This is how you can contact us:

Phone: +49 (0) 52 33 / 94 17 - 0
Email: info(at)chemical-check.de

contact form
Videos Icon Downloads Icon search Icon Notruf Icon

Information on the collection of personal data pursuant to the General Data Protection Regulation

Name and contact information for the person responsible

Chemical Check GmbH
Chemical Check Platz 1-7
32839 Steinheim

REACH  Registration of Chemicals GmbH
Chemical Check Platz 1-7
32839 Steinheim

Gefahrstoffberatung Schnurbusch GmbH & Co. KG
Chemical Check Platz 1-7
32839 Steinheim

Karen Schnurbusch-Beteiligungs GmbH
Chemical Check Platz 1-7
32839 Steinheim

Responsible is your respective contract partner. The four companies have a shared responsibility over used IT systems. The processing of contractual transactions may be carried out within the scope of order processing by other named companies. There are agreements for processors between the named companies. The joint controllers agreement is available here.

Data protection officer Chemical Check GmbH Gefahrstoffberatung

Rüdiger Kleefeld
Internal protection officer
Chemical Check Platz 1-7
32839 Steinheim
Phone: +49 (0) 5233/ 94 17 116
Email: r.kleefeld(at)chemical-check.de

Purposes for which the personal data is processed

The purposes of the processing activities and its legal bases are

General customer management

  • General and order-specific correspondence
  • Accepting orders (telephone, email, website, live-chat Bitrix24, video conference system GoToMeeting)
  • Advice (telephone, email)
  • Recording master data
  • Calculation / revenues / revenue statistics / customer-specific peculiarities
  • Customer management in databases
  • Customer management of telephone system
  • Use of databases / FTP servers
  • Use of service portals
  • Use of video conference systems
  • Invoice data
  • Participation certificates (seminars)
  • Transport documents
  • Designing contracts


Customer data from external provision to customs workplace safety/transport

  • Visit reports
  • Usage time lists
  • Risk assessments
  • Training overviews/certificates
  • Hazardous goods protection plan
  • Participation certificates (work safety/ hazardous goods / chemical ban regulations / seminars)
  • Accident notification
  • Training



  • Legal advice on contracts
  • Provision of 24hr emergency number
  • Newsletter
  • Product registrations
  • Advertising


Legal basis for processing

  • General data protection regulation, Article 6
    Art. 6 (1) a) Consent
    Art. 6 (1) b) Contract / concrete contract initiation
    Art. 6 (1) c) Fulfillment of compliance and legal obligations
    Art. 6 (1) d) to protect vital interests
    Art. 6 (1) e) Task out of public interest or exercise of official authority (especially for authorities)
    Art. 6 (1) f) legitimate company interest, unless the interest of the data subject outweighs
  • Queries by email / fax / post
  • Queries from website contact form
  • Workplace Health Act (ArbSchG)
  • Order confirmations
  • Trade association regulations
  • Chemical Act (ChemG)
  • Chemical Ban Regulations (ChemVerbotsV)
  • EU directives and regulations (e.g. CLP regulation 1272/2008) and associated implementation regulations
  • External provisions to customs
  • Internal processes
  • National chemical legislation
  • Newsletter orders
  • Contracts

Categories of personal data collected/processed

Affected people groups:Categories of personal data:
All customers and suppliers 
  • Bank details
  • Company name
  • Confidentiality agreements
  • Email address
  • First and last name of contract
  • Image and sound track in the context of video conferences
  • Log-in (service portals, databases etc.) incl. passwords and certificates
  • Master customer / supplier data
  • Phone number 
  • Revenue numbers
  • Terms of payment
Customers with external provision to customs,
chemical ban regulation,
Customer accident reports
  • Date of birth
  • First and last name of person suffering accident
  • Date of birth of person suffering accident
  • Address of person suffering accident

Categories of recipients of personal data

internal/external:Recipient of personal data:
CC group internal 
  • Management
  • Internally authorised data recipients
  • Departmental superiors
  • Auditors DIN EN ISO 9001:2015
  • Banks
  • Authorities, e.g. stated departments to receive product notifications
  • Service provider for 24hr emergency number
  • Newsletter service provider safety data sheet / product notification service provider
  • IT service providers (hardware, software, portals, live-chat, video conferences)
  • Lawyers
  • Tax offices

Transfer of personal data to a third country or international organisation

 Data transfers to third countries only take place whilst complying with statutory or official requirements. As part of the product notifications, such contact data as contact name, email addresses must be stored with the stated departments to receive product notifications, e.g. in Switzerland and Norway. The basis is the national chemical legislation.

For the fulfillment of contracts or orders, it may be necessary to exchange personal data with the United Kingdom (UK). A transitional period applied until 01. July 2021. Since 28. June 2021, the EU has issued an adequacy decision in this regard. The processing is occasional according to Article 27 UK GDPR. There is no extensive processing of special categories of data. Analogous to Article 27 GDPR, no UK representative needs to be appointed.

It may be necessary to exchange personal data with Switzerland in order to fulfil contracts or orders. The EU has issued an adequacy decision in this regard. A total revision of the Data Protection Act is currently being adapted to the GDPR.

When using the video conference system GoToMeeting, data is processed under standard contractual clauses.

Duration for which the personal data is stored

 If personal data is processed during a business transaction, it is deleted at the end of the statutory storage period of 10 years if the right to deletion (right to be forgotten) under Article 17 of Regulation (EU) 2016/679 or the right to restrict processing under Article 18 of the Regulation (EU) 2016/679 is not used. There is no access for deletion of data that must be stored with authorities.

When using the video conference system GoToMeeting, the meeting history is deleted after 90 days.

Rights of those affected:

Information, correction, deletion and restriction as well as objection right

You are permitted under Article 15 GDPR to request at any time the comprehensive issue of information about the data stored about you from the person responsible at any time.

Under Section 17 GDPR you can request at any time the correction, deletion and blocking of individual items of personal data by the person responsible.

In addition, at any time you can use your objection right without stating reasons and modify or completely revoke the declaration of consent given with future effect. You can communicate your revocation to the contractual partner either by post, email or fax. You do not incur any costs except for postal charges or transfer costs.

Information on the complaint right to a supervisory authority

The affected person may inform the supervisory authority of infringements of the General Data Protection Regulation or Data Protection Act using the following contact

Federal Officer
for Data Protection and Freedom of Information
Graurheindorfer Str. 153
53117 Bonn

Phone: +49 (0)228-997799-0
Fax: +49 (0)228-997799-5550
Email: poststelle(at)bfdi.bund.de
De-Mail: poststelle(at)bfdi.de-mail.de

State Commissioner
for Data Protection and Freedom of Information NRW
Postbox 20 04 44
40102 Düsseldorf

Phone: 0211/38424-0
Fax: 0211/38424-10
Email: poststelle(at)ldi.nrw.de

Encrypted email communication with the federal and state officers for data protection and freedom of information is possible using a public PGP key. The public key can be called up on the relevant authority’s website.

Basis for the provision of personal data / consequences of non-provision

All processing activities are based on statutory, official and trade association regulations or requirements that arise from the order or contract.

The processing of personal data is absolutely necessary to handle this order or fulfil the contract contents.

The issue of an order in writing, orally, by email or internet is considered to be agreement to the processing of personal data for the stated processing activities.

Request processor agreement under: info(at)chemical-check.de