Data protection information

Data protection information per Art. 13 and Art. 14 of the GDPR

We, SCHOMBURG GmbH & Co. KG, headquartered at Aquafinstr. 2-8 in 32760 Detmold, Germany, wish to explain which of your data we process. If you have any questions about data protection, please feel free to contact our data protection officer at or +49 5232 696555-8.

The purpose of data processing is contract initiation and contract implementation.
We process personal data in accordance with the following legal bases:
• Art. 6, para. 1 letter a of the GDPR for processing of personal data with the consent of the affected person.
• Art. 6, para. 1 letter b of the GDPR for fulfilment of a contract with the affected person and implementation of associated pre-contractual measures.
• Art. 6, para. 1 letter c of the GDPR for necessary processing of personal data for fulfilment of a legal obligation to which we are subject according to applicable EU law or according to the law of the country in which the GDPR is partly or wholly applicable.
• Art. 6, para. 1 letter f of the GDPR for necessary processing of personal data in order to protect our entitled interests or those of third parties, insofar as they do not outweigh the basic liberties and basic rights and interests of the affected person. Entitled interests are, in particular, our commercial interest in being able to provide our website, information security, assertion of legal claims and observance of other legal requirements.

We process data we have received from you as part of implementing our business relationship. We receive the data directly from you during order placement or order processing.

Specifically, for implementing our services, we process:
• Master data for implementing and providing the service. (such as name and address, e-mail address and telephone number)
• Data related to payment processing
• Correspondence (such as letter or e-mail communication with you)
• Advertising and sales data (such as that regarding potentially interesting offers)

Creditworthiness and scoring inspection
Provided we allow you the basic option to pay on invoicing within the scope of the goods and services we offer and you take advantage of this option, we reserve the right to request information from a credit agency (e.g. CRIF BÜRGEL GmbH branch office Bielefeld) regarding creditworthiness on the basis of a mathematical-statistical procedure. In this case, your data shall be forwarded to the credit agency, provided they are contractually relevant, e.g. your name and address. The information that follows from this regarding statistical probability of a payment failure will be used by us to make a decision about whether we shall offer you the option to pay on invoicing. The legal basis for this processing is provided by our legitimate interest in protection against payment failure and prevention of fraud as per Art. 6 Para.1 lit. f) GDPR.

Contact requests/contact options
If you contact us with enquiries via the contact form or by e-mail, we shall store your data from the query form, including the contact data you provide us there, for the purpose of the query and for possible follow-up questions only. We shall only forward this data for contract fulfilment purposes. The data provided via the contact form or by e-mail is only processed on the basis of your consent (Art. 6 Para. 1 lit. a GDPR). You may withdraw this consent at any time. An informal notification to us by e-mail is sufficient. The legality of data processing procedures that have occurred up until withdrawal of consent shall remain unaffected by this. The data entered into the contact form shall remain with us until you request its deletion, you withdraw your consent to store it, or the purpose for data storage is omitted (e.g. following completed processing of your enquiry). Mandatory legal requirements, especially storage periods, shall remain unaffected by this. Additionally, we shall process - contractual data (e.g. contractual object, duration, customer category). - payment data (e.g. account information, payment history) of our customers, interested parties, and business partners for the purpose of providing contractual services, support and customer care, marketing, advertising, and market research. The legal basis for data processing is provided by Art 6 Para. 1 item f) GDPR.

If you want to receive the newsletter offered on the website, we need your e-mail address and other information that allows us to check whether you are the owner of the indicated e-mail address and that you accept receipt of the newsletter. Other data is not collected.
We use this data exclusively for sending requested information and do not give it to third parties.
At any time, you can revoke your consent to storing the data, the e-mail address and to their use for sending the newsletter by using the “Unsubscribe” link in the newsletter.

You have the possibility online to apply for an advertised position or to send us an application on your own initiative through: or by post to SCHOMBURG GmbH & Co. KG, Aquafinstr. 2-8, 32760 Detmold or to SCHOMBURG GmbH, Aquafinstr. 2-8, 32760 Detmold or to AQUAFIN International GmbH, Aquafinstraße 2-8, 32760 Detmold.

Your application with your personal data will be received by the personnel department and will be forwarded only to the management of the department responsible for the advertised position or to the person entrusted with handling the application process. The SCHOMBURG group of companies requires all employees who have access to personal information to treat it confidentially and to protect data privacy according to the locally applicable laws and regulations. The legal basis for the data processing described are Art. 6 para. 1 letter b of the General Data Protection Regulation and section 26 para. 1 clause 1 of the Federal Data Protection Act. (BDSG). SCHOMBURG works with this personal data only within the personnel selection process. It is never forwarded to other companies outside the SCHOMBURG group of companies or used for other purposes.
An online application is transferred over the Internet. Please be aware that this transfer method is not secure and that your data can be transferred regardless of the location of the sender or receiver. Neither the SCHOMBURG group of companies nor our external service providers assume any liability (whether for injury, loss or other damage) toward applicants for the consequences of sending their personal data over the Internet.
Unless you specify otherwise, the data will be deleted six months after the application process, or destroyed, in the case of postal applications. Due to the long application and selection periods for trainees, we store their data for up to 18 months in Germany.

If the relevant legal requirements are met, you have the following rights: The right to information about your data stored with us, correction, deletion, limitation of processing of your data, or opposition to processing, and to data portability.
Furthermore, of course, you also have the possibility at any time to demand deletion or destruction of all of your application documentation by e-mailing us at:

We process personal image data that we collect as part of video monitoring on the company premises. We collect these data for protection against burglary, for protecting our property, and for access monitoring. This data is forwarded only to authorities investigating crimes.

We will process your personal data such as your forename and surname, as well as your private mobile phone number, in order to enable you to open the gate and barrier system using your mobile phone.
Storing this data is necessary in order to be able to compare the phone numbers that are authorised to open. The mobile phone number passed on to us will be stored on the manufacturer’s web portal that is used to perform the comparison.
The legal basis for this is consent in accordance with Article 6, paragraph 1 a) of the GDPR.
In the event of withdrawal of consent or a termination of the employment relationship, the data will be deleted after 7 days.
The mobile phone number will be deleted from the manufacturer’s web portal immediately.
The log files for checking unauthorised and authorised opening attempts on the barrier system will be saved for 14 days.

If you send us a query though our contact form, we store your data from the query form, including the contact data you provide us there, only for the purpose of the query and for possible follow-up questions. We do not pass on this data without your consent.
The provider automatically collects and stores information in what are called “server log files” that your browser automatically transfers to us. This includes:
• Browser type and version
• Operating system used
• Referrer URL
• Host name of the visiting computer
• Clock time of your server query

This data cannot be related to specific people. This data is not mixed with data from other sources. We reserve the right to inspect this data later, if we detect concrete indications of unlawful use. This site uses SSL encryption for purposes of security and to protect transfer of confidential information, such as queries that you send to us as a website operator. You can detect an encrypted connection, because the browser’s address line changes from “http://” to “https://” and a lock symbol appears in your browser line. More information can be found at

Categories of recipients
In providing services for special areas, we use service provider companies specially obligated to confidentiality and data protection, where access to personal data cannot be ruled out.

These categories of recipients are:
• Order processors we use (Art. 28 EU GDPR), particularly in the area of IT services, taxes, logistics and printing services, who process your data under our specific instructions
• Public authorities and institutions (financial authorities) if there is a legal or regulatory obligation
• Other authorities for which you have consented to data transfer.
Transfer to public authorities takes place exclusively in case of overriding legal requirements.

Duration of storage and deletion of data
Your data is stored for the duration of contract implementation. After the end of the contractual relationship, we must retain tax-related information for 10 years after financial statements and the end of the calendar year. After that, the data is deleted.

Right to information, reporting, deletion, objection and data portability
You can assert your right to information, reporting and deletion of data at any time. Simply contact us via the aforementioned channels. Should you desire deletion of data, but we are still legally obligated to retain said data, the access to your data will be limited (blocked). The same applies in case of an objection. Your right to data portability can be asserted insofar as both we and the recipient have the technical capabilities available.

Right to legal remedy
You have the option of filing a complaint with the data protection authorities.
For example, with the Nordrhein-Westfalen State Commissioner for Data Protection and Freedom of Information, which has authority over us,

Obligation to deliver
Without correct data from you, it is usually impossible to complete a contract.

Automated decision-making and profiling
Currently not applicable.