1. A Glance to Data Protection
General Instructions
The following texts provide a general overview of how your personal data is handled when you visit our website. “Personal data” refers to any information that can be used to identify you individually. For more detailed information on data protection, please refer to our data protection statement below.
Data collection in this website.
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. Their contact details can be found in the “Legal Notice” section of this website.
How do we collect data?
On the one hand, your data is collected when you provide it to us. This may be data that you enter in a contact form, for example. Other data is collected automatically or with your consent by our computer systems when you visit the website.
This is mainly technical data (e.g., Internet browser, operating system, or time of visit to the page). This data is collected automatically as soon as you enter this website.
What we use your data for?
Some of the data is collected to ensure the proper functioning of the website. Other data may be used to analyze your behavior as a user.
What rights do you have regarding your data?
You have the right to receive information free of charge about the origin, recipient, and purpose of your stored personal data at any time. You also have the right to correct or delete this data. If you have given your consent to data processing, you can revoke this consent for the future at any time. Furthermore, you have the right to demand, under certain circumstances, the restriction of the processing of your personal data. You also have the right to lodge a complaint with the competent supervisory authority. You can contact us at any time at the address given in the “Legal Notice” for this and other questions on the subject of data protection.
Analytics tools and third-party tools
When you visit this website, your browsing behavior may be statistically evaluated. This is primarily done using so-called analysis programs. You will find detailed information about these analysis programs in the following data protection declaration.
2. Hosting networks
External Hosting
This website is hosted by an external service provider (hoster). Personal data collected on this website is stored on the hoster's servers. This may include IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses, and other data generated by a website. The hoster is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. a of the General Data Protection Regulation, hereinafter GDPR) and in the interest of a secure, fast, and efficient provision of our online product range by a professional provider (Art. 6 para. 1 lit. a of the GDPR). Our host will only process your data to the extent necessary to fulfill its performance obligations and will follow our instructions regarding this data.
Definition of a contract for order processing
In order to ensure data protection-compliant processing, we have defined an order processing agreement with our host. The host we work with is as follows:
IDNT Europe GmbH
Frankfurter Str. 57
35440 Linden
Hessen
Alemania
Teléfono: +49 (6403) 9526-0
Fax: +49 (6403) 9526-503
Website: www.idnt.net
E-mail: welcome@idnt.net
Definition of a contract for order processing
In order to ensure data protection-compliant processing, we have defined an order processing contract with our host.
3. General remarks / Mandatory information
Data Protection
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration. When you use this website, various personal data is collected. Personal data is data with which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose we do this.
We would like to point out that data transmission over the Internet (e.g., communication by email) can have security gaps. Complete protection of data against access by third parties is not possible.
Note on the responsible entity
The entity responsible for data processing on this website is:
Bender México
Avenida Santa Fe
number 170
interior 6-2-24N
Colonia Santa Fe
Delegación Álvaro
Obregón
Mexico City(Ciudad de Mexico) 01210
Mexico
Phone Number: +52 55 7916 2799
E-mail: info@bender.com.mx
The responsible entity is the natural or legal person who, alone or jointly with others, decides the purposes and means of processing personal data (e.g., names, email addresses, etc.).
Data Storage Period
Unless a more specific storage period has been specified in this Privacy Policy, your personal data will remain with us until the purpose of the data processing no longer applies. If you submit a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible grounds for retaining your personal data (e.g., retention periods under tax or commercial law). In such cases, the data will be deleted once these grounds no longer apply.
General Information on the Legal Basis for Data Processing on This Website
The processing of personal data is carried out in strict compliance with the Federal Law on the Protection of Personal Data Held by Private Parties (LFPDPPP), its Regulations, and the Privacy Notice Guidelines issued by the competent authority. In particular, Article 15 of the LFPDPPP establishes the obligation to provide data subjects with a Privacy Notice prior to the collection of data, while Article 16 specifies the minimum content that such notice must include, such as the identity of the data controller, the purposes of the processing, and the means to exercise ARCO rights. Article 36 regulates the transfer of personal data, specifying the cases in which explicit consent of the data subject is required, especially when data is transferred to third parties or to countries with inadequate protection levels, and Article 63 establishes the sanctions applicable for the improper or unauthorized use of personal data. The Regulations of the LFPDPPP, in Articles 23 to 26, elaborate on the requirements for the different types of Privacy Notices, while Article 68 sets out the technical, physical, and administrative security measures that data controllers must implement to safeguard personal data. Furthermore, Articles 73 and 74 of the Regulations require data controllers to notify both the authority and the affected data subjects in the event of a security breach. Finally, pursuant to the reform published in 2024, the Secretariat of Anti-Corruption and Good Governance (SABG) replaced the former INAI and is now the authority responsible for ensuring the protection of personal data in Mexico. In the event of a security breach, and in accordance with Article 74 of the Regulations, Bender México Soluciones Eléctricas, S. de R.L. de C.V. will notify the SABG within a maximum period of 72 hours and will also promptly inform the affected data subjects, including possible consequences and the corrective measures adopted.
Data Protection Officer (DPO)
We have appointed a Data Protection Officer (DPO) for our company.
Héctor Aguilar Robles
Industrial Sales
Legal Representative.
Santa Fe Avenue, Number 170,
Interior 6-4-22N, Colonia Santa Fe,
Álvaro Obregón, CDMX, C.P. 01210
hector.aguilar@bender.com.mx
+52 56 4001 9274
The data controller is the natural or legal person who, alone or jointly with others, determines the purposes and means of processing personal data (e.g., names, email addresses, etc.).
Note on data transfer to the US
Among other things, we use tools from companies based in the US or other third countries that are not protected by data protection law. If these tools are active, your personal data may be transferred to these third countries and processed there. We would like to point out that a level of data protection comparable to that in the EU cannot be guaranteed in these countries.
For example, US companies are required to hand over personal data to security authorities without you, as the data subject, being able to take legal action against this. Therefore, it cannot be ruled out that US authorities (e.g., intelligence services) may process, evaluate, and permanently store your data located on US servers for surveillance purposes. We have no influence over these processing activities.
Withdrawal of your consent to data processing
Many data processing operations are only possible with your express consent. You may revoke any consent already given at any time. The legality of the data processing carried out up to the point of revocation remains unaffected by this.
Right to object to data collection in special cases and to direct marketing (Articles 6 and 8 LFDPPP)
If your personal data is processed for specific purposes that may directly affect you, you have the right to object to the processing of your personal data at any time, in accordance with Articles 6 and 8 of the Federal Law on Protection of Personal Data Held by Private Parties (LFPDPPP), provided that there are legitimate reasons related to your particular situation. If you exercise this right, we will stop processing your personal data, unless we can demonstrate that there are legitimate reasons that prevail over your interests, rights, and freedoms, or that the processing is necessary for the exercise or defense of a legal claim. Likewise, if your personal data is processed for direct marketing purposes, you may object to such processing at any time, including the creation of marketing-related profiles. If you exercise this right, your personal data will no longer be used for advertising or promotional purposes.
Right of appeal to the competent supervisory authority
In the event of legal violations relating to data protection, the affected person has the right to appeal to the competent supervisory authority, which in the case of Mexico is the Secretariat for Anti-Corruption and Good Governance, through the unit known as Transparency for the People, referred to in the Federal Law on Transparency and Access to Public Government Information, and ancillary agencies that process related procedures.
Right to Data Portability
You have the right to receive the data we process automatically on the basis of your consent or in fulfillment of a contract, either to yourself or to a third party, in a common, machine-readable format. If you request the direct transfer of the data to another data controller, this will only be carried out to the extent technically feasible.
Information, Deletion, and Modification
Within the framework of the applicable legal provisions, you have the right to obtain, at any time and free of charge, information about your stored personal data, its origin, recipients, and the purpose of data processing, as well as, where applicable, the right to correct or delete such data. In this regard, and for any additional questions concerning personal data, you may contact us at any time at the address provided in the “Legal Notice” of this website.
Right to Restrict Processing
You have the right to request the restriction of the processing of your personal data. To do so, you may contact us at any time using the address provided in the imprint. The right to restrict processing applies in the following cases:
• If you dispute the accuracy of your personal data stored with us, we usually need time to verify it. During this verification period, you have the right to request the restriction of the processing of your personal data.
• If the processing of your personal data was/is unlawful, you may request the restriction of processing instead of deletion.
• If we no longer need your personal data, but you require it to exercise, defend, or assert your legal rights, you have the right to request the restriction of processing of your personal data instead of its deletion.
• If you have raised an objection in accordance with the Federal Law on the Protection of Personal Data Held by Private Parties, a balance must be struck between your interests and ours. As long as it is not clear which interests prevail, you have the right to request the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, such data—apart from storage—may only be processed with your consent, or for the purpose of asserting, exercising, or defending legal claims, protecting the rights of another natural or legal person, or for reasons of an important public interest of the European Union or a Member State.
SSL or TLS Encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries you send to us as the site operator. You can recognize an encrypted connection by the fact that the browser address line changes from "http://" to "https://" and by the padlock symbol in the browser line. When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Objection to Advertising Emails
We object to the use of contact data published by obligation in the “Legal Notice” of this website for sending unsolicited advertising and informational materials. The site operators expressly reserve the right to take legal action in the event of unsolicited advertising, for example, via spam emails.
4. Data Collection on This Website (II, 3 XVIII, 6, 9, 12, 14)
Cookies
Our websites use so-called “cookies.” Cookies are small data packages that do not harm your device. They are stored temporarily during a session (session cookies) or permanently (persistent cookies) on your device. Session cookies are automatically deleted at the end of your visit. Persistent cookies remain stored on your device until you delete them or until your browser deletes them automatically. Cookies may originate from us (first-party cookies) or from third parties (third-party cookies). Third-party cookies enable the integration of certain services from third parties on the websites (e.g., cookies for processing payment services). Cookies serve various functions. Many cookies are technically necessary because certain website functions would not work without them (e.g., shopping cart functionality or video display). Other cookies may be used to evaluate user behavior or for advertising purposes. Cookies that are necessary to carry out electronic communication processes, provide certain functions you have requested (e.g., shopping cart functionality), or optimize the website (e.g., cookies for measuring website audience) (necessary cookies) are stored based on Articles 2 Section II, 3 Section XVIII, 6, 9, 12, and 14 of the Federal Law on the Protection of Personal Data Held by Private Parties (LFPDPPP), unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies to provide technically error-free and optimized services.
If consent has been requested for the storage of cookies and comparable recognition technologies, processing is carried out exclusively on the basis of this consent (Articles 9 and 10 LFPDPPP); consent can be revoked at any time. You can configure your browser to notify you about cookie installation and only allow cookies in individual cases, to block cookies for certain situations or in general, and to enable automatic deletion of cookies when closing the browser. If you disable cookies, the functionality of this website may be limited. You can check which cookies and services are used on this website in this privacy statement.
Server Log Files
The website provider automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These include:
• Type and version of browser
• Operating system used
• Referrer URL
• Host name of the accessing computer
• Time of the server request
• IP address
These data are not combined with other sources of data. The website operator has a legitimate interest in the technically error-free presentation and optimization of the website – for this purpose, server log files must be recorded.
Contact Form
If you send us inquiries via the contact form, the data from your inquiry form, including any contact details you provide, will be stored by us for the purpose of processing the inquiry and for any follow-up questions. We do not transmit this data without your consent. The processing of this data is based on Articles 7 and 9 of the LFPDPPP if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the efficient handling of inquiries directed to us or on your consent if such consent has been requested; consent can be revoked at any time. The data you enter in the contact form will remain with us until you request its deletion, revoke your consent for its storage, or the purpose for which it was stored no longer applies (e.g., after we have finished processing your inquiry). Mandatory legal provisions, in particular retention periods, are not affected.
Inquiries via Email, Telephone, or Fax
If you contact us by email, telephone, or fax, your inquiry, including all resulting personal data (name, inquiry), will be stored and processed by us for the purpose of handling your request. We do not transmit this data without your consent. The data you send us through contact requests will remain with us until you request its deletion, revoke your consent for its storage, or the purpose for storing the data no longer applies (e.g., after your request has been processed). Mandatory legal provisions, in particular statutory retention periods, are not affected.
Salesforce Sales Cloud
We use Salesforce Sales Cloud to manage customer data. The provider is salesforce.com Germany GmbH, Erika-Mann�Str. 31, 80636 Munich (hereinafter, "Salesforce"). Salesforce Sales Cloud is a CRM system that allows us, among other things, to manage existing and potential customers, customer contacts, and to organize sales and communication processes. Using the CRM system also enables us to analyze our customer-related processes. Customer data is stored on Salesforce’s servers. In the process, personal data may also be transferred to the parent company of salesforce.com Germany GmbH, salesforce.com, inc., Salesforce Tower, 415 Mission Street, San Francisco, CA 94105, USA. Detailed information on the functions of Salesforce Sales Cloud can be found here:
https://www.salesforce.com/de/products/sales-cloud/overview/.
The use of Salesforce Sales Cloud is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in managing customers and communicating with them as efficiently as possible. To the extent that corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and Art. 25(1) TTDSG, insofar as the consent includes the storage of cookies or access to information on the user’s terminal device (e.g., device fingerprint) within the meaning of the TTDSG. Consent can be revoked at any time. Salesforce has Binding Corporate Rules (BCRs) that have been approved by the French data protection authority. These are binding corporate rules that legitimize corporate data transfers to third countries outside the EU and EEA. More information can be found here:
https://www.salesforce.com/de/blog/2020/07/die-binding-corporate-rules-von-salesforce-erfuellen-
Job Processing
We have concluded a Data Processing Agreement (DPA) for the use of the aforementioned service. This is a contract required by data protection law, which ensures that personal data of visitors to our website is processed solely in accordance with our instructions and in compliance with the LFPDPPP.
5. Social Media
Our Presence on Social Media
Data Processing by Social Media
We maintain publicly accessible profiles on social media. The social media platforms we use are listed below. Social media platforms such as Facebook, etc., can generally analyze your user behavior extensively when you visit their website or a website with integrated social media content (e.g., "like" buttons or advertising banners). When visiting our social media profiles, numerous data processing operations relevant to data protection are activated. Specifically: If you are logged into your social media account and visit our social media presence, the operator of the social media platform may assign this visit to your user account. However, your personal data may also be collected in certain circumstances if you are not logged in or do not have an account on the respective social media platform. In this case, data collection occurs, for example, through cookies stored on your device or by logging your IP address. Using the data collected in this way, social media platform operators can create user profiles that store your preferences and interests. This allows targeted advertising based on your interests to be displayed both inside and outside the respective social media platforms. As long as you have an account on the respective social media platform, interest-based advertising can be displayed on all devices where you are or have been logged in. Please also note that we cannot track all processing operations on social media platforms. Depending on the provider, social media platform operators may carry out other processing procedures. For more details, please refer to the terms of use and data protection provisions of the respective social media platforms.
Legal Basis
Our presence on social media aims to ensure the most comprehensive possible presence on the Internet. This constitutes a legitimate interest within the meaning of Art. 7 LFPDPPP. Analysis processes initiated by social media platforms may be based on different legal grounds, which must be disclosed by the operators of the social media platforms.
Data Controller and Exercise of Rights
If you visit one of our social media sites (e.g., Facebook), we are jointly responsible with the social media platform operator for the data processing operations triggered during this visit. In principle, you can assert your rights (access, rectification, deletion, restriction of processing, data portability, and complaint) both against us and against the operator of the respective social media platform (e.g., Facebook). Please note that, despite joint responsibility with the operators of social media platforms, we do not have full control over the data processing procedures of these platforms. Our options are largely determined by the corporate policy of the respective provider.
Storage Period
Data collected directly by us through our social media presence will be deleted from our systems as soon as the purpose for which it was stored no longer applies, you request its deletion, revoke your consent for its storage, or the purpose for which it was stored ceases to apply. Stored cookies remain on your device until you delete them. Mandatory legal provisions—particularly retention periods—are not affected. We have no influence over the retention period of your data, which is stored by the social media platform operators for their own purposes. For more information, please contact the social media operators directly (e.g., see their privacy policy, listed below).
Social Media in detail
Facebook
We maintain a profile on Facebook. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. According to Facebook’s statement, the data collected may also be transferred to the USA and other third countries.
You can independently customize your advertising settings in your user account. Click the following link and log in: https://www.facebook.com/settings?tab=ads.
The transfer of data to the USA is based on the Standard Contractual Clauses (SCCs) of the European Commission. More details can be found at: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.
For further information, please refer to Facebook’s privacy policy: https://www.facebook.com/about/privacy/
Instagram
We maintain a profile on Instagram. The provider of this service is Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA.
The transfer of data to the USA is based on the Standard Contractual Clauses (SCCs) of the European Commission. More information can be found at: www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875, and https://de-de.facebook.com/help/566994660333381.
For further details on the processing of your personal data, please refer to Instagram’s Privacy Policy: https://help.instagram.com/519522125107875
LinkedIn
We maintain a profile on LinkedIn. The provider of this service is LinkedIn Ireland Unlimited, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.
If you wish to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
The transfer of data to the USA is based on the Standard Contractual Clauses (SCCs) of the European Commission. Details can be found here: www.linkedin.com/legal/l/dpa and https://www.linkedin.com/legal/l/eu-sccs.
For further details on the processing of your personal data, please refer to LinkedIn’s Privacy Policy: https://www.linkedin.com/legal/privacy-policy.
6. E-commerce and Payment Service Providers
Costumer data treatment and Agreements
We collect, process, and use personal data of customers and contractual parties for the establishment, provision of content, and modification of our contractual relationships. Data referring to the use of this website (usage data) will only be collected, processed, and used if necessary to enable the user to utilize our services or if required for billing purposes. The legal basis for these processes is Art. 12 and related provisions of the LFPDPPP.
Customer data collected will be deleted once the order or business relationship has ended and after the applicable legal retention periods have expired. This is without prejudice to mandatory statutory retention periods.
7. Newsletter and Postal Advertising
Newsletter data
If you wish to receive our newsletter, we require you to provide an email address, as well as information that allows us to verify that you are the owner of the provided email address and that you agree to receive the newsletter. No further data will be collected, or only voluntarily. We use this data exclusively to send the requested information and do not transmit it to third parties. The processing of data entered in the newsletter registration form is based solely on your consent (Art. 9 LFPDPPP). You may revoke your consent for the storage and use of your data, including your email address for sending the newsletter, at any time—for example, by using the "unsubscribe" link in the newsletter. The legality of data processing carried out prior to the revocation is not affected. The data you provide for subscribing to the newsletter will be stored by us or by the newsletter service provider until you unsubscribe, after which it will be removed from the distribution list. Data stored by us for other purposes will not be affected. Once you have been removed from the newsletter distribution list, your email address may be stored by us or by the newsletter service provider in a blacklist to prevent future mailings. Blacklist data will only be used for this purpose and will not be merged with other data. This serves both your interest and our legitimate interest in complying with legal requirements for sending newsletters. Storage in the blacklist is not time-limited. You may object to the storage if your interests outweigh our legitimate interests.
Postal Advertising
We use your address in compliance with all applicable legal provisions for sending postal advertising (mail advertising). The legal basis for this is our legitimate interest in direct advertising, in accordance with Articles 6, 7, and 8 of the LFPDPPP. If the corresponding consent has been obtained, processing is carried out solely on the basis of Article 6 of the Federal Law on the Protection of Personal Data Held by Private Parties; consent may be revoked at any time (Art. 8 LFPDPPP). If necessary, more specific regulations may be communicated to you during the data collection process and shall take precedence over this policy.
Your address will remain with us until the purpose of data processing is no longer applicable. If you submit a legitimate request for deletion or revoke your consent for postal advertising, your data will be deleted unless we have other legally permissible reasons for retaining your personal data (e.g., retention periods under tax or commercial law); in the latter case, deletion will occur once these reasons no longer apply. We use the following service provider to send our postal mailings:
Schottener Soziale Dienste gemeinnützige GmbH, Vogelsbergstraße 212, D-63679 Schotten . Lettershop Markus Müller GmbH & Co.KG, Triftstr. 2, D-35315 Homberg / Ohm JD Druck GmbH, Umgehungsstraße 39, D-36341 Lauterbach Druckhaus Bechstein GmbH, Willy-Bechstein-Strasse 4, D-35576 Wetzlar.
Conclusion of a contract for order processing
We have concluded a contract for order processing with the company we use for sending postal advertising, which ensures that our contractual partner processes your personal data exclusively in accordance with our instructions and in compliance with the GDPR (General Data Protection Regulation).
White papers
On this website, it is possible to download white papers. An email address is required to access the white papers. No other data is collected. The email address is used exclusively to grant access to the download page. Once you enter your email address, you will gain direct access to the white paper. The email address is processed solely based on your consent (Art. 6 and 8 LFPDPPP). You may revoke your consent for the storage and use of your email address (access to the download page) at any time. The legality of data processing carried out prior to the revocation is not affected. The data you provide to access the download page will be stored by us for four weeks or until you unsubscribe, after which it will be deleted. Data stored by us for other purposes will not be affected. Your email address will only be processed internally by Bender and will not be transmitted to other service providers. If you have also given your consent to receive advertising materials, please refer to the information on Bender communications under point 7.
MONITOR
On our website, interested parties can subscribe to our customer magazine, MONITOR. The subscription requires different contact information depending on whether a digital or printed subscription is chosen. The following information is mandatory:
• Requested language for MONITOR (German or English)
• MONITOR format (digital or print version) o Digital: email address o Print: postal address
• Company name
• First and last name
• Country
The contact data provided is required exclusively for sending the MONITOR, and no additional data is collected. The processing of this data is carried out solely based on your consent (Arts. 6 and 8 LFPDPPP). You may revoke this consent at any time, for example, via the "unsubscribe" link in the email. The revocation does not affect the legality of the data processing carried out prior to it.
The data will be stored only for the duration of the subscription and will be deleted afterward, without affecting other data stored for different purposes.The data is processed exclusively within Bender and will not be transmitted to third-party service providers.
Sales Communication
On the website, visitors have the option to contact a member of the Bender sales team. To get in touch, providing an email address is required. No other data is collected. The personal data provided will be used exclusively to allow the Bender sales team member to contact you. Personal data is processed solely based on your consent (Art. 6 and 8 LFPDPPP). You may revoke your consent at any time. The legality of data processing carried out prior to the revocation is not affected. The data you provide will be stored by us for four weeks or until you unsubscribe, after which it will be deleted. Data stored by us for other purposes will not be affected. Your personal data will only be processed internally by Bender and will not be transmitted to other service providers. If you have also given your consent to receive advertising materials, please refer to the information on newsletters and postal advertising.
8. On-demand webinar / expert talk
On our website, data subjects are offered the possibility to participate in on-demand webinars/expert talks. To access the webinars, it is necessary to provide your email address. To access the expert talks, providing your first and last name may also be required. Additionally, you may provide your company name for expert talks, but this is not mandatory. No further data is collected. The email address is used solely to enable your access to our webinars. Once you enter your email address, you will be granted direct access to the webinar/expert talk. To allow continued access without having to log in each time, we also send you a direct link to the webinar. The processing of personal data is based exclusively on your consent (Art. 6(1)(a) of the GDPR). You may revoke your consent for the storage and processing of your personal data, as well as its use (access to the webinar/expert talk and sending of the direct link), at any time, for example via the “unsubscribe” link in the email. The legality of data processing carried out up to that point will not be affected by such revocation. The data you provide to access the webinar/expert talk will be stored for four weeks or until you unsubscribe, after which it will be deleted. Data stored by us for other purposes will not be affected. Your personal data will be processed exclusively within Bender and, as a general rule, will not be transmitted to any service provider. If you have also given your consent to receive advertising materials, please refer to the information on newsletters and postal advertising in Section 7: General Information.
9. Live Webinar
On our website, data subjects are offered the possibility to participate in live webinars. To access the webinar, we require your contact details (first name, last name, and email address; optionally, you may also provide your company name). No additional data is collected. The contact data is used solely to enable your access to the webinar. You will automatically receive a confirmation of your registration, a reminder of the webinar, and a follow-up email with the link to the presentation. Your contact data is processed solely on the basis of your consent (Articles 6 and 8 of the LFPDPPP). You may revoke your consent for the storage and use of your contact data (access to the webinar) at any time. Please note that in this case, you will not be able to participate in the live webinar. The legality of data processing carried out up to that point will not be affected by such revocation.The data you provide to access the webinar will be stored for four weeks or until you unsubscribe, after which it will be deleted. Data stored by us for other purposes will not be affected. Your email address will be processed within Bender and transmitted to GoTo Webinar. We have signed a contract with the GoTo Webinar provider that complies with the GDPR. If you have also given your consent to receive marketing materials, please refer to the information provided in Section 7: Bender Communication.
10. Seminar Registration
On the website, data subjects can register for seminars. For registration, personal data is required (title, first name, last name, company, and email address; optionally, a postal address and a text message may be included). No additional data is collected. Contact data is necessary for seminar registration and also for the preparation and conduct of the seminar, for example, printing identification labels. A confirmation of registration with all the necessary information to attend the seminar will be sent by email. The data provided for registration, as well as any other personal data transmitted in the text message, is processed solely based on your consent (Articles 6 and 8 of the LFPDPPP). You may withdraw your consent to the storage of your personal data at any time. Please note that in this case, you will not be able to participate in the seminar. The legality of data processing carried out up to that point will not be affected by such withdrawal. The data you provide for seminar registration will be stored for 12 months or until you unsubscribe, after which it will be deleted. This does not affect data stored by us for other purposes. Your personal data is processed exclusively within Bender and is not transmitted to third parties.
11. Audio and Video Conferences
Data processing
We use online conferencing tools, among other purposes, for communication with our clients. The tools we use are detailed below. If you communicate with us via videoconference or audioconference over the Internet, your personal data will be collected and processed by both the respective conferencing tool provider and us. The conferencing tools collect all information you provide/access in order to use the tools (email address and/or phone number). In addition, the conferencing tools process the duration of the conference, start and end times of participation, the number of participants, and other “contextual information” related to the communication process (metadata).
Furthermore, the tool provider processes all technical data necessary for conducting the online communication. This includes, in particular, IP addresses, MAC addresses, device identifiers, device type, operating system type and version, client version, type of camera, microphone or speaker, and type of connection. If content is exchanged, uploaded, or made available within the tool, this content will also be stored on the tool provider’s servers. Such content includes, among other things, cloud recordings, chats/instant messages, voice messages, uploaded photos and videos, files, whiteboards, and other information shared during the use of the service.
Purpose and Legal Basis
The conferencing tools are used to communicate with potential or existing contractual partners or to provide certain services to our clients. Additionally, the use of these tools serves to generally simplify and accelerate communication with us or our company. To the extent that consent has been obtained, the tools in question will be used based on this consent; consent may be revoked at any time with effect for the future.
Storage Period
The data collected directly by us through video and conferencing tools will be deleted by our systems as soon as you request their deletion, revoke your consent for storage, or the purpose for which the data was stored is no longer applicable. Stored cookies remain on your end device until you delete them. Mandatory legal retention periods are not affected. We have no influence over the storage period of your data, which is stored by the operators of the conferencing tools for their own purposes. For more details, please contact the operators of the conferencing tools directly.
Conference Tools Used
We use the following conference tools:
Zoom
We use Zoom. The provider of this service is Zoom Communications Inc, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA. For more details on data processing, please refer to the Zoom Privacy Policy: zoom.us/en-us/privacy.html. The transfer of data to the USA is based on the Standard Contractual Clauses (SCCs) of the European Commission. More information can be found here: zoom.us/de-de/privacy.html.
Data Treatment
We have entered into a Data Processing Agreement (DPA) for the use of the aforementioned service. This is a contract required by data privacy laws that ensures they process the personal data of our website visitors solely based on our instructions and in compliance with the GDPR.
Microsoft Teams
We use Microsoft Teams. The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. For more details on data processing, please refer to the Microsoft Teams Privacy Statement: https://privacy.microsoft.com/en-us/privacystatement
Conclusion of a Data Processing Agreement for Order Management
We have concluded a data processing agreement with the provider of Microsoft equipment and fully apply the strict requirements of the German data protection authorities when using Microsoft equipment.
12. In-House Services
Processing of Job Applicants’ Data
We offer you the opportunity to apply for a job with us (e.g., via email, postal mail, or through an online application form). We will inform you about the scope, purpose, and use of your personal data collected during the application process. We assure you that the collection, processing, and use of your data will be carried out in accordance with applicable data protection laws and all other legal requirements, and that your data will be treated with strict confidentiality.
Scope and Purpose of Data Collection
If you submit an application, we process your associated personal data (e.g., contact and communication information, application documents, notes taken during job interviews, etc.) to the extent necessary to decide whether to establish an employment relationship—if you have given your consent—Articles 6 and 8 of the LFPDPPP. Consent may be revoked at any time. Within our company, your personal data will only be shared with individuals involved in processing your application. We will retain your personal data until you request its deletion, revoke your consent for its storage, or the purpose of processing such data is no longer applicable (e.g., after the application process has concluded). Please feel free to contact us if you have questions regarding the retention period in your specific case. If the application is accepted, the data you have provided will be stored in our data processing systems.
Data Retention Period
If we are unable to offer you employment, if you decline a job offer, or if we withdraw your application, we reserve the right to retain the data you have provided for up to one year from the conclusion of the application process (rejection or withdrawal of the application) on the basis of our legitimate interests. After this period, the data will be deleted and any physical application documents will be destroyed. The storage serves, in particular, as evidence in the event of litigation. If it is evident that the data will be required after the six-month period (for example, due to imminent or pending legal disputes), the data will only be deleted once the purpose of further storage no longer applies. A longer storage period may also occur if you have given your consent (Articles 6 and 8 of the LFPDPPP) or if legal retention obligations prevent deletion.
Inclusion in the Applicant Pool
If we do not make you a job offer, there may be the possibility of including you in our applicant pool. If accepted, all documents and details of your application will be transferred to the applicant group so that we may contact you in case suitable vacancies arise.
Admission to the applicant pool is based solely on your express consent (Articles 6 and 8 of the LFPDPPP). This consent is voluntary and unrelated to the current application process. You may revoke your consent at any time. In such a case, the data will be irrevocably deleted from the applicant pool, unless there are legal grounds for its retention. The data will be irrevocably deleted from the applicant pool no later than two years after consent has been granted.
Matomo Bender App
The “Bender App” uses the open-source web analytics service Matomo. With the help of Matomo, we can collect and analyze data regarding the use of our website by visitors. This allows us to know, among other things, when pages have been viewed and from which region visitors originate. We also collect various log files (e.g., IP address, referrer, browsers, and operating systems used) and can measure whether visitors to our website perform certain actions (e.g., clicks, purchases, etc.). The use of this analytics tool is based on Article 6 of the LFPDPPP. The website operator has a legitimate interest in analyzing user behavior in order to optimize both the website and its advertising. If the corresponding consent has been requested, processing will be carried out exclusively on the basis of the LFPDPPP, insofar as consent includes the storage of cookies or access to information on the user’s end device (e.g., device fingerprinting). Consent may be revoked at any time.
We host Matomo exclusively on our own servers, so that all analytics data remains with us and is not transmitted to third parties.
Information provided in accordance with Article 16 of the LFPDPPP
If this is your first interaction with us, in accordance with Articles 15, 16, 17 and related provisions of the Federal Law on the Protection of Personal Data Held by Private Parties (LFPDPPP), we provide you with the following information regarding the protection of your personal data:
If you contact us by email, we will process your personal data only when necessary to fulfill our relationship with you, to respond to your request or inquiry, or when there is a legitimate interest in doing so. Your personal data will be retained as long as necessary to fulfill the purpose for which it was collected, until you request its deletion or revoke your consent, except for legal retention obligations established by Tax, Commercial, or other applicable laws. You have the right to access, rectify, cancel, or oppose the processing of your personal data (ARCO rights), as well as to revoke your consent and limit the use of your data, under the terms established by the LFPDPPP.
In addition, you may request the correction, erasure, and, in certain circumstances, the restriction of the processing of your personal data. For more details, please consult our Privacy Notice. You may contact our Data Protection Officer at protección-de-datos@bender.de.
13. External Services
