Your data in good hands: AEB SE is compliant with all binding legislation, including the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). Below you’ll find all key information and statements on this subject. We strive for utmost transparency with state-of-the-art protections tailored to our market.
AEB developed this binding guideline for its own internal use.
AEB Data Protection Guideline (Last update: May 20, 2019)
The Data Privacy Statement provides data subjects with information on how their data is protected. You can find it here.
Under data protection law, data processing occurs if your AEB solution contains personal data (such as the contact information of business partners or your users) and if access by AEB (employees) is at all possible.
The scope of applicable data may be broader if you screen the addresses of other parties against sanctions lists. This would require adding this information to the agreement. Scroll down for instructions on how to complete these documents.
It only takes five steps to complete the agreement:
The security concept includes the technical and organizational measures needed to ensure adequate data security in accordance with the requirements for protecting (personal) data as set forth in Art. 32 GDPR.
Security Concept (Art. 32 GDPR) (Last updated: April 30, 2019)
The document linked below provides an overview of current subcontractors for data processing as defined by Art. 28 GDPR. AEB keeps a record of current subcontractors and will duly notify customers of any changes, with reference to this document.
Overview of Subcontractors (Last updated: September 1, 2020 )
The document linked below is part of the Deletion Concept that AEB maintains in its role as “processor” and shares with its customers in their role as “controllers” within the meaning of the GDPR. It is designed to give customers the information they need regarding the deletion of data.
AEB Deletion Concept (Last updated: October 1, 2019 )
Art. 30 (1) GDPR refers to the controller of processing activities. You as the customer bear the responsibilities cited there in connection with the AEB solutions. The document linked below covers the information that AEB, in its role as processor, is obligated to provide to its regulatory authority. It is also intended as additional information to help you comply with any obligations you may have to inform your data subjects, such as your employees who use our solutions. You are responsible for complying with your own obligations to provide this information, however.
AEB also voluntarily permits you to see the information we maintain in accordance with Art. 30 (2) GDPR.
AEB records pursuant to Art. 30 GDPR (Last updated: May 1, 2020 )
AEB Data Protection Officer since 2009.
I like my job because:
That’s why this role fits well with my other roles at AEB as ISMS Manager and Emergency Officer.
Working in data privacy since 2010, AEB Data Protection Coordinator since 2018.
I like my job because:
I also conduct training and awareness seminars and am an internal auditor for the ISMS.