PUBLIC CODE OF PROCEDURES.
The Federal Data Protection Act (BDSG) stipulates in § 4 g that the data protection officer shall make the following data available to anyone in a suitable manner in accordance with § 4 e:
1. Name of responsible entity:
All4Labels Smart + Secure GmbH
Hamburger Straße 82
22946 Trittau (Germany)
Telefon: +49 (0)4104 – 693 250
Telefax: +49 (0)4104 / 2340
2. Management:
Nicolas Günther, Bram D’hondt
3. Purpose of data collection, processing or utilisation:
Production, distribution and sales of all types of self-adhesive labels and all related secondary businesses. Secondary purposes are accompanying and supporting functions such as personnel-, supplier-and service provider administration. Video surveillance is used solely for the collection of evidence in case of vandalism, invasion or other criminal offences. Implementation of data storage and -processing of personal data is taking place for own purposes as well as on behalf of our subsidiaries according to the service agreements within the group.
4. Description of the group of persons involved and the related data or data categories:
Personal data respectively data categories for the following groups -as explained below- are collected, processed and used in order to fulfil the purposes mentioned under point 3:
Customers: address data, including phone, fax, e-mail data, information and bank details.
Prospective buyers: address data, phone extension, quotation data.
Job candidates: primarily application data, information about professional careers, education, qualifications and criminal records (if these exist).
Employees, trainees, interns, retirees, former employees and dependants: contract-, master- and billing data, information on home address, business address, area of operation, salary payments, name and age of relatives as far as relevant for company benefits, data about income tax, bank details and entrusted objects of value.
5. Recipients, or categories of recipients of data:
Public authorities who receive data in compliance with statutory requirements (e.g. social security funds, financial authorities, supervisory authorites). Internal members, being part of the applicable business process (primarily human resources, bookkeeping, accounting, purchase, administration, sales, telecommunication and EDP). External institutions, such as banks/credit institutes for salary payment, building associations and others (for the purpose of capital accumulation benefits), companies -provided that the person concerned gave his written consent- or data transfer is permitted by predominantly legitimate interes.
6. Statutory deadlines for the deletion of data:
The legislator has enacted many storage obligations and time limits. On expiry of these deadlines the corresponding data is routinely deleted unless it is needed to fulfil a contract. Thus, commercial or financial data of the past fiscal year is deleted after ten more years corresponding to legal regulations, unless a longer storage of data is stipulated or necessary for legitimate reasons. Shorter time limits for data deletion are used in special fields (e.g. field of personnel administration, as for example, rejected applications or warnings). If data is not covered by those regulations, it will be deleted when the objectives mentioned in section 4 are no longer valid.
7. Planned transfer of data to third countries:
Data transfer to third countries is only relevant in the context of contract fulfilment, necessary communication or explicitely provided exemptions according to the BDSG. In some cases data is transferred to our subsidiary in China: Novatron Electronics (Hangzhou) Co.,Ltd. 27,Futai Rd.,Industrial Park, Zhongtai Country, Yuhang Distr, Hangzhou. P.R.China