Privacy Notice
Data Processing Policy for this Website according to Art. 13 of the EU General Data Protection Regulation (GDPR) when Collecting Personal Data from a Data Subject
(Version: GDPR 2.1 – August 2024)
KNECHT Maschinenbau GmbH is responsible for this website and, as the provider of a telecommunications service, is required to inform you at the beginning of your visit in a precise, transparent, understandable and easily accessible manner, in clear and simple language, about the nature, scope and purpose of the collection and use of personal data. This information must be available to you at all times.
We take the security of your data and compliance with data protection laws very seriously. The processing of personal data is subject to the provisions of European and national laws in force.
The purpose of this data protection statement is to let you know how we handle your personal data and how you can contact us:
KNECHT Maschinenbau GmbH
Witschwender Straße 26
88368 Bergatreute
Germany
Commercial register no.: HRB 600185
Managing Directors: Manfred Knecht and Markus Knecht
+49(0)7527-928-0
mail@knecht.eu
Our Data Protection Officer
Sven Lenz
Deutsche Datenschutzkanzlei – Datenschutzkanzlei Lenz GmbH & Co. KG
Bahnhofstraße 50
87435 Kempten
Germany
If you have any questions about data protection or other data protection issues, please feel free to send an e-mail to the following address: datenschutz@knecht.eu
A. General Information
For better readability, we have omitted gender-specific references. In the interest of equal treatment, the pronouns they, them, their refer to single individuals. The meaning of terms used such as “personal data” or their “processing” can be found in Art. 4 GDPR.
The types of personal data processed through this website include
- usage data (e.g., pages visited on our website), and
- content data (e.g., online form submissions).
B. Specific Information
Data Protection Notice
We ensure that we process your data only in connection with fulfilling your requests, for internal purposes, and to provide services or content that you have requested.
Basis of Data Processing
We process your personal data only in accordance with the relevant data protection regulations and for the following legal reasons:
- Processing in order to provide our services and carry out contractual measures
Art. 6 (1) (b) GDPR - Processing in order to fulfill our legal obligations
Art. 6 (1) (c) GDPR - Consent
Art. 6 (1) (a) and Art. 7 GDPR - Processing to protect our legitimate interests
Art. 6 (1) (f) GDPR
Transmission of Data to Third Parties
Please note that the use of our website may involve the transmission of data.
Please note that the use of our website may involve the transmission of data if you select the services offered via the cookie consent tool provided on the website. If you do not select a service, no data will be transmitted to third parties.
As part of website hosting, the service provider you use may have access to your data. We have described in detail which web host we use in this Data Protection Policy.
If we use subcontractors to provide our services, we take appropriate legal, technical and organizational measures to ensure the protection of personal data in accordance with the relevant legal provisions.
Transmission of Data to a Third Country or International Organization
Third countries are countries to which the GDPR does not directly apply. This generally constitutes all countries outside the EU or the European Economic Area.
Please note that the use of our website may involve the transmission of data to a third country if you select the services offered via the cookie consent tool provided on the website. If you do not select a service, no data will be transmitted to a third country.
For the transmission of data to the United States, the following applies: Since July 2023, there has been an EU Commission adequacy decision (Data Privacy Framework) designating the United States as a third country with a level of data protection comparable to that of the EU. The adequacy decision can now serve as the basis for data transmission to certified organizations in the United States.
The U.S. services we use are certified under the Data Privacy Framework. Details are provided with each service.
Retention Period of your Personal Data
We adhere to the principles of data minimization and data avoidance. This means that we will only retain your data for as long as necessary to fulfill the purposes stated above or as required by various legal retention periods. When the purpose for which the data were collected no longer exists or after the relevant retention period has expired, your data will be routinely restricted or erased in accordance with legal requirements.
Initiating Contact
If you contact us electronically (e.g., via contact form or e-mail), personal data will be processed. The data you provide will be stored only for the purpose of processing your request and for any follow-up questions.
We would like to inform you about the legal basis:
- Processing in order to provide our services and carry out contractual measures
Art. 6 (1) (b) GDPR
We would like to point out that e-mails can be read or modified by unauthorized persons unnoticed during transmission. We would also like to inform you that we use software to filter unsolicited e-mail (spam filter). E-mails may be rejected by the spam filter if they are incorrectly identified as spam based on certain characteristics.
What Rights Do You Have?
a) Right to Information
You have the right to receive information about your stored data free of charge. Upon request, we will inform you in writing of the personal data we hold about you. This includes the origin and recipients of your data as well as the purpose of the data processing.
b) Right to Rectification
You have the right to have your stored data rectified if they are inaccurate. In this context, you may request a restriction of processing, for example, if you dispute the accuracy of your personal data.
c) Right to Restriction
You can also restrict your data. In order for a restriction on your data to be considered at any time, those data must be maintained in a restriction file for control purposes.
d) Right to Erasure
You may request that your personal data be erased, unless there is a legal obligation to retain it. If such an obligation exists, we will restrict your data upon request. If we are required by law, we will erase your personal data without your request.
e) Right to Data Portability
You have the right to request that we provide the personal data you have provided to us in a format that permits its transmission to another entity.
f) Right to File a Complaint with a Supervisory Authority
You have the option of filing a complaint with one of the data protection supervisory authorities.
The data protection supervisory authority responsible for us:
The State Commissioner for Data Protection and Freedom of Information of Baden-Württemberg
Postal address: P.O. Box 10 29 32, 70025 Stuttgart, Germany
Office address: Lautenschlagerstraße 20, 70173 Stuttgart, Germany
+49(0)711-615541-0
+49(0)711-615541-15
poststelle@lfdi.bwl.de
https://www.baden-wuerttemberg.datenschutz.de
You can open the complaint form by clicking on the following link:
https://www.baden-wuerttemberg.datenschutz.de/online-beschwerde
Note: A complaint may also be made to any data protection supervisory authority within the EU.
g) Right to Object
You have the right to object at any time, on grounds relating to your particular situation, to the processing of your data pursuant to Art. 6 (1) (e) and (f); this also applies to profiling based on these provisions.
We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing is necessary for the establishment, exercise or defense of legal claims.
If personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing purposes, including the creation of profiles in connection with such direct marketing. If you object to the processing for direct marketing purposes, we will no longer process your personal data for these purposes. You can do this by sending us an e-mail.
h) Right to Withdraw
You have the right to withdraw your consent to the processing of your data at any time with effect for the future without giving reasons. There are no disadvantages for you as a result of the withdrawal. You can do this by sending us an e-mail.
However, such withdrawal shall not affect the lawfulness of the processing carried out on the basis of Article 6 (1) (a) GDPR up to the time of withdrawal.
To exercise your rights as a data subject, please send an e-mail to one of the above e-mail addresses.
Protecting your Personal Data
We use state-of-the-art contractual, technical and organizational security measures to ensure compliance with data protection laws and to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons.
Security measures include, but are not limited to, encrypted transmission of data between your browser and our server. It uses 256-bit SSL (AES 256) encryption technology.
Your personal data are protected in the following regards (excerpt)
a) Ensuring the confidentiality of your personal data
In order to maintain the confidentiality of the stored data, we have implemented a variety of physical, electronic and accessibility control measures.
b) Ensuring the integrity of your personal data
In order to maintain the integrity of the stored data, we have implemented a variety of transmission and entry control measures.
c) Ensuring the availability of your personal data
In order to maintain the availability of the stored data, we have implemented a variety of order and availability control measures.
The security measures in place are continually improved as technology evolves. Despite these precautions, due to the insecure nature of the Internet, we cannot guarantee the security of your transmission to our site. Therefore, any data transmission you initiate is done at your own risk.
Protection of Minors
If you are under the age of 16, you may provide us with personal information only with the explicit consent of a parent or guardian. These data will be processed in accordance with this Data Protection Policy.
Server log files
The provider of these pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
These data are not combined with other data sources.
The basis for data processing is our legitimate interest in accordance with Article 6 (1) (f) GDPR.
Cookies
Cookies are small text files that are stored locally in the cache of your Internet browser. For example, cookies allow us to recognize your Internet browser. The files are used to help the browser navigate through the website and take full advantage of all its features.
Cookie Consent Tool
To obtain effective user consent for consent-requiring cookies and cookie-based applications, we use a cookie consent tool.
This website uses the cookie consent tool from Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (“CookieBot”).
The cookie consent tool is presented to users in the form of an interactive user interface when they visit the page where they can consent to specific cookies and/or cookie-based applications by checking boxes. When the tool is used, any cookies/services requiring consent will only be loaded if the user gives their consent by checking the box. This ensures that such cookies are only placed on the user’s device if consent has been given.
The tool places technically necessary cookies to store your cookie preferences. Personal user data are not processed in this context.
If, in individual cases, the processing of personal data (such as IP addresses) for the purpose of storing, assigning or logging cookie settings is necessary, this will be done in accordance with Art. 6 (1) (f) GDPR based on our legitimate interest in legally compliant, user-specific and user-friendly consent management for cookies and thus in a legally compliant design of our website.
Another legal basis for the processing is Art. 6 (1) (c) GDPR. As a data controller, we are required by law to obtain user consent for the use of nonessential cookies.
More information about the operator and the settings options of the cookie consent tool can be found directly in the corresponding user interface on our website.
Website Hosting
We use the system of the following provider to host our website and display its contents: Mittwald CM Service GmbH & Co. KG, Königsberger Str. 4-6, 32339 Espelkamp
All data collected on our website is processed on the provider’s servers.
We have entered into a data processing agreement with the provider that protects the privacy of our site visitors and prohibits unauthorized disclosure to third parties.
The Data Protection Policy of Mittwald CM Service GmbH & Co. KG can be found here: https://www.mittwald.de/datenschutz
Website CRM
We use the Typo3 content management system from the following provider to manage our website: TYPO3 Association, Gewerbestraße 10, CH-4450 Sissach, Switzerland
The provider can access the data. We have entered into a data processing agreement with the provider that protects the privacy of our site visitors and prohibits unauthorized disclosure to third parties.
Matomo (formerly Piwik) with cookies
This website uses a web analytics service supplied by the following provider: InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand, (“Matomo”).
Where required by law, we have obtained your consent for the aforementioned processing of your data pursuant to Art. 6 (1) (a) GDPR in conjunction with Section 25 of the German Telecommunications Data Protection Implementation Act (Telekommunikation-Datenschutz-Durchführungsgesetz, TDDDG).
You may withdraw your consent at any time with effect for the future. To exercise your opt-out, disable this service in the “cookie consent tool” provided on the website.
The pseudonymized information generated by the cookie will not be used to personally identify visitors to this website and will not be linked to personal data about the bearer of the pseudonym.
Pseudonymous user profiles can be created and evaluated from this data for the same purpose. Cookies may be used for this purpose. Cookies are small text files that are stored locally in the cache of the website visitor’s Internet browser. Cookies allow, among other things, the recognition of the Internet browser.
If data collected using Matomo’s technology (including your pseudonymized IP address) are transferred to and processed on Matomo’s servers in New Zealand for usage analysis purposes, we inform you that the European Commission has issued an adequacy decision for New Zealand that certifies compliance with European data protection standards for international data transfers.
Use of YouTube Videos
We use the YouTube embed feature to display and play videos from the provider YouTube, which is owned by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).
Where required by law, we have obtained your consent for the aforementioned processing of your data pursuant to Art. 6 (1) (a) GDPR in conjunction with Section 25 of the German Telecommunications Data Protection Implementation Act (Telekommunikation-Datenschutz-Durchführungsgesetz, TDDDG).
You may withdraw your consent at any time with effect for the future. To exercise your opt-out, disable this service in the “cookie consent tool” provided on the website.
This involves transmission of data to a third country (here: United States) or an international organization Since July 2023, there has been an EU Commission adequacy decision (Data Privacy Framework) designating the United States as a third country with a level of data protection comparable to that of the EU. The adequacy decision can now serve as the basis for data transmission to certified organizations in the United States. According to the U.S. Department of Commerce’s list of certified businesses, Google LLC is listed as a certified business.
According to YouTube, cookies are used to collect video statistics, improve the user experience, and prevent abusive practices. If you are signed in to Google, your data will be directly associated with your account when you click on a video. If you do not want to be associated with your YouTube profile, you must log out before activating the button.
Google stores and analyzes your data (even if you are not logged in) as a user profile. You have the right to object to the creation of these user profiles by contacting YouTube. Regardless of whether the embedded videos are played, a connection to the Google network is established each time this website is accessed, which may trigger further data processing operations over which we have no control. For more information about YouTube’s privacy practices, please see their Privacy Policy at https://www.google.de/intl/de/policies/privacy
Use of Google Maps
This website uses Google Maps (API) provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). Google Maps is a web service for viewing interactive maps. This service will show you our location and make it easier to find us.
Where required by law, we have obtained your consent for the aforementioned processing of your data pursuant to Art. 6 (1) (a) GDPR in conjunction with Section 25 of the German Telecommunications Data Protection Implementation Act (Telekommunikation-Datenschutz-Durchführungsgesetz, TDDDG).
You may withdraw your consent at any time with effect for the future. To exercise your opt-out, disable this service in the cookie consent tool provided on the website.
This involves transmission of data to a third country (here: United States) or an international organization Since July 2023, there has been an EU Commission adequacy decision (Data Privacy Framework) designating the United States as a third country with a level of data protection comparable to that of the EU. The adequacy decision can now serve as the basis for data transmission to certified organizations in the United States. According to the U.S. Department of Commerce’s list of certified businesses, Google LLC is listed as a certified business.
Google stores and analyzes your data (even if you are not logged in) as a user profile.
You have the right to object to the creation of these user profiles by contacting Google. If you do not wish to consent to the future transfer of your data to Google in connection with the use of Google Maps, you can also completely disable the Google Maps web service by disabling the JavaScript application in your browser. You will not be able to use Google Maps or the map view on this website.
You can view Google’s terms of use at: https://www.google.de/intl/de/policies/terms/regional.html, and the additional terms of use for Google Maps at: https://www.google.com/intl/de_US/help/terms_maps.html
For detailed information about Google’s data protection in connection with the use of Google Maps, please visit Google’s website (“Google Privacy Policy”): https://www.google.de/intl/de/policies/privacy
Social Networks
In addition to this online offering, we also maintain a number of social media sites that you can access through buttons on our website. When you visit such a site, personal data may be transmitted to the social network provider. It is possible that, in addition to the data you specifically enter into that social network, other information may be processed by the social network provider.
For more information, please see our Social Media Data Protection Policy at this link: https://www.knecht.eu/datenschutz-socialmedia/
Changes to our Data Protection Policy
We reserve the right to change our Data Protection Policy at any time to reflect changes in the law or changes in our services. For example, this may involve the introduction of new services. The new data protection policy will apply to your next visit.