The Data Controller within the meaning of the GDPR is:
Name: Kiefel GmbH
Address: Sudetenstr. 3, 83395 Freilassing, Germany
Tel: +49 8654 78-0
E-Mail: info-de@kiefel.com
Website: www.kiefel.com
Name and address of the Data Protection Officer
The Data Protection Officer for the Data Controller is:
Franz Obermayer
complimant AG
Edt 4
84558 Kirchweidach
datenschutz@complimant.de
Collection and storage of personal data as well as how and why it is used
1. On the website – Public area
a) When visiting the website
When you visit our website, your device’s browser automatically sends information to our server, where it is temporarily stored in what’s referred to as a log file. The following information is collected without you having to do anything and stored until it is automatically deleted:
IP address of the device making the request,
Date and time of access,
Name and URL of the retrieved file,
Website from which access is made (referrer URL),
Browser used and, if applicable, the operating system of your computer and the name of your access provider.
This data is processed by us for the following reasons:
To ensure the website connects smoothly,
To make using our website convenient,
To analyze system security and stability, and
For other administrative purposes.
The legal basis for data processing is Article 6(1)(f) GDPR. Our legitimate interest is based on the purposes for data collection outlined above. We never use the collected data to draw conclusions about you as an individual.
b) Subscribe to our newsletter
If you have subscribed to our newsletter, we will use your email address to send you our newsletter on a regular basis. You only need to provide an email address to receive the newsletter. You can unsubscribe at any time, using a link at the end of each newsletter, for example. Or, you can also send us your unsubscribe request at any time using the contact details above, by email, fax or post.
The legal basis for data processing is Article 6(1)(1)(a) GDPR.
c) Using our contact form
You have the option of contacting us using a form on the website. For this purpose, it is necessary to provide a valid email address so that we know who sent the request and so that we can respond to it. You can add extra information if you want.
The personal data collected and processed for the contact form will be deleted once the inquiry you have made has been handled. The legal basis for data processing is Article 6(1)(1)(a) GDPR.
d) Disclosure of data
Your personal data will not be transferred to third parties. We only disclose your personal data to third parties if:
You have given your express consent to this in accordance with Article 6(1)(a) GDPR.
Disclosure is necessary under Article 6(1)(f) GDPR for asserting, exercising, or defending legal claims, and there is no reason to believe that you have an overriding legitimate interest in not disclosing your data,
If disclosure is necessary to comply with a legal obligation under Article 6(1)(c) GDPR, and
This is legally permitted and necessary under Article 6(1)(b) GDPR for the performance of a contractual relationship with you.
Further exceptions regarding cookies and analytics tools are listed below for the relevant tools.
e) Use of Service Providers
Processors are used to maintain our website, which means that data is also transferred to them. This applies in particular to our hosting provider “Hetzner” for the website and the provider of the data asset management tool “Kontainer.” Contracts in accordance with the requirements of Art. 28 GDPR are in place for the processors used.
f) Cookie settings
g) Analysis tools, conversion tracking, social media plug-ins
Various tools are used on our website, and in some cases, your data in the form of IP addresses is processed. You can give, reject, or withdraw your consent at any time via the Consent Manager. Further information about the tools and cookies used, especially regarding their respective storage durations, can also be found in our Consent Manager.
1. Matomo
Matomo, 7 Waterloo Quay, PO Box 625, 6140 Wellington, New Zealand, is a web analytics software platform used for tracking on the website. It provides detailed reports on website functionality and user behavior. Matomo is used in a privacy-friendly version on the website, meaning no cookies are set.
2. Plausible
Plausible, Plausible Insights OÜ Västriku tn 2, 50403, Tartu, Estonia, is also a web analytics software platform used for tracking on the website. Plausible enhances tracking with cookies and enables a detailed and personalized user experience by tracking behavior across multiple visits and allowing targeted advertising based on individual preferences.
Cookies are set, and IP addresses are collected and stored.
The legal basis for data processing is § 25 (1) TDDDG and Art. 6 (1) sentence 1 lit. a) GDPR.
3. Algolia
Algolia, 3790 El Camino Real, Unit #518, Palo Alto, CA 94306, USA, is an AI-powered search engine that supports users with intelligent search functionality.
IP addresses are collected by Brückner for this purpose. A direct search via Algolia only occurs upon explicit user request, which may result in data being transferred to Algolia, Inc. in the USA.
The legal basis for data processing is § 25 (1) TDDDG and Art. 6 (1) sentence 1 lit. a) GDPR.
More information: https://www.algolia.com/policies/privacy
4. Friendly Captcha
We use forms on some pages. To secure these forms, we use the tool Friendly Captcha, Am Anger 3-5, 82237 Wörthsee, Germany. The captcha ensures that forms are not filled with spam by bots, for example, preventing a bot from submitting the form thousands of times.
5. IP-Stack
IP-Stack, 4001 W. Parmer Lane, Suite 125, Austin, TX 78727, USA, provides APIs for geolocating website visitors based on their IP address, enabling relevant offers/services based on individual location.
We use IP-Stack in a way that shortens IP addresses, making it impossible to trace them back to a specific person.
6. OpenStreetMap
OpenStreetMap enables user-friendly display of interactive maps and location-based information.
The IP address of the accessing computer is collected and stored.
The legal basis for data processing is § 25 (1) TDDDG and Art. 6 (1) sentence 1 lit. a) GDPR.
7. Brevo
For email campaigns and if you subscribe to the newsletter, we use the tool Brevo, Köpenicker Straße 126, 10179 Berlin.
In addition to your IP address, information about newsletter behavior is collected and stored, such as whether a newsletter was opened.
These data may be transferred by Brevo to countries that do not offer an adequate level of data protection and are not recognized by the European Commission under an adequacy decision, such as the USA and India.
The legal basis for data processing is § 25 (1) TDDDG and Art. 6 (1) sentence 1 lit. a) GDPR.
8. YouTube
YouTube is used on the website for presenting and displaying videos. YouTube is a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, California, USA.
YouTube transfers personal data to countries outside the EU and the European Economic Area ("third countries").
Integration is done via YouTube Embed using the "two-click solution," meaning the video is loaded only after users have consented via the cookie banner.
The legal basis for data processing is § 25 (1) TDDDG and Art. 6 (1) sentence 1 lit. a) GDPR.
9. Meta: Facebook and Instagram
As part of campaigns, services from Meta Platforms, Inc., Menlo Park, California, USA, are temporarily used on our website.
This results in personal data being transferred to countries outside the EU and the European Economic Area ("third countries").
Integration is done via Matomo Tag Manager, and data is only loaded if users have consented via the cookie banner.
The legal basis for data processing is § 25 (1) TDDDG and Art. 6 (1) sentence 1 lit. a) GDPR.
10. LinkedIn
LinkedIn is integrated into our website, a service of LinkedIn, Inc., Sunnyvale, California, USA.
This results in personal data being transferred to countries outside the EU and the European Economic Area ("third countries").
Integration is done via Matomo Tag Manager, and data is only loaded if users have consented via the cookie banner.
The legal basis for data processing is § 25 (1) TDDDG and Art. 6 (1) sentence 1 lit. a) GDPR.
2. On the website – Login area
Registered users have the option of logging into a separate area on our website.
In this area, we do not track users with analytics tools, cookies, or device fingerprints. Only necessary cookies are used.
The following data is processed in the login area:
Username
Password (hashed)
Metadata recorded from logged activities
The retention periods stipulated in the German Commercial Code (HGB) or the German Fiscal Code (AO) are, for example, up to 10 years. The regular limitation period according to the German Civil Code (BGB) is 3 years. The retention period for log data is 7 days, after which it is automatically deleted.
3. Data Processing by Business Partners
When you contact us, request a quote, or enter into a contract, we collect your business contact details as well as your first name and surname. During an on-site meeting, a rapid COVID-19 test may be carried out (due to pandemic-related precautions). Video or photo recordings may also be made if a video conference takes place. We use the following tools for this purpose:
WebEx
MS Teams
GoToMeeting
Visavid
The retention period of your data depends on the status of our business relationship. Retention periods stipulated in the German Commercial Code (HGB) or the German Fiscal Code (AO) are, for example, up to 10 years. The regular limitation period according to the German Civil Code (BGB) is 3 years. The legal basis for data collection depends on the status of our business relationship Art. 6(1)(1)(a) GDPR, Art. 6(1)(1)(b) GDPR, Art. 6(1)(1)(1)(c) GDPR and Art. 6(1)(1)(f) GDPR.