BenefitsHow it worksTeamBlog
Get in touch

Privacy Policy

Privacy Policy

1. Data Controller

PFASuiki GmbH

Rosenheimer Str. 116b, 81669 München
E-Mail: info@pfasuiki.com

2. Categories of Data including Personal Data We Collect

  • Full name
  • Position/title
  • Company name
  • Company address
  • Business email address
  • Business phone or mobile number
  • Project-related information, requests, inquiry details or specific issues you share with us
  • Communication content and history
  • Offer and contract details
  • Usage or interaction data (e.g., response to marketing emails, event participation)

3. Purposes of Processing

We process personal data to support our business operations, including but not limited to the following purposes:

  • Managing subscriptions, such as for our newsletter
  • Handling inquiries and communication via contact forms, email, phone, or other channels
  • Booking and preparing appointments, consultations, meetings, and product demonstrations
  • Initiating, negotiating, and managing contractual or pre-contractual relationships with customers, partners, and suppliers
  • Providing personalized communication, offers, product or service information, and company updates
  • Executing transactions and fulfilling contractual obligations
  • Conducting online and offline marketing, sales campaigns, and participation in events
  • Developing and maintaining business relationships with prospects, customers, and partners
  • Performing internal business functions such as procurement, ERP, logistics, accounting, and compliance reporting
  • Conducting research and development to enhance our products, services, and customer experience
  • Analyzing operational and business data to improve performance, service quality, and market positioning
  • Monitoring market trends, competition, and customer needs
  • Ensuring compliance with legal, regulatory, and contractual obligations
  1. Supporting any other reasonable activities in alignment with our commercial goals and corporate mission

4. Legal Basis  

We process personal data on the following legal grounds under the General Data Protection Regulation (GDPR):

  • Art. 6(1)(a) GDPR – Consent  
  • Art. 6(1)(b) GDPR – Contractual necessity
  • Art. 6(1)(c) – Legal obligations  
  • Art. 6(1)(f) GDPR – Legitimate interest

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the intended purposes or to comply with statutory retention requirements.  

  • Newsletter data is stored until you unsubscribe
  • Meeting and contact data are retained until your inquiry is resolved or for the duration of legal retention periods
  • Customer, supplier, and contract data is stored for the duration of the relationship and in accordance with statutory retention obligations
  • Sales, invoice, and financial data is stored based on tax, accounting, and commercial law  
  • Marketing CRM data is retained until no longer relevant or consent is withdrawn
  • R&D and operational project data is stored for the lifecycle of the product, service, or project
  • Log and usage data is retained typically between 6 to 12 months for IT security and troubleshooting

6. Use of Third-Party Service Providers

We may use reputable third-party providers to support our operations, including for newsletter delivery and appointment scheduling (Calendly, HubSpot, Google). These providers operate under GDPR-compliant data processing agreements and handle data solely on our behalf.

7. Data Transfers

We may transfer personal data to external business partners within the outsourcing of internal functions and utilization of external resources, e.g. chemical analytics and advisory, IT services, HR, recruiting, marketing activities, marketing data analysis, administration of campaigns, offline and online advertisement, publishing, design, legal, tax, financial advisory services and other activities related to our business operations.

Business partners that act as service providers for us are contractually bound by data processing agreements to take appropriate technical and organizational security measures to safeguard and process personal data only as instructed by us. The same applies to any sub-providers of our service providers.

To the extent personal data are transferred to and processed in other countries than the EU/EEA, we transfer personal data in compliance with applicable laws and have, where required, established appropriate safeguards by means of data processing and data transfer agreements that oblige the recipient in the other country to establish and adhere to an adequate level of data protection.

We may transfer personal data to government authorities, courts, law enforcement agencies and other public bodies to comply with obligations to which we are subject to under applicable laws, e.g. transfer and disclosure obligations under social security law, civil procedure law, tax, import and export laws.

8. Consent Management

Where required under applicable data protection and other laws, we process personal data only after obtaining consent. Providing consent and data is voluntary. Before obtaining consent, we will duly inform each individual about the respective processing activity. Without providing data, an individual may not be able to engage in our business operations. Consent can be withdrawn at any time with future effect by email to info@pfasuiki.com or by sending a withdrawal notice to our registered office address. A withdrawal will not affect the lawfulness of the processing prior to the withdrawal

9. Your Rights Under Data Protection Law

You have the following rights regarding your personal data, subject to applicable legal conditions:

  • Right of access  
  • Right to rectification  
  • Right to erasure ("right to be forgotten")  
  • Right to restriction of processing  
  • Right to data portability  
  • Right to object to processing based on legitimate interests  
  • Right to withdraw consent at any time with future effect  
  • Right to lodge a complaint with a supervisory authority  

Where we process personal data for direct marketing purposes, each individual has the right to object at any time to the processing of its personal data for direct marketing purposes, which includes profiling to the extent related to marketing purposes.

To exercise your rights, please contact: info@pfasuiki.com

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, loss, misuse, or alteration. These include:

  • Encrypted transmission via SSL/TLS
  • Access controls and authentication systems
  • Regular audits and updates of our IT infrastructure
  • Internal policies and employee training for data protection

11. Contact for Data Protection Matters

If you have questions regarding this privacy policy or the processing of your data, you can contact us per e-mail under info@pfasuiki.com or under our registered office address.

12. Version and Updates

Effective Date: July 2025


We reserve the right to update or amend this Privacy Policy at any time to reflect changes in legal requirements or our services.