Privacy Policy

1. Controller

EREXIM GmbH
Mustafa Ertürk
Hermsdorfer Damm 214
13467 Berlin
Phone: +49 30 40536500
Email: mail@erexim.de

2. General information on data processing

We process your personal data exclusively in accordance with the statutory data protection regulations, in particular the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG). “Personal data” refers to any information relating to an identified or identifiable natural person – such as name, address, email address, telephone number or IP address.

3. Purposes and legal bases of processing

We process your personal data for the following purposes:

  • Performance of a contract and pre-contractual measures (Art. 6(1)(b) GDPR), e.g. for processing enquiries, orders, deliveries, complaints and communications.
  • Compliance with legal obligations (Art. 6(1)(c) GDPR), e.g. retention obligations under commercial or tax law.
  • Legitimate interests (Art. 6(1)(f) GDPR), e.g. for the organisation of our operational processes, IT security and the improvement of our business processes.
  • Consent (Art. 6(1)(a) GDPR), where we expressly ask for your consent, e.g. for newsletters or web tracking.

4. Categories of processed data

Depending on the nature of our business relationship, we may process the following personal data:

  • Contact details: Name, job title, company, address, email address, telephone number
  • Contract details: Orders, quotations, invoices, delivery notes
  • Technical data: IP address, time of access, browser information when visiting the website
  • Communication data: Content of emails, telephone calls, electronic data interchange (EDI, ERP)

5. Disclosure of data to third parties and international data transfers

Personal data will only be disclosed if:

  • it is necessary for the performance of the contract (e.g. to freight forwarders, manufacturers, IT service providers),
  • there is a legal obligation to do so,
  • there is a legitimate interest (e.g. IT security, legal proceedings),
  • or you have given your express consent.

International data transfers (Turkey)

As part of our work as a technical wholesaler, we collaborate with manufacturers in Turkey. During various stages of a project, it may be necessary to transfer customers’ personal data to these partners, for example:

  • during the quotation and sample approval phase (e.g. contact persons, specifications),
  • during production (e.g. markings, labels, packaging instructions),
  • for handling complaints (e.g. photographic evidence, traceability, test reports).

Data is transferred solely for specific purposes, to the extent necessary, and in compliance with data protection regulations. As Turkey is a third country for which no adequacy decision has been made under Article 45 of the GDPR, we base the transfer on:

  • Article 49(1)(b) of the GDPR (performance of a contract),
  • or, where applicable, the conclusion of EU Standard Contractual Clauses (SCCs) with the relevant manufacturers.

We select our partners carefully and ensure that your data is processed responsibly and in accordance with the GDPR.

6. Processing on the website

When you visit our website, our web server automatically processes the following data:

  • IP address
  • Date and time of access
  • Browser type and version
  • Operating system used
  • Referrer URL

This data is technically necessary to display the website to you and to ensure its stability and security. The legal basis is Article 6(1)(f) of the GDPR.

7. Use of cookies

Our website may use cookies to provide certain features or to analyse user behaviour. Where necessary for non-essential cookies, we will seek your consent in accordance with Article 6(1)(a) of the GDPR via a cookie banner.

8. Electronic communication

We also communicate with our customers via electronic channels such as:

  • Email
  • EDI interfaces
  • ERP systems

By using these channels, you consent to the processing of your data (Article 6(1)(a) and (b) of the GDPR).

9. Retention period

We only retain personal data for as long as is necessary to fulfil the relevant purposes or as required by statutory retention obligations. These are generally:

  • 6 years for commercial documents (Section 257 of the German Commercial Code)
  • 10 years for documents relevant for tax purposes (Section 147 of the German Fiscal Code)

Once these periods have expired, your data will be deleted or anonymised.

10. Your rights as a data subject

Under the GDPR, you have the following rights:

  • Access to stored data (Art. 15 GDPR)
  • Rectification of inaccurate data (Art. 16 GDPR)
  • Erasure (‘right to be forgotten’, Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Objection to processing (Art. 21 GDPR)
  • Withdrawal of consent (Art. 7(3) GDPR)
  • Lodging a complaint with a supervisory authority (Art. 77 GDPR)

11. Data security

We implement technical and organisational measures to protect your data against loss, destruction, unauthorised access or tampering. Our security measures are continuously updated in line with technological developments.

12. Changes to this privacy policy

We reserve the right to update this privacy policy to reflect changes in the legal landscape or technical developments. You can always find the latest version on our website.

As of September 2025

Scroll to Top