Data Privacy
Koehler Innovative Solutions GmbH would like to promote user confidence in the Web and is therefore laying out its policy for handling personal data. The following section will show you what information we collect for what purposes and how we use it.
The Privacy Policy contains special instructions for applicants as well as general information both for the applicants as well as other visitors to our website.
It is a matter of course for us to deal with your data carefully and to treat it as confidential. We therefore ask you to send us only serious applications and to check attached files in advance for viruses etc. before you forward them to us.
1. Objective and responsibility
1. This Privacy Policy informs you about the type, scope, and purpose of the processing of personal data within our website and associated websites, functions, and content (hereinafter jointly referred to as “online offer” or “website”). This Privacy Policy is applicable regardless of the domains, systems, platforms, and devices (for example desktop or mobile) on which the online offer is running.
2. The provider of online content, and therefore legally responsible for data privacy, is Koehler Innovative Solutions GmbH, Hauptstraße 2, D-77704 Oberkirch, Germany, Email: info@koehler.com (hereinafter referred to as “we” or “us”). For details of representatives and more contact options, please refer to our masthead: Imprint.
3. Our data privacy officer can be contacted at the Email address: datenschutz@koehler.com
4. The term “users” used in the following includes the applicant as well as other website visitors. All terms used such as “applicants” are to be understood as gender-neutral.
2. General information regarding data processing and legal bases
1. We process the personal data of users strictly in compliance with the relevant data protection laws. This means that the data of users will only be processed if this is permitted by law, i.e., in particular, if data processing is required in order for us to perform our contractual services (e.g. process an order) and online services, where it is prescribed by law, if we have the consent of the user or if processing is based on our legitimate interests (i.e. our interest in the analysis, optimization and economic operation and security of our online service in terms of Art. 6 (1) (f) GDPR and, particularly with regard to measuring coverage, creating profiles for advertising and marketing purposes, collecting access data and the use of services of third-party providers.
2. With regard to the processing of personal data on the basis of the General Data Protection Regulation (GDPR), the legal basis regarding consent is Art. 6 (1) (a) and Art 7 GDPR, the legal basis for processing in order to perform our services and contractual activities is Art. 6 (1) (b) GDPR, the legal basis for processing in order to fulfill our statutory duties is Art. 6 (1) (c) GDPR and the legal basis for processing to maintain our legitimate interests is Art. 6 (1) (f) GDPR.
3. Irrespective of the aforementioned purposes, we also process your contact data (particularly your name, address and email address) within the legally permissible scope for marketing and advertising purposes, i.e. for example in order to send you information about our products, our company, special offers or events. Finally, if we have obtained your contact data in the context of a business event, a business meeting (e.g. by exchanging business cards) or an order, we also process them to manage our business contacts and transfer them to our CRM system (customer relationship management system).
As we have a legitimate economic interest in maintaining contacts established in the course of conducting business beyond the first contact, to use the same to establish a business relationship and to maintain contact with the respective persons for this purpose, the aforementioned processing of your personal data is performed on the basis of Art. 6 (1) (f) GDPR.
3. Security measures
1. We take organizational, contractual, and technical security measures in accordance with the state of the art in order to ensure that the provisions of the data privacy laws are complied with and to ensure that the data processed by us is protected from accidental or intentional manipulation, loss, destruction, or access by unauthorized persons.
2. The security measures include, in particular, the encrypted transfer of data between your browser and our server.
4. Disclosure of data to third parties and third-party suppliers
1. Forwarding of data to third parties only takes place within the framework of the legal guidelines. We forward the data of users to third parties only if this is necessary, for example, for billing purposes or for other purposes if these are necessary in order to fulfill our contractual obligations vis-à-vis the users.
2. If we use subcontractors in order to provide our services, we will take appropriate legal measures and appropriate technical and organizational measures for the protection of personal data in accordance with the relevant statutory provisions.
3. If content, tools, or other resources from other suppliers (hereinafter jointly referred to as “third-party suppliers”) are used within the framework of this Privacy Policy and the third-party supplier is located in a third country, it is to be assumed that a data transfer into the countries of the third-party supplier takes place.
4. Third countries are countries in which the GDPR is not directly applicable, i.e., in principle, countries outside the European Union (EU) or the European Economic Area (EEA)
5. The transfer of data to third countries is carried out if an adequate level of protection for the data, user consent, or otherwise legal permission exists.
5. Contact
1. When a user makes contact with us (using the contact form, by Email, in the context of an order or, for example, by exchanging business cards), the user’s information is processed for the purpose of processing the contact request and responding to the inquiry.
2. The data of users may be stored in our customer relationship management system (“CRM system”) or similar inquiry organization systems for the further maintenance of the business relationship and, as commercial correspondence, must be kept for six years, due to statutory requirements, and, in the case of statutory tax relevance, for a period of ten years.
6. Collection of access data
1. Log file information is collected by the provider solely as part of monitoring.
2. For security reasons (e.g. for the elucidation of abuse or fraud), log file information is stored for a maximum of seven days and then deleted. Data whose further retention is required for evidential purposes is excluded from deletion until the final clarification of the respective incident.
7. Cookies and audience measurement
1. Cookies are pieces of information that are transferred to the Web browser of the user by our Web server or third-party Web servers and stored there for subsequent retrieval. Cookies can be small files or other types of information storage. Users are notified about the use of cookies within the framework of pseudonymous audience measurement within this Privacy Policy.
2. If users do not want cookies to be stored on their computer, they are asked to disable the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional limitations of this online offer.
3. You can object to the use of cookies that serve the purpose of audience measurement and advertising via the deactivation page of the Network Advertising Initiative (http://optout.networkadvertising.org/) and, in addition, the US website (http://www.aboutads.info/choices) or the European website (http://www.youronlinechoices.com/uk/your-ad-choices/).
Necessary Cookies
These cookies are essential for the website's functionality and therefore cannot be disabled.
WSESSIONID
Duration of storageSession
Necessary standard cookie to use with PHP session data.
hideCookieNotice
Duration of storageUp to 30 days depending on the selection.
Saves that the cookie or data protection notice is not displayed again each time you access the site.
hideCookieNotice2
Duration of storageUp to 30 days depending on the selection.
Saves that the cookie or data protection notice is not displayed again each time you access the site.
allowLoadExternRessources
Duration of storageUp to 30 days depending on the selection.
Remembers the user decision whether external components may be loaded automatically.
allowTracking
Duration of storageUp to 30 days depending on the selection.
Remembers the user decision that visitor behaviour may be tracked.
Marketing/tracking Cookies
These cookies are used for marketing purposes and analyse your visitor behaviour.
_pk_id.1.3659
Duration of storage: 13 months
Saves some details about the user such as the unique visitor ID.
_pk_ref.1.3659
Duration of storage: 6 months
This cookie is used as a reference to the anonymous tracking session on the site.
_pk_ses.1.3659
Duration of storage: 30 minutes
Stores data for the visit temporarily.
_pk_testcookie..undefined
Duration of storage: Session
Checks whether the visitor's browser supports cookies.
_pk_testcookie.1.3659
Duration of storage: Session
Checks whether the visitor's browser supports cookies.
8. Social media buttons und links
1. The links/buttons to social networks and platforms (hereinafter referred to as “social media”) used within our online offer do not create a connection between social networks and the users until users click on the links/buttons and the respective networks, or their websites, are accessed. This function corresponds to the operation of a regular online link.
2. The following diagram provides an overview of the linked social media providers, along with links to their respective privacy policies, which contain more information about the processing of data and, in some cases already mentioned here, objection options (so-called opt-out):
- facebook.com, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland, Privacy Policy: http://de-de.facebook.com/policy.php, Opt-Out: http://www.facebook.com/settings.
- YouTube/ Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/.
- XING SE / kununu, Dammtorstraße 29-32, 20354 Hamburg, Deutschland. Privacy Policy: https://www.xing.com/privacy.
- Instagram, Instagram LLC, Vertreten durch Kevin Systrom und Mike Krieger, 1601 Willow Rd, Menlo Park CA 94025, USA. Privacy Policy: https://help.instagram.com/155833707900388/
- LinkedIn, Ireland Unlimited Company, Wilton Place, Dublin 2, Irland. Privacy Policy: https://www.linkedin.com/legal/privacy-policy
9. Web analysis by Matomo (formerly PIWIK)
Extent of personal data processing:
On our website, we use the open-source software tool Matomo (formerly PIWIK) to analyze the surfing behavior of our users. The software places a cookie on the user’s computer (regarding cookies, see above). If individual pages of our website are accessed, the following data is stored:
- two bytes of the IP address of the accessing system of the user
- the website accessed
- the website from which the user accessed the website (referrer)
- the subpages of the website that are accessed
- the duration of the visit to the website
- the frequency of access to the website
The software used for this purpose runs exclusively on the servers of our website. Users’ personal data is stored there only. The data is not disclosed to third parties.
2. Legal basis for processing personal data: The legal basis for the processing of personal data of the user is Article 6, Paragraph 1, Subparagraph F, of the GDPR.
3. Purpose of data processing and legitimate interest: Processing the personal data of users makes it possible for us to analyze the surfing behavior of our users. The data gained through this analysis allows us to compile information about the use of the individual components of our website. This helps us to continually improve our website and make it more user-friendly. In these purposes, we also have a legitimate interest in processing the data according to Article 6, Paragraph 1, Subparagraph F, of the GDPR. Anonymizing the IP address sufficiently takes into account the users’ interest in protecting their personal data.
You will find more information about the privacy settings of the Matomo software at the following link: https://matomo.org/docs/privacy/
10. Integration of third-party services and Content
1. Within our online offer, and on the basis of our legitimate interests (i.e. interest in the analysis, optimization, and economic operation of our online offer within the meaning of Article 6, Paragraph 1, Subparagraph F, of the GDPR), we use content or service offerings from third-party suppliers to embed their contents and services such as videos or fonts (hereinafter referred to uniformly as “content”). This always requires that the third-party supplier of the content learn the IP address of the user, because the content can not be sent to the browser without the IP address. The IP address is therefore required for the presentation of that content. We strive to use only such content whose respective provider only uses IP addresses for delivery of the content. Furthermore, third-party suppliers may also use so-called pixel tags (invisible graphics, also known as “Web beacons”) for statistical and marketing purposes. Through the pixel tags, information such as visitor traffic on the pages of this website can be evaluated. The pseudonymous information may also be stored in cookies on the device of the user and may contain, among other things, technical information about the browser and operating system, referring websites, visit time, and other information about the use of our online offer; the information can also be connected with other information from other sources.
2. The following diagram provides an overview of third-party suppliers and their content, along with links to their respective privacy policies, which contain more information about the processing of data and, in some cases already mentioned here, objection options (the so-called opt-out):
- Maps provided by Google Maps, a service of third-party supplier Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/.
- Videos of the YouTube platform of the third-party supplier Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/.
- Note regarding Google Inc.: Google is certified in accordance with the EU–U.S. Privacy Shield and it provides a guarantee of compliance with the European Data Protection Regulation (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
11. Rights of users
1. Users have the right to request, free of charge, to receive information about the personal data that we have stored about them. In addition, users have the right to correct incorrect data, to limit the processing and deletion of their personal data, if applicable, to assert their right to data portability, and, in the case of suspicion of unlawful data processing, to file a complaint with the competent supervisory authority (the data privacy office in the German state of Baden-Württemberg, Königstrasse 10a, 70025 Stuttgart, Germany).
2. Users can also, in general with future effect, withdraw their consent without giving reasons.
12. Deletion of data
1. The data stored on our servers will be deleted as soon as it is no longer required for its intended purpose and the deletion does not violate any statutory retention obligations. If the data of the user cannot be deleted because it is required for other purposes permitted by law, the processing of this data is restricted, which means that the data is locked and cannot be used for other purposes. This applies, for example, to user data that must be retained for commercial or tax reasons.
2. In accordance with the legal requirements, retention is carried out for six years pursuant to Section 257, Paragraph 1, of the German Commercial Code (trade books, inventories, opening balances, annual financial statements, business letters, receipts, etc.) and for ten years pursuant to Section 147, Paragraph 1, of the German Fiscal Code (books, records, financial reports, receipts, trade and business letters, tax-related documents, etc.).
13. Right to object
Users can object to the future processing of their personal data in accordance with the statutory provisions at any time without giving reasons. The objection may relate, in particular, to processing for purposes of direct marketing.
14. Changes to the privacy policy
1. We reserve the right to amend the Privacy Policy in order to adapt it to changing legal situations or if changes are made to the service and data processing. However, this only applies with regard to explanations of data processing. If user consent is required or if components of the Privacy Policy contain provisions governing the contractual relationship with the users, the changes are made only with the consent of the user.
2. Users are asked to regularly inform themselves about the contents of the Privacy Policy.