Privacy policy
Customers / interested parties / business partners / suppliers
A. General information
1. Controller
This data protection notice is issued by
TechniBike GmbH
Julius-Saxler-Straße 3
54550 Daun
E-Mail: datenschutz@technibike.de
(hereinafter also referred to as "TechniBike") fulfills its existing legal obligation to provide information in accordance with Art. 13 of the General Data Protection Regulation ("GDPR") with regard to the processing of personal data of customers, interested parties, business partners and suppliers. In the following, we therefore explain which of your personal data we process and how.
2. personal data
Personal data within the meaning of Art. 4 No. 1 GDPR includes information such as your name, your address, your telephone number, your e-mail address, your bank details or your date of birth.
3. processing of personal data
Processing of personal data within the meaning of Art. 4 No. 2 GDPR is any operation or set of operations which is performed on personal data, whether or not by automated means.
We process personal data within the meaning of Art. 4 No. 2 GDPR in accordance with the specifications and conditions set out below in the context of automated processing based on a relevant legal authorization basis.
The relevant legal bases for our data processing are presented below.
Automated decision-making in individual cases, including profiling in accordance with Art. 22 GDPR, does not take place.
B. General processing operations
1. purpose of processing personal data of customers, interested parties, business partners and suppliers
We process your data, which we collect from you or which you provide to us, in particular in order to establish a contractual relationship with you and to be able to fulfill the existing contractual relationship with you, Art. 6 para. 1 sentence 1 lit. b GDPR.
The aforementioned also includes the implementation of pre-contractual measures, which are carried out at your request.
Personal data collected by us directly from you upon conclusion of the contract is required for the conclusion of the respective contract.
In order to be able to prepare an offer for you as an interested party and to be able to execute the respective contract with you as a customer, you are contractually obliged to provide the necessary data. Failure to provide the required personal data may mean that the contract cannot be fulfilled.
In this context, we process in particular corresponding contact data, financial data, especially payment data, as well as data in connection with the respective contract concluded, insofar as they are necessary to achieve the respective purpose. If you order a product and/or service, we also process your contact data for communication purposes and to provide the products and services ordered.
If you are not a natural person, we process the personal data of your designated representative.
In addition, we process your data in order to submit or evaluate corresponding offers to you, to manage an order or to provide support services.
The same applies if we purchase products or services from you as a business partner or supplier.
With regard to the fulfillment of legal obligations, Art. 6 para. 1 sentence 1 lit. c GDPR is the corresponding legal basis. We process your personal data depending on the respective legal obligation, e.g. with regard to the requirements of the Money Laundering Act.
In addition, Art. 6 para. 1 sentence 1 lit. f GDPR, “legitimate interest”, is our basis for authorization if we have a legal, economic or non-material interest in data processing and the rights, interests or fundamental rights of the data subjects worthy of protection do not outweigh this interest.
Personal data will also be processed by us if you give your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. However, failure to give this consent or its revocation does not affect the possibility of recourse to legal authorization bases, in particular Art. 6 para. 1 sentence 1 lit. b GDPR, “necessity with regard to the performance of the contract”, Art. 6 para. 1 sentence 1 lit. c GDPR, “legal obligation”, as well as Art. 6 para. 1 sentence 1 lit. f GDPR, “legitimate interest”, with regard to data processing. The submission of your declaration of consent is voluntary. Not giving your consent has no disadvantages for you. You can withdraw your consent at any time by sending us an email or by post. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
C. Making contact
1. general information
When you contact us by e-mail, telephone or via a contact form on our website, the data you provide will be processed by us. The only mandatory fields are those shown in the respective contact form. This information is required so that we can respond to your request accordingly. You can provide further personal data on a voluntary basis if you wish, e.g. if you want us to send you information material by post, we need your address. Your personal data will be stored by us in order to answer your questions. We delete the data arising in this context after storage is no longer necessary, or restrict processing if there are statutory retention obligations.
The legal basis is Art. 6 para. 1 sentence 1 lit. a GDPR, “consent”, alternatively Art. 6 para. 1 sentence 1 lit. f GDPR, “legitimate interest”.
2. additional information for communication via Microsoft Teams
We use Microsoft Teams to conduct online meetings.
We hereby inform you about the processing of your personal data in the context of our online meetings using the Microsoft Teams video conferencing solution.
If you do not wish to communicate with us via Microsoft Teams, you can reach us via all our other communication channels. You can also invite us to an online meeting via your own meeting tool instead.
If you cannot or do not want to use the Microsoft Teams app, it is possible to use Microsoft Teams via your browser. The service will then be provided via the Microsoft Teams website.
As part of our online meetings using Microsoft Teams, we process the following personal data:
- Communication data, e.g. your e-mail address, if you provide it personally
- Audio and video data, in order to enable the playback of videos and audio, the data from the video camera and microphone of your end device are processed for the duration of the meeting
- Log files, protocol data
- Metadata, e.g. IP address, time of participation, meeting ID, telephone numbers, etc.
- Profile data, e.g. your user name, if you provide this yourself
However, the scope of data processing also depends on the information you provide before or during participation in an online meeting. For example, a profile picture is optional. You may also have the option of using the chat function in an online meeting. If you make use of this, your text entries will be processed in order to display them in the online meeting. If it is necessary for the purposes of logging the results of an online meeting, we will log the chat content.
You can switch off or mute the camera and / or microphone yourself at any time via the Microsoft Teams application. You can also stop using the chat function at any time.
The legal basis for this is Art. 6 para. 1 sentence 1 lit. f GDPR, “legitimate interest”.
Meetings are generally not recorded. Only in exceptional cases can a recording take place if the participants have been expressly and transparently informed of the planned recording in advance and have given their consent where necessary, and have received additional data protection information, including on the specific purpose of the recording and the recipients to whom the recording is to be made available. If necessary, the legal basis is the consent of the data subject, Art. 6 para. 1 sentence 1 lit. a GDPR. You can withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
Personal data processed in connection with participation in online meetings will not be passed on to third parties.
Microsoft Teams is part of the Office 365 cloud application. Microsoft Office 365 is software from Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland.
Data processing with Office 365 takes place on servers in data centers in the EU. We have concluded an order processing contract with Microsoft within the meaning of Art. 28 GDPR. Extensive technical and organizational measures have also been agreed, such as the encryption of data.
In exceptional cases, Microsoft may request access for the purpose of remote maintenance. This access is then checked by us and granted if approved. Access may be granted to affiliated Microsoft companies outside the EU. In this case, we have taken measures to ensure an appropriate level of data protection.
We cannot rule out the possibility that data may be routed via servers located outside the EU.
Data is transferred to companies in the USA on the basis of an adequacy decision of the European Commission within the meaning of Art. 45 para. 3 GDPR, which stipulates that an adequate level of protection exists in the USA.
Microsoft reserves the right to process customer data for its own business purposes. We have no influence on this data processing by Microsoft. Microsoft is independently responsible for these data processing activities, so you can contact Microsoft for further information.
Further information: privacy.microsoft.com/en/privacystatement and docs.microsoft.com/en/microsoftteams/teams-privacy
D. Advertising
We also intend to process the data provided by you or collected by us for advertising purposes in the case of an existing customer relationship and other contractual relationships for a fee. In this case, the legal basis under data protection law is Art. 6 para. 1 sentence 1 lit. f GDPR, “legitimate interest”. According to the recitals to the GDPR, such a legitimate interest is given in particular with regard to so-called direct advertising, see recital 47 p. 7. The term “direct marketing” refers to the direct approach of a customer by a provider with the aim of promoting the sale of products or services in return for payment. Customer satisfaction surveys or participation in surveys can also fall under the legal concept of advertising. The other legal requirements, in particular § 7 UWG, are of course observed.
Without an existing customer relationship or without any other contractual relationship against payment, we will only process your personal data for advertising purposes if you have given us your voluntary consent to do so, Art. 6 para. 1 sentence 1 lit. a GDPR.
With your consent, you can subscribe to our newsletter.
If you register and subscribe to our newsletter, we will inform you about our current offers and events. To register for our newsletter via our website, we use the so-called double opt-in procedure. This means that after you have registered, we will send you an e-mail to the e-mail address you have provided in which we ask you to confirm that you wish to receive the newsletter. In addition, we store the IP addresses used and the times of registration and confirmation. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify any possible misuse of your personal data. The only mandatory information for sending the newsletter is your e-mail address. The provision of further, separately marked data is voluntary and is used to be able to address you personally. After your confirmation, we will store your personal data for the above-mentioned purpose. The legal basis is Art. 6 para. 1 sentence 1 lit. a GDPR. This consent is voluntary. You can refuse it without giving reasons and without having to fear any disadvantages as a result. You can also revoke this consent at any time with future effect by clicking on the link provided in every newsletter e-mail or by sending a message to the contact details given in this data protection notice, without any disadvantages for you.
Advertising is carried out by post, by electronic means, including e-mail, in particular through our newsletter, social media, or by phone call, insofar as this is legally permissible.
The advertising measures relate in particular to all products and all services, customer satisfaction surveys and polls as well as invitations to trade fairs and events.
You can object to the processing of your personal data for advertising purposes at any time. The relevant contact details are listed in the data protection notice. In this case, your personal data will no longer be processed for advertising purposes and will be deleted from the relevant advertising distribution lists.
If we use processors in this context, we have concluded an order processing contract with them in accordance with the provisions of Art. 28 GDPR, so that the processor is subject in particular to our instructions as the client.
E. Duration of data processing
The maximum duration of storage depends on the purpose of the data processing. The duration of storage generally depends on the period for which processing is required to fulfill the purpose.
Deletion periods under data protection law do not apply if and insofar as statutory retention obligations, such as those under social security law, commercial law or tax law, for example under Section 257 HGB or Section 147 AO, require longer deletion periods.
F. Recipients of the personal data
We transfer data within the specialist departments insofar as this is necessary to achieve the purpose.
We may transfer data within the Group. The primary authorization basis for data transfer within the Techniropa Holding group of companies is Art. 6 para. 1 sentence 1 lit. f GDPR. This states that data processing is lawful if processing is necessary for the purposes of the legitimate interests pursued, except where such interests are overridden by the interests or fundamental rights of the data subject. Recital 48 of the recitals to the GDPR, which are to be regarded as interpretative aids to the GDPR, specifies the legitimate interest for a transfer within a group of companies. Accordingly, such a transfer within the group for internal administrative purposes with regard to the processing of customer data is to be qualified as a legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f GDPR. Internal administrative purposes relating to customer data in this sense may include centralized customer management, internal group reporting or, in the case of access to data within matrix structures in a group of companies.
Agreements on joint responsibility within the meaning of Art. 26 GDPR have been concluded between Techniropa Holding GmbH and individual companies of the Techniropa Group, but also with each other.
Corresponding contractual parties jointly determine the purposes and essential means of processing personal data in various areas, with Techniropa Holding GmbH often acting as a central service provider for the other companies in the Techniropa Group and TechniSat Digital GmbH in some cases.
We comply with our legal obligation with regard to the provision of the essential points of the contract on joint responsibility pursuant to Art. 26 para. 2 sentence 2 GDPR with this data protection notice.
You can assert your data subject rights against any of the companies in the Techniropa Group. We will be happy to provide you with further information regarding the individual contracts on joint responsibility free of charge if required, insofar as this is legally permissible.
We also use Microsoft Office 365 as a cloud application, software from Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland. Reference may be made to the aspects described under C., II. in this context.
Furthermore, transfers may be made to external third parties, insofar as the aforementioned is necessary and legally permissible to achieve the purpose, for example to Auditing companies, tax consulting companies, law firms, financing companies, banks, factoring companies, other assignees, advertising agencies, lettershops, printers, postal service providers, freight forwarders, authorities, including tax offices, customs, insurance companies, companies that check creditworthiness, IT service providers, debt collection companies, data carrier disposal companies, creditor protection associations and other credit reference agencies. The authorization basis for data transmission is Art. 6 para. 1 sentence 1 lit. f GDPR.
Processors used are contractually obliged to comply with the provisions of Art. 28 GDPR. Processors will only process your data in accordance with the legal requirements, in accordance with our instructions and only in the context of fulfilling the contract.
G. Location of the data processing measures
All processing of personal data generally takes place in Germany or in member states of the European Union. A transfer of personal data by us to countries outside the member states of the European Union, so-called third countries, or to other international organizations does not take place in principle, unless otherwise stated in the data protection notice.
If we should transfer personal data to companies in third countries, the aforementioned will only take place if the third country has been confirmed by the EU Commission to have an adequate level of data protection in accordance with Art. 45 para. 3 GDPR, which is the case with regard to both the USA and the UK, or if other appropriate data protection guarantees, e.g. binding internal company data protection regulations or an agreement on the standard contractual clauses of the EU Commission or the consent of the data subject, Art. 44 et seq. GDPR.
H. Security / Technical and organizational measures
We take all necessary technical and organizational measures, taking into account the requirements of Art. 24, 25 and 32 GDPR, to protect personal data from loss, destruction, access, modification or dissemination by unauthorized persons and misuse. For example, we comply with the legal requirements for the pseudonymization and encryption of personal data, the confidentiality, integrity, availability and resilience of systems and services in connection with processing, the availability of personal data and the ability to restore it quickly in the event of a physical or technical incident, and the establishment of procedures to regularly review, assess and evaluate the effectiveness of technical and organizational measures to ensure the security of processing. Furthermore, we also observe the requirements of Art. 25 GDPR with regard to the principles of “privacy by design” and “privacy by default”, i.e. data protection through data protection-friendly default settings.
I. Your rights pursuant to Art. 15 et seq. GDPR / contact details of the data protection officer
You have a right to free information about your personal data and, if the legal requirements are met, a right to rectification, blocking and erasure of your data, to restriction of processing, to data portability and a right to object.
Insofar as we base the processing of your personal data on the balancing of interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR, you can object to the processing. This is the case if, in particular, the processing is not necessary for the performance of a contract with you. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the situation and will either discontinue or adapt the data processing or show you our compelling reasons worthy of protection on the basis of which we will continue the processing.
You also have the option of lodging a complaint with a competent supervisory authority, e.g. State Commissioner for Data Protection and Freedom of Information Rhineland-Palatinate, Hintere Bleiche 34, 55116 Mainz.
If you have any questions about the processing of your personal data, questions relating to the aforementioned rights and their assertion or suggestions, please use the contact details above or contact the data protection officer:
Phone: 0049 (0) 6592 712 1351
E-Mail: datenschutzbeauftragter@technibike.de
Version: 3, valid from 31.07.2025
Our latest version of this data protection notice applies.
The customer / prospective customer / business partner / supplier is obliged to view the data protection notice at regular intervals and to make it available to his employees if he himself is not a natural person and if personal data is processed by his employees through us.