Privacy Policy

With this privacy policy overview, we would like to inform you in accordance with Art. 13 and 14 of the General Data Protection Regulation (DSGVO) and §§ 32 and 33 of the Federal Data Protection Act (BDSG) about how our company processes personal data in the context of the use of our website and inform you about your rights in this regard.

Personal data is any information relating to an identified or identifiable natural person. This includes, for example, information such as your name, age, gender, address, telephone number, e-mail address, date and place of birth, IP address or user behavior. Information for which we cannot establish a reference to your person (or only with a disproportionate effort), e.g. by anonymizing the information, is not subject to the GDPR according to recital 26 of the GDPR and therefore not personal data.

Processing of personal data (e.g. collection, retrieval, use, storage or transmission) may only take place if the processing is based on a legal basis. Personal data must be deleted as soon as the purpose of the processing has been achieved and there are no longer any legally required retention obligations.

If we process your personal data, we will inform you below about the specific procedures, the data processed in each case, the origin of the data, the scope and purpose of the data processing, the legal basis, the respective storage period, your rights as a data subject, any data transfers and whether the respective data must be provided by you or not.

This Privacy Policy uses the terminology of the GDPR. Additional terms such as "visitor" or "user" are used for clarity and are gender-neutral.

1. Responsible for the data processing described below

The responsible party within the meaning of the EU General Data Protection Regulation (GDPR) is:

Knowron GmbH
Agnes-Pockels-Bogen 1
80992 München, Deutschland

Email: security@knowron.com
Telefon: +49 1510 415 77 23

2. Overview of purposes and legal basis of data processing

We process personal data of visitors to and users of our website (visitors and users hereinafter collectively referred to as "users") to the extent that such data is technically necessary for the functionality of our online service or to the extent that such data is provided to us by our users. The extent to which the following statements apply to you depends on how you interact with us.

We process personal information for one or more of the following purposes:

the functionality, security and presentation of our website,

  • For the functionality, security and presentation of our website,
  • For the creation, provision and use of customer accounts,
  • To contact you and process your request as requested by you,
  • To process the application you submit,
  • To initiate and/or fulfill contracts between you and us,
  • for statistical evaluation and analysis of our website services, and/or
  • for advertising purposes.

Our processing of personal data is based on the following legal grounds: your consent pursuant to Art. 6 par. 1 lit. a GDPR or, if applicable, Art. 9 para. 2 lit. aGDPR, for the initiation or execution of a contract with you according to Art. 6 para. 1 lit. b GDPR or, if applicable, Art. 9 para. 2 lit. b GDPR, if applicable in connection with. § 26 para.1 and 3 GDPR, to fulfill legal obligations according to Art. 6 para. 1 lit. c GDPR or for a legitimate interest according to Art. 6 para. 1 lit. f GDPR.

3. Concrete processing activities: Categories of data processed, scope, purpose and legal basis of the respective data processing.

In the following, we will inform you about the concrete processing activities, the data processed in each case, the scope and purpose of the respective data processing as well as the corresponding legal basis.  

3.1 Functionality, Security and Presentation of our Website and Request for Consent (Cookie Banner)

When you access our website, it is technically necessary for your Internet browser to transmit data to us or to our web space provider. The following data is recorded in a server log file during an ongoing connection for communication between your Internet browser and our web server

  • Visited domain (website(s) of our Internet presence)
  • Date and time of the request
  • Website from which you accessed our website (referrer URL)
  • Access status (file transferred, file not found, etc.)
  • Used web browser and operating system
  • Location and IP address of the requesting device (and Internet provider, if applicable)
  • Amount of data transferred

In addition, the following data may be stored by us as part of the required consent request (cookie banner)

  • Consent status

We may analyze log file data to protect our website from attacks, to identify and correct errors, and to monitor server usage. This is also based on our legitimate interest (Art. 6Abs. 1 lit. f GDPR) in confidential, available and integral data processing. The data is generally deleted after seven days at the latest, unless further storage is required for evidence purposes. However, we reserve the right to review the log data if there is a reasonable suspicion of unlawful use based on concrete evidence. In this case, some or all of the data may be retained until the matter has been resolved.

If you consent to the use of our marketing cookies as part of the consent request, the domain visited, the date and time of the request, and your user ID will be stored in our customer relationship management system based on your consent (Art. 6 (1) a GDPR). The HubSpot cookie used to create, transmit and track the User ID expires after 6 months. As a matter of principle, we do not merge the aforementioned data with other data sources in any other way.

3.2 Customer Accounts

For certain services that we offer online, you may register on our website and create a customer account or user profile. As part of the registration process, we collect your IP address, master data (e.g. name, address), communication data (e.g. e-mail address), access data (e.g. user name, password) and, if applicable, your position and company information. We process this data for pre-contractual services, for the purpose of initiating and fulfilling contracts, for the purpose of customer care and, in particular, to be able to provide you with our services and functions.

As part of the registration process, you will be asked to consent to this processing. Insofar as you consent to the processing of your data, your consent constitutes the legal basis for the processing of your data pursuant to Art. 6 para. 1 lit.a) GDPR. You may revoke your consent to the opening and maintenance of the customer account at any time with effect for the future. To do so, you need only notify us of your revocation by sending an e-mail to security@knowron.com.

If and insofar as we do not have your consent, the processing of your customer account data is based on the contractual relationship (initiation, execution) that you have entered with us, insofar as the data is necessary for the conclusion and/or performance of the contract, Art. 6 paragraph 1 lit. b GDPR.

3.3. Contacting us

If you contact us (e.g. by e-mail or contact form), we will store your data in order to process your request and in case of follow-up questions. The processed data includes at least the contact data provided by you (e.g. in the case of an e-mail inquiry, your e-mail address) as well as other information provided by you in the course of contacting us or in the course of follow-up communication. In order to comply with the principle of data minimization, we ask you to limit the information you provide to the minimum necessary.

If and to the extent that contact is requested by you, e.g. because you send us an e-mail message or write to us via a contact form, the legal basis for the processing is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in fully processing your contact. Since you are contacting us, we assume that there are no interests on your part that conflict with our processing of your request. If the purpose of the contact is the conclusion or performance of a contract, the legal basis for the processing is Art. 6 (1) lit. b GDPR. If we have your consent, the legal basis for the processing to contact you is your consent, Art. 6 para 1 lit. a GDPR or, if applicable, Art. 9 paragraph 2 lit. a GDPR.

3.4 Statistical evaluation and analysis of our website services and data processing by Google

3.4.1 Statistical evaluation and analysis of our website services

If you agree to our statistical evaluation and analysis cookies, we process your personal data on the basis of your consent for the statistical evaluation and analysis of our website services, e.g. via cookies and other technologies. For this purpose, we use Google Analytics (see also Section 3.4.2. of this Privacy Policy, including the note on possible risks of data transfer from the EU to the US) and Hotjar (see also Section 3.4.3. of this Privacy Policy). The data obtained in this way is (i) converted by us into a neutral user ID that cannot be traced, but which can be used for evaluation purposes in a non-identifiable manner, e.g. date and time of the visit, usage data and click paths, and then (ii) used for the purpose of statistical evaluation and analysis of our website services and (iii) in anonymized form for the purpose of statistical evaluation of the key figures of our economic activity. The data processed in each case include:

  • IP address (for Google Analytics: partially anonymized; "anonymizeIP")
  • Date and time of visit
  • Usage data (including scroll depth and conversion funnel)
  • Click-path
  • App updates
  • Browser information
  • Device information
  • JavaScript support
  • Visited pages
  • Referring URL
  • Downloads
  • Downloaded files
  • Flash-Version
  • Location information
  • Purchase activity

The legal basis for the processing of the aforementioned personal data is your consent pursuant to Art. 6 para. 1 lit. aGDPR, § 25 para. 1 TTDSG. You can revoke your consent at any time with effect for the future via our data protection settings. This does not affect the legality of the processing carried out on the basis of your consent until revocation.

In order to ensure data processing in accordance with data protection regulations and to protect your data, we have concluded order processing agreements with Google Ireland Ltd. and Hotjar Ltd. in accordance with Art. 28 GDPR. In this contract, the service providers ensure in particular that they will only process personal data if and insofar as this is necessary to fulfil their service obligations.

The processing that takes place in the context of the use of Google Analytics will take place within the EU according to the assurance of Google Ireland Ltd. In individual cases (e.g. support cases), however, access to personal data from the USA cannot be ruled out. We have therefore concluded standard contractual clauses with Google to ensure an appropriate level of data protection even in the event of access from the USA and transfer to the USA.

Please note: Although Google Ireland Ltd. is based in Ireland, your personal data, including the (partially) anonymized IP address of the Internet connection used by you, may be transferred to Google's servers in the United States or your data may be accessed from the United States if you have consented to our use of statistical and analytical cookies. The United States of America is currently classified as an unsafe third country, i.e., a third country for which neither an adequacy decision pursuant to Article 45 of the GDPR exists nor a comparable level of protection can be assumed. When you transfer your data, both Google and the U.S. authorities may have access to the transferred data. Google may combine your data with other data, such as your search history, your personal accounts, usage data from other devices, and any other data Google has about you, and may also share your personal data with third parties. In addition, U.S. authorities may access and process your information without notice or explanation to you (during and even after the processing is completed) or without providing you with similar remedies and data subject rights. Unfortunately, we have no control over the processing by Google and U.S. authorities in these cases.

We use Google Analytics in accordance with and in compliance with the minimum requirements for the use of Google Analytics formulated in the resolution of the German Data Protection Conference (DSK) of May 12, 2020. To ensure the anonymous collection of IP addresses (so-called IP masking), Google Analytics is extended by the code "anonymizeIp". This code shortens the IP address of the person's Internet connection and makes it anonymous to Google. Furthermore, the service is only used with and on the basis of your informed consent. Your consent to the use of Google Analytics will be requested before the service is used. Once you have given your consent, you can revoke it at any time with effect for the future via the privacy settings on our website. Processing that has already taken place up to the time of your revocation remains unaffected.

3.4.2 Data processing by Google in connection with our use of Google Analytics

For the purpose of statistical evaluation and analysis of our website services, we use Google Analytics, a web analytics service provided by Google LLC (1600 Amphitheatre Parkway Mountain View, CA 94043, USA; "Google"), which is operated in Europe by Google Ireland Ltd (Gordon House, Barrow Street, Dublin 4, Ireland), provided that you consent to this processing. This service allows us to evaluate and analyze traffic and user behavior on our website.

Google Analytics uses "Cookies". Cookies are text files that are stored on your computer with your permission. Each time you access one of the individual pages of the website on which a Google Analytics component has been integrated, the Internet browser on the IT system of the person concerned is automatically prompted by the respective Google Analytics component to transmit data to Google for the purpose of web analysis. By means of the cookie, personal information such as terminal and browser information, access time, access location, information on user behavior or the frequency of visits to our website is stored and processed by Google. (The complete list of processed data can be found in the previous chapter).

The legal basis for the described processing of your personal data by Google is your consent given to us in accordance with Art. 6 para. 1 lit. a GDPR, § 25 para. 1 TTDSG. You can revoke your consent at any time with effect for the future via our data protection settings. The legality of the processing based on your consent remains unaffected until revocation.

Please note: Although Google Ireland Ltd. is based in Ireland, your personal data, including the (partially) anonymous IP address of the Internet connection you are using, may be transferred to Google's servers in the United States, or your data may be accessed from the United States if you have accepted our statistics and analysis cookies. The United States of America is currently classified as an unsafe third country, i.e., a third country for which neither an adequacy decision pursuant to Article 45 of the GDPR exists nor a comparable level of protection can be assumed. When you transfer your data, both Google and the U.S. authorities may have access to the transferred data. Google may combine your data with other data, such as your search history, your personal accounts, usage data from other devices and any other data that Google has about you and may also disclose your personal data to third parties. In addition, U.S. authorities may access and process your information without notice or explanation to you (during and after processing) or without providing you with similar remedies and data subject rights. Unfortunately, we have no control over the processing by Google and U.S. authorities in these cases.

Further information on Google's privacy policy and terms of use or the terms of use of Google Analytics can be found at the following links:

3.4.3. Hotjar

For statistical evaluation and analysis of our website services, we use Hotjar, a web analysis service provided by Hotjar Ltd (Level2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe (website: https://www.hotjar.com)).  

This service allows us to measure and analyze traffic and user behavior on our website. Hotjar allows us to, among other things, record and track your mouse and scroll movements, as well as your clicks. Hotjar can also determine how long you spend with the mouse pointer in a particular location. Hotjar uses this information to create heat maps, which can be used to determine which areas of the website are most popular with visitors. We can also determine how long you stayed on a page and when you left. We can also determine at what point you abandoned a contact form (conversion funnel). In addition, Hotjar can be used to get direct feedback from website visitors. This feature is used to improve the website's offerings.

Hotjar uses Cookies. These are text files that are stored on your device with your permission. Each time a user accesses a page on a website that contains a Hotjar component, the Hotjar component automatically requests the user's Internet browser to send data to Hotjar for web analytics purposes. The cookie is used to store and process personal information such as terminal and browser information, access time, access location, information on usage patterns or the frequency of visits to our website.

The legal basis for the described processing of your personal data by Google is your consent in accordance with Art. 6 Abs. 1 lit. a GDPR, § 25 Abs. 1 TTDSG. You can revoke your consent at any time with effect for the future via our data protection settings. This shall not affect the legality of any processing carried out based on your consent up to the time of revocation.

If you would like to opt out of Hotjar's data collection, click on the following link and follow the instructions: https://www.hotjar.com/opt-out. Please note that you will need to opt-out of Hotjar separately for each browser or device.

For more information about Hotjar and the data it collects, please see Hotjar's privacy policy at the following link: https://www.hotjar.com/privacy .

3.5. Contracts

We process personal data in connection with the initiation and/or fulfilment of a contractual relationship that you enter with us, to the extent that the processed data is necessary for the initiation, conclusion or fulfilment of the contract.

The data provided by you for the purpose of using our products and/or services is required for this purpose, as is employee data in connection with the establishment and performance of an employment relationship. In these cases, it is not possible to conclude and execute a contract without providing this data.

The personal data processed includes the following relationships:

  • Customers: Name, customer number, address, contact details (e-mail address, telephone number), bank details, user name and password, if applicable.
  • Suppliers: Name, address, contact details if applicable, agreements e.g. on fixed prices etc.
  • Employees: name, address, contact information, date and place of birth (if applicable), personnel number, social security number, health insurance number, religious affiliation, and bank information.

As part of the processing of the use of our goods and/or services, we will also share your data with the (transport) company responsible for the delivery and our financial service provider, to the extent that the transfer is necessary for the purpose of delivery or for the purpose of payment.

The basis for the respective data processing is the respective contract to be initiated or executed in accordance with Art. 6 (1) lit. bGDPR. If the processing of employee data in connection with the establishment or performance of an employment relationship is involved, the legal basis is Art. 6 para. 1 lit. b GDPR or, if applicable, Art. 9 para. 2 lit. b GDPR in conjunction with § 26 para. 1 and 3 BDSG.

3.6 Online job advertisements, application and hiring process

We offer you the opportunity to apply for a job via our website. For this purpose, we post online job advertisements in the career portal on our website.

If you send us an application (e.g. by e-mail or contact form), we process your information and the documents you send us, including the personal data contained therein, for the purpose of processing your application. The data processed includes at least the mandatory information on first and last name, address, e-mail address and telephone number, if applicable, the voluntary information on place and date of birth, nationality and your application photo, as well as any other information provided by you and/or documents submitted.

If and insofar as you apply to us by e-mail or contact form, the legal basis for processing is our legitimate interest pursuant to Art. 6 (1) lit. f DSGVO. We have a legitimate interest in fully processing your application. Since you are sending us your application, we assume that there are no conflicting interests on your part with regard to our processing. If there is an implied consent (sending your application) or an explicit consent of you, the legal basis for the processing is this consent, Art. 6 par. 1 lit. a DSGVO or, if applicable, Art. 9 para. 2 lit. a DSGVO. You may revoke your consent at any time with effect for the future. To do so, simply send us an e-mail to security@knowron.com.

If you expressly consent to your data being stored for a longer period of time, e.g. for your inclusion in our database of applicants or interested parties, the data will be processed on the basis of your consent. The legal basis is then your consent pursuant to Art. 6 para. 1 lit. a) DSGVO. Of course, you can revoke your consent at any time with effect for the future. In this case, you only need to inform us of your revocation by sending an e-mail to security@knowron.com.

3.7. Marketing measures

Visited domain (website(s) of our Internet presence) We also process your personal data in the context of marketing measures, for advertising purposes. The following data is processed in the context of the respective marketing activity:

3.7.1. Youtube Videos

Our website integrates videos from YouTubeLLC (901 Cherry Avenue, San Bruno, CA 94066, USA; "YouTube"), a subsidiary of Google LLC (1600 Amphitheatre Parkway Mountain View, CA94043, USA; "Google"). The European operator of the YouTube video portal is Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland).

Our website uses YouTube in an extended privacy mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this site before they watch a video. However, extended privacy mode does not necessarily prevent the sharing of information with YouTube partners. For example, YouTube connects to the Google DoubleClick network regardless of whether you watch a video.

As soon as you start a YouTube video on this website, a connection to the YouTube servers is established, which informs the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you allow YouTube to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account. In addition, YouTube may place various cookies or use similar recognition technologies (e.g., device fingerprinting) on your device after you view a video. In this way, YouTube can obtain information about visitors to this site. This information is used, among other things, to compile video statistics, improve the user experience and prevent fraud. Additional data processing may be triggered after a YouTube video starts. We have no control over this data processing by YouTube or Google.

We have entered standard contractual clauses with Google to ensure an adequate level of data protection, including in the event of access from or transfer to the US.

Please note: Although Google Ireland Ltd. is based in Ireland, your personal data, including the (partially) anonymous IP address of the Internet connection you are using, may be transferred to Google's servers in the United States or your data may be accessed from the United States if you have accepted our statistics and analysis cookies. The United States of America is currently classified as an unsafe third country, i.e., a third country for which neither an adequacy decision pursuant to Article 45 of the GDPR exists nor a comparable level of protection can be assumed. If you transfer your data, both Google and any U.S. authorities will have access to the transferred data. Google may combine your data with other data, such as your search history, your personal accounts, usage data from other devices and any other data that Google has about you and may also disclose your personal data to third parties. In addition, U.S. authorities may access and process your information without notice or explanation to you (during and after processing) or without providing you with similar remedies and data subject rights. Unfortunately, we have no control over the processing by Google and U.S. authorities in these cases.

For more information about Youtube's privacy practices, please see their privacy policy at: https://policies.google.com/privacy?hl=de.

3.7.2 Advertising our LinkedIn presence via graphics or text link

We also advertise on our website our presence on the social network LinkedIn, a network of LinkedIn Corporation Inc. (1000 West Maude Avenue, Sunnyvale, CA94085, USA; "LinkedIn"), which is operated in Europe by LinkedIn Ireland UnlimitedCompany(Wilton Place, Dublin 2, Ireland).

The integration takes place via a linked graphic of the network. The use of this linked graphic prevents the automatic establishment of a connection to the respective server of the social network when a website with a social media application is called up. Only by clicking on the corresponding graphic will the user be redirected to the service of the social network.

After the user has been forwarded, the social network collects information about the user. It cannot be ruled out that the data collected in this way is processed in the USA. The operator of this website has no influence on the processing by LinkedIn, which takes place under the responsibility of the social network.

The data processed is initially personal data such as IP address, date, time and page visited. If the user is also logged into his or her user account on the respective network during this time, the network operator may be able to associate the collected information of the user's specific visit with the user's personal account. If the User interacts via a "Share" button of the respective network, this information may be stored and published in the User's personal user account. If the user does not want the information collected to be directly associated with their user account, they must log out before clicking on the graphic. It is also possible to configure the user account accordingly.  

The legal basis for the integration of the linked graphics and text links on our website is our legitimate interest in the promotion and visibility of our social media presence, Art. 6 par. 1 lit. f GDPR. A conflicting interest on your part is not apparent.

Please note: When you click on the graphic link, you will be redirected to the LinkedIn social networking site. As a result of this redirection, your personal data may be transferred to servers in the United States, even though LinkedIn Ireland UnlimitedCompany is based in Ireland. The United States of America is currently classified as an unsafe third country, i.e., a third country for which neither an adequacy decision pursuant to Article 45 of the GDPR exists nor a comparable level of protection can be assumed. By transferring your data, both LinkedIn and U.S. authorities will have access to the data transferred. LinkedIn may combine your data with other data, such as your personal accounts, device usage data, and any other data LinkedIn has about you, and may also share your personal data with third parties. In addition, U.S. authorities may access and process your data without notice or notification to you (during and after processing) or without providing you with similar remedies and data subject rights. Unfortunately, we have no control over the processing by LinkedIn and the U.S. authorities.

For more information about LinkedIn's privacy policy, please see the LinkedIn Privacy Policy.

4. Legitimate interests

Unless otherwise stated in this privacy policy and if we are processing your personal data based on legitimate interests pursuant to Art. 6 (1) lit. f GDPR, such interests are the protection against misuse, the enforcement of our legal claims, the adaptation and evaluation of our offer and the processing of inquiries that arise.

5. Recipients or categories of recipients of personal data

5.1 Data processors

When processing your data, we work together with service providers who are bound to our instructions based on binding order processing contracts and who have access to your data. Some of these subcontracted recipients of personal data are listed below by way of example:

Google Ireland Limited

We use Google Analytics, a service provided by Google LLC, which is operated in Europe by Google Ireland Ltd., for the purpose of evaluating and analyzing the use of the website. Personal data may be passed on.

Hotjar Ltd.

We use the services of Hotjar Ltd. for statistical evaluation and analysis of our website services. Personal information may be shared in this process.

Webflow Inc.

We use the services of Webflow Inc. to host our website. This may involve the disclosure of personal information.

5.2. Contractual partners

For fulfilling the contract, we may also transfer your personal data to anyone to whom we assign rights arising from the contractual relationship with you.

5.3. Other Recipients

In addition, data may be exchanged with the following entities

  • Governmental or other authorized bodies to the extent permitted or required by law.
  • Any legal successor to our business or any part of it.

6. Transfer to Third countries

There is a transfer of data to the United States of America and therefore to an unsafe third country. In this case, the information we collect from you will be processed in the United States of America. With respect to the United States of America, there is currently no adequacy decision by the European Union (Article 45 GDPR), which means that with respect to your personal data and with respect to any data subject rights and remedies, there is no level of protection comparable to the GDPR.

With this in mind, our processors and we strive to implement appropriate safeguards to protect your privacy and the security of your personal information. Therefore, our international data transfers are made solely on the basis of contractual or other legal provisions designed to ensure adequate protection of your data, which are available to you upon request. In this regard, we rely on the provisions set forth in Article 49 of the GDPR or, where applicable, the safeguards set forth in Article 46 of the GDPR.

Note: If you would like more information in this regard, please contact us at security@knowron.com.

7. Storage period

We will only store your personal data for as long as is necessary to achieve the purpose of the processing. We store your data (i) if you have consented to the processing, no longer than until you revoke your consent; (ii) if we need the data to perform a contract, no longer than for the duration of the contractual relationship with you (including the defense and enforcement of claims within the limitation periods); (iii) if we use the data on the basis of a legitimate interest, no longer than for as long as your interest in the deletion or anonymization of the data does not prevail.

The data may also be stored if the European or national legislator has provided for this in regulations, laws or other provisions to which the responsible party is subject (including tax law, commercial law, combating money laundering). In order not to violate the law or to lose the possibility of asserting a claim or defending ourselves against such a claim, we reserve the right to delete the data only at the end of the last expiring retention period that justifies the storage of the data.

We store applicant documents for the duration of the recruitment process and for a period of two months from receipt of the rejection if (i) the application does not lead to an employment relationship, (ii) no further storage has been agreed, and (iii) no claims have been asserted against us by an applicant within the preclusion period provided for in Section 15 (4) of the General Equal Treatment Act (AGG). If claims are asserted within the aforementioned preclusion period, the retention period shall be extended by at least the 3-month period specified in § 61 b (1) of the Labor Court Act. If no claim is filed within this period, we will destroy the claimant's documents; otherwise, we will retain the documents until a final court decision. In the event of a successful claim, we will keep the applicant's documents in the employee's personnel file for the duration of the employment relationship and the statute of limitations, if applicable. In the event of litigation arising from the employment relationship, we will also retain the documents until a final court decision.

8. Your rights as data subject

The GDPR grants you the following rights with respect to the processing of your personal data. With regard to the rights described under 8.1.-8.7., you can contact us at any time to exercise these rights, preferably by e-mail to security@knowron.com. The right of complaint described in Section 8.8. must be exercised with the relevant supervisory authority.

Please note: When exercising your rights under Art. 15bis 22 GDPR, the personal data provided by you will be processed in order to process your request and to be able to provide evidence thereof. This processing is based on the legal basis of Art. 6 par.1 lit. c GDPR in connection with Art. 15 to 22 GDPR and § 34 para. 2 BDSG.

8.1 Right to information (Art. 15 GDPR in connection with §§ 29, 34 BDSG)

You have the right to obtain confirmation as to whether personal data relating to you is being processed; if this is the case, you have the right to obtain information about this personal data and to obtain the information specified in Art. 15 GDPR.

8.2 Right of rectification (Art. 16 GDPR)

You have the right to request without undue delay the correction of any inaccurate personal data concerning you and, where applicable, the completion of any incomplete data.

8.3 Right to deletion (Art. 17 GDPR in conjunction with § 35 BDSG)

Sie haben das Recht, zu verlangen, dass Sie betreffende personenbezogene Daten unverzüglich gelöscht werden, sofern die in Art. 17 GDPR aufgeführten Voraussetzungen erfüllt sind und keine Rechtsvorschrift eine weitergehende Verarbeitung rechtfertigt.

8.4. Right to restriction of processing (Art. 18 GDPR)

You have the right to request the restriction of processing if one of the conditions listed in Art. 18 GDPR is met, e.g. if you dispute the accuracy of the processed data or have objected to the processing. If you exercise this right, the restriction of processing shall apply at least for the duration of the verification by the controller, so that during this period - apart from being stored - the data concerned will only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.

8.5. Right to data portability (Art. 20 GDPR)

In certain cases, which are listed in detail in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format or to request the transmission of this data to a third party. If you request the direct transfer of the data to another controller, this will only take place if it is technically feasible.

8.6. Right to object pursuant to Art. 21 GDPR

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Article 6 (1) (e) (task carried out in the public interest or in the exercise of official authority) or (f) (overriding legitimate interest) GDPR; this also applies to profiling based on these provisions. If you exercise your right, we will no longer process the personal data concerned unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims (objection pursuant to Art. 21 (1) GDPR in conjunction with Section 36 BDSG).

If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising (objection pursuant to Art. 21 para. 2 GDPR).

8.7. Revocation of consent

You also have the right to withdraw your consent to the processing of personal data at any time with effect for the future. To do this, you can either change the respective consent status via the configuration provided by us or send us an informal message by e-mail to the above e-mail address. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

8.8. Right to lodge a complaint with a supervisory authority

Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR or other data protection provisions. This right to lodge a complaint is without prejudice to any other administrative or judicial remedy.

9. Necessity of providing personal data

We would like to inform you that the provision of personal data may be required by law (e.g. tax regulations) or may result from contractual regulations or pre-contractual requirements (e.g. information on the contractual partner). Sometimes it may be necessary for a data subject to provide us with their personal data, which will subsequently be processed by us. Failure to provide personal data could, for example, mean that we are unable to conclude a contract with you.

You can contact us at any time before providing your personal data. We will clarify on a case-by-case basis whether the provision of personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and what the consequences of not providing the data would be in individual cases.

With regard to our website, it generally applies that the personal data required for use is marked as such; failure to provide this necessary personal data may result in certain functions not being available or our services not being able to be used.

10. Automated decision making

We do not use any mechanisms for automated decision-making - including profiling - that have a legal effect on the data subject or significantly affect them in a similar way.

11. Data security

We make every effort to ensure the security of your data within the framework of the applicable data protection laws and technical possibilities. To secure your data, we maintain technical and organizational security measures in accordance with Art. 32 GDPR, which we constantly adapt to the latest state of the art.

If we also use the services of third parties to process your data, they are selected carefully and in compliance with the statutory provisions.

Note: If you would like further information in this regard, please contact us at security@knowron.com.

12. Cookies

Our website uses cookies and similar technologies, including those of third parties. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's computer system. When a user accesses a website, a cookie may be stored on the user's operating system. Cookies contain a characteristic string of characters that can enable the browser to be uniquely identified when the website is called up again. Similar technologies are used to describe other technical tools that make it possible to identify website visitors, such as tracking pixels or local storage.

Technically necessary cookies and technologies are those without which our website cannot function and/or be used, which also includes the legally required consent request ("cookie banner"). This category only includes cookies and technologies that guarantee the basic functions and security features of the website. Technically necessary cookies and technologies can be set without the user's consent.

Non-necessary cookies are all cookies and technologies that are not directly necessary for the function of the website and are used specifically to collect personal data from the user, through tracking, ads and other embedded content. Non-necessary cookies and technologies (e.g. cookies for marketing, advertising or customer analysis purposes) require your consent.

You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. However, if cookies are deactivated for the website, it may no longer be possible to use all the functions of the website to their full extent.

Further information on the cookies used by our website can be found in our Cookie Policy.

13. Changes to this privacy policy

We reserve the right to amend this privacy policy at any time in compliance with applicable laws and regulations.

The version available online at the time of your visit applies to the use of our website

Last change: 02.11.2022

We look forward to your visit to our website!

3. Specific processing activities: Categories of data processed, scope, purpose and legal bases of the respective data processing

When you visit our website, it is technically necessary for data to be transmitted to us or to our web space provider via your Internet browser. The following data is recorded in a server log file during an ongoing connection for communication between your Internet browser and our web server:

In the following, we will inform you about the concrete processing activities, the data processed in each case, the scope and purpose of the respective data processing as well as the corresponding legal basis.

The log file data records may be evaluated in order to protect our website against attacks, to find and rectify errors and to control the utilization of servers. This is also the basis of our legitimate interest (Art. 6(1)(f) GDPR) in confidential, available data processing with integrity. The data is generally deleted after seven days at the latest, unless further storage is required for evidence purposes. However, we reserve the right to check the log data if there is a justified suspicion of unlawful use based on concrete evidence. In this case, all or part of the data will be excluded from deletion until the incident has been finally clarified.

Please note: Despite the fact that Google Ireland Ltd. is based in Ireland, your personal data, including the (partially) anonymized IP address of the Internet connection you are using, may be transferred to Google servers in the USA or your data may be accessed from America if you consent to our statistics and analysis cookies. The United States of America is currently classified as an unsafe third country, i.e. a third country for which neither an adequacy decision pursuant to Art. 45 GDPR exists nor a comparable level of protection can be assumed. With the transfer of your data, both Google and, if applicable, US authorities have access to the transferred data. Google may link your data with other data such as your search history, your personal accounts, the usage data of other devices and all other data that Google has about you and may also pass on your personal data to third parties. In addition, US authorities may gain access and process your data without having to provide you with any notice or notification (during and even after the processing has been completed) or without you being entitled to comparable legal remedies and data subject rights. Unfortunately, we have no influence on the processing by Google and US authorities in these cases.

Data may also be stored if this has been provided for by the European or national legislator in regulations, laws or other provisions to which the controller is subject (including tax law, commercial law, combating money laundering). In order not to violate legal regulations or lose the possibility of enforcing a claim or defending ourselves against such a claim, we reserve the right to delete the data only after the expiry of the last retention period that legitimizes the data storage.

Not ready for a demo just yet? Ask a question with no strings attached:

Thank you! Our team will be in contact with you shortly.
Oops! Something went wrong while submitting the form.

Copyright 2024 © KNOWRON | Made with 🥨 in Munich