Privacy information for business partners

Data protection notices according to Art. 13, 14 GDPR.

This privacy policy applies in particular to the employees of our contractual, cooperation, consulting, network and project partners as well as other project participants, the employees of our customers, service providers, contractors and processors, freelancers and press representatives. It applies to all personal data that you provide to us as a "natural person" and business partner (e.g. as a sole trader, entrepreneur or employee of one of our business partners) in the context of our business relationships.

Name and address of the data controller

The entity responsible for data processing on this website is

]init[ AG für digitale Kommunikation (hereinafter referred to as “]init[ AG” or “we”)
Köpenicker Str. 9
10997 Berlin

Tel.: +49 30 97006 200
Fax: + 49 30 97006 135
www.init.de

Do you have general questions about data protection? If so, please contact: 

]init[ AG für digitale Kommunikation
z. Hd. Datenschutzbeauftragter
Mühlenstr. 40
10243 Berlin

datenschutz@init.de

We place great importance on protecting your personal data and collect, process, and use your personal data exclusively in accordance with the principles described below and in compliance with applicable data protection laws.

Contact information for the external data protection officer

You can contact our external data protection officer at:

DataGuard GmbH
Sandstraße 33
80335 München

datenschutz@dataguard.de
www.dataguard.de

Scope of data processing and data categories

With regard to our business partners, we process the following categories of personal data in particular:

  • Contact information such as title, first and last name, business communication data such as address, e-mail address, telephone number, mobile phone number, fax number
  • Other personal information related to the execution and processing of contracts, orders and requests
  • Data in the context of the use of video conferencing tools
  • Payment and processing data such as account data and other information required for the processing of payment transactions
  • Account and log data incl. access logs in connection with a collaboration on the IT infrastructures or IT systems of ]init[ AG as well as in the context of ticket creation and processing
  • Information we collect from public sources, information databases or credit reporting agencies.

Purpose of data processing

The data processing is carried out for the purpose of

  • Communication with our business partners and execution of contract-related correspondence
  • Planning, implementation and administration of the contractual and pre-contractual business relationship between ]init[ AG and the business partners, including administration in a contract data or customer database
  • Processing and execution of orders
  • Billing and payment processing as well as accounting
  • Collaboration in collaboration tools
  • Conducting web conferences, webinars and face-to-face events
  • Implementation of order and project-related (client) satisfaction surveys
  • Maintaining and protecting the security of our IT infrastructure
  • Preventing and detecting security risks, fraudulent activity, or other criminal activity or activity undertaken with the intent to cause harm
  • Compliance with legal requirements (e.g. tax and commercial law retention obligations) as well as the guidelines and standards specified by ]init[ AG
  • exercise and defense of legal claims.

Depending on the form, the same also applies to the initiation of business relationships with our business partners, e.g. when concluding NDAs, pre-contractual agreements for the execution of orders or for participation in tenders, the evaluation of project partnerships, etc.

Legal bases of data processing

Personal data is processed on the basis of the following legal grounds:

  • In the context of contract initiation, contract performance and contract termination as well as fulfillment of pre-contractual measures and / or contractual obligations arising from the contract concluded with you, e.g. from a purchase, work, service, license or rental contract (Art. 6 para. 1 lit. b) GDPR)
  • For the fulfillment of legal obligations such as, for example, retention obligations under commercial and tax law, obligations under company law, data protection law and civil law, also with regard to the fulfillment of obligations to provide evidence in compliance with the respective legal regulations (Article 6 para. 1 lit. c) GDPR
  • To safeguard the legitimate interests of ]init[ AG, e.g. to assert legal claims, to defend against legal disputes, to ensure IT security, to optimize our business processes, e.g. by maintaining a "customer relationship management" database and in the context of conducting (customer) satisfaction surveys, to ensure operational safety and business management, for building and plant security (e.g. (e.g. access controls), for comparison with European and international risk lists, if this goes beyond the legal obligations, e.g. the Supply Chain Duty of Care Act, to reduce default risks in our procurement processes by consulting credit agencies, to ensure and safeguard domiciliary rights (Article 6 para. 1 lit. f) GDPR, Section 25 para. 2 TDDDG).
  • The use of contact data of employees of our business partners is also based on our legitimate interest, as long as and to the extent that this serves the order- or project-related cooperation in the context of contract fulfillment (Article 6 (1) (f) GDPR).
  • On the basis of your consent for the purpose explicitly stated in each case, e.g. when ordering a newsletter, participating in (customer) satisfaction surveys or the use of ]init[s own project management software (Section 25 (1) TDDDG in conjunction with Article 6 (1) (a) GDPR).

Recipient categories

Within ]init[ AG, only those company units will have access to your data that need it to fulfill our contractual and legal obligations and to carry out our internal processes (e.g. sales, purchasing, financial accounting or IT management).

We also transfer your data to the service providers used by ]init[ AG only if this is necessary to fulfill the above-mentioned data processing purposes. These are in particular external companies in the areas of economic and legal consulting and IT services. Insofar as these service providers act as order processors, they are contractually obliged on the basis of Art. 28 GDPR to carry out data processing only in accordance with the instructions of ]init[ AG and in compliance with the applicable data protection requirements.

If, in exceptional cases, a service provider outside the EU / EEA is commissioned, it is ensured that this only concerns service providers that are based in a third country with an adequacy decision and, if necessary, can provide evidence of certification applicable to the country. In the case of a transfer to a third country for which no recognized level of data protection is recognized due to the lack of an adequacy decision, e.g. in the case of an international business relationship or payment processing, ]init[ AG will implement all measures required by the EU Commission and the German data protection authorities, such as the conclusion of so-called standard contractual clauses, the demand for additional guarantees and the implementation of a transfer impact assessment, in order to ensure a level of data protection comparable to the GDPR.

In addition, data transfer to law enforcement agencies may be considered, in particular for the purpose of uncovering criminal acts.

Duration of data storage

]init[ AG stores your personal data only for as long as is necessary to fulfill the purpose for which it was collected, to comply with legal, regulatory, or internal requirements, and to safeguard the legitimate interests of ]init [ AG. Once the purpose or legitimate interest for data processing no longer applies, your data will be deleted, provided that this does not conflict with tax, commercial, or other legal retention requirements. In such cases, your data will be stored until the respective retention periods expire and then deleted.

For example, all accounting documents are stored for a period of 8 years, while contract documents, received and sent business correspondence, and acceptance reports for contracts for work and services are stored for a period of 6 or 3 years, respectively.

Obligation to provide personal data

You are not obligated to provide this data. However, if it is a contractual business relationship, we cannot fulfill it without providing the personal data. In this respect, the processing of your data is based on Art. 6 (1) (b) of the GDPR.

Automated decision making

]init[ AG does not use your data for automated decision-making or profiling.

For more information on data protection, particularly regarding your rights as a data subject, please click here.

Adjustments

We reserve the right to update this Privacy Policy from time to time. Updates to this Privacy Policy will be posted on our website. Changes take effect upon their publication on our website.

]init[ AG is a member of the Society for Data Protection and Data Security (GDD).

 

Status of data protection information: May 2026

 

Back to the overview page Legal notices