Your data in good hands: AEB SE is compliant with all binding legislation, including the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). Below you 'll find all key information and statements on this subject. We strive for utmost transparency with state-of-the-art protections tailored to our market.
For implementation and its own internal use, AEB has created a binding guideline.
AEB Data Protection Guideline
(last updated on Dezember 21, 2020)
The Data Protection Statement provides information about data protection for data subjects.
Under the terms of data protection law, a data processing situation exists if your AEB solution contains personal data (e.g. contact information of business partners or of your users) and if access by AEB (employees) cannot be ruled out.
Further data may be involved if you are screening addresses of other parties against sanctions lists. In this case you will have to make amendments to the agreement. Scroll down for instructions on how to complete these documents.
Further arguments for using AEB 's standard agreement:
It only takes five steps to complete the agreement:
The security concept includes the technical and organizational measures needed to ensure adequate data security in accordance with the requirements for protecting (personal) data as set forth in Art. 32 GDPR.
Security Concept (Art. 32 GDPR) (last updated on April 30, 2019)
The document linked below provides an overview of current subcontractors for data processing as defined by Art. 28 GDPR. AEB keeps a record of current subcontractors and will duly notify customers of any changes, with reference to this document.
Overview subcontractors (last updated on December 1, 2020)
The document linked below is part of the Deletion Concept that AEB maintains in its role as „processor” according to the EU 's General Data Protection Regulation (GDPR) and provides it to its customers in their role as „controllers”. It contains the information necessary for the customer on the subject of data deletion.
Deletion concept of AEB (last updated on December 10, 2020)
Art. 30 (1) GDPR refers to the controller of data processing activities. You as the customer bear the responsibilities cited there in connection with the AEB solutions. The document linked below covers the information that AEB, in its role as processor, is obligated to provide to its regulatory authority. The document also provides additional information to help you comply with any obligations you may have to inform your data subjects, such as your employees who use our solutions. Please ensure to observe your own responsibility when providing this information.
In this document you will also find, voluntarily provided by us, information about our data in accordance with Art. 30 (2) GDPR.
Information from AEB relating to Art. 30 GDPR (last updated on December 1, 2020)
AEB Data Protection Officer since 2009.
I like my job because:
That 's why this role fits well with my other roles at AEB as ISMS Manager and Emergency Officer.
Working in data protection since 2010, AEB Data Protection Coordinator since 2018.
I like my job because:
I also conduct training and awareness seminars and am an internal auditor for the ISMS.