CODE OF CONDUCT

Customer Code of Conduct of FlexBio Technologie GmbH

Code of Conduct for the Protection of Customer Data, Confidential Information and Project Data

1.    Scope and Purpose
1.1    This Code of Conduct describes the principles of FlexBio Technologie GmbH (hereinafter referred to as FlexBio) for handling customer data, confidential information, trade secrets, personal data and project data.
1.2    The Code of Conduct applies to the processing of customer inquiries, quotations, project development, planning, deliveries, installation, commissioning, services, maintenance, warranty cases and any other business cooperation with customers, prospective customers and project partners.
1.3    It serves to transparently present our working methods to customers. Statutory obligations, individually agreed confidentiality agreements, data protection agreements, data processing agreements and other contractual provisions remain unaffected and shall prevail in case of doubt.

2.    Principle of Confidentiality
2.1    FlexBio treats all information received in connection with an inquiry, quotation processing, project development, planning, execution, commissioning, maintenance or other cooperation as confidential.
2.2    Confidential information includes in particular technical data, process data, wastewater data, analyses, measured values, material flow data, energy and consumption data, production data, plant concepts, drawings, layout plans, P&ID diagrams, technical specifications, quotations, calculations, contract documents, operational and business secrets, commercial data as well as personal contact data and communication content.
2.3    FlexBio generally assumes that project-related customer data is confidential, even if it has not been expressly marked as such. Marking by the customer facilitates internal handling but is not a prerequisite for careful treatment.

3.    Purpose Limitation of Data Use
3.1    Customer data is used exclusively for the purpose for which it was provided or which arises objectively from the respective business relationship.
3.2    This includes in particular the technical evaluation of projects, the design and dimensioning of plants, the preparation of quotations, permitting support, project planning, project execution, commissioning, service, maintenance, fault analysis, warranty processing, documentation, invoicing and the fulfilment of statutory record-keeping and retention obligations.
3.3    Customer data is only used for other purposes if there is a legal basis for doing so, a contractual provision exists or the customer has given prior consent.

4.    No Unauthorized Disclosure to Third Parties
4.1    FlexBio does not pass on customer data, project data or confidential information to third parties without authorization.
4.2    Disclosure only takes place if the customer has approved it, the disclosure is necessary for the execution of the specific project, FlexBio is required to disclose by law, official order or court ruling, or the disclosure is necessary to safeguard legitimate legal interests.
4.3    Project-related necessary third parties may include in particular specialist planners, subcontractors, suppliers, laboratories, experts, logistics partners, service partners, IT service providers, lawyers, tax advisors, auditors, insurers or authorities. Disclosure is limited to the minimum necessary.
4.4    Where necessary, third parties are bound by appropriate contractual provisions on confidentiality, data protection or data processing.

5.    Access Restrictions within FlexBio
5.1    Within FlexBio, only those employees who require access to customer data for their specific task are granted access.
5.2    Access is granted on a role- and project-related basis, in particular for management, sales, project management, process engineering, design, automation, purchasing, service, accounting and quality management, insofar as these persons are involved in the respective matter.
5.3    FlexBio applies the principle of necessity. Information is not distributed internally at will, but only made accessible to those persons who need it for proper processing.

6.    Handling of Personal Data
6.1    FlexBio only processes personal data to the extent necessary for the respective business relationship, project processing, contract performance, communication, billing or legal obligation.
6.2    Typical personal data includes name, function, business contact details, e-mail address, telephone number, communication content and project-related responsibilities.
6.3    FlexBio processes personal data in accordance with the principles of lawfulness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity and confidentiality.
6.4    Personal data is not used for private purposes, not published without authorization and not passed on to third parties without a legal basis or necessity.

7.    Handling of Technical Project Data
7.1    Technical project data is particularly sensitive for our work. This includes in particular wastewater analyses, COD, BOD, nitrogen, phosphorus and pH values, material flow data, production volumes, operating times, formulation or process information, energy consumption, plant layouts, permit documents, measurement data, control data and operating data.
7.2    FlexBio uses technical project data exclusively for the technical evaluation, design, planning, optimization, project execution or support of the respective plant.
7.3    Any use of technical customer data as a reference, marketing content, training example, presentation, technical article, trade fair document or website content is only carried out in anonymized form or after prior release by the customer.

8.    Protection of Trade Secrets and Intellectual Property
8.1    FlexBio respects the trade secrets, know-how, intellectual property, protective rights and technical development achievements of its customers and business partners.
8.2    Know-how received from customers is not used outside the agreed project purpose. FlexBio does not claim any rights to customer documents, drawings, processes, data, formulations, production information or other information that has merely been provided for project processing.
8.3    Documents, concepts, calculations, designs, drawings, software components, control concepts, plant concepts and technical know-how of FlexBio remain the property or protectable know-how of FlexBio, unless otherwise contractually agreed.

9.    Data Minimization and Minimum Scope
9.1    FlexBio only collects, stores and processes customer data that is necessary for the respective purpose.
9.2    For project inquiries, only the information required for a sound technical and commercial evaluation is requested. If less data is sufficient for an initial preliminary review, a more detailed data collection only takes place at a later project step.
9.3    Unnecessary data collections, duplicate filings and working copies that are not required should be avoided or cleaned up in the course of the project.

10.    Storage and Retention
10.1    Customer data is only stored for as long as is necessary for the respective project purpose, the business relationship, contract performance, warranty, documentation, services or statutory retention obligations.
10.2    Project documents are reviewed after completion of a project to determine whether they are still required. Working copies, interim files or duplicate filings that are no longer needed are deleted or cleaned up.
10.3    Documents subject to commercial, tax, contractual, warranty-related or technical documentation obligations are retained for the period required by law or contract.
10.4    After the expiry of the required storage or retention period, data is deleted, anonymized or archived, unless there are legitimate reasons for further retention.

11.    Deletion and Return of Data
11.1    At the customer's request, FlexBio examines whether transferred data can be returned, deleted or restricted in its further use.
11.2    Deletion takes place provided that no statutory retention obligations, contractual obligations, warranty interests, evidence obligations or other legitimate reasons preclude it.
11.3    If complete deletion is not immediately possible due to legal or technical conditions, further use of the data is limited to the permissible and necessary extent.

12.    Technical and Organizational Protective Measures
12.1    FlexBio applies appropriate technical and organizational measures to protect customer data from unauthorized access, loss, alteration, disclosure or misuse.
12.2    These include in particular access-restricted filing systems, role-based authorizations, password protection, protection against unauthorized access to IT systems, orderly project filing structures, data backup, employee awareness training, confidential handling of e-mail communication as well as careful handling of mobile data carriers and end devices.
12.3    Protective measures are applied on a risk-oriented basis. The more sensitive the data, the higher the requirements for access, disclosure, storage and documentation.

13.    Handling of E-mail, Cloud Systems and Digital Tools
13.1    Customer data is only processed via communication and filing channels that are suitable for the respective task.
13.2    For particularly sensitive information, encrypted transmission, a protected data exchange room or separate coordination with the customer may be required.
13.3    External cloud, software or IT service providers are only used if their use is necessary for business operations or the project and appropriate contractual, technical and organizational protective measures are in place.

14.    Handling of AI and Assistance Systems
14.1    Confidential customer data, non-public project data, personal data, trade secrets and detailed technical information are not entered into public or contractually unsecured AI systems without prior review and appropriate release.
14.2    The use of AI-supported tools is only considered if it does not result in unauthorized disclosure of customer data and the requirements for data protection, confidentiality and information security are met.
14.3    In case of uncertainty, a decision is made prior to use as to whether anonymization, pseudonymization, contractually secured processing or a complete waiver of use is required.

15.    References, Photos, Plant Images and Publications
15.1    FlexBio does not publish any customer-specific project data, photos, plant images, operating data, names, locations or reference details without prior release by the customer, unless this information is already lawfully publicly known.
15.2    In particular, photos and plant images are not published if customer-specific features, site-specific characteristics, production areas, markings, employees, suppliers, operating data, license plates, buildings, logos or other elements allowing conclusions about the customer, the site or confidential operational processes can be identified.
15.3    Publication of images or project data is only considered if the customer has released them or if the content has been anonymized, edited or neutralized in such a way that no customer-specific features can be identified.
15.4    For references, press releases, website content, social media posts, trade fair documents, technical lectures or other publications, it is clarified in advance which information may be mentioned. This applies in particular to customer name, location, industry, technical design, performance data, photos, savings, profitability data, emission data and other project results.

16.    Conduct in the Event of Data Protection or Security Incidents
16.1    If a possible loss, unauthorized disclosure, misdirected transmission, unauthorized access or other security incident in connection with customer data is identified, it is immediately assessed internally and escalated to the responsible persons.
16.2    FlexBio examines which data is affected, what risks exist, which immediate measures are required and whether the customer, authorities or affected persons must be informed.
16.3    The goal is to limit damage, analyze causes, prevent recurrence and continue cooperation with the customer transparently and objectively.

17.    Cooperation with Customers
17.1    Confidentiality is a shared responsibility. FlexBio also expects customers and project partners to handle FlexBio's documents, concepts, drawings, quotations, calculations and technical information with care.
17.2    For sensitive projects, it can be coordinated at an early stage which data is required, how it is to be transmitted, which persons may be granted access and whether special protective measures are necessary.
17.3    For projects with increased protection requirements, additional agreements can be concluded, in particular confidentiality agreements, data processing agreements, project-specific deletion provisions, protected data rooms or special release procedures for publications.

18.    Lawfulness, Integrity and Fair Business Practice
18.1    FlexBio acts lawfully, fairly and with integrity. We comply with applicable legal requirements, in particular in the areas of data protection, protection of trade secrets, competition law, occupational safety, environmental law, tax law and commercial law.
18.2    FlexBio rejects corruption, unfair business practices, anti-competitive agreements and the misuse of confidential information.
18.3    Our customers should be able to trust that their data is not used for any unintended purpose, is not disclosed without authorization and is not exploited for the economic interests of third parties.

19.    Ecological and Technical Responsibility
19.1    As a company in the field of environmental technology, FlexBio is committed to the responsible handling of water, energy, resources and the environment.
19.2    We develop technical solutions with the aim of efficiently treating industrial wastewater, reducing organic loads, making energy potential usable and reducing environmental impact.
19.3    The following also applies to ecological and technical project results: customer-specific data is only used with release or in sufficiently anonymized form.

20.    Contact Persons and Escalation
20.1    The management of FlexBio Technologie GmbH is available as a contact for questions on the handling of customer data, confidential information or project-specific protection requirements.
20.2    In case of uncertainty about the permissibility of data use, disclosure, publication, storage or deletion, the decision is escalated internally in advance.
20.3    In case of doubt, a release from the customer is obtained or a legal or data protection review is initiated.

21.    Final Provision
21.1    This Code of Conduct describes FlexBio's principles for handling customer data and confidential information. It is intended to support trustworthy, legally secure and transparent cooperation.
21.2    Further statutory, contractual or project-specific requirements remain unaffected. In the event of conflicts, mandatory statutory provisions and individually agreed contracts shall prevail.
21.3    This Code of Conduct is to be understood as customer information and a self-commitment by FlexBio. It does not replace any separate confidentiality, data protection or data processing agreement required in individual cases.

Do you have any questions?

This website
uses cookies!

We use cookies. Some of them are necessary to make the website usable. Others help us display information that is relevant and engaging to you. As data protection is important to us, we ask you to decide on the scope of use. You can either accept all cookies or choose your individual settings. You can withdraw your consent at any time by reopening this tool. Thanks and enjoy our website!

Accept all Accept only essential cookies Advanced cookie settings
Privacy Imprint
Individual
cookie settings

This is an overview of all cookies used on this website. Please make your individual settings. You can adapt them at any time by using the "Cookie settings" link in the footer of this website.

Back
Essential (1)

These cookies are essential to the operation of the website, e.g. by saving your cookie settings.

Show detailsHide details
Name alto. Cookie
Provider Provider
Purpose Saves the visitor's settings
Identifier alto-cookie
Validity 1 year
Analytics (2)

Tools collecting usage data anonymoulsy, giving insights into how to improve our services for you.

Show detailsHide details
Accept
Name Google Analytics
Provider Google LLC
Purpose Google cookie for website analyses. Creates statistical data on website usage.
Privacy https://policies.google.com/privacy
Identifier _ga,_ga_MTJ6K6MYSX,_gcl_au
Validity 2 years
Accept
Name Apollo.io
Provider Apollo.io Inc.
Purpose Apollo.io tracks website visitors for B2B sales intelligence and lead generation. Identifies companies and visitor behavior patterns.
Privacy https://www.apollo.io/privacy/
Identifier apollo_visitor_id,apollo_session
Validity 2 years/session
External media (1)

Tools enhancing the browsing exerience, e.g. maps or videos.

Show detailsHide details
Accept
Name YouTube
Provider YouTube, LLC
Purpose Used to unlock Youtube contents.
Privacy https://policies.google.com/privacy
Identifier yt-remote-fast-check-period, yt-remote-session-app, yt-remote-session-name
Validity Session
Privacy Imprint