The new EU General Data Protection Regulation (GDPR) will enter into force as from May 25, 2018.
Art. 28 GDPR stipulates that in the event of processing a legally binding Agreement on Processing must have been concluded between both parties, i.e. the controller (= AEB customer) and the processor (= AEB).
So far, AEB has pointed out in its General Terms and Conditions, System Descriptions and in personal correspondence that AEB products contain personal data (e.g. user or contact details) and because of that data protection is an issue.
Unfortunately, not all our customers have signed a respective agreement with AEB yet.
Since AEB wishes to remain legally compliant when it comes to data protection regulations, we would like to point out that as from the entry into force of the GDPR, there will be the risk of substantial fines if there is no valid agreement between the controller (previously: "the principal") of personal data and the processor (previously: "the agent") according to GDPR in place.
Your existing agreement (based on Germany’s Federal Data Protection Act (BDSG)) will no longer be valid as from May 25, 2018. Please make sure to check as to whether your company has concluded an Agreement on Processing with AEB according to GDPR. If not, this should be done immediately.
Should a valid Agreement on Processing not be available until the entry into force of the GDPR, we reserve the right to suspend processing.
We kindly ask for your understanding that - considering the approaching deadline - the option of time-consuming contract negotiations is almost excluded.
Should you have any questions, please send an e-mail to service(at)aeb.com.