Privacy Policy – Principles

We Take Data Protection Seriously

Keyfinanz GmbH processes personal data as part of its daily business operations. This Privacy Policy explains how we collect, use, store, and protect personal data relating to our customers, suppliers, business partners, job applicants, and website users.

We are committed to handling personal data in a lawful, fair, and transparent manner, in accordance with applicable data protection laws, including the EU General Data Protection Regulation (GDPR).

Fair and Transparent Data Processing

We are committed to handling personal data in a lawful, fair, and transparent manner, in accordance with applicable data protection laws, including the EU General Data Protection Regulation (GDPR).

Keyfinanz GmbH ensures that personal data is processed in compliance with applicable legislation. When we ask you to provide personal data, we clearly inform you:

what data we collect,

for what purpose it is processed, and

on which legal basis the processing is carried out.

If we collect personal data about you from third parties (such as business partners, suppliers, or public authorities), we will inform you within a reasonable time after obtaining the data, including the purpose and legal basis for such collection.

Data Processing

Types of Personal Data We Process

We process personal data in order to deliver high-quality services and maintain effective communication. The data we may process includes:

Name

Address and email address

Telephone number

IP address

CV and employment-related information (where applicable)

Purpose of Data Collection and Processing

We collect and store personal data only for specific and legitimate purposes, including:

Fulfilling requests for services provided by Keyfinanz GmbH

Managing contractual and business relationships

Communication and administration

Compliance with legal, regulatory, or contractual obligations

Data Minimization and Relevance

We only collect and process personal data that is relevant, adequate, and necessary for the stated purposes. Where possible, we limit the amount of personal data processed. Certain types of data may be required by law.

Accuracy and Updates

We take reasonable steps to ensure that the personal data we process is accurate and up to date. Since the quality of our services depends on correct information, we kindly ask you to inform us of any changes to your personal data.

You may contact us at any time to request corrections.

Data Retention and Deletion

Personal data is stored only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by applicable law. We delete or anonymize personal data when it is no longer needed or when we are legally obliged to do so.

Legal Basis for Processing

In most cases, personal data is processed based on:

your consent,

a contractual relationship,

legal obligations, or

our legitimate business interests, provided such interests do not override your fundamental rights and freedoms.

Where consent is required, it is given voluntarily and may be withdrawn at any time. If personal data is to be used for a new purpose, we will inform you and, where required, obtain your consent before processing.

Where consent is required, it is given voluntarily and may be withdrawn at any time. If personal data is to be used for a new purpose, we will inform you and, where required, obtain your consent before processing.

Sharing of Personal Data

We may share personal data with:

affiliated companies within the Keyfinanz group, and

trusted service providers acting on our behalf.

In some cases, data may be transferred outside the EU/EEA. Where this occurs, appropriate safeguards are applied to ensure an adequate level of data protection. Electronic communication containing personal data is protected using secure and encrypted systems.

Data Security

Protection of Personal Data

Keyfinanz GmbH has implemented technical and organizational security measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.

Our measures include:

restricted access to personal data,

logging and monitoring of access,

regular data backups, and

secure, authorized IT and email systems.

In the event of a personal data breach that poses a high risk to individuals, we will notify affected parties without undue delay, in accordance with legal requirements.

Your Rights
Right of Access