Customer Data Protection

How we process customer data at FCS

We would like to give you an overview of the processing of your personal data within the FCS Group. Which personal data is processed in detail and how it is used depends largely on the services requested or agreed in each case. If you have any further questions about the individual processing activities or would like more detailed information, please contact our Data Protection Team.

This data protection information is subject to periodic updates. The current version is always available on this page.

Last updated: 01.09.2025

Who is responsible for processing my data?

The FCS company with which you have a contractual relationship or are otherwise in contact (hereinafter referred to as "FCS" or "we") is responsible for data processing. The controller can usually be found in the following source:

• If you are a customer, supplier or service provider of FCS or have any other business relationship with us, your FCS contractual partner is the controller within the meaning of data protection law;
• The company specified in the e-mail signature of your contact person;
• The company listed in the legal notice, in separate data protection notices or in the terms and conditions of use or purchase;
• The company of the respective social media presence listed in the legal notice or data protection information;
• The company inviting to FCS events (digital or on-site);
• As a visitor to one of our factory premises, the company whose appointment you are attending or whose fair stand you are visiting.

Joint controllers

In the course of our business activities, we may use joint databases and, where necessary, access a shared database in order to answer customer enquiries or provide (partial) contractual services to customers. The FCS companies are each independently responsible for the lawful processing of personal data and the guarantee of data subjects' rights, including the provision of mandatory information. Where necessary, the companies support each other in this.

Do you have questions about data protection?

Questions regarding data protection can be directed to the contact information of the respective controller or directly to FCS.

You can contact our Data Protection Officer of our German companies at:
c/o activeMind AG Management and Technology Consultancy
Potsdamer Str. 3
80802 Munich
Phone: 089 / 91 92 94 - 900
E-mail: fcs@activemind.de

Or contact our FCS Data Protection Team via:
E-mail: datenschutz@fcs-munich.com

We process your data for the following purposes and on the following legal basis:

On the basis of your consent

If you have given us your consent to process your personal data, it will only be processed in accordance with the purposes specified in the separate consent form and to the extent agreed therein. Any consent given can be withdrawn at any time with effect for the future. The withdrawal of consent only takes effect for the future and does not affect the legality of the personal data processed until the withdrawal. This may be the case if we carry out direct marketing measures that are not exclusively based on our legitimate interest. Or we make audiovisual recordings at our events (photographs, video recordings or other recordings). In these cases, we will inform the data subjects separately.

For the fulfilment of contractual obligations

The processing is necessary for the fulfilment and/or contractual ancillary services of a contract with you.
If you enquire about an offer, the data processing is carried out in response to your enquiry and is necessary for the implementation of pre-contractual measures.

Due to legal requirements

We are subject to various legal obligations that entail data processing. These include, for example, tax laws and statutory accounting, the fulfilment of requests and requirements from supervisory or law enforcement authorities and the fulfilment of tax control and reporting obligations.
In addition, the disclosure of personal data may become necessary in the context of official/judicial measures for the purposes of gathering evidence, criminal prosecution or the enforcement of civil law claims.

As part of the balancing of interests

Where necessary, we process your data beyond the actual fulfilment of the contract to protect our legitimate interests or those of third parties. Examples of such cases are:

• If you contact us by e-mail or telephone, the data you enter will be stored for the purpose of personalised communication with you;
• Storage of additional contact persons in our CRM system for extended communication;
• Transfer of personal data within the group of companies for internal administrative purposes;
• Surveys to improve our products, communication and quality assurance;
• Direct marketing to existing customers, provided you have not objected to the use of your e-mail address for advertising purposes, you will receive information on news and events by e-mail;
• Assertion of legal claims and defence in legal disputes;
• Requesting participant data and other relevant information for the organisation of events;
• Measures to protect the security of our property, our plants and our products and services by means of video recording, visitor badges or certain access barriers in our online customer portals.

Who receives your data?

Data transfer and transmission takes place at FCS on several levels. On the one hand, your data is processed FCS-wide, within the entire Group , as well as within certain business areas. This takes place regularly in accordance with the specific customer relationship and the product range or service owed along the service chain. In addition, data is passed on within the controller to, for example, suppliers and/or third parties for the fulfilment of contracts.

Intra-group transfers

Within the FCS Business Group, Freudenberg Chemical Specialities GmbH, as the holding company, performs a number of central functions, which may also involve the processing of personal data on a Group-wide basis. Central processing operations are, for example, those required for internal administrative purposes (consolidated financial statements, consolidation, controlling, corporate communications, centralised administration in purchasing and procurement).

In addition, FCS companies process personal data as service companies on behalf of the other Group companies. This includes the following processing:

• Shared service centre in the areas of personnel administration, legal and compliance
• IT services
• Provision of centralised time recording and personnel management systems
• Provision of central databases (CRM & ERP)
• Provision of centralised communication systems

Within the responsible entity

Within the FCS company, employees receive your data for contact with you and for contractual cooperation (including the fulfilment of pre-contractual measures).

Your data will only be passed on to those service providers (processors) if this is necessary for the fulfilment of our contractual tasks (e.g. transport companies, data shredders, IT suppliers). All service providers are obliged to treat your data confidentially on the basis a data protection agreement or in accordance with a separate agreement.

Data transfer to third parties

With regard to the transfer of data to recipients outside our company (independently responsible parties within the meaning of data protection law), it should first be noted that we only pass on necessary personal data in compliance with the applicable data protection regulations.

Under these conditions, recipients of personal data may be, for example

• Public bodies and institutions (e.g. tax authorities, law enforcement authorities) in the event of a legal or official obligation,
• Credit and financial services institutions (processing of payment transactions),
• Tax consultant, business and payroll tax/company auditor, data protection officers (statutory audit mandate),
• External auditors and auditing firms.

All service providers are contractually bound and in particular obliged to treat your data confidentially.

Is data transferred to a third country or an international organisation?

Data is transferred to bodies in countries outside the European Economic Area (so-called third countries) if:

• it is required by law (e.g. reporting obligations under tax law),
• you have given us your consent or
• we have concluded an order processing contract with our service provider. In this case, your data will only be transmitted if either
  • the European Commission has decided that an adequate level of protection exists in the third country (Art. 45 GDPR) or
  • on the basis of suitable guarantees (standard contractual clauses issued by the EU Commission).

We have also contractually agreed with our service providers that data protection guarantees must always be in place with their contractual partners in compliance with the European level of data protection. We will provide you with a copy of these guarantees on request.

How long will your data be stored?

We process and store your personal data for as long as this is necessary for the fulfilment of our contractual and legal obligations. If the data is no longer required for the fulfilment of contractual or legal obligations, it is regularly deleted.

There are exceptions to the above-mentioned deletion criteria for data:

• required for the fulfilment of statutory retention obligations, e.g. German Commercial Code (HGB) and German Fiscal Code (AO). The retention and documentation periods specified there are generally six to ten years,
• for the preservation of evidence within the framework of the statutory limitation periods. According to Sections 195 et seq. of the German Civil Code (BGB), these limitation periods can be up to 30 years, whereby the regular limitation period is three years.

If the data processing is carried out in our legitimate interest or that of a third party, the personal data will be deleted as soon as this interest no longer exists. The aforementioned exceptions apply. A storage period beyond this can be expressly stated. This is usually the case if your data is processed on the basis of your separate consent.

What data protection rights do you have?

Every data subject has the right of access under Art. 15 GDPR, the right to rectification under Art. 16 GDPR, the right to erasure under Art. 17 GDPR, the right to restriction of processing under Art. 18 GDPR, the right to object under Art. 21 GDPR and the right to data portability under Art. 20 GDPR.

The restrictions under Sections 34 and 35 BDSG apply to the right to information and the right to erasure.

In addition, you have the right to lodge a complaint with a competent data protection supervisory authority (Art. 77 GDPR). A list of supervisory authorities (for the non-public sector) with addresses can be found at (in German):
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

Do I have an obligation to provide data?

As part of the contractual relationship, you may provide the personal data that is required for the commencement, execution and termination of the contractual relationship and for the fulfilment of the associated contractual obligations or that we are legally obliged to collect. Without this data, we will not be able to contact you, conclude the contract with you or fulfil it.