Privacy statement

and notes on data processing

1. Contact information of the responsible authority and the data protection officer

Responsible authority:

NARR Modular Systems GmbH
Defense & Security
Ohnrastraße 23
D-72336 Balingen
Phone: +49/7433/9907 0
Fax: +49/7433/9907 341

Data protection officer:

The data protection officer can be reached at the above address or via the following e-mail address

2. Purposes of processing, obligation to provide data

You only have to provide the personal data which are necessary for the establishment, realization or the termination of a contract or which we are obliged by law to evaluate. If you don’t provide us with the necessary information and documents, we are not allowed to establish or continue the desired business relationship.

Consent (art. 6 paragraph 1a DS-GVO), revocation

The processing of personal data for special purposes (e.g. disclosure to third parties, evaluation of data for marketing purposes) only takes place, if you gave us your consent. You can always revoke a given consent. Therefore, please contact us. Please note that the revocation only takes a future effect.

Contractual and precontractual obligations (art. 6 paragraph 1b DS-GVO)

We process personal data, which are necessary for the realization of a contract, of which you are a contracting party or to carry out precontractual measures following on your request. The purposes of the data processing depend on the concrete contract (e.g. purchase, supply, employment contract) and they can amongst others include evaluations, consultations as well as the realization of further actions. Personal data of employees are processed for employment purposes, if this is necessary for the decision on the establishment of an employment relationship or after having established an employment relationship for its realization or termination or to exercise or fulfil legal rights and obligations.

Legal requirements (art. 6 paragraph 1c DS-GVO)

Because of legal requirements a data processing is carried out for purposes of fraud and money laundering prevention, the fulfilment of fiscal inspection duties and reporting obligations and for the information to authorities.

Balancing of interests (art. 6 paragraph 1f DS-GVO)

In order to safeguard our or third parties’ legitimate interests, in addition a data processing for special purposes is carried out after having balanced the interests in advance, e.g. to guarantee the domiciliary right, legal claims, investigation of criminal offences, evaluation of default risks, optimized product development, optimized customer contact for advertising purposes, optimized requirement planning or in order to guarantee the data security.

3. Further data processing within the website use

Visit of the website

The hoster of this website automatically collects and saves information in its server log files, which are transmitted to us by your browser. For example: Browser type or version, used operating system, referrer URL (the page you visit before), hostname of the accessing computer (IP address), time of the server request. These data cannot be allocated to a certain person by the hoster. A combination of these data with other data sources is not carried out. Furthermore, these data are deleted after a statistical evaluation.
External contents / processing of data outside of the European Union
We use active Java Script contents on our websites such as OpenStreetMap of external providers such as OpenStreetMap Foundation (OSMF). By opening the website these external providers eventually receive personal data regarding your visit on our website. You can prevent this by installing a Java Script blocker such as the browser plugin ‘NoScript’ ( or by deactivating Java Script in your browser. This may lead to functional restrictions on websites you visit.


We use cookies on different websites in order to maintain attractive your visit on our website and in order to enable the use of different functions. So-called “cookies” are small text files, which your browser can save on your computer. The operation of saving a cookie file is also called “to set a cookie“. You can set your browser yourself according to your wishes. For example, you are informed that a cookie is set, you can decide on a case-by-case basis or you can generally accept or prohibit cookies. Cookies can be used for different purposes, e.g. to realize that your computer already has been connected to a web offer (permanent cookies) or to save the last offer you watched (session cookies). We use cookies in order to give you an extraordinary ease of use. Most of the cookies we use are deleted from your hard disk after you ended the browser session (session cookies). Other cookies remain on your computer and allow us to recognize your computer at your next visit on our website (permanent cookies). The way we use cookies doesn’t imply any disadvantage or risk for you. In order to be able to use our comfort functions, we recommend accepting cookies for our web offer.

Anonymous and pseudonym possible uses

In general, you can visit our website without having to provide your personal data. Pseudonymised user data are not combined with the data of the owner of a pseudonym. A creation of pseudonym user profiles doesn’t take place.

4. Categories of recipients

In order to fulfil the intended purposes, an access from different departments of our company can take place. Even external processors may have access to your data for special purposes, for example for IT services, for document destruction and marketing. Further recipients of personal data are: public authorities, credit and financial services institutions, lawyers and tax consultants or credit agencies.

5. Transfer in a third country or to an international organization

A transfer of data in third countries only takes place if this is necessary for example to fulfil a contract or if it is prescribed by law or if you gave us your consent. Within IT services, it cannot be excluded that a provider of IT services from a third country (for example the USA) in rare cases gains insight in personal data. Otherwise no transfer of personal data to third countries or international organizations takes place.

6. Duration of the data storage

For the duration of the contractual relationship, personal data are stored in our company. Furthermore, legal limitation periods generally are three years. Various retention and documentation obligations exist, for example based on the commercial code and the tax code, which are up to ten years.

7. Right to access, modify, delete, restrict data, data portability, existence of a right to appeal

You have the right to access your data according to art. 15 DS-GVO, the right of modification according to art. 16 DS-GVO, the right of deletion according to art. 17 DS-GVO, the right of restriction of the processing according to art. 18 DS-GVO as well as the right of data portability according to art. 20 DS-GVO.
Furthermore, you have the right to appeal amongst a privacy regulatory authority (Art. 77 DS-GVO).
(Comment of the translator: Ger.: DS-GVO – Eng.: General Data Protection Regulation)

8. Automated decision-making on a case-by-case basis, profiling

In general, we don’t use any fully automated decision-making for the establishment and realization of a business relationship. If we should use this method on a case-by-case basis, we inform you separately, if it is required by law.
We partially process your data in an automated way with the purpose to evaluate special personal aspects (profiling), for example the evaluation for a targeted customer approach, needs-based publicity, including market research and opinion research as well as for the scoring or rating. The evaluation may include for example data regarding the payment behaviour, (e.g. account turnover, balances) as well as criteria such as industry affiliation and experiences of the previous business relationship.

9. Categories of personal data, data sources

We process for example the following categories of personal data: person master data, contract master data, data regarding the realization and termination of contracts, order data, data to meet with legal obligations, creditworthiness data, data of scoring and rating, advertising and commercial data as well as other data comparable to the mentioned categories.
Data, that we received from you within our business relationship, are processed by us such as data we received from other third parties. On the other hand, we collect data from public sources (e.g. business directories and records of debtors, commercial registers, press).

Information on your right to object according to art. 21 DS-GVO

Right to object on a case-by-case basis

You have the right to object at any time against the processing of your personal data for reasons rising from your personal situation, according to art. 6 paragraph 1e DS-GVO (data processing for the public benefit) and article 6 paragraph 1f DS-GVO (data processing on the basis of a balance of interests); the same applies on profiling based on this determination. If you object, your personal data are no longer processed, unless we are able to prove reasons which are worthy of protection, which outweigh your interests, rights and liberties or if the processing serves to the exercise, exertion or defence of legal claims.

Right to object against the processing of data for the purpose of direct marketing

We process your personal data in order to do direct marketing. You have the right to object at any time against the processing of your personal data for the purpose of this kind of marketing; the same applies on profiling, insofar as it is in touch with direct marketing. If you object the processing of your data for the purpose of direct marketing, your personal data are no longer processed for this purpose. The objection can be carried-out informally and it should be addressed to:

NARR Modular Systems GmbH
Defense & Security
Ohnrastraße 23
D-72336 Balingen
Fax: +49/7433/99 07 34 1

pdf_icon Download privacy policy as pdf file