Privacy Policy of Seven.One Entertainment Group GmbH for Business Partners 

Status of Information: April 2022

Seven.One Entertainment Group GmbH based in Medienallee 7, 85774 Unterföhring, Germany pro-cesses the personal data of its business partners for various purposes, which are explained in these privacy policies.
We take your data protection rights and our legal obligations seriously.
These privacy policies describe how your personal data are processed and your privacy is protected. Your personal data are always processed securely and confidentially and only as described below. Should we process your data in other ways or for other purposes, we will inform you of this separately in advance. 
Please read the following policies through carefully.
These describe the categories of personal data that we can process, the purposes for which we process your personal data and how we protect your privacy.

Seven.One Entertainment Group GmbH
Medienallee 7
85774 Unterföhring
Germany

The Data Protection Officer of Seven.One Entertainment Group GmbH can be reached at this address: 

Seven.One Entertainment Group GmbH
Data Protection Officer
Medienallee 7
85774 Unterföhring
Germany

Datenschutz@seven.one 

Seven.One Entertainment Group GmbH processes your personal data in compliance with the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (Bundesdatenschutzgesetz/BDSG), the German Stock Corporation Act (Aktiengesetz/AktG), as well as all other relevant legal requirements.
In compliance with the applicable data protection regulation, we have identified various purposes for processing your personal data. These can be found in the following table together with the corresponding legal bases for processing. 

a) Compliance with legal requirements (e.g. retention obligations under tax and commercial law)    

The legal basis for data processing is – unless expressly stated otherwise – Art. 6(1) point b and f of the GDPR or consent that has been explicitly given (Art. 6(1) point a GDPR)

b) Planning, conduct and management of the (contractual) business relationship

Data are also processed in the course of implementing the contract, to handle the ordering of products and services, for example, for the purposes of accounting, billing and debt collection. Art. 6(1) point b and f of the GDPR

c) Communication with business partners re products, services and projects    

Data processing helps cultivate and maintain the business relationship as part of our company’s legitimate interest in working together. Art. 6(1) point f of the GDPR

d) Ensuring proper business operations, to protect our rights, to assert legal claims or to defend against legal disputes    

We process data on the basis of the legitimate interest in securing our business operations and in avoiding losses or other damage. Art. 6(1) point f of the GDPR

In particular, we collect your personal data from your communication and collaboration with us (direct collection).
We can process the following categories of your personal data in particular 

• General personal information: name, title, form of address/gender, job title, work contact details (address, telephone number, mobile number, e-mail address), nationality, if applicable,
• Other personal data, that you provide voluntarily in the context of the business relationship.

If the personal data specified are not provided or we cannot collect them, the individual purposes described may not be achieved.  

External partners with whom we work may also access your personal data to enable them to supply services for us but only to the extent that this is required for their specific service. 
If external data recipients act for us as processors, they will carry out their tasks in our name and in accordance with our instructions for the purposes specified above.
We have concluded an agreement for processing with each of these processors, which guarantees your personal data are processed lawfully and securely.
Furthermore, we also forward your data to third parties, who reliably process your personal data on their own authority. These are, for instance, authorities for the fulfillment of legal reporting obligations or in the context of threatened or pending court proceedings or a statutory audit.

We try to ensure that your personal data are kept as up-to-date as possible and that irrelevant or superfluous data are deleted as quickly as possible or anonymized. 
In principle, your data are only stored as long as this is necessary to fulfill the purpose for which they were collected or provided by you. There are, however, some exceptions to this principle. We must therefore store some data longer and delete other data sooner.
Certain data, such as tax-relevant documents, are stored for different periods depending on the legal requirements. 

If we forward personal data to service providers outside of the European Economic Area (EEA), this forwarding only takes place to the extent that the third-party country, through the intermediary of the EU Commission, has been granted confirmation of a suitable data protection level or that other ap-propriate data protection guarantees (for instance, standard contractual provisions of the EU Com-mission) exist.
Currently, there is no transfer to third-party countries without sufficient guarantees.

If you have any questions or complaints regarding data protection, please contact us. You will find our contact information above in this document.
This includes the right to access the information stored about you in accordance with Art. 15 GDPR, the right to correct your data in accordance with Art. 16 GDPR, the right to delete your data in ac-cordance with Art. 17 GDPR, the right to restrict processing in accordance with Art. 18 GDPR, as well as the right to data portability arising from Art. 20 GDPR. If you have given consent to your data being processed, you may revoke this at any time with future effect.
The legal basis for processing your data until consent is revoked is not affected by this.
You also have the option to contact the aforementioned Data Protection Officer or a data protection supervisory authority with comments or complaints.