Data protection

General information

Thank you for visiting our website and for your interest in our company. We strive to offer you the best possible service; this also includes continuous optimizing of our Internet presence and, especially the protection of your personal data. 

Please find below information about how we handle your personal data in accordance with Art. 13 of the General Data Protection Regulation (“GDPR”).


Responsible for the data collection and processing described below is the company named in the Imprint.

Data security

In order to protect your data from unwanted access as comprehensively as possible, we take technical and organisational measures. We use an encryption procedure on our pages. Your data is transferred from your computer to our server and vice versa via the Internet using TLS encryption. You can recognise this by the fact that the lock symbol is closed in the status bar of your browser and the address line begins with https:// in some browsers.

User data

When you visit our websites, so-called user data is temporarily evaluated on our web server for statistical purposes as a log in order to improve the quality of our websites. This data record consists of

  • the name and address of the requested content,
  • the date and time of the request,
  • the amount of data transferred,
  • the access status (content transferred, content not found),
  • the description of the web browser and operating system used,
  • the referral link, which indicates the page from which you came to ours,
  • the IP address of the requesting computer.

We store the IP address transmitted by your web browser strictly for the purpose of recognising, limiting and eliminating attacks on our websites for a period of seven days. After this period, we delete or anonymise the IP address. The legal basis is Art. 6 para. 1 lit. f DSGVO.

Data transfer to third parties

We transfer your data to service providers who support us in the operation of our websites and the associated processes within the scope of order processing pursuant to Art. 28 DSGVO. Our service providers are strictly bound by instructions and contractually obligated to us accordingly.

We may transfer personal data collected as part of the contractual relationship in connection with the sending and receiving of payments to Treasury Intelligence Solutions GmbH, Langer Anger 7, 69115 Heidelberg (TIS). Legal basis for the transfer is article 6 para 1 lit. b and article 6 para 1 lit. f GDPR.. The data exchange with TIS also serves to fulfill regulatory obligations from the SWIFT agreement, it may involve a transfer of data to the USA. TIS processes the data received and uses it for the purpose of providing Payee Community Screening to detect fraudulent Payees before the payment is executed (fraud prevention). Further information relating to the activities TIS can be found online Privacy Policy - TIS (

In the context of know your customer checks in pre-contractual relationships as well as contractual relationships, we transmit personal data to Diligent Corporation, 1111 19th Street NW, 9th Floor, Washington DC 20036, USA (Diligent)). Legal basis for the transfer is article 6 para 1 lit. c, article 6 para 1 lit. e or article 6 para 1 lit. f GDPR. The data exchange with Diligent also serves to fulfill regulatory obligations (Money Laundering Prevention) , it may involve a transfer of data to the USA or other jurisdictions. Further information relating to the activities Diligent can be found online

Data transfer to third countries

If we transfer personal data to a third country outside the EU, we will ensure an adequate level of data protection.

Your rights as a user

You, as the data subject, have the right to information under Article 15 of the GDPR, the right to rectification under Article 16 of the GDPR, the right to erasure under Article 17 of the GDPR, the right to restriction of processing under Article 18 of the GDPR, the right to object under Article 21 of the GDPR and the right to data portability under Article 20 of the GDPR. With regard to the right to information and the right to erasure, the restrictions pursuant to Sections 34 and 35 BDSG apply. In addition, there is a right of appeal to a competent data protection supervisory authority (Article 77 DSGVO in conjunction with Section 19 BDSG).

Right of objection (Art. 21 DS-GVO)

If data is collected on the basis of Art. 6 (1) (f) (data processing to protect legitimate interests), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are demonstrably compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.

Right to complain to a supervisory authority

Pursuant to Art. 77 DSGVO, you have the right to lodge a complaint with a supervisory authority if you are of the opinion that the processing of data concerning you violates data protection provisions. The right of complaint may in particular be asserted before a supervisory authority in the Member State of your residence, your place of work or the place of the alleged infringement.

Contact details of the data protection officer

Our company data protection officer will be happy to provide you with information or suggestions on the subject of data protection under the following contact details:

Use of cookies

We occasionally use cookies on our websites to provide you with an optimal and user-friendly visit. Cookies are small text files that are stored on your terminal device and can be read. A distinction is made between session cookies, which are deleted again as soon as you close your browser, and permanent cookies, which are stored beyond the individual session. Cookies can contain data that make it possible to recognise the device used. In some cases, however, cookies also contain information on certain settings that cannot be related to a person.

We use both session cookies and permanent cookies on our websites.

These cookies do not contain personal data, nor do we combine them with other data to identify you personally. Furthermore, we do not use any analysis tool.

The processing is based on Art. 6 para. 1 p.1 lit. f DSGVO.

You can set your browser to inform you about the placement of cookies. This makes the use of cookies transparent for you. You can also delete cookies at any time via the corresponding browser setting and prevent the setting of new cookies. Please note that our websites may then not be displayed optimally and some functions may no longer be technically available.

Online applications

We process your personal data in accordance with the applicable data protection regulations on the basis of Section 26 BDSG. We process the data that you disclose to us as part of your online application solely for the purpose of selecting applicants. Data processing for other purposes does not take place.

You yourself determine the scope of the data you wish to transmit to us as part of your online application. Online applications are transmitted electronically to our personnel department and processed there as quickly as possible. The transmission is encrypted. As a rule, applications are forwarded to the heads of the relevant departments in our company. Your data will not be passed on beyond this. Your details will be treated confidentially in our company. If your application is unsuccessful, your documents will be deleted after 6 months.

In the event that we may also consider your application for other or future job advertisements, please make a note of this on the application. We will then process your data on the basis of your consent in accordance with Art. 6 Para. 1 lit. a DSGVO. In this case, your application will be deleted after two years.

© 02/2021 Petronord GmbH & Co. KG