In the following text, we will inform you about the collection of personal data during usage of our website. Personal data includes all data that relates to you personally, such as your name, address, e-mail addresses, and user behavior.
1 Party Responsible for Data Processing
The party responsible pursuant to Art. 4 Para. 7 of the EU General Data Protection Regulation (GDPR) is:
KNF DAC GmbH
c/o WeWork Companies Inc.
Legal representative: Reto Furrer, managing director.
2 Methods of Contacting the Data Protection Officer
You can reach our data protection officer by sending an e-mail to email@example.com with the subject “Data protection officer” or to our postal address with the additional line “Data protection officer.”
3 General Data Collection when Calling up our Website
If you use our website for informational purposes only, which is to say, if you do not register or transmit information to us in another manner, in addition to technical information about the terminal device (operating system, screen resolution, and other non-personal properties) and the browser (version and language settings) you use, we will collect the public IP address of the computer you use to visit our website, including the date and time of your access, in particular. We and our service provider are generally not aware of who is behind an IP address unless you provide us with data that makes this identification possible while you use our website.
The data collected is required for technical reasons so we can present our website and guarantee both its stability and security.
The legal basis for this is our legitimate interest pursuant to Art. 6 Para. 1 S. 1 f of the GDPR.
In the scope of weighing interests according to Art. 6 Para. 1 S. 1 f of the GDPR, we have considered and weighed our interests in provisioning and your interest having your personal data processed in a manner that complies with data privacy legislation. The following data for provisioning our services is occasionally required for technical reasons in order to present our website to you and to guarantee its stability and security, and especially to protect against its misuse. In light of this, we reached the conclusion that this data can be processed (with state-of-the-art data security guaranteed), whereby your interest in processing that is compliant with data privacy legislation is taken into consideration appropriately.
Recording data to provision the website and storing data in log files is absolutely necessary for the operation of the Internet site. Users therefore have no opportunity to object to this.
4 Cookies – General Information
We use what are referred to as cookies on different sites in order to make visits to our websites attractive and enable the use of certain functions. Cookies are small text files that are stored on your terminal device. Some of the cookies we use are deleted again after the end of the browser session, which is to say, after you close your browser (they are referred to as session cookies). Other cookies remain on your terminal device and allow us or our partner companies to recognize your browser the next time you visit the site (they are referred to as long-term cookies). Cookies can be used neither to access other files on your computer nor to determine your e-mail address.
This website uses the following cookies:
Name of the cookie: Purpose, Storage duration, Type of cookie
CookieConsent: Stores the status of the user’s consent to cookies in the current domain, 1 year, HTTP
fe_typo_user: Session cookie for maintaining the user session, Session, HTTP
fe_user_pre: Internal cookie for storing user country and language preferences, Session, HTTP
collect: Is used to send data about the device and user behavior to Google Analytics; records visitor behavior across devices and marketing channels Session Pixel
_ga: Registers a unique ID used to generate statistical data concerning the user’s usage of the website, 2 years, HTTP
_gat: Google Analytics uses it to restrict the requirement rate, 1 day, HTTP
_gid: Registers a unique ID used to generate statistical data concerning the user’s usage of the website, 1 day, HTTP
IDE: Google DoubleClick uses it to register and report the user’s actions on the website after one of the provider’s advertisements is displayed or clicked on. The purpose of this is to measure the efficacy of an advertisement and to display advertisements targeted towards the user., 1 year, HTTP
test_cookie: Is used to check whether the user’s browser supports cookies, 1 day, HTTP
ads/ga-audiences: Used by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor's online behavior across websites, Session, Pixel
pagead/1p-user-list/#: Upcoming, Session, Pixel
Cookies are used to process personal data for marketing purposes or in order to create statistics only if you have granted us your consent. The legal basis for this is Art. 6 Para. 1 a of the GDPR.
You may revoke your consent at any time without specifying reasons under the following link. All you need to do is modify the functionalities allowed.
Cookies are stored on your terminal device, and you have complete control over their usage. You can deactivate or restrict the transfer of cookies by changing the settings in your Internet browser. Cookies that have already been stored can be deleted at any time. This can also take place automatically. If cookies for our websites are deactivated, you may not be able to use all of the websites’ functions to their full extent.
5 Google Analytics
KNF’s website uses Google Analytics with the “anonymize IP” enhancement. That means Google truncates the IP address collected by the Google Analytics cookie within member states of the European Union and in other contracting member states party to the Agreement on the European Economic Area before transferring it to the USA. Only in exceptional cases does Google transfer the complete IP address to one of its servers in the USA and truncate it there. On behalf of KNF, Google uses this information to evaluate your usage of the website in order to compile reports about the website activities and in order to provide additional services associated with usage of the website and the Internet to the website operator. The IP address your browser transmits in the scope of Google Analytics is not combined with any other data in Google’s possession.
The legal basis for processing personal data using cookies is Art. 6 Para. 1 Sub-Para. 1 a of the GDPR. You may revoke your consent at any time as described above by adjusting your cookie preferences.
Additionally, you can delete cookies that have already been saved at any time in your browser’s settings. If you do this, you may not be able to use all of the websites’ functions to their full extent.
You can find more information about conditions of use and data privacy at www.google.com/analytics/terms/ or www.google.com/intl/de/analytics/privacyoverview.html.
6 Google Tag Manager / Ad Manager
If you grant your consent, we will use Google Tag Manager from the provider Google Ireland Limited (registry number: 368047), Gordon House, Barrow Street, Dublin 4, Ireland. Google Tag Manager itself does not record any personal data. Google Tag Manager helps us incorporate and manage our tags. Tags are small code elements that, among other things, serve to measure traffic and user behavior, record the effect of online advertising and social channels, set up re-marketing and orient it towards target groups, and test and optimize websites. We use Tag Manager for the service Google Analytics. If you have deactivated it, Google Tag Manager will consider this deactivation. For more information about Google Tag Manager, see: https://www.google.com/intl/de/tagmanager/use-policy.html.
7 Google reCAPTCHA
On this website, we also use the reCAPTCHA function provided by Google Ireland Limited, Gordon House, 4 Barrow St., Dublin, D04 E5W5, Ireland (“Google”). Above all, this function services to differentiate between whether an entry has been made by a natural person or whether misuse by machine and automatic processing is concerned. This service involves sending the IP address and, if necessary, additional data Google requires for the reCAPTCHA service to Google and is performed pursuant to Art. 6 Para. 1 a of the GDPR based on our legitimate interest in assessing individual responsibility on the Internet and avoiding misuse and spam. Personal data may also be transmitted to Google LLC’s servers in the USA in the scope of usage of Google reCAPTCHA.
For transfers of personal data to Google LLC, which is headquartered in the USA, Google LLC has been certified according to the US-European data privacy agreement “Privacy Shield,” which guarantees compliance with the level of data privacy applicable in the EU. You can view a current certificate here: https://www.privacyshield.gov/list.
You can find additional information about Google reCAPTCHA and the company’s data privacy statement at: https://www.google.com/intl/de/policies/privacy/
8 Contact Form / Contact Form Repairs
When you contact us by e-mail or using a contact form, we will store the data you send us (your e-mail address and, if applicable, your name and phone number, customer number, and order number) in order to answer your questions. Wherever we have requested information that is not required to contact you on our contact form, we have indicated that this information is optional. This information helps us substantiate your inquiry and improve the processing of your issue. This information is provided expressly on a voluntary basis and with your consent pursuant to Art. 6 Para. 1 a of the GDPR. As far as this constitutes information regarding communication channels (such as e-mail address and phone number), you also consent that we may also contact you via this communication channel in order to address your issue. Of course, you may revoke this consent at any time and with effect for the future.
We will delete data accrued in this context once it is no longer necessary to save it, or we will restrict processing if legal storage obligations exist.
9 Forwarding Data
Your personal data will not be forwarded to third parties for purposes beside those mentioned.
We will forward your data to third parties only if:
• you have granted your express consent to this,
• this forwarding is necessary for the assertion, exercise, or defense of legal claims, and there is no reason to assume that you have an overriding legitimate interest in the non-forwarding of your data,
• there is a legal obligation to forward the data, and
• this is legally permissible and necessary for processing contractual relationships with you,
• and in the event of our legitimate interest.
Your personal data is forwarded in the scope of a contact request initiated by you and using the contact forms. The data entered in the contact form is forwarded within the KNF Group in the process to make it possible to optimally respond to your inquiry. Some of our locations are too small to be able to effectively process inquiries. In this instance, larger locations can take over processing. The KNF Group’s joint access to contact requests thus benefits both you and us. The legal basis for forwarding is Art. 6 Para. 1 S. 1 f of the GDPR, which is to say, our legitimate interest in being able to give our customers the best possible answers and thus improve contact with customers.
Additionally, our web hoster Corpex Internet GmbH, Schauenburgerstraße 6, 20095 Hamburg, has access to your personal data, which happens inevitably during the hosting process and cannot be avoided. However, in the scope of contractual agreements, we guarantee that our web hoster does not use your data in an unauthorized manner and, instead, stores it securely.
We also use a virtual server via Amazon Web Services as a cloud solution, as well as its content delivery network CloudFront. Contractual agreements serve to protect your data in this instance as well. Should your data be transmitted to the USA, reference shall be made to Amazon’s Privacy Shield certification.
The web server is located in Frankfurt.
10 Social Plugins / Tools
This website uses LinkedIn’s social plugin.
LinkedIn (operator: LinkedIn, 1000 W Maude, Sunnyvale, CA 94085, USA)
By default, this plugin normally records data from you and transmits it to the provider’s servers. To guarantee your privacy is protected, we have taken technical measures that ensure the plugin provider cannot record your data without your consent. When you call up a page into which the plugin is incorporated, it is deactivated at first. Only after you click on the symbol in question is the plugin activated, and you thereby grant your consent to your data being transferred to the provider. The legal basis for using the plugin is Art. 6 Para. 1 a of the GDPR.
After it is activated, the plugin also records personal data, such as your IP address, and sends it to the provider’s servers, where it is stored . Additionally, the activated social plugin sets a cookie with a unique identifier when the website in question is called up. As a result, the provider can also create profiles about your usage behavior. This happens even if you are not a member of the provider’s social network. If you are a member of the provider’s social network and you are logged into the social network when you visit this website, your data and information about the visit to this website can be linked with your profile on the social network. We have no influence on the scope of data the provider collects from you. For more information about the scope, type, and purpose of data processing and about rights and possible settings for protecting your privacy, please see the data privacy statements issued by the social network provider. You can call it up at the following address:
Our website uses plugins from the video portal Vimeo. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.
If you visit one of our pages that features a plugin from Vimeo, a connection to Vimeo’s servers is established. When this happens, the Vimeo server is informed about which of our pages you have visited. Vimeo also receives your IP address. This applies even if you are not logged into Vimeo and do not have an account with Vimeo. The information Vimeo records is transmitted to Vimeo’s servers in the USA.
If you are logged into your Vimeo account, you enable Vimeo to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your Vimeo account.
11 Instruction: Rights of Persons Affected
Every person affected has the right to information pursuant to Art. 15 of the GDPR, the right to correction pursuant to Art. 16 of the GDPR, the right to deletion pursuant to Art. 17 of the GDPR, the right to restriction of processing pursuant to Art. 18 of the GDPR, the right to objection issuing from Art. 21 of the GDPR, and the right to data transferability issuing from Art. 20 of the GDPR. The restrictions pursuant to Sections 34 and 35 of the Federal Data Protection Act shall apply to the rights to information and deletion.
Instruction on the option of lodging a complaint
You also have the right to lodge a complaint concerning our processing of your personal data with the responsible data protection supervisory authority.
Instruction on revocation of consent
Once you have granted us your consent to the processing of personal data, you may revoke it at any time. Please note that the revocation shall be effective only for the future. It shall not impact any processing that took place before the revocation.
Right of objection
Pursuant to Art. 21 Para. 1 S. 1 of the GDPR, you have the right to file an objection against the processing of your personal data based upon Art. 6 Para. 1 S. 1 e or f of the GDPR at all times. Please note that the objection shall be effective only for the future. It shall not impact any processing that took place before the objection.
If any necessary reasons that are worthy of protection speak in favor of processing on our part and outweigh your interests, rights, and freedoms, or if the processing serves to assert, exercise, or defend legal claims, no objection shall be possible.
12 Additional Information for Certain Jurisdictions
We provide additional information about the privacy, collection, and use of personal information of prospective and current customers of KNF located in certain jurisdictions.
The California Consumer Privacy Act (“CCPA”) provides California residents (referred to here as “consumers”) with the following rights as it relates to the personal information collected by KNF about that consumer.
• Right to Know: A consumer has a right to request that KNF disclose to that consumer what personal information KNF collects, uses, discloses and (if KNF were to sell any personal information) sells.
• Right to Delete: A consumer has a right to request the deletion of that consumer’s personal information that KNF has collected from that consumer, although certain exceptions may apply.
• Right to Opt Out of Sales: California law treats disclosures of personal information by KNF in exchange for valuable consideration as “sales.” KNF does not engage in any such sales. If KNF were to engage in any such sales, then a consumer would have the right to opt out of those sales.
• Right to Opt Out of Financial Incentive Programs: If KNF were to offer any financial incentive programs (in other words, a program in which KNF were to offer a consumer a price or service differential in exchange for the consumer providing personal information to KNF), then a consumer would have the right to opt out of those programs. KNF does not offer any such programs.
• Right of Non-Discrimination: A consumer has the right not to receive discriminatory treatment by KNF for exercising that consumer’s rights under the CCPA.
If you are a California resident, or an authorized agent acting on behalf of a California resident, and would like to exercise any of these rights, you can do so by any of the following methods: (1) send an email to the following address: firstname.lastname@example.org; or (2) call the following telephone number (toll-free in the United States): (844) 876-9908
When KNF receives any such request, KNF will, before providing that information, ask for verification of that request. That verification, which may include copies of documentation, is needed to confirm, with at least a reasonable degree of certainty, the identity of the consumer and that the consumer is a California resident. In addition, if the request is made by an authorized agent acting on behalf of a California resident, then KNF will also request confirmation from the consumer that the agent is authorized by that consumer to act on behalf of that consumer with respect to that request, as well as the identity of the agent. The specific type and scope of information requested by KNF to verify that request will depend on the circumstances and may depend on various factors, including (for example) the type and sensitivity of the personal information, and whether any information to be provided for that verification is sufficiently robust to protect against fraudulent requests or being spoofed or fabricated.
If a person is located in Canada, then the person will have following rights under Canada’s Personal Information Protection and Electronic Documents Act ("PIPEDA"):
• ask whether we hold personal information about you and request copies of such personal information and information about how it is processed;
• request that inaccurate personal information is corrected;
• request deletion of personal information that is no longer necessary for the purposes underlying the processing, processed based on withdrawn consent, or processed in non-compliance with applicable legal requirements; and
• lodge a complaint with us regarding our practices related to your personal information.
You can exercise your rights of access, rectification, erasure, restriction, or complaint by contacting us. If you wish to do any of these things, please send an email to the following address: email@example.com.
13 Links to other Websites