The person responsible for data processing is:
bill-X GmbH
Liebigstraße 29
49074 Osnabrück
Phone: +49 541 71008-0
Email: info@bill-X.de
You can reach our data protection officer as follows::
Markus Kreder
TMD Secure GmbH
Lannertstraße 22
41189 Mönchengladbach
Phone: +49 2166 1359897
Fax: +49 2166 1359899
Email: datenschutz@bill-X.de
We process data that we receive in the course of the business relationship and directly from you. This includes the following data:
Master data relating to your contract (e.g. name, address, contact details, etc.)
Bank details and account data (BIC / IBAN)
Tax-relevant data
Data in connection with the execution of the contents of the contract
We process your personal data in accordance with the provisions of the DSGVO, the BDSG (Federal Data Protection Act) and all other relevant laws.
3.1 Based on your consent (Art. 6 para. 1 a DSGVO).
If you have given us consent to process personal data, the respective consent is the legal basis for the processing mentioned therein.
You can revoke consent at any time with effect for the future. This also applies to declarations of consent that you gave to us before the DSGVO came into force, i.e. before May 25, 2018. The revocation shall only take effect for the future.
3.2 For the fulfillment of pre-contractual obligations (Art. 6 para 1 b DSGVO).
We process your data to perform our contracts or pre-contractual measures with you. The purposes of data processing are defined and agreed in detail in the respective contractual bases.
3.3 Due to legal requirements (Art. 6 para. 1 c DSGVO).
We are subject to various legal obligations, i.e. legal requirements.
3.4 In the context of balancing interests (Art. 6 para. 1 f DSGVO).
In individual cases, we process your data beyond the actual fulfillment of the contract in order to protect legitimate interests of us or third parties (e.g. authorities). Examples include the exchange of data for administrative purposes, ensuring IT security and operation of our company, building and facility security measures (e.g. access controls) or the prevention and investigation of criminal offences.
Within our company, only those persons and offices receive your personal data that require it to fulfill our contractual and legal obligations. Contractors employed by us may also receive your data, who process your data for us in accordance with instructions.
To the extent necessary, we process your personal data for the duration of our business relationship, which also includes the initiation and execution of a contract. In addition, we are subject to various storage and documentation obligations, which result, among other things, from the German Commercial Code (HGB), the German Civil Code (BGB), the German Fiscal Code (AO). The periods specified there for storage or documentation are up to ten years, but in certain cases also up to thirty years.
Data will only be transferred to third countries (countries outside the European Economic Area) if this is necessary for the performance of the contract or is required by law, or if you have given us your consent.
Within the scope of our business relationship, you are only required to provide the personal data that is necessary for the establishment, implementation and termination of a business relationship and the fulfillment of the associated contractual obligations, or which we are legally obligated to collect. Without this data, we will usually have to refuse to conclude the contract or execute the order, or will no longer be able to perform an existing contract and may have to terminate it.
Every data subject has the right to information according to Art. 5 DSGVO, the right to rectification according to Art. 16 DSGVO, the right to erasure according to Art. 17 DSGVO, the right to restriction of processing according to Art. 18 DSGVO and the right to data portability according to Art. 20 DSGVO. With regard to the right to information and the right to erasure, the restrictions according to §§ 34 and 35 BDSG apply.
If we process your data to protect legitimate interests, you may object to this processing on grounds relating to your particular situation (right of objection). If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
In addition, you have the right to lodge a complaint with a data protection supervisory authority (Article 77 DSGVO in conjunction with Section 19 BDSG). You also have the option of contacting us directly or our data protection officer. The data protection authority responsible for us is:
State Commissioner for Data Protection of Lower Saxony
Prinzenstrasse 5
30159 Hanover
Email: poststelle@lfd.niedersachsen.de