We are legally obliged to inform you about the processing of your personal data (hereinafter called “data”) in connection with using our website (hereinafter called the “website”). We take the protection of your personal data very seriously. This data protection notice provides you with information about the details of how your data is processed, and about the legal rights you hold in this connection. The legal definitions established in Art. 4, GDPR are applicable to concepts such as “personal data” or “processing” . We reserve the right to adapt our data protection declaration with effect for the future, particularly in the event of redevelopment of the website, in the event of using new technologies or in the event of the amendment of underlying statutory regulations and/or applicable precedent. We would advise you to read our data protection declaration from time to time and to keep a printout or a copy of the declaration on your files.
The data protection declaration is addressed to all users of the website www.ktr.com (clause 1) and to all of the customers and suppliers of KTR Systems GmbH (clause II). Its applicability does not extend to any linked websites and/or Internet presences of our own or of other providers. For applicants and other users of our Careers page www.ktr-karriere.de there applies the data protection declaration for applicants, and you can download this via https://www.ktr-karriere.de/#datenschutz . For our internet pages ktr-events.com, otools.ktr.com, onlinetools.ktr.com, ktr360.com and our webshop shop.ktr.com, the data protection declarations that are respectively posted there are applicable.
The responsible party/data manager for the processing of personal data within the scope of application of this data protection declaration is:
If you have any questions concerning the topic of data protection as it affects our Company or our website, please contact us directly using the contact details given above, or apply to our data protection officer. Here are the contact details for our data protection officer:
You hold the following rights with regard to the personal data concerning yourself, and you can claim these rights from ourselves as follows:
You can claim your rights by sending a message to the contact details indicated under the section headed Responsible party/Data manager” or to our designated Data-protection officer.
If you believe that the processing of your personal data infringes the data protection regulations, then you also hold the right, under Article 77, GDPR, to place the matter before the data protection supervisory body of your choice. The choice of data protection supervisory bodies competent to govern the relevant responsible party/data manager includes the following: Landesbeauftragte für Datenschutz und Informationsfreiheit (=Regional officer for data protection and freedom of information) Nordrhein-Westfalen, Postfach 200444, 40102 Düsseldorf, 0211/38424-0, firstname.lastname@example.org.
The rules state that you are able to visit our website – purely in order for you to gain information – without having to disclose your identity. When individual pages of the website are visited for that purpose, all that will be released will be the contact details for our website provider, thus enabling you to gain a display of the website. In this context, the following data is processed:
The temporary processing of this data is required in order to make it technically possible for a website visit to take place and for the website to be made available to your terminal. The contact details are not utilised for purposes of identifying individual users, and they are not combined with any other data sources. There is continued storage in protocol files (log files) in order to ensure functionality of the website and the security of IT systems. The legal basis for this processing is Article 6, paragraph 1, clause 1, subclause (f), GDPR. We hold justified interests for protecting the functionality of the website and the integrity and security of the website. The storage of access data in log files – particularly the IP address – for a long period, enables us to detect abuse and to exercise protection against it. This includes, for example, defence against enquiries which would overload our service, or the utilisation of any bots. Access data is deleted as soon as it is no longer required in order to achieve the purpose of your processing. Where the data is logged in order to make the website available, then this is the case when you end your visit to the website. The rule is that the protocol data is stored directly and exclusively for administrators’ access, no later than by seven days afterwards. After that, the data will be available only indirectly – by reconstructing backup tapes (backups) – and will be permanently erased after a maximum of four weeks. You can file an objection to this processing. Your right of objection will be applicable for reasons arising from your particular situation. You can send us your objection using the contact details set out in the Section entitled “Responsible party/Data manager”.
On our website, cookies and other functions are used, and these carry out the processing of our users’ terminals information and personal data. Some of them are urgently needed (“essential cookies”), whilst others fulfil the function of incorporating external elements, statistical analysis, company attribution or reach measurement.
Essential cookies are required for basic website functions. This assures that the website will operate correctly. On our website, urgently required cookies are stored for the following purposes:
The legal basis for this processing is Article 6, paragraph 1, clause 1, subclause (f), GDPR. Our justified interests in processing relate to providing the above-mentioned particular functionalities so that the use of the website is configured to be more attractive and more effective. You can file an objection to this processing. Your right of objection will be applicable for reasons arising from your particular situation. You can prevent cookie-based data processing as follows: by deactivating or restricting or deleting cookies, in the settings for your browser software or by opening “Private mode” in the browser which you use.
In order to make it possible for our website to be matched ideally to users’ interests, we use “Google Analytics”, a “Google” web analysis service (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001). “Google Analytics” uses “cookies” (refer section on “Cookies”, above) which are stored on your terminal. Using the cookies, “Google” processes the information which has been generated in the process of your terminal’s use of our website – if you have visited a specific website, for example – and the data which we will process will include the data mentioned in the Section on “Utilisation of our website”, with particular reference to your IP address, browser information, the previously visited website together with the date and time of the server request; for purposes of statistical analysis of website use. For this purpose, it is also possible to determine whether various terminals belong to yourself or to your household. This website uses “Google Analytics” with the extension “anonymizeIp()”. Accordingly, IP addresses (in an abbreviated form) are further processed in order to make it substantially difficult to identify any individuals. According to information from “Google”, your IP address is pre-abbreviated within European Union member states. Only in exceptional cases will your full IP address be sent to a “Google” server in the USA, and abbreviated there. On our behalf, “Google” will process this information for purposes of analysing your utilisation of the website, will compile reports for us (concerning website activities) and – if we stipulate this separately – in order to provide us with further services relating to website utilisation. The IP address released by your browser in the context of the above-described purposes is not combined with any other data by “Google”. The legal basis for this processing is your consent under Art. 6 Abs. 1 clause 1, subclause (a), GDPR. To some extent, “Google” also processes the data in the USA. When it comes to the transfer of data to the USA, there is no adequacy decision from the EU Commission; the legal basis for forwarding (of data) to the USA is your consent under Article 49, paragraph 1, clause 1, subclause (a), GDPR. Your data in connection with “Google Analytics” will be erased after fourteen months at latest. You can find out more information about data protection with “Google” by visiting: www.google.de/intl/de/policies/privacy. It is possible to revoke your consent for processing and third-party country transfer at any time by resetting the controller under “Settings” for the consent tool. This does not, as the result of the revocation, affect the legitimacy of processing conducted on the basis of consent before the revocation was applied.
On our website, we use Google’s “Google Tag Manager” (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4,
Ireland, Fax: +353 (1) 436 1001). “Google Tag Manager” is a solution which makes it possible to manage website
tags and other elements from third-party providers, via an interface. Firstly, when the website is selected
using Google Tag Manager, an HTTP request is sent to Google. Consequently, terminal details and personal data
such as your IP address and the details of your browser settings will be sent to Google. We use Google Tag
Manager in order to make it easier to carry out electronic communication, since information is transmitted via
programming interfaces (amongst other channels) to third-party providers. In Google Tag Manager, the third-party
providers’ respective tracking codes are implemented without our having to laboriously change the website’s
source code. Rather, incorporation takes place using a container which sets what is referred to as a
“placeholder” code in the source code. Furthermore, Google Tag Manager makes it possible to replace users’ data
parameters in a defined sequence, especially by the arrangement and systematic organisation of the data packets.
Furthermore, your data is individually transmitted to the USA. “Standard contract clauses” have been negotiated
with Google in order to assure that a reasonable level of data protection is maintained. Upon request, we will
send you a copy of these standard contract clauses. The legal basis for this processing is Article 6, paragraph
1, clause 1, subclause (f), GDPR. Our justified interests in processing relate to facilitation and
implementation of electronic communication by means of identifying communication transmission points, control
options, the exchange of data elements in a defined sequence and the identification of transmission errors.
Google Tag Manager does not authorise any data storage. You can find out more information about data protection
with “Google” by visiting: www.google.de/intl/de/policies/privacy.
You are entitled to file an objection to the processing to the extent that the processing arose under Article 6, paragraph 1, clause 1, subclause (f), GDPR. Your right of objection will be applicable for reasons arising from your particular situation. You can prevent the processing by erasing the history and the website data in your browser software settings, or by opening the employed browser in “private mode”.
Secondly, Google Tag Manager will, for example, install third-party provider tags such as tracking codes, and
possibly also counting pixels, on our website. This tool creates the facility for triggering other tags which
also detect your data; and we inform you of this fact elsewhere in this Data protection declaration. Google Tag
Manager itself analyses neither the terminal information which is detected by the tags, nor users’ personal
data. Rather, your data is forwarded to the respective third party provider service for the purposes mentioned
in our section on the consent management tool. On our consent management tool, we have set Google Tag Manager so
that the triggering of certain third-party provider services in Google Tag Manager is made conditional on your
selection in our consent management tool, so that data processing will be triggered only for the third-party
provider tags for which you have issued consent. The utilisation of Google Tag Manager is covered by consent for
the respective third-party provider service. The legal basis for this processing is your consent under
Article 6 Paragraph 1 clause 1, subclause (a), GDPR. To some extent, Google also processes the data in the USA.
When it comes to the transfer of data to the USA, there is no adequacy decision from the EU Commission; the
legal basis for forwarding (of data) to the USA is your consent under Article 49, paragraph 1, clause 1,
subclause (a), GDPR. You will find the storage period for your data in the descriptions, as set out below, for
individual third-party provider services. You can find out more information about data protection with “Google”
by visiting: www.google.de/intl/de/policies/privacy.
It is possible to revoke your consent for processing and third-party country transfer at any time by resetting the controller under “Settings” for the consent tool for the respective third-party provider. This does not, as the result of the revocation, affect the legitimacy of processing conducted on the basis of consent before the revocation was applied.
When you make contact with our Company, either by email or using the contact form on the website, we’ll process
the personal data which you have disclosed in order to respond to your enquiry. The only essential details for
the processing of enquiries via the contact form on the website will be the disclosure of a valid email address
together with your message. At the point in time at which your message is sent to ourselves, furthermore, your
IP address and the date and time of the transmission procedure will be processed. The legal basis for this
processing is Article 6 paragraph 1 clause 1, subclause (f), GDPR and Article 6, paragraph 1, subclause (b)
GDPR, if contact was made for purposes of negotiating a contract. The sole purpose of processing personal data
from the input screen is to handle the contact case, and this includes the necessary justified interest in the
processing of data. The other data which is processed during the transmission procedure is needed so as to
prevent the abuse of the contact form and to ensure the security of our IT systems. No data is forwarded to any
third parties in this connection. We will delete the data which arises in this connection once it is no longer
necessary for it to be processed, or we will restrict processing as applicable to what is needed so as to adhere
to the mandatory, statutory storage obligations applicable at the time.
You can file an objection to this processing. Your right of objection will be applicable for reasons arising from your particular situation. You can send us your objection using the contact details set out in the Section entitled “Responsible party/Data manager”.
We process our customers’ and suppliers’ personal data – and their employees’ corresponding data (for example, the name and contact details of the contact person) -- if and to the extent that this is necessary in order to set up, to establish, to apply and/or to terminate a transaction with our company. The corresponding legal basis for this is to be found under Article 6, paragraph 1, clause 1, subclause (b), GDPR. You will need to provide your data for purposes of negotiating the contract, and you will be under contractual obligation to provide your data. You will not be able to negotiate and/or apply any contract without having provided your data. Once the due purpose has been achieved (e.g. processing of the contract), personal data is blocked from further processing and/or erased, unless we are entitled to conduct further processing under a consent issued by yourself (e.g. consent for processing of your email address so that we can send you our newsletter), a contractual agreement, a legal authorisation (e.g. authorisation to send you “existing customer” advertising) or on the basis of justified interests (e.g. storage for purposes of enforcing claims). Your personal data is forwarded to third parties to the extent that
Your personal data will not be forwarded to any further extent to other persons, companies or offices unless you have given valid consent for such forwarding of data. The legal basis for this processing is Article 6, paragraph 1, clause 1, subclause (a), GDPR. In the context of this data-protection briefing concerning the respective processing procedures, we will inform you of the identity of the corresponding recipients of the data.
On the webpage of shop.ktr.com, we provide a web shop for our customers. For you to use this shop, you will need to authorise the setting-up of a customer account. You can apply to set up your account using the corresponding form on our website. The details you will need to give in order to process your application are as follows:
The legal basis for this processing is Article 6 paragraph 1 clause 1, subclause (b), GDPR. You will need to disclose your data, as a necessary and binding condition of negotiating and executing the contract. If you don’t disclose your data, then you will be unable to register, i.e. it will not be possible to negotiate and/or to execute any orders using our web shop. The data will be erased as soon as it is no longer needed in order to achieve the purpose of its processing, or otherwise it will be restricted to the extent of processing needed under statutory storage obligations.
After your enquiry has been successfully processed, we will send you your access data (username and password) either by post or by email, according to your preference. The following functions are available to you in the log-in area:
We process your data for purposes of enabling the order to go through. The legal basis for this processing is Article 6 paragraph 1 clause 1, subclause (b), GDPR. It’s necessary (and mandatory) for your data to be provided in order for the contract to be negotiated and then completed. If you do not provide your data, then it will not be possible for the contract to be negotiated and/or completed. In order to prevent unauthorised third parties from accessing your personal data, the order procedure is encrypted on the website using SSL technology. We will erase the data arising in this connection once storage is no longer necessary, or otherwise we will restrict processing to the extent required under any mandatory storage obligations. Under mandatory commercial and fiscal regulations, we are obliged to place your address, payment and order details on store for a period of up to 10 years.
We reserve the right to use our customers’ emails as disclosed in the course of our business relationship within the legally permitted framework, in order to email to you (either during or following your order) some items of content as listed below unless you have already objected to this type of processing of your email address:
If the sending of electronic information as required for processing of a contract (e.g. emails in an IT related
format) should be necessary, the corresponding processing is governed on the legal basis under Article 6,
paragraph 1, clause 1, subclause (b), GDPR. You will be under contractual obligation to share your data. If your
data is not shared, then it will not be possible to email you any IT format information in the course of
executing the contract. If the sending of electronic information is not required for processing of a contract
(e.g. emails in an IT related format) is not necessary, then the corresponding processing is governed on a legal
basis under Article Article 6, paragraph 1, clause 1, subclause (f), GDPR. Our justified interests in the
above-described processing relate to enhancing and optimising our services, our dispatch of direct advertising
and the assurance of customer satisfaction. We will delete your data once you have completed your utilisation
process, but in any case no later than three years after the contract has terminated.
We would like you to know that you can decline at any time to receive direct advertising and that you can object to processing for purposes of direct advertising without incurring any charges other than the transmission charges according to basic tariffs. In this context, you hold a general right of objection without having to indicate reasons (refer Article 21, paragraph 2, GDPR). Just click on the “unsubscribe” link in the respective email or send us notice of your objection by means of the contact details indicated in the section on “Responsible party/Data manager”.