Protecting personal data is taken very seriously at Huchtemeier Papier

Transparency is one of our goals connected to data protection. With the information below we invite you to convince yourself of Huchtemeier's measures to establish a secure environment for your personal data. 

 

On this page you find: 

1. Huchtemeier’s data protection statement

2. Huchtemeier's data protection principles

3. Flow of personal data 

4. Example DPA (others on request)

 

Huchtemeier’s data protection statement

 

Huchtemeier and its team take data protection very seriously. 

We emphasize a respectful and prudent treatment of all personal data independent who they concern. 

We comply with the EU Data Protection Directive (GDPR / DSGVO). 

 

Huchtemeier’s idea of personal data minimization: 

"We collect no more personal data than typically found on a business card."  

 

Huchtemeier's data protection principles

 

Choice of system 

 

Huchtemeier makes use of cloud services,. However, as part of our data protection strategy, we treat personal data only in such systems, where we have solid and trustworthy data processing agreements (DPAs). 

 

Protected infrastructure

 

Huchtemeier’s internal IT infrastructure is protected by state-of-the technology (virus protection, firewall, SSL, VPN). User access is granted to trained Huchtemeier employees only. 

 

Training and Awareness

 

All Huchtemeier team-members are well informed about the requirements of data protection in compliance with GDPR. Changes in data-protection regulation are communicated on a regular basis. Every person at Huchtemeier who feels insecure concerning any aspect of data protection or has reason to believe that compliance to GDPR is at risk may immediately contact Huchtemeier’s management / Data Protection Officer under privacy@huchtemeier.com.

 

Information and transparency

 

Huchtemeier systematically informs all business partners about the treatment of their personal data and requests their agreement to process it within our systems. Our website huchtemeier.net/privacy makes all relevant information transparent to our business partners (such as data-flow-documentation, DPAs, system assessment).

 

Flow of personal data 

 

Personal data arrives Huchtemeier through our sales team.
As part of pre-sales correspondence contact information including personal data is exchanged on one or more of the following channels: 

 

  • Personal meeting incl. notes and exchange of business cards
  • Email
  • Phone calls and corresponding notes
  • Post letters, fax (getting rare)
  • Website contact form

As part of our business processes data will then be treated in one or more of the following systems: 

  • Microsoft Windows file storage
  • Microsoft MS Office Outlook
  • ERP system Mesonic Winline 
  • CRM system Huchtemeier WebApp

Description of the systems: 

  • Huchtemeier’s file storage, MS Office Outlook and ERP system Mesonic Winline run on a local server (operating MS small business server) located in Gernotstr. 18, 44319 Dortmund, Germany. The system is protected by state-of-the art anti virus and firewall systems. The internal systems are administrated by an internal IT professional and a local IT company.
  • CRM system Huchtemeier WebApp is a proprietary system hosted on a server in the FRA1 facility, located in Frankfurt am Main, Germany, owned by DigitalOcean, LLC. A data processing agreement with DigitalOcean, LLC can be viewed as PDF download on this page.

 

Example documents

Download
DPA with DigitalOcean LLC
digitalocean-data-processing-agreement.p
Adobe Acrobat Document 89.8 KB
Download
Example for employee's decleration for data protection
DSGVO_Guideline_Employees.pdf
Adobe Acrobat Document 99.3 KB