+49 (89) 7193 699
DE | EN

Principles of data processing at EMS GmbH


Who is responsible for data processing?

Responsible within the meaning of data protection law is the

EMS GmbH
Schleißheimer Straße 377
80935 Munich, Germany

You will find further information about our company, information about the persons authorized to represent and also other contact options in our imprint of our website.

What data from you are processed by us? and for what purpose?

If we have received data from you, then we will in principle process it only for the purposes for which we received or collected it.

Data processing for other purposes is only possible if the legal requirements required in this respect in accordance with Art. 6 Abs. 4 GDPR. Any information obligations according to Art. 13 Abs. 3 GDPR and Art. 14 para. 4 GDPR, we will of course observe in this case.

What legal basis is this based on?

The legal basis for the processing of personal data is, in principle, unless there is specific legislation, Art. 6 GDPR. In particular, the following possibilities can be considered:

  • Consent (Art. 6 para. 1 lit. a) GDPR)
  • Data processing for the performance of contracts (Art. 6 para. 1 lit. b) GDPR
  • Data processing on the basis of a balance of interests (Art. 6 para. 1 lit. f) GDPR)
  • Data processing to fulfill a legal obligation (Art. 6 para. 1 lit. c) GDPR)

If personal data is processed by you on the basis of your consent, you have the right to revoke your consent at any time with effect for the future.

If we process data on the basis of a balance of interests, you as the data subject have the right, taking into account the provisions of Art. 21 GDPR to object to the processing of personal data.

How long will the data be stored?

We process the data as long as this is necessary for the respective purpose.
Insofar as there are legal retention obligations - e.g. in commercial law or tax law - the personal data concerned will be stored for the duration of the retention obligation. After the expiry of the retention obligation, it is checked whether there is another necessity for processing. If there is no longer a necessity, the data will be deleted.

In principle, we carry out an examination of data towards the end of a calendar year with regard to the need for further processing. Based on the amount of data, this check is carried out with regard to specific types of data or purposes of processing.

Of course, you can at any time (see below) Request information about the data stored by us about your person and request deletion of the data or restriction of processing in the event of a non-existent necessity.

To which recipants will the data be further provided?

In principle, your personal data will only be passed on to third parties if this is necessary for the execution of the contract with you, the transfer on the basis of a balance of interests within the meaning of Art. 6 para. 1 lit. f) GDPR is permissible, we are legally obliged to pass it on or you have given your consent in this respect.

Where will the data be processed?

Your personal data will be processed by us exclusively in data centers of the Federal Republic of Germany and France (providers).

Your rights as "data subject"

You have the right to information about the personal data we process about you. In the case of a request for information that is not made in writing, we ask for your understanding that we may then Request proof from you that you are the person you impersonate.

Furthermore, you have a right to correction or deletion or to restriction of processing, insofar as you are legally entitled to this.

Furthermore, you have a right to object to the processing within the scope of the legal requirements. The same applies to a right to data portability.

In particular, you have a right of objection in accordance with Art. 21 para. 1 and 2 GDPR against the processing of your data in connection with direct advertising, if this is based on a balance of interests.

Right to complain

You have the right to complain about the processing of personal data by us to a supervisory authority for data protection.


Back to overview Back to homepage