1. Data Privacy Statement
We place high value on protecting your data and safeguarding your privacy. Personal data (such as name, address, or email addresses) are all data that can be used to identify you personally. Such data will be collected and used by us only where permitted by law or where we have your consent to its collection. We therefore inform you below about the collection and use of personal data when using our website and about your privacy rights.
2. Responsible authority
The privacy practices of Kiwigrid GmbH comply with the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG-New) and the German Telemedia Act (TMG). The controller is Kiwigrid GmbH, Kleiststrasse 10 a-c, 01129 Dresden. Should you have questions about our collecting, processing or use of your personal data or should you require information or wish to correct, block or delete data or revoke consents you have previously given, please contact the Data Protection Officer at Kiwigrid GmbH, either using the address given above or by email to dataprivacy[at]kiwigrid.com.
3. Google Tag Manager
This website uses Google Tag Manager. This service allows website tags to be managed through a single interface. The Google Tool Manager implements only the Google Universal Analytics Tag with IP anonymization. That means: No cookies are used and no personal information is collected. Google Tool Manager triggers other tags, which in turn may collect data. However, Google Tag Manager does not access this data. Deactivation at the domain or cookie level will remain in effect for all tracking tags insofar as they are implemented with the Google Tag Manager.
4. Google Analytics
5. Use of webfonts
6. Server Log Files
When you access our website, in normal situations, pursuant to section 15 para. 1 TMG no personal data is collected. Kiwigrid GmbH as a provider with German datacenters automatically collects and stores information in server log files, which your browser automatically transmits to us. This includes: the name of the website accessed, file, date and time of access, volume of data transferred, message indicating successful retrieval, browser type and version, the user’s operating system, the referrer URL (i.e. the page you arrived from), IP address and the requesting provider. This data cannot be attributed to specific individuals. This data is not correlated with other data sources. We reserve the right to check this data subsequently if any indications of unlawful use become known to us. It can sometimes be necessary to process this data temporarily in order to resolve technical problems.
7. Applicant portal
You can apply for jobs on our website via an external application portal. This electronic application portal is operated by us for the purpose of handling the recruitment and application process. Your personal data will be processed in this portal to review a possible employment relationship. The data submitted as part of your application will be transmitted via TLS encryption and stored in a database. This database is operated by Personio GmbH, which provides personnel administration and application management software ( Personio: www.personio.de/impressum/ ). Personio is our processor in accordance with Article 28 GDPR. The basis for the processing in this case is a contract for order processing between us as the controller and personio. For further information on the processing of your data as part of the application process, please note the separate privacy notices when registering.
Our website uses ‘cookies’ in various places. Cookies are not harmful. They contain no executable program code and no viruses or other harmful software. Cookies are small text files that are stored on your computer by your browser. Their purpose is to make our offering more user-friendly, more effective and more secure. Cookies enable us to recognize your browser the next time you visit the site. They contain no personal data. You can disable cookies on your hard disk by selecting ‘Do not accept cookies’ in your browser settings. This may, however, restrict the scope of functionality of what we offer on our website.
9. Contact forms
Kiwigrid GmbH processes your personal data to establish contact or to provide downloadable content (such as case studies or whitepapers). Our website also contains contact forms, which can be used for electronic contact with our sales team. If you contact us via one of these channels, the personal data you have voluntarily submitted will be stored automatically. In particular, it is stored in our Salesforcedatbank by means of Mailjet. Moreover, your contact information is stored in this database to make future contact possible. This data storage serves to process your request, to contact you, or for marketing and sales and will continue until you object to the use of this data.We also use this user data for advertising purposes – for Kiwigrid GmbH only – such as sending information material or newsletters. This processing of your aforementioned data is necessary to safeguard the legitimate interests of Kiwigrid GmbH and is justified by a weighing of interests in favor of Kiwigrid GmbH. Kiwigrid GmbH has a legitimate interest in offering you a platform for easy contact and communication with us. Your legitimate interest in keeping your aforementioned data from being used for this purpose does not outweigh the legitimate interest of Kiwigrid GmbH, since it is also in your interest that we process your contact request and respond to it. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
11. Information about the newsletter and consent
Below you will find information on the contents of our newsletter as well as the registration, shipping and statistical evaluation procedures, and your right of objection. By subscribing to our newsletter, you agree to receiving the newsletter and the procedures described. Content of the newsletter We send newsletters, emails, and other electronic notifications with advertising information (hereinafter “newsletters”) only with the consent of the recipient or legal permission. Insofar as the contents of a newsletter are specifically described as part of the registration, that description would apply for the consent of the users. Otherwise, our newsletters contain information on legal topics, in particular in the area of marketing law, data protection, and our law firm (this may in particular include links to blog posts, lectures or workshops, our services or websites). Double opt-in and logging Registration to our newsletter is done based on the double opt-in procedure. In other words, after registration, you will receive an email asking you to confirm your registration. This confirmation is necessary to prevent third parties from registering using other persons’ email addresses. The registration for the newsletter will be logged in order to retain proof that the registration process was executed according to the legal requirements. This includes the storage of the login and the confirmation time, as well as the IP address. Similarly, the changes to your data stored with Mailjet will be logged.
11.1 Use of the mail service provider “Mailjet”
11.2 Login details
To subscribe to the newsletter, it is sufficient to enter your email address. Optionally, we ask you to provide your first and last name. This information is only for the personalization of the newsletter. We also ask you to optionally include your date of birth, gender, and industry. We use this information only to adapt the content of the newsletter to the interests of our readers.
11.3 Statistical survey and analyses
11.4 Termination / cancellation
You can cancel the receipt of our newsletter at any time – in other words, withdraw your consent. Your consent to sending it via Mailjet and the statistical analyses expire at the same time. It is unfortunately not possible to withdraw consent to the mailing via Mailjet and to the statistical evaluation separately. A link to cancel the newsletter can be found at the end of each newsletter.
12. General Data Protection Regulation legal basis
In accordance with the provisions of the General Data Protection Regulation (GDPR), which went into effect on May 25, 2018, we inform you that the consents to the sending of email addresses is based on Article 6(1)(a) and 7 GDPR and § 7(2)(3)(3) UWG. The use of the mail service provider Mailjet, the carrying out of the statistical surveys and analyses, and the logging of the registration process are based on our legitimate interests in accordance with Article 6(1)(f) GDPR. We are interested in using a user-friendly and secure newsletter system that both serves our business interests and meets the expectations of our users. We further wish to advise you that you can object at any time to future processing of your personal data in accordance with the statutory requirements of Article 21 GDPR. The objection may in particular be lodged against processing for direct marketing purposes.
13. Data security
Your personal data is encrypted using SSL. We have taken extensive technical and operational actions to protect your stored personal data against unauthorized access and misuse. Our security procedures are regularly reviewed and adapted to technological progress. Our employees are obliged to maintain confidentiality.
14. Information, rectification, and deletion of data
Each user has the right to receive free information about the personal data stored on them. If you have any questions about the collection, processing or use of your personal data and their rectification, blocking, deletion or revocation of your consent, please contact us by email: firstname.lastname@example.org Please note that your right to have data deleted may be restricted by statutory retention requirements that we must observe.
15. Rights of the data subject
Information, blocking, deletion, data portability Within the scope of the applicable legal provisions, you have the right to obtain free information about the stored personal data about you, their origin and recipient, the purpose of the data processing and, if necessary, a right to rectification, blocking or deletion as well as the portability of this data at any time. You can contact us at any time at the address given in the imprint or at email@example.com for any further questions on the subject of personal data. Revocation of your consent to data processing Many data processing operations are possible only with your express consent. You can revoke an existing consent at any time. An informal message by email to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation. Right to lodge a complaint with the competent supervisory authority If you believe that the processing of your personal data is unlawful, you also have the right to lodge a complaint with the relevant data protection supervisory authority. The address of the supervisory authority responsible for us is: Data Protection Officer for the German State of Saxony, PO Box 11 01 32, 01330 Dresden