Privacy policy

1. Data Privacy Statement

We place high value on protecting your data and safeguarding your privacy. Personal data (such as name, address, or email addresses) are all data that can be used to identify you personally. Such data will be collected and used by us only where permitted by law or where we have your consent to its collection. We therefore inform you below about the collection and use of personal data when using our website and about your privacy rights.

2. Responsible authority

The privacy practices of Kiwigrid GmbH comply with the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG-New) and the German Telemedia Act (TMG). The controller is Kiwigrid GmbH, Kleiststrasse 10 a-c, 01129 Dresden. Should you have questions about our collecting, processing or use of your personal data or should you require information or wish to correct, block or delete data or revoke consents you have previously given, please contact the Data Protection Officer at Kiwigrid GmbH, either using the address given above or by email to dataprivacy[at]kiwigrid.com.

3. Google Tag Manager

This website uses Google Tag Manager. This service allows website tags to be managed through a single interface. The Google Tool Manager implements only the Google Universal Analytics Tag with IP anonymization. That means: No cookies are used and no personal information is collected. Google Tool Manager triggers other tags, which in turn may collect data. However, Google Tag Manager does not access this data. Deactivation at the domain or cookie level will remain in effect for all tracking tags insofar as they are implemented with the Google Tag Manager.

4. Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). For this purpose Google Analytics uses cookies, which are text files that are stored on your computer and that allow your use of the website to be analyzed. The information generated by cookies about your use of this website is usually transmitted to a Google server in the USA and stored there. Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide other services related to website activity and Internet usage on behalf of the website operator. For more information on how user data is handled by Google Analytics, please refer to the Google Privacy Policy: Google Privacy Questions support.google.com/analytics/answer/6004245 This website uses IP anonymization “_anonymizeIp ()”, which means that your IP address will be truncated by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and truncated there. The IP address provided by your browser as part of Google Analytics will not be merged with other Google data. You can prevent cookies being installed through the appropriate settings in your browser software. We would advise you, however, that if you do so you may be unable to use all of the functions on the website to their full extent. In addition, you can prevent Google from collecting and processing the data generated by the cookie related to your use of the website (including your IP address) by downloading and installing the browser plugin available under the following link: Google Optout tools.google.com/dlpage/gaoptout The collection and use of your data is part of a commissioned data processing agreement concluded between Kiwigrid GmbH and Google Inc., in accordance with Article 28 GDPR.

5. Use of webfonts

External Google fonts are used on this website. Google Fonts is a service of Google Inc. (“Google”). The integration of these web fonts is executed by a server call, usually a Google server in the USA. The data concerning which of our websites you have visited will be transmitted to that server. The browser’s IP address of the visitor’s terminal being used to visit this website is stored by Google. For more information, see the Google Privacy Policy, which you can access here: fonts.google.com policies.google.com/privacy

6. Server Log Files

When you access our website, in normal situations, pursuant to section 15 para. 1 TMG no personal data is collected. Kiwigrid GmbH as a provider with German datacenters automatically collects and stores information in server log files, which your browser automatically transmits to us. This includes: the name of the website accessed, file, date and time of access, volume of data transferred, message indicating successful retrieval, browser type and version, the user’s operating system, the referrer URL (i.e. the page you arrived from), IP address and the requesting provider. This data cannot be attributed to specific individuals. This data is not correlated with other data sources. We reserve the right to check this data subsequently if any indications of unlawful use become known to us. It can sometimes be necessary to process this data temporarily in order to resolve technical problems.

7. Applicant portal

You can apply for jobs on our website via an external application portal. This electronic application portal is operated by us for the purpose of handling the recruitment and application process. Your personal data will be processed in this portal to review a possible employment relationship. The data submitted as part of your application will be transmitted via TLS encryption and stored in a database. This database is operated by Personio GmbH, which provides personnel administration and application management software ( Personio: www.personio.de/impressum/ ). Personio is our processor in accordance with Article 28 GDPR. The basis for the processing in this case is a contract for order processing between us as the controller and personio. For further information on the processing of your data as part of the application process, please note the separate privacy notices when registering.

8. Cookies

Our website uses ‘cookies’ in various places. Cookies are not harmful. They contain no executable program code and no viruses or other harmful software. Cookies are small text files that are stored on your computer by your browser. Their purpose is to make our offering more user-friendly, more effective and more secure. Cookies enable us to recognize your browser the next time you visit the site. They contain no personal data. You can disable cookies on your hard disk by selecting ‘Do not accept cookies’ in your browser settings. This may, however, restrict the scope of functionality of what we offer on our website.

9. Contact forms

Kiwigrid GmbH processes your personal data to establish contact or to provide downloadable content (such as case studies or whitepapers). Our website also contains contact forms, which can be used for electronic contact with our sales team. If you contact us via one of these channels, the personal data you have voluntarily submitted will be stored automatically. In particular, it is stored in our Salesforcedatbank by means of Mailjet. Moreover, your contact information is stored in this database to make future contact possible. This data storage serves to process your request, to contact you, or for marketing and sales and will continue until you object to the use of this data.We also use this user data for advertising purposes – for Kiwigrid GmbH only – such as sending information material or newsletters. This processing of your aforementioned data is necessary to safeguard the legitimate interests of Kiwigrid GmbH and is justified by a weighing of interests in favor of Kiwigrid GmbH. Kiwigrid GmbH has a legitimate interest in offering you a platform for easy contact and communication with us. Your legitimate interest in keeping your aforementioned data from being used for this purpose does not outweigh the legitimate interest of Kiwigrid GmbH, since it is also in your interest that we process your contact request and respond to it. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

10. Salesforce

For customer service and to improve your user experience we use the CRM module of Salesforce.com, which is represented in Germany by: Salesforce.com Germany GmbH, Erika-Mann-Str. 63, 80636 Munich, Germany. The address of the US parent company is: The Landmark @ One Market Street, Suite 300, San Francisco, CA 94105, USA Salesforce Privacy Policy applies and can be found at the following URL: www.salesforce.com/de/company/privacy/ Data collected by Salesforce is protected by Secure Socket Layer (SSL) technology, which uses both server authentication and data encryption. Salesforce.com has also implemented an advanced security method based on dynamic data and encoded session IDs and is operating the site in a secure server environment, which uses a firewall and other advanced technologies to prevent disruption or intrusion attacks. Salesforce.com has been awarded the Trust Privacy Seal. Salesforce itself limits access to the data collected to what is legally permitted. Through our contact forms, we allow visitors to our website to learn more about our business, to download content, and to provide their contact information as well as other demographic information. This information is stored on servers of our software partner Salesforce. It can be used by us to connect with visitors to our website and to determine what services of our company may be of interest to them. All information we collect is subject to this Privacy Policy. We use all information collected solely to optimize our marketing and sales activities. In addition, data (email address, first name, last name, company, title) is exchanged between Salesforce and Mailjet in order to provide you with more information about the company with newsletters and to provide a better brand experience. You can object to the processing of this data at any time with the opt-out solution. Further information can be found under “Use of the mail-service provider ‘Mailjet’.” Salesforce.com is a certified licensee of the TRUSTe Privacy Seal (online data protection seal). For more information on salesforce.com’s handling of personal data, please see their full privacy policy . Please direct any questions regarding their privacy policy or handling of personal data here or by mail to the following address: Salesforce.com Privacy; The Landmark @ One Market Street, Suite 300; San Francisco, CA 94105, USA. www.salesforce.com/de/

11. Information about the newsletter and consent

Below you will find information on the contents of our newsletter as well as the registration, shipping and statistical evaluation procedures, and your right of objection. By subscribing to our newsletter, you agree to receiving the newsletter and the procedures described. Content of the newsletter We send newsletters, emails, and other electronic notifications with advertising information (hereinafter “newsletters”) only with the consent of the recipient or legal permission. Insofar as the contents of a newsletter are specifically described as part of the registration, that description would apply for the consent of the users. Otherwise, our newsletters contain information on legal topics, in particular in the area of marketing law, data protection, and our law firm (this may in particular include links to blog posts, lectures or workshops, our services or websites). Double opt-in and logging Registration to our newsletter is done based on the double opt-in procedure. In other words, after registration, you will receive an email asking you to confirm your registration. This confirmation is necessary to prevent third parties from registering using other persons’ email addresses. The registration for the newsletter will be logged in order to retain proof that the registration process was executed according to the legal requirements. This includes the storage of the login and the confirmation time, as well as the IP address. Similarly, the changes to your data stored with Mailjet will be logged.

11.1 Use of the mail service provider “Mailjet”

The newsletter is distributed via the newsletter mailing platform “Mailjet”. The email addresses of our newsletter recipients, as well as their other information described in these notes, are stored on the google cloud platform in data centers in Frankfurt (Germany) and Saint-Ghislain (Belgium). Mailjetuses this information to send and evaluate the newsletters on our behalf. Furthermore, according to its own information, Mailjet may use this data for the purpose of optimizing or improving its own services, for example for the technical optimization of mailing and the presentation of newsletters, or for economic purposes, to determine from which countries the recipients come. However, Mailjet does not use the data of our newsletter recipients to contact them or to pass them on to third parties. We trust the reliability, IT and data security of Mailjet. Mailjet is ISO 27001 certified ISO and compliant with the GDPR. Furthermore, we have concluded a Data Processing Agreement with Mailjet. This is a contract in which Mailjet pledges to protect the data of our users, to process it in accordance with its privacy policy on our behalf and, in particular, not to disclose it to third parties. The privacy policy of Mailjet can be viewed here: https://www.mailjet.com/privacy-policy/

11.2 Login details

To subscribe to the newsletter, it is sufficient to enter your email address. Optionally, we ask you to provide your first and last name. This information is only for the personalization of the newsletter. We also ask you to optionally include your date of birth, gender, and industry. We use this information only to adapt the content of the newsletter to the interests of our readers.

11.3 Statistical survey and analyses

The newsletters contain a “web-beacon,” i.e., a pixel-sized file which is retrieved from the Mailjet server when the newsletter is opened. This call will initially collect technical information, such as information about the browser and your system, as well as your IP address and time of retrieval. This information is used to improve the technical performance of services based on the technical data or the target group and their reading habits based on their locations (which can be determined using the IP address) or access times. Statistical surveys also include determining if the newsletters are opened, when they are opened, and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our desire nor that of Mailjet to observe individual users. The evaluations help us rather much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users. Online call and data management In some cases we direct the newsletter recipients to the Mailjet websites. For example, our newsletters contain a link with which the newsletter recipients can retrieve the newsletters online (such as in the event of problems with their presentation in the email program). Furthermore, newsletter recipients can subsequently correct their data, such as the email address. Similarly, Mailjet’s privacy policy is available only on their website. In this context, we would like to advise you that cookies are used on the Mailjet websites and personal data is therefore processed by Mailjet, their partners, and service providers (such as Google Analytics). We have no influence on this data collection. For more information, please see the privacy policy of Mailjet. We also want to inform you about the option of objecting to the data collection for advertising purposes on the websites www.aboutads.info/choices/ and www.youronlinechoices.com (for the European area).

11.4 Termination / cancellation

You can cancel the receipt of our newsletter at any time – in other words, withdraw your consent. Your consent to sending it via Mailjet and the statistical analyses expire at the same time. It is unfortunately not possible to withdraw consent to the mailing via Mailjet and to the statistical evaluation separately. A link to cancel the newsletter can be found at the end of each newsletter.

12. General Data Protection Regulation legal basis

In accordance with the provisions of the General Data Protection Regulation (GDPR), which went into effect on May 25, 2018, we inform you that the consents to the sending of email addresses is based on Article 6(1)(a) and 7 GDPR and § 7(2)(3)(3) UWG. The use of the mail service provider Mailjet, the carrying out of the statistical surveys and analyses, and the logging of the registration process are based on our legitimate interests in accordance with Article 6(1)(f) GDPR. We are interested in using a user-friendly and secure newsletter system that both serves our business interests and meets the expectations of our users. We further wish to advise you that you can object at any time to future processing of your personal data in accordance with the statutory requirements of Article 21 GDPR. The objection may in particular be lodged against processing for direct marketing purposes.

13. Data security

Your personal data is encrypted using SSL. We have taken extensive technical and operational actions to protect your stored personal data against unauthorized access and misuse. Our security procedures are regularly reviewed and adapted to technological progress. Our employees are obliged to maintain confidentiality.

14. Information, rectification, and deletion of data

Each user has the right to receive free information about the personal data stored on them. If you have any questions about the collection, processing or use of your personal data and their rectification, blocking, deletion or revocation of your consent, please contact us by email: dataprivacy@kiwigrid.com Please note that your right to have data deleted may be restricted by statutory retention requirements that we must observe.

15. Rights of the data subject

Information, blocking, deletion, data portability Within the scope of the applicable legal provisions, you have the right to obtain free information about the stored personal data about you, their origin and recipient, the purpose of the data processing and, if necessary, a right to rectification, blocking or deletion as well as the portability of this data at any time. You can contact us at any time at the address given in the imprint or at dataprivacy@kiwigrid.com for any further questions on the subject of personal data. Revocation of your consent to data processing Many data processing operations are possible only with your express consent. You can revoke an existing consent at any time. An informal message by email to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation. Right to lodge a complaint with the competent supervisory authority If you believe that the processing of your personal data is unlawful, you also have the right to lodge a complaint with the relevant data protection supervisory authority. The address of the supervisory authority responsible for us is: Data Protection Officer for the German State of Saxony, PO Box 11 01 32, 01330 Dresden