Chemical Check - European Office for Safety and Health

Information on the collection of personal data pursuant to the General Data Protection Regulation

Name and contact information for the person responsible

Chemical Check GmbHREACH  Registration of Chemicals GmbHGefahrstoffberatung Schnurbusch GmbH & Co. KGKaren Schnurbusch-Beteiligungs GmbH
Chemical Check Platz 1-7Chemical Check Platz 1-7Chemical Check Platz 1-7Chemical Check Platz 1-7
32839 Steinheim32839 Steinheim32839 Steinheim32839 Steinheim

Responsible is your respective contract partner. The four companies have a shared responsibility over used IT systems. The processing of contractual transactions may be carried out within the scope of order processing by other named companies. There are agreements for processors between the named companies. The joint controllers agreement is available here.

Data protection officer Chemical Check GmbH Gefahrstoffberatung

Rüdiger Kleefeld
Internal protection officer
Chemical Check Platz 1-7
32839 Steinheim
Phone: 05233/ 94 17 116
Email: r.kleefeld(at)

Purposes for which the personal data is processed

The purposes of the processing activities and its legal bases are

General customer management

  • General and order-specific correspondence
  • Accepting orders (telephone, email, website)
  • Advice (telephone, email)
  • Recording master data
  • Calculation / revenues / revenue statistics / customer-specific peculiarities
  • Customer management in databases
  • Customer management of telephone system
  • Use of databases / FTP servers
  • Use of service portals
  • Invoice data
  • Participation certificates (seminars)
  • Transport documents
  • Designing contracts


Customer data from external provision to customs workplace safety/transport

  • Visit reports
  • Usage time lists
  • Risk assessments
  • Training overviews/certificates
  • Hazardous goods protection plan
  • Participation certificates (work safety/ hazardous goods / chemical ban regulations / seminars)
  • Accident notification
  • Training



  • Legal advice on contracts
  • Provision of 24hr emergency number
  • Newsletter
  • Product registrations
  • Advertising


Legal basis for processing

  • Queries by email / fax / post
  • Queries from website contact form
  • Workplace Health Act (ArbSchG)
  • Order confirmations
  • Trade association regulations
  • Chemical Act (ChemG)
  • Chemical Ban Regulations (ChemVerbotsV)
  • EU directives and regulations (e.g. CLP regulation 1272/2008) and associated implementation regulations
  • External provisions to customs
  • Internal processes
  • National chemical legislation
  • Newsletter orders
  • Contracts

Categories of personal data collected/processed

Affected people groups:Categories of personal data:
All customers and suppliers
  • Master customer / supplier data
  • Company name
  • Address
  • First and last name of contract
  • Phone number
  • Email address
  • Bank details
  • Terms of payment
  • Revenue numbers
  • Confidentiality agreements
  • Log-in (service portals, databases etc.) incl. passwords and certificates
Customers with external provision to customs,
chemical ban regulation,
Customer accident reports
  • Date of birth

  • First and last name of person suffering accident
  • Date of birth of person suffering accident
  • Address of person suffering accident

Categories of recipients of personal data

internal/external:Recipient of personal data:
CC group internal
  • Management
  • Internally authorised data recipients
  • Departmental superiors
  • Auditors DIN EN ISO 9001:2015
  • Banks
  • Authorities, e.g. stated departments to receive product notifications
  • Service provider for 24hr emergency number
  • Newsletter service provider safety data sheet / product notification service provider
  • IT service providers (hardware, software, portals)
  • Lawyers
  • Tax offices

Transfer of personal data to a third country or international organisation

Data transfers to third countries only take place whilst complying with statutory or official requirements. As part of the product notifications, such contact data as contact name, email addresses must be stored with the stated departments to receive product notifications, e.g. in Switzerland and Norway. The basis is the national chemical legislation.

Duration for which the personal data is stored

If personal data is processed during a business transaction, it is deleted at the end of the statutory storage period of 10 years if the right to deletion (right to be forgotten) under Article 17 of Regulation (EU) 2016/679 or the right to restrict processing under Article 18 of the Regulation (EU) 2016/679 is not used. There is no access for deletion of data that must be stored with authorities.

Rights of those affected:

Information, correction, deletion and restriction as well as objection right

You are permitted under Article 15 GDPR to request at any time the comprehensive issue of information about the data stored about you from the person responsible at any time.

Under Section 17 GDPR you can request at any time the correction, deletion and blocking of individual items of personal data by the person responsible.

In addition, at any time you can use your objection right without stating reasons and modify or completely revoke the declaration of consent given with future effect. You can communicate your revocation to the contractual partner either by post, email or fax. You do not incur any costs except for postal charges or transfer costs.

Information on the complaint right to a supervisory authority

The affected person may inform the supervisory authority of infringements of the General Data Protection Regulation or Data Protection Act using the following contact

Federal Officer for Data Protection and Freedom of Information
Husarenstr. 30
53117 Bonn

Telephone: +49 (0)228-997799-0
Fax: +49 (0)228-997799-5550
Email: poststelle(at)

State Commissioner for Data Protection and Freedom of Information NRW
Postbox 20 04 44
40102 Düsseldorf

Telephone: 0211/38424-0
Fax: 0211/38424-10
Email: poststelle(at)

Encrypted email communication with the federal and state officers for data protection and freedom of information is possible using a public PGP key. The public key can be called up on the relevant authority’s website.

Basis for the provision of personal data / consequences of non-provision

All processing activities are based on statutory, official and trade association regulations or requirements that arise from the order or contract.

The processing of personal data is absolutely necessary to handle this order or fulfil the contract contents.

The issue of an order in writing, orally, by email or internet is considered to be agreement to the processing of personal data for the stated processing activities.

Request processor agreement under:

Copyright © Chemical Check

Privacy information for customers and suppliersImprintPrivacy terms