Information according to Art. 13 GDPR for business contacts

The protection of your privacy throughout the course of processing personal data as well as the security of all business data is an important concern to us. We process personal data confidentially and only in accordance with statutory regulations.

Data protection and information security are included in our corporate policy.

  1. Principles

    Personal data consists of all information related to an identified or identifiable natural person, this includes, e.g. names, addresses, phone numbers, email addresses, contractual master data, contract accounting and payment data, which is an expression of a person's identity.

    We process personal data only when there is either a statutory legal basis to do so.

  2. Controller

    Controller for the processing of your personal data is eAx solutions GmbH (we).
    Our contact information is:
    eAx solutions GmbH, Kruppstraße 20, 70469 Stuttgart

  3. Processed data categories

    The following data categories will be processed by us:

    • Communication data (e.g.name, phone, e-Mail, address)
    • Business card details (e.g.name, jobtitel)
    • Measurement and test data of vehicles and components, if these allow conclusions about your person or your behaviour (e.g., driving profiles)
    • Other information required to execute our contractual relationship or a project with you respectively your company (eg feedback, payment data, order data, analysis of customer relationship, log data generated during the use of our IT systems)
    • Personal data collected from publicly available sources, information databases or credit reference agencies
    • Date of birth, identification and identification numbers, information on relevant legal proceedings and other litigation involving business partners
  4. Processing purposes and legal basis

    We as well as the service providers commissioned by us process your personal data for the following processing purposes:

    • Initiation and performance of a contract with our contractual partners. The legal basis for the processing of your personal data is our legitimate interest. Should the contractual partner be a natural person in individual cases, the legal basis is the fulfilment of the contract with the data subject.
    • Support our contractual partners and potential contractual partners. The legal basis for the processing is our legitimate interest. Should the contractual partner be a natural person in individual cases, the legal basis is the fulfilment of the contract with the data subject.
    • Analysis of measurement/testing data for product development and product improvement. The legal basis for the processing is our legitimate interest.
    • Internal efficient coordination, analysis of the purchasing behaviour of potential customers and management of contractual relationships. The legal basis for this processing is our legitimate interest.
    • Uniform maintenance of customer data. The legal basis for this processing is our legitimate interest (e.g., customer management system).
    • Fulfilment of proof obligations respectively. Information obligations over and above. Authorities (e.g., tax office, public prosecutor’s office). Legal basis for this processing are legal obligations.
    • Safeguarding and defending our rights. The legal basis for this processing is our legitimate interest.
    • Receivables management including credit checks. The legal basis for this processing is our legitimate interest.
    • Marketing (e.g., information on products, trade fair invitations, etc.). The legal basis for this processing is our legitimate interest or, where necessary, your consent.
    • For transmission to relevant internal departments or departments, external companies and companies of the Bosch Group that are used to fulfil the above-mentioned processing purposes. The legal basis for the processing is our legitimate interest. Should the contractual partner be a natural person in individual cases, the legal basis is the fulfilment of the contract with the data subject.
    • To fulfil existing obligations to audit our business partners and potential business partners for integrity concerns for possible integrity concerns, i.e., to prevent economic crime and/or money laundering
  5. Bosch’s legitimate interest

    The legal basis for processing is to a large extent the legitimate interest, Article 6 paragraph 1 lit f DSGMO. Our legitimate interests are:

    • Sales and processing of products
    • Support for existing and potential customers
    • Recruiting new customers
    • Efficient internal administration
    • Receivables management
    • Assertion and defence of our rights
    • Direct marketing, as long as this is done in accordance with data protection law and competition law, and as long as we have a legitimate interest in
    • Protection against loss of receivables or efficient receivable management.
    • Provision of compliance obligations
  6. Transfer of data to other controllers

    In principle, we will only transfer your personal data to other controllers if this is necessary for the fulfilment of the contract: we or the third party have a legitimate interest in the disclosure or your consent is available, details of the legal bases and beneficiaries; and, the categories of recipients can be found in the sections on processing purposes and legal bases". In addition, data can be transmitted to other data controllers, provided that we are governed by statutory provisions or by enforceable official regulations or regulations, should be required to do so by a court order.

  7. Use of processors

    We commission external processors, for example, to provide the following services in the areas of:

    • IT
    • Credit and receivables management
    • Marketing (e.g., surveys, analyses)
    • Customer support (e.g., call centres)
    • Product improvement (e.g., product analysis)

    All processors are required by us to maintain confidentiality and comply with the legal requirements. Other companies in the Bosch Group may also be processors.

  8. Transfer to recipients outside the EEA

    We may also share personal data with recipients located outside the EEA in so-called third countries. In this case, we will ensure that the recipient either has an adequate level of data protection or that he or she has your consent to the transfer.

    You can obtain from us an overview of the recipients in third countries and a copy of the specifically agreed rules to ensure the appropriate level of data protection. Please use the above contact details.

  9. Receivables management

    We reserve the right to have claims collected by external service providers.

    In addition, we have a legitimate interest in disposing of claims to third parties and, in this context, in transmitting to the respective buyer of the claim the data necessary for the collection of claims. In the event of receivables being collected, buyers of receivables shall act in their own name and process the transmitted data on their own responsibility. The data protection terms of the respective receivable buyer apply in this respect.

  10. Credit quality checks

    We have a legitimate interest in performing the credit quality checks described in this section in order to protect against loss of claims. We may commission companies which, on the basis of mathematical and statistical procedures, assess the risk of default and, within the limits of the law, provide information on the probability of a Deliver default of payment. Address data may also be used for the assessment, but not exclusively.

    If the result of a credit assessment does not meet our requirements, we reserve the right to demand a secure method of payment (such as credit card) or to refuse to conclude the contract.

    The credit assessment is an automated decision-making process. If you do not agree with the result, you can give us your opinion in writing so that we can review our decision by an official. You also have a right of access to the relevant service provider for the main reasons for the decision.

  11. Duration of storage, retention periods

    As a matter of principle, we will delete your personal data if there is no longer any processing purpose or legal basis for the processing, or if we are obliged to delete it on the basis of legal requirements. Please note that we may not delete personal data if we need them to fulfil a legal obligation (for example, due to tax and commercial retention periods, we are obliged to keep documents such as contracts and invoices for a certain period of time).

  12. Rights of interest

    Please use our online tool at https://www.bkms-system.net/bosch-datenschutz.

    Please make  that we are able to identify you beyond any doubt. You can also cosurentact the Data Protection Officer at the contact details below.

    1. Right of information and access:

      You have the right to receive information about the processing of your data from us. To this end, you can assert a right of access to the personal data we process from you.

    2. Right of rectification and erasure:

      You can ask us to correct incorrect data and to the extent that the legal requirements are met – to complete or delete your data.

    3. Restriction of processing:

      You may require us to limit the processing of your data to the extent that the legal requirements are fulfilled.

    4. Data Portal Stability:

      You also have the right to receive or to receive data that you have provided in a structured, common and machine-readable format. -to require, where technically feasible - that the data be transmitted to a third party.

    5. Opposition to data processing in the legal basis of legitimate interest":

      You also have the right to object to the processing of data by us at any time, insofar as this is based on the legal basis of legitimate interest. We will then discontinue processing of your data unless we can prove - in accordance with the legal requirements - compelling reasons worthy of protection for further processing which outweigh your rights

    6. Withdrawal of consent

      If you have given us your consent to the processing of your data, you can revoke it at any time with effect for the future. The lawfulness of the processing of your data until the call is reversed remains unaffected.

    7. Data Protection Officer:

      You can contact our Data Protection Officer at any time at:
      Data Protection Officer (C/ISP)
      Postfach 30 02 20
      70442 Stuttgart, Germany
      dpo@bosch.com

  13. Right of appeal to the supervisory authority:

    You have the right to lodge a complaint with a data protection authority. For this purpose, you can contact the Data Protection Authority, which is responsible for your place of residence or. Your federal state is responsible or to the data protection authority responsible for us. This one is:

    The State Commissioner for Data Protection and Freedom of Information for Baden-Württemberg

    Address of the letter:
    Königstrasse 10a
    70173 Stuttgart
    GERMANY

    Postal address:
    PO-Fach 10 29 32
    70025 Stuttgart
    GERMANY

    Tel.: 0711/615541-0
    FAX: 0711/615541-15
    E-mail: poststelle@lfdi.bwl.de

  14. Stand

    We reserve the right to adapt these information requirements to technical or legal developments, if necessary.

    These privacy statements are as follows: 24.11.2023