1. An overview of data protection
Data collection on our website
Who is responsible for the data collection on this website?
The data collected on this website are processed by the website operator.
Notice concerning the party responsible (Art. 4 (7) GDPR)
The party responsible for processing data on this website is:
knk Customer Engagement GmbH
Phone: +49 (0)431) 57 97 2-0
You will find more information on the Legal Notice page.
How do we collect your data?
Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form.
Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.
What do we use your data for?
Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site.
What rights do you have regarding your data?
You always have the right to request information about the respective personal data as well as correction or deletion or restriction of the processing or a right of objection against the processing as well as the right of data portability. You can contact us at any time using the contact data (responsible party) given above if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities (Independent Center for Privacy Protection Schleswig-Holstein, Kiel).
Revocation of your consent to the processing of your data
Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed
2. General information and mandatory information
Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.
Right to data portability
You have the right to have data which we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser’s address bar.
If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
In the case of encrypted communication, any payment details you submit to us cannot be read by third parties.
Information, blocking, deletion
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.
Opposition to promotional emails
We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested. The website operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.
3. Data protection officer
Statutory data protection officer
We have appointed a data protection officer for our company.
TASCO Revision und Beratung GmbH
Herr Sami Abbas
Telefon: +49 611 9491 2224
4. Data collection on our website
Most of the cookies we use are so-called “session cookies.” They are automatically deleted after your visit. Other cookies remain in your device’s memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.
When visiting the website for the first time, a cookie notice will appear that allows you to make a cookie choice. When clicking on the button “Accept all cookies”, you accept the use of third party cookies, tracking cookies and session cookies on this website and their storage on your computer. When choosing the button “Only allow necessary cookies”, you will only allow session cookies and the cookie for saving the cookie settings on your computer.
Server log files
The website provider automatically collects and stores information that your browser automatically transmits to us in “server log files”. These are:
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
These data will not be combined with data from other sources.
The basis for data processing is Art. 6 (1) (f) DSGVO, which allows the processing of data due to legitimate interest on the basis of IT security and website operation.
Should you send us questions via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions. We do not share this information without your permission. This excludes linked businesses.
We will, therefore, only process any data you enter onto the contact form only with your consent per Art. 6 DSGVO. You may revoke your consent at any time. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.
Please note that if you do not provide data that might be necessary for the processing we might not be able to process your request or only process it partially.
5. Social Media
On this website, the controller has integrated the component of Shariff. The Shariff component provides social media buttons that are compliant with data protection. Shariff was developed for the German computer magazine c’t and is published by GitHub, Inc.
The developers of the component is GitHub, Inc. 88 Colin P. Kelly Junior Street, San Francisco, CA 94107, United States.
Typically, the button solutions provided by the social networks already transmits personal data to the respective social network, when a user visits a website in which a social media button was integrated. By using the Shariff component, personal data is only transferred to social networks, when the visitor actively activates one of the social media buttons. Further information on the Shariff component may be found in the computer magazine c’t under http://www.heise.de/newsticker/meldung/Datenschutz-und-Social-Media-Der-ct-Shariff-ist-im-Usatz-2470103. Html provided. The use of the Shariff component is intended to protect the personal data of the visitors of our website and to enable us to integrate a button solution for social networks on this website.
Further information and the applicable data protection provisions of GitHub are retrievable under https://help.github.com/articles/github-privacy-policy/.
6. Analytics and advertising
This website uses Google Analytics, a web analytics service. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.
Google Analytics cookies are stored based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in analyzing user behavior to optimize both its website and its advertising.
We have activated the IP anonymization feature on this website. Your IP address will be shortened by Google within the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the United States. Only in exceptional cases is the full IP address sent to a Google server in the US and shortened there. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity, and to provide other services regarding website activity and Internet usage for the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.
You can prevent these cookies being stored by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you will not be able to enjoy the full functionality of this website. You can also prevent the data generated by cookies about your use of the website (incl. your IP address) from being passed to Google, and the processing of these data by Google, by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
Objecting to the collection of data
You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this site: Disable Google Analytics. Please note: if you delete cookies in your browser, you have to enable the cookie opt-out function again if you visit this website.
Outsourced data processing
We have entered into an agreement with Google for the outsourcing of our data processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
This website uses Google Tag Manager. Google Tag Manager is a solution, that enables the marketer to manage website tags via an interface. The tool Tag Manager (that implements tags) is a domain without cookies and does not collect personal data. The tool enables the trigger of other tags which might possibly collect data. Google Tag Manager does not access these data. If you deactivate cookies on the domain or cookie level, the deactivation will be valid for all tracking tags, that are being implemented with Google Tag Manager.
Data, that are sent via Google Analytics and Google Tag Manager to Google, will also be sent to our internal community building platform. These data are exclusively anonymous, non-personal data. We use the data for analysis purposes and profile building to make our website more user-friendly. An opt-out (deactivaton) on the domain or cookie level is also valid for Community Building.
If you would like to receive the knk Group newsletter offered on the website, we require the following information: your gender, surname, first name and a valid e-mail address. It is important that you provide this information so that we can address you personally in the newsletter and/or identify you if you wish to make use of your rights as a person affected. We use these data exclusively for sending the requested information.
We use the so-called double opt-in procedure for sending the newsletter. This means that we will only send you our newsletter if you have expressly confirmed to us that you agree to the newsletter receiving. You will first get an e-mail with a link that you can use to confirm that you, as the owner of the corresponding e-mail address, wish to receive newsletters from us in future. The delivery of this link may take a few minutes.
The data entered in the newsletter registration form will be processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a DSGVO). If you do not provide us with this data, we will unfortunately not be able to send you our newsletter. You can withdraw your consent to the storage of your data and its use for sending the newsletter at any time. The cancellation of your agreement can be made via the link inserted in the newsletter or by e-mail to the address given in the imprint. After you have unsubscribed, your data will immediately be blocked for the newsletter receiving and deleted after expiry of the legal storage and retention periods. The legality of the data processing procedures already carried out remains unaffected by the revocation.
Microsoft Dynamics 365 Marketing
This website uses Microsoft Dynamics 365 Marketing to send newsletters. The service is provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. Dynamics 365 Marketing is a service that can be used, among other things, to organize and analyze the sending of newsletters. Microsoft stores the data you provide for the purpose of receiving the newsletter on servers in Germany. If technical resources are heavily used, data processing and data storage on a server in Europe (EMEA) is also possible. Microsoft is certified according to the “EU-US Privacy Shield”. The “Privacy-Shield” is an agreement between the European Union (EU) and the USA to ensure compliance with European data protection standards in the USA.
With the help of Dynamics 365 Marketing we can analyze our newsletter campaigns. When you open an e-mail sent with Dynamics 365 Marketing, a file contained in the e-mail (called a web beacon) connects to Microsoft’s servers. This allows us to determine whether a newsletter message was opened and which links were clicked on, if necessary. Conversion tracking can be used to analyze whether a predefined action (e.g. registration for an event via our website) has been carried out after clicking on the link in the newsletter. Technical information is also recorded (e.g. time of access, IP address, browser type and operating system). This information is collected pseudonymously and cannot be assigned to the respective newsletter recipient. It is used exclusively for statistical analysis of newsletter campaigns. We use the results of these analyses to better adapt future newsletters to the interests of the recipients. If you do not want Microsoft to analyze your newsletter, you must unsubscribe. For this purpose, we provide a corresponding link in every newsletter message. Furthermore, you can also unsubscribe from the newsletter by sending a corresponding e-mail to the person responsible for this website.
Data processing with Dynamics 365 Marketing is based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time by unsubscribing the newsletter. The legality of the data processing operations already carried out shall remain unaffected by the revocation. After cancellation, your stored data will be immediately blocked for the newsletter receiving and deleted after expiry of the legal storage and retention periods. If you tick the box “I no longer wish to receive information“, then your data record will be completely deactivated for all future newsletter receivings and will no longer be used by us. Data that has been stored by us for other purposes (e.g. e-mail addresses as a means of contacting our customers) remains unaffected. You can find more details in the Microsoft data protection regulations at: https://privacy.microsoft.com/en-us/privacystatement.
Conclusion of a Data Processing Agreement
We have concluded a so-called “Data Processing Agreement” (DPA) with Microsoft, in which we commit Microsoft to protect our customers‘ data and not to pass it on to third parties. Microsoft will comply with the obligations to all customers set forth in Appendix 3 of the DPA under (a) “Processing of Personal Data; DPA” and (b) “Provisions of the EU Data Protection Basic Regulation” to the extent that Microsoft acts as a processor or sub-processor of personal data in connection with Azure Stack Hub. These obligations can be found at the appropriate place in the document “Microsoft Professional Services DPA” (https://www.microsoftvolumelicensing.com/DocumentSearch.aspx?Mode=3&DocumentTypeId=59).
Plugins and tools
This site uses the Google Maps map service via an API. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use Google Maps, it is necessary to save your IP address. This information is generally transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.
The use of Google Maps is in the interest of making our website appealing and to facilitate the location of places specified by us on the website. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.
Further information about handling user data, can be found in the data protection declaration of Google at https://www.google.de/intl/de/policies/privacy/.
All in One WP Security
This website uses the plugin All in One WP Security to protect the website from unauthorized access. The plugin does not transfer personal data to external servers.
To block certain IP addresses in the case of excessive login attempts, the IP addresses are stored in our wordpress database. The IP addresses will be deleted from the database on a regular basis.
You will find more information to the plugin here: https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/
Smush sends images to the WPMU DEV servers to optimize them for web use. This includes the transfer of EXIF data. The EXIF data will either be stripped or returned as it is. It is not stored on the WPMU DEV servers.
Smush uses a third-party email service (Drip) to send informational emails to the site administrator. The administrator’s email address is sent to Drip and a cookie is set by the service. Only administrator information is collected by Drip.
Data protection concerning applications and the application process
We collect and process the personal data for the purposes of the application process. The processing can also be handled electronically. This is the case if an applicant is sending application documents by email to us for the processing. If the person responsible for the processing concludes an employment contract with an applicant, the transferred data will be stored for the purposes of the employment in consideration of legal provisions. If the person responsible for the processing does not conclude an employment contract with the applicant, the application documents will be deleted automatically two months after the announcement of the decision of rejection.
Please note that we might not process your application if you do not provide the necessary data.