Privacy policy

Privacy

 

 

I. GENERAL

We are pleased about your interest in our website www.krier-information.de. The protection of personal data is very important to us. Therefore, we would like to inform you with this privacy policy about the type, scope, and purpose of the processing of personal data within our online offer and the websites, functions, and content associated with it, as well as external online presences, such as our social media profiles (hereinafter collectively referred to as "Online Offer").

 

Responsible Party

The responsible party in the sense of the General Data Protection Regulation (GDPR), other data protection laws applicable in the member states of the European Union, and other provisions with a data protection character is:

 

Krier Information GmbH
Neuenhöfer Allee 125
50935 Cologne
Germany
 
Phone: +49 221 29 210 760
Email: datenschutz@krier-information.de
Legal Notice: www.krier-information.de/impressum
(hereinafter referred to as "Operator" or "Krier Information")
 

By consenting to the following privacy statements, you agree to the collection, processing, and use of your personal data by the operator in accordance with the legal bases and the following provisions. The use of the Krier Information GmbH internet pages is generally possible without any indication of personal data. However, if a data subject wishes to use special services of our company via our website, processing of personal data may become necessary. Personal data are processed only with the user's consent.

 

Definitions

"Personal data" means any information relating to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g., cookie), or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

"Processing" means any operation or set of operations which is performed on personal data, whether or not by automated means. The term is broad and covers virtually any handling of data.

The "controller" refers to the natural or legal person, authority, institution, or other body that alone or jointly with others decides on the purposes and means of processing personal data.

 

Relevant Legal

Bases In accordance with Art. 13 GDPR, we inform you of the legal bases of our data processing. If the legal basis is not mentioned in the privacy policy, the following applies: The legal basis for obtaining consents is Art. 6 (1) (a) and Art. 7 GDPR, the legal basis for processing for the performance of our services and the execution of contractual measures as well as the response to inquiries is Art. 6 (1) (b) GDPR, the legal basis for processing to fulfill our legal obligations is Art. 6 (1) (c) GDPR, and the legal basis for processing to protect our legitimate interests is Art. 6 (1) (f) GDPR. In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 (1) (d) GDPR serves as the legal basis.

 

Cooperation with Processors and Third Parties

If, in the course of our processing, we disclose data to other persons and companies (processors or third parties), transmit them to them, or otherwise grant them access to the data, this is done only on the basis of legal permission (e.g., if a transfer of data to third parties, such as to payment service providers, in accordance with Art. 6 (1) (b) GDPR is required to fulfill the contract), you have consented, a legal obligation provides for this, or based on our legitimate interests (e.g., when using agents, web hosts, etc.).

If we commission third parties to process data on the basis of a so-called "contract processing agreement," this is done on the basis of Art. 28 GDPR.

 

Transfers to Third Countries

If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or if this occurs in the context of using third-party services or the disclosure or transfer of data to third parties, this is done only if it is necessary to fulfill our (pre-)contractual obligations, based on your consent, due to a legal obligation, or based on our legitimate interests. Subject to legal or contractual permissions, we process or let the data be processed in a third country only in the presence of the special requirements of Art. 44 et seq. GDPR. This means that processing is carried out on the basis of special guarantees, such as the officially recognized determination of a data protection level corresponding to the EU (e.g., for the USA through the "Privacy Shield") or compliance with officially recognized specific contractual obligations (so-called "standard contractual clauses").

 

II. DATA PROCESSING WHEN VISITING OUR WEBSITE

When you use our website for purely informational purposes, i.e., if you do not register or otherwise provide us with information, we only process the personal data that your browser transmits to our server. When you view our website, we collect the following data based on the legal basis for processing to protect our legitimate interests under Art. 6 (1) lit. f GDPR, which are technically necessary for us to display our website and ensure its stability and security:

  • IP address
  • Date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status/HTTP status code
  • Volume of data transferred
  • Website from which the request comes
  • Browser
  • Operating system and its interface

 

Cookies

"Cookies" are small files that are stored on users' computers. Within the cookies, various information can be stored. A cookie primarily serves to store information about a user (or the device on which the cookie is stored) during or after his visit to an online offer. Temporary cookies, or "session cookies" or "transient cookies," are cookies that are deleted after a user leaves an online offer and closes his browser. Such a cookie can store the contents of a shopping cart in an online store or a login status, for example. "Permanent" or "persistent" cookies are cookies that remain stored even after the browser is closed. For example, the login status can be saved when users visit it after several days. Likewise, such a cookie can store the interests of the users, which are used for reach measurement or marketing purposes. "Third-party cookies" are cookies that are offered by providers other than the responsible party who operates the online offer (otherwise, if they are only its cookies, they are referred to as "first-party cookies").

We may use temporary and permanent cookies and provide information about this in our privacy policy. If users do not want cookies to be stored on their computer, they are asked to disable the corresponding option in their browser's system settings. Saved cookies can be deleted in the system settings of the browser. Excluding cookies can lead to functional restrictions of this online offer.

A general objection to the use of cookies used for online marketing purposes can be declared for a variety of services, especially in the case of tracking, via the US site http://www.aboutads.info/choices or the EU site http://www.youronlinechoices.com. Furthermore, the storage of cookies can be achieved by deactivating them in the browser settings. Please note that if you do this, you may not be able to use all the features of this online offer.

 

Deletion of Data

The data we process is deleted or its processing is restricted in accordance with Articles 17 and 18 of the GDPR. Unless explicitly stated within this privacy policy, the data stored by us will be deleted as soon as they are no longer required for their intended purpose and there are no legal retention obligations to prevent their deletion. If the data are not deleted because they are required for other legally permissible purposes, their processing is restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax reasons.

According to legal requirements in Germany, data is stored in particular for 6 years in accordance with Section 257 (1) of the German Commercial Code (HGB) (trading books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting documents, etc.) and for 10 years in accordance with Section 147 (1) of the German Fiscal Code (AO) (books, records, management reports, accounting documents, commercial and business letters, documents relevant for taxation, etc.).

 

Hosting

The hosting services we use are aimed at providing the following services: infrastructure and platform services, computing capacity, storage space, and database services, security services, and technical maintenance services that we use for the purpose of operating this online offer. In this context, we, or our hosting provider, process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties, and visitors of this online offer based on our legitimate interests in an efficient and secure provision of this online offer according to Art. 6 (1) lit. f GDPR in conjunction with Art. 28 GDPR (conclusion of contract processing agreement).

 

Collection of Access Data and Log Files

We, or our hosting provider, collect data on the basis of our legitimate interests within the meaning of Art. 6 (1) lit. f GDPR about each access to the server on which this service is located (so-called server log files). Access data includes the name of the retrieved website, file, date and time of retrieval, transmitted data volume, report of successful retrieval, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address, and the requesting provider.

Logfile information is stored for security reasons (e.g., to investigate abusive or fraudulent activities) for a maximum period of 7 days and then deleted. Data whose further retention is required for evidence purposes are excluded from deletion until the final clarification of the respective incident.

 

Privacy Policy for the Use of Matomo (Piwik)

On this website, data is collected and stored using the web analytics service software Matomo (www.matomo.org), a service of the provider InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand, ("Matomo") based on our legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes in accordance with Art. 6 (1) lit. f GDPR. From these data, pseudonymized user profiles can be created and evaluated for the same purpose. Cookies may be used for this purpose. Cookies are small text files that are stored locally in the cache of the site visitor's Internet browser. Among other things, the cookies enable the recognition of the Internet browser. The data collected with Matomo technology (including your pseudonymized IP address) is processed on our servers. The information generated by the cookie in the pseudonymous user profile is not used to personally identify the visitor of this website and is not merged with personal data about the bearer of the pseudonym. If you do not agree with the storage and analysis of these data from your visit, you can object to the storage and use at any time by clicking below. In this case, an opt-out cookie will be stored in your browser, which means that Matomo will not collect any session data. Please note that the complete deletion of your cookies means that the opt-out cookie will also be deleted and may need to be reactivated by you.

 

Google Analytics

We use Google Analytics, a web analytics service provided by Google LLC ("Google"), based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offer as per Art. 6 (1) lit. f GDPR). Google uses cookies. The information generated by the cookie about the users' use of the online offer is generally transmitted to and stored on a Google server in the USA.

Google is certified under the Privacy Shield Agreement, thereby guaranteeing compliance with European data protection law. Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports on activities within this online offer, and to provide us with other services related to the use of this online offer and internet usage. In this process, pseudonymous user profiles can be created from the processed data.

We only use Google Analytics with activated IP anonymization. This means that the IP address of the users is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and shortened there.

The IP address transmitted by the user's browser is not merged with other data from Google. Users can prevent the storage of cookies by adjusting their browser software accordingly; users can also prevent Google from collecting the data generated by the cookie and related to their use of the online offer as well as the processing of this data by Google by downloading and installing the browser plugin available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en. Furthermore, you can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set, which prevents the collection of your data on future visits to this website: Disable Google Analytics.

For more information on data usage by Google, settings, and opt-out options, please visit Google's websites: "Data usage by Google when you use websites or apps of our partners", "Data usage for advertising purposes", "Manage information that Google uses to show you ads".

 

Google Re-/Marketing Services

We use the marketing and remarketing services (short "Google Marketing Services") of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, ("Google") based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offer in terms of Art. 6 (1) lit. f GDPR).

Google is certified under the Privacy Shield Agreement, thereby offering a guarantee to comply with European data protection law.

Google Marketing Services allow us to display ads for and on our website more selectively to show users only ads that potentially match their interests. If a user is shown ads for products they have been interested in on other websites, this is referred to as "remarketing." For these purposes, when our and other websites on which Google Marketing Services are active are accessed, Google directly executes a code and so-called (re-)marketing tags (invisible graphics or code, also known as "web beacons") are integrated into the website. With their help, an individual cookie, i.e., a small file, is stored on the user's device (instead of cookies, comparable technologies can be used). The cookies can be set from various domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com, or googleadservices.com. This file records which web pages the user has visited, which content they are interested in, and which offers they have clicked on, as well as technical information about the browser and operating system, referring web pages, visiting time, and other information about the use of the online offer. The user's IP address is also recorded, whereby we inform within the framework of Google Analytics that the IP address is shortened within member states of the European Union or in other contracting states of the Agreement on the European Economic Area and only in exceptional cases is transmitted in full to a Google server in the USA and shortened there. The IP address is not merged with the user's data within other Google offers. The information mentioned above may also be linked by Google with such information from other sources. If the user subsequently visits other websites, ads tailored to the user's interests may be displayed based on his or her profile.

The users' data is processed pseudonymously within the framework of the Google Marketing Services. This means that Google does not store and process, for example, the names or email addresses of the users, but processes the relevant data cookie-related within pseudonymous user profiles. That is, from Google's perspective, the ads are not managed and displayed for a specifically identified person, but for the cookie owner, irrespective of who this cookie owner is. This does not apply if a user has explicitly allowed Google to process the data without this pseudonymization. The information collected by Google Marketing Services about users is transmitted to Google and stored on Google's servers in the USA.

Among the Google Marketing Services we use is the online advertising program "Google AdWords." In the case of Google AdWords, each AdWords customer receives a different "conversion cookie." Thus, cookies cannot be tracked through the websites of AdWords customers. The information obtained with the help of the cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. AdWords customers see the total number of users who clicked on their ad and were redirected to a page with a conversion tracking tag. However, they do not receive any information that can be used to personally identify users.

Based on the Google Marketing Service "AdSense," we can integrate third-party advertisements. AdSense uses cookies, which enable Google and its partner websites to display ads based on users' visits to this site and other sites on the Internet. Furthermore, we can use the "Google Tag Manager" to integrate and manage Google analysis and marketing services on our website.

For more information on Google's use of data for marketing purposes, visit Google's overview page. Google's privacy policy can be viewed here. If you wish to opt-out of interest-based advertising by Google Marketing Services, you can use the setting and opt-out options provided by Google: http://www.google.com/ads/preferences.

 

Online Presence in Social Media

We maintain online presences within social networks and platforms to communicate with active customers, prospects, and users and to inform them about our services. When accessing the respective networks and platforms, the terms and conditions and the data processing guidelines of their respective operators apply.

Unless otherwise stated in our privacy policy, we process the data of users if they communicate with us within social networks and platforms, e.g., write posts on our online presences or send us messages.

 

Integration of Third-Party Services and Content

We use content or service offers from third-party providers within our online offer based on our legitimate interests (i.e., interest in the analysis, optimization, and economic operation of our online offer in the sense of Art. 6 (1) lit. f GDPR) to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as "content").

This always presupposes that the third-party providers of this content perceive the IP address of the users, as they could not send the content to their browser without the IP address. The IP address is therefore necessary for the presentation of this content. We endeavor to use only content whose respective providers use the IP address solely for the delivery of the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. Furthermore, the pseudonymous information can be stored in cookies on the user's device and contain, among other things, technical information about the browser and operating system, referring web pages, visiting time, and other information about the use of our online offer, as well as being linked with such information from other sources.

 

XING

Within our online offer, functions and contents of the service XING, offered by XING AG, Dammtorstraße 29–32, 20354 Hamburg, Germany, can be integrated. This can include contents such as images, videos, or texts and buttons with which users can share contents of this online offer within XING. If the users are members of the XING platform, XING can assign the access to the above-mentioned contents and functions to the profiles of the users there. Privacy policy of XING: https://www.xing.com/app/share?op=data_protection.

 

LinkedIn

Within our online offer, functions and content of the LinkedIn service, provided by LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland, can be integrated. This may include content such as images, videos, or texts and buttons with which users can share content of this online offer within LinkedIn. If users are members of the LinkedIn platform, LinkedIn can assign the access to the above-mentioned content and functions to the profiles of the users there. LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy. LinkedIn is certified under the Privacy Shield Agreement, thereby offering a guarantee to comply with European data protection law. LinkedIn uses a cookie, which you can deactivate here: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

 

SSL Encryption

This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. When SSL encryption is activated, the data that you transmit to us cannot be read by third parties.

Our websites and systems are additionally secured against loss, destruction, and access by unauthorized persons by various technical and organizational measures (TOM). We point out that complete protection can never be guaranteed.

 

III. RIGHTS OF THE DATA SUBJECT

You have the right to request confirmation as to whether data concerning you are being processed and to request information about this data as well as further information and a copy of the data in accordance with Art. 15 GDPR.

In accordance with Art. 16 GDPR, you have the right to request the completion of data concerning you or the correction of inaccurate data concerning you.

According to Art. 17 GDPR, you have the right to demand that relevant data be deleted immediately or, alternatively, to demand a restriction of the processing of the data in accordance with Art. 18 GDPR.

You have the right to request that the data concerning you, which you have provided to us, be received in accordance with Art. 20 GDPR and to demand their transmission to other controllers. Furthermore, according to Art. 77 GDPR, you have the right to file a complaint with the competent supervisory authority.

 

Right to Withdrawal

You have the right to withdraw consents granted according to Art. 7 (3) GDPR with effect for the future. Please address such a revocation to datenschutz@krier-information.de.

 

Right to Object

You can object to the future processing of the data concerning you at any time in accordance with Art. 21 GDPR. The objection can be made especially against processing for direct marketing purposes. Please address such an objection to datenschutz@krier-information.de.