (1) (c) GPDR to ensure the integrity, confidentiality, and availability of data (accountability obligation).

Log data for IT security is generally deleted after four weeks at the latest. Log data in connection with accountability evidence is deleted in accordance with the applicable statutory requirements. In cases of reasoned concern, data may also be retained until the matter has been clarified.

In this context, please also refer to our Data protection notice for Falcon Complete from Crowdstrike.

2.3 Access control

As part of our security measures, the office premises are equipped with an automatic access control system. The following data is logged for this purpose:

• names,
• arrival and departure times.

The legal basis for this processing is, on the one hand, our legitimate interest pursuant to Art. 6 (1) (f) GDPR in securing our office premises and, on the other hand, legal requirements pursuant to Art. 6 (1) (c) GDPR to ensure the integrity, confidentiality, and availability of data (accountability).

3. Recipients of personal data

We will only pass on your data to third parties if this should become necessary for the fulfilment of the purpose. Furthermore, data may be passed on to authorities on the basis of legal provisions in accordance with Art. 6 (1) (c) and (e) GDPR.

In addition, in various cases we engage processors in accordance with Art. 28 GDPR, who may receive data from us or have access to your data in connection with their service. In this context, data transfers outside the EU may also take place. In doing so, we make sure that there is either an EU adequacy decision for the destination country in question in accordance with Art. 45 GDPR or that we have concluded a contract with the service providers concerned on the basis of the standard data protection clauses in accordance with Art. 46 (2) (c) GDPR (https://commission.europa.eu/publications/standard-contractual-clauses-international-transfers_en).

4. Your rights

You have the following rights against us in relation to personal data concerning you:

• Right to information (Art. 15 GDPR).
• Right to rectification (Art. 16 GDPR).
• Right to erasure (Art. 17 GDPR).
• Right to restriction of processing (Art. 18 GDPR).
• Right to data portability (Art. 20 GDPR).
• Right to object to processing (Art. 21 GDPR).
• Right to withdraw consent (Art. 7 para. 3 GDPR).
• Right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR).

5. Validity and modification of this data protection notice

This data protection notice is currently valid (see status in the heading). Due to the further development of our offers or due to changes in legal or official requirements, it may become necessary to change this data protection notice.