Data Protection Declaration

Information on data collection in accordance with Article 13 ff GDPR

The following details advise you on the processing of your personal data by SYNAXON UK in relation with existing or future contractual relationships as well as all your entitled rights.
Details on which data is processed and how it is used predominantly depend on the services agreed with yourself and therefore differ from case to case. Specifics therefore result from the respective agreements as well as the underlying terms and conditions.
Please pass this information on to whom this may regard in your company, as well as current and future authorised representatives.

1. Responsible for data processing

Person responsible within the meaning of the General Data Protection Regulation (EU GDPR) and the UK General Data Protection Regualtion (as defined in section 3(10) (as supplemented by section 205(4)) of the Data Protection Act 2018) (UK GDPR), (together the GDPR) is
SYNAXON UK Ltd, Xpdia Building, Cinnamon Park, Crab Lane, Warrington, WA2 0XP, Phone: +44 (0) 300 304 7844, e-mail: accountmanagers@synaxon.co.uk

2. Contact data of the data protection officer

You can contact our data protection officer as follows:
  • via mail: SYNAXON UK Ltd, Xpdia Building, Cinnamon Park, Crab Lane, Warrington, WA2 0XP
  • via e-mail: accountmanagers@synaxon.co.uk

3. Categories of personal data

We process all personal data that we receive in connection with the initiation of a contract (e.g. enquiry, telephone or e-mail contact, preparation of an offer, booking of an event) or from the contractual relationship with you.

The data is received either directly from yourself or from publicly accessible sources (e.g. commercial register) or they are collected and processed in accordance with legal regulations.

In particular, the following data or categories of data are processed:

  • Master data, such as name, surname, company address, associated company, function, date of birth if applicable
  • Contact details, such as e-mail address, telephone number (landline and/or mobile phone)
  • Names, e-mail addresses, telephone numbers and other (contact) data of the respective contact persons or your employees
  • Contract data, such as customer number, bank details, tax number/VAT no
  • credit rating data
  • Payment data and billing information
  • Usage data and protocols
  • Correspondence data (e.g. correspondence with you), including e-mails that arise when you contact us via procurement platforms
  • When calling us, we record the call time, number calling, number called and duration of the call
  • Advertising and sales data
  • turnover data (type and quantity of products purchased in a relevant period)
  • Quote data, data on project enquiries and order transactions
  • Photos provided by you or taken at events of which you are a participant/visitor
  • personal data which we may legitimately process from publicly accessible sources (e.g. commercial register, data from credit rating agencies)
  • End customer data, if required for ordering licenses or requesting special bid prices
  • and other data similar to those categories.
Beyond the data above, we also process personal data produced whilst using telemedia offered by us (e.g. point of time when entering our websites, apps or newsletters, clicked pages, entries, etc.) Find further information on these data processes and your data protection claims and rights in our data protection declarations on the respective websites.

4. Purpose of data processing and its legal basis

To execute contracts

We process your data to initiate and implement our contractual relationship with you.
The processing is carried out, amongst other things, for order processing, for invoice and credit notes preparation, for the administration and processing of contracts, administration and enforcement of claims and in the interest of comprehensive customer service.
The specific purposes of data processing depend primarily on the respective contract. Further details on the purpose of data processing can be found in the relevant contractual documents as well as the terms and conditions. The legal basis for this data processing is Article 6(1) (b) GDPR.

To fulfil legal obligations

In addition, we process your data to fulfil legal obligations we are subject to. These include in particular tax and commercial law storage regulations, obligations in connection with legal accounting or regulations regarding risk assessment, fraud and money laundering prevention. The legal basis for this data processing is Article 6(1) (c) GDPR.

To protect legitimate interests

We process personal data to protect the legitimate interests of ourselves or third parties, unless these collide with the interests or fundamental rights and freedoms of the data subject, as this personal data requires to be protected.
Our legitimate interests include in particular
  • Optimization of methods for needs assessments in regards to direct customer approach
  • Distribution analysis and sales management
  • Assessment of the economic viability of business relationships
  • Measures for business management and development of services and products
  • Data exchange with credit rating agencies to determine credit and default risks
  • advertising activities or market and opinion research, if the data usage has not been objected
  • Security precautions to guarantee IT operations and IT security

The legal basis for this data processing is Article 6 (1) (f) GDPR.

On the basis of your consent

If you have given us your consent to process your personal data for certain purposes (e.g. receipt of a newsletter), the respective consent pursuant to Article 6 (1) (a) GDPR is the legal basis for data processing. You can revoke your consent to data processing at any time without affecting the legality of the processing carried out on the basis of the consent until revocation.

5. Passing on of data to third parties

Your data will only be passed on to third parties outside the SYNAXON group if you have given your expressed prior consent to this, if we are obliged to do so on the basis of statutory regulations or if there is a statutory right of transfer (see below).
Within the SYNAXON group your data will be passed on, among other things, for the implementation or initiation of the business relationship with yourself. For this purpose, your personal data is stored in our central databases for group-internal invoicing and accounting purposes as well as for customer care / support.
Your personal data will be passed on to third parties if necessary according to Article 6 (1) (b) GDPR to execute the contractual relationship with you. This includes passing data on to our affiliated service providers and distributors so that you can be identified as a SYNAXON contractual partner when placing your orders there, as well as passing on your name and company to lecturers if you have booked a seminar.
Before being accepted into one of our co-operations as well as in individual cases of initial payments to SYNAXON Projekt und Handels GmbH, we transmit your name, the name of your company and your contact data to Experian for the purpose of checking the creditworthiness of your company, from whom we receive the necessary data.
To fulfil our tasks and to fulfil the contract (e.g. to send newsletters) we use external service providers and contractors who have access to your data to the required extent and who may only use the data for the fulfilment of the orders placed. The contractors are carefully selected and contractually bound by Article 28 GDPR.

6. Transfer of personal data to third parties

We only use your personal data for the purpose for which you have given us your data.
Insofar as external service providers are used by us as part of the provision of services, their access to the data is also solely for the purpose of providing services. Through technical and organizational measures, we ensure compliance with data protection regulations and also commit our external service providers to this.
In addition, we will not share your information with third parties without your express consent. A transfer of your personal data takes place only, if you have consented to the data transfer, or if we are entitled or obliged by law, or by a decision of the authorities or court. In particular, this may be dissemination for law enforcement, security, or intellectual property rights enforcement purposes.

7. Storage duration

The duration of the storage of personal data is determined by the respective legal retention period. After the deadline, the corresponding data is routinely deleted, if it is no longer required for contract fulfillment or contract initiation and / or we have no legitimate interest in the re-storage.
If data is to be deleted due to the exercise of intervention rights (for example in the case of the assertion of a cancellation claim or the revocation of a consent), the corresponding data will be deleted immediately.

8. Obligation to provide personal data

As part of our business relationship, you are generally only required to provide the personal data required to establish, execute and terminate the respective business relationship. When not required the conclusion of the contract, your participation at an event or the processing of your request will not be possible; as a rule, we will no longer be able to execute on an existing contract and may have to terminate it. Other than this, the provision of personal data is not prescribed by law.

9. Automated decision making for individual cases, profiling

We do not use automated decision making according to Article 22 GDPR, including profiling.

10. Your rights as a data subject

The applicable data protection law grants you various rights regarding the processing of your personal data. You have
  • the right of access under Article 15 GDPR,
  • the right to rectification under Article 16 GDPR,
  • the right to erasure under Article 17 GDPR,
  • the right to restriction on processing under Article 18 GDPR,
  • notification obligation regarding rectification or erasure of personal data or restriction of processing under Article 19 GDPR,
  • the right to object under Article 21 GDPR (see below) as well as
  • the right to data portability under Article 20 GDPR
  • the right to lodge a complaint with the Commissioner under Article 77 GDPR

Right to withdraw consent

You have the right to withdraw your consent to the processing of personal data at any time with future effect. In the case of withdrawal, we will delete the data concerned immediately, as far as further processing can not be based on a legal basis for consentless processing. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until revocation.

11. Separate reference to your right of objection

If we process your personal data as part of a balance of interests based on our overriding interest, you have the right at any time, for reasons that arise from your particular situation, to file an objection against this processing with effect for the future.
If you exercise your right of objection, we will cease processing the data concerned unless we can demonstrate compelling legitimate reasons for the processing which outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims.
If personal data is processed by us in order to operate direct mail, you have the right to object at any time the processing of personal data concerning you for the purpose of such advertising. If you exercise your right of objection, we will stop the processing of the relevant data for advertising purposes.
If you wish to assert the above rights, your contact person in all these cases is our data protection officer, whose contact details can be found above.