Skip to main content

Privacy Statement

of KESSEL AG

KESSEL AG (hereinafter referred to as “we”) finds it very important to ensure the safe handling of your personal data and is responsible for processing your data in accordance with the European General Data Protection Regulation (GDPR), as well as other national data protection laws in EU member states and other data protection provisions. You can find all our company’s details in our legal notice: https://www.kessel.de/de/Impressum.

 

KESSEL AG is part of the KESSEL group of companies (hereinafter referred to as the “KESSEL Group”), which comprises several independent companies and legal entities. For more information about the current members of the group, please contact our legal department. You may also send a written request for information to the mailbox of the data protection officer.

If you consent to the processing of your personal data, the legal basis will be point (a) of Art. 6 (1) GDPR.

 

If the processing of personal data is necessary for the performance of a contract to which you are party, the legal basis will be point (b) of Art. (1) GDPR. The same applies to any pre-contractual measures.

If the processing of personal data is necessary for us to perform our legal obligations, the legal basis will be point (c) of Art. 6 (1) GDPR.

If data processing is necessary to protect your vital interests or those of another natural person, the legal basis will be point (d) of Art. 6 (1) GDPR.

If your personal data is processed to pursue a legitimate interest of our company or a third party – and this interest is not outweighed by your own interests and fundamental rights and freedoms – the legal basis will be point (f) of Art. 6 (1) GDPR.

 

Your personal data will be processed according to the so-called “legitimacy principle” if you use our website, if processing is necessary to perform a contract or another legal relationship, if you consent to data processing, and if you contact us or vice versa. Your personal data will be shared within the KESSEL Group and with commissioned service providers, partners and other authorised recipients. This particularly applies in the following situations:

 

a) Enquiries from you

If you contact us by email, fax, phone or post, if you use our contact form, chat function or any other means of communication (incl. from external partners), or if you contact us in person (e.g. at trade fairs, events or through our sales force), we will process the personal data you provide (salutation, title, name, company, contact details) for the purpose of processing, documenting and following up on your request on the basis of point (b) of Art. 6 (1) GDPR or point (f) of Art. 6 (1) GDPR.

b) Order processing

We will process the personal data you provide (salutation, title, name, company, address, contact details, transaction data) to process orders (e.g. to perform a contract of sale or to provide services) on the basis of point (b) of Art. 6 (1) GDPR. We will send the necessary information to the companies commissioned to deliver or execute the order, and to banks, insurance companies and service providers commissioned to execute the transaction, adjust claims, run credit checks and check sanctions lists. This also applies to the execution of any pre-contractual measures and post-contractual services and complaints.

c) Newsletters, Job Alert and Press Alert

You will only receive our newsletter, seminar newsletter and Job Alert if you subscribe via the double opt-in method, and you will only receive our Press Alert if you subscribe via the single opt-in method. We will process the personal data you provide (salutation, title, name, company, industry, address, email address, interests) to send you personalised emails and prevent misuse on the basis of point (a) of Art. 6 (1) GDPR. You may withdraw your consent with future effect by clicking on the “unsubscribe” link in each relevant email.

Our service and trade partners will regularly receive emails containing up-to-date information on the business relationship (e.g. product adjustments or organisational changes) on the basis of point (b) of Art. 6 (1) GDPR.

d) Training courses

You may register for a face-to-face seminar, webinar or other (digital) training course by sending us an email or fax, by filling out the registration form on our website, or in text form using other means of communication. We will process the personal data you provide (salutation, title, name, company, address, contact details, transaction data) for the purpose of holding, documenting and following up on the respective training course on the basis of point (b) of Art. 6 (1) GDPR or point (f) of Art. 6 (1) GDPR. We will send the necessary information to our partners involved in the training course (e.g. speakers, hotels or service providers), and to banks and service providers commissioned to execute the transaction and run credit checks.

e) Events and factory visits

You may register for a (digital) event or factory visit by sending us an email or fax, by calling us, by filling out the registration form on our website, by contacting us in person, or by using other means of communication. We will process the personal data provided by you or our event partner / coordinator (salutation, title, name, company, address, contact details, transaction data) for the purpose of holding, documenting and following up on the event on the basis of point (b) of Art. 6 (1) GDPR or point (f) of Art. 6 (1) GDPR. We will send the necessary information to our partners involved in the training course (e.g. speakers, hotels or service providers), and to banks and service providers commissioned to execute the transaction and run credit checks.

f) Trade fairs, exhibitions, roadshows and informative events

You can learn more about our products and services at trade fairs, exhibitions, roadshows, (online) presentations and similar informative events. We will process the personal data you provide (salutation, title, name, company, address, contact details) for the purpose of documenting and processing your enquiries – and following up on each event – on the basis of point (b) of Art. 6 (1) GDPR or point (f) of Art. 6 (1) GDPR.

g) Delivery of event schedule and seminar programmes

We will process the personal data you provide and publicly accessible information (salutation, title, name, company, industry, address) to send you our annual event schedule and annual seminar programme on the basis of point (a) of Art. 6 (1) GDPR, point (b) of Art. 6 (1) GDPR or point (f) of Art. 6 (1) GDPR. Each letter will contain information on how to unsubscribe.

h) Enquiries from us

When carrying out customary property tracking, making appointments, informing you about new contacts via our communication channels and for similar purposes, you may be contacted by us or our commissioned service providers by phone, email, other communication channels or personally. We will process the personal data you provide or have already provided, as well as any publicly accessible information and any data provided by third parties (salutation, title, name, company, address, contact details, position) on the basis of point (b) of Art. 6 (1) GDPR or point (f) of Art. 6 (1) GDPR. This also applies to our surveys that we regularly carry out to ensure high quality standards and increase the satisfaction of our customers and partners. We will send the necessary information to our commissioned partners and service providers.

Use of communication media

If it makes sense to use a video function (e.g. Microsoft Teams) or other communication media in such cases (e.g. to prepare for the deployment of a service technician), you will explicitly agree to the use of the respective means of communication by using the system and, if applicable, by sharing data via the system. In such cases, the legal basis for the processing of your personal data will be point (a) of Art. 6 (1) GDPR.

If you contact us via the online form on our website, our chat function or any other digital means of communication, we will process your personal data on the basis of point (b) of Art. 6 (1) GDPR or point (f) of Art. 6 (1) GDPR.

Disclosure of personal data

Your personal data will be shared within the KESSEL Group and with commissioned service providers, partners and other authorised recipients. We will only ever disclose your personal data to third parties to pursue our relevant legitimate interests, to observe mandatory legal provisions or to comply with a court order. Your personal data will not be sold to third parties for commercial gain.

Retention period

If you have a contractual relationship with KESSEL AG, your personal data will be deleted in accordance with the mandatory deletion requirements, such as those stipulated in the German Commercial Code (HGB) and the German Fiscal Code (AO).

If we process your personal data to respond to your enquiry, contact you or otherwise communicate with you, your data will be deleted at the end of the enquiry, unless we have a legitimate interest in processing or storing the data for longer or you have consented to such.

Validity of the privacy statement

If changes to this privacy statement become necessary due to new legal requirements, changes in our range of products and services, technical developments, changing general conditions or other reasons, we reserve the right to make such changes at any time. The valid version of the privacy statement is the updated one published on our website.

The processing of personal data is sometimes absolutely essential to provide and operate our website and online features. This particularly applies to the following applications:

 

a) Log files

In order to deliver the website, ensure the functionality of certain features, optimise applications and ensure the security of the website, we will process the following personal data on the basis of point (f) of Art. 6 (1) GDPR:

  • Your IP address;
  • The date and time of access;
  • The pages / files accessed;
  • Access log and status;
  • The volume of data transmitted;
  • The referrer URL; and
  • Information on the client / browser used

The log files and their content will be stored for 30 days and then deleted or, if necessary, anonymised, unless such information is required to document or shed light on any misuse or unlawful use of our website that might have become apparent during the retention period. The log files will be analysed for data security purposes.

b) Registering for services and online features

You will need to register and log in to use some of our services and online features (e.g. to place an order in our online store). We will process the personal data you provide (e.g. salutation, title, name, company, industry, address, interests) and any data that is automatically collected by our website (e.g. IP address, user information) on the basis of point (a) of Art. 6 (1) GDPR or point (b) of Art. 6 (1) GDPR. We will send the necessary information to our partners (e.g. software service providers) and to banks and service providers commissioned to execute the transaction and run credit checks.

c) Online store

If you place an order on our online store, we will process your personal data on the basis of point (b) of Art. 6 (1) GDPR. We will send the necessary information to the companies commissioned to deliver or execute the order, and to banks, insurance companies and service providers commissioned to execute the transaction, adjust claims, run credit checks and check sanctions lists. Your requests will be forwarded to the responsible dealers or service partners.

d) External links

Our webpages contain links to websites operated by other providers who are not affiliated with us. If you click on such links, you will be redirected to the websites operated by the other providers. This will be reflected by certain aspects, such as a change in URL. As we have no control over the processing of your personal data from the moment you are redirected, we cannot assume any responsibility in this regard. When clicking on such links, please refer to the privacy statement on the external website for more information.

e) Social plug-ins

Our website features social plug-ins. They are marked with the relevant logo and contain a link to the respective website. If you access a page containing a plug-in on our website, your browser will establish a direct connection to the relevant server. As a result, the social media provider will be informed that you have accessed the page on our website and will be able to match that information to your account if you are logged in. If you do not want the social media provider to collect information about you via our website, you must sign out from your social media account before visiting our website.

f) Facebook

Our website features social plug-ins (“plug-ins”) from Facebook, a social network operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). An overview of Facebook plug-ins and their appearance can be found here https://developers.facebook.com/docs/plugins.

If you access a page containing such a plug-in on our website, your browser will establish a direct connection to the Facebook servers. The content of the plug-in will be sent straight from Facebook to your browser and embedded within the website. This integrated element will inform Facebook that your browser has accessed the relevant page on our website, even if you do not have a Facebook profile or are not logged in to Facebook at the moment. This information (incl. your IP address) will be transmitted straight from your browser to a Facebook server in the USA and stored there.

If you are logged in to Facebook, the social media provider will be able to match your visit to our website straight to your Facebook profile. If you interact with the plug-ins, such as by pressing the “Like” button or leaving a comment, this information will also be transferred straight to a Facebook server and stored there. The information will also be posted on your Facebook profile and shown to your Facebook friends. Please refer to Facebook’s privacy policy for more information as to why and to what extent it collects, processes and uses data, as well as more details on your rights and settings to safeguard your privacy: http://www.facebook.com/policy.php

If you do not want Facebook to match the information collected via our website to your Facebook profile, you must sign out from Facebook before visiting our website. You can also completely prevent Facebook plug-ins from being loaded by installing the following add-ons for your browser:

Mozilla Firefox: https://addons.mozilla.org/de/firefox/addon/facebook-blocker/

Opera: https://addons.opera.com/de/extensions/details/facebook-blocker/?display=en

Chrome: https://chrome.google.com/webstore/detail/facebookblocker/chlhacbfddknadmnmjmkdobipdpjakmc?hl=de

g) Facebook Pixel

If you give your explicit consent via the cookie banner in accordance with point (a) of Art. 6 (1) GDPR, we will use Facebook custom audiences on some of our webpages. A pixel from Facebook Ireland Limited will be integrated on those pages. The pixel will enable Facebook Ireland Limited to collect information about the use of our website (your truncated IP address, cookie ID, pixel ID, usage data, information about your browsing session, the URL of the webpages you visit and the websites you visit after visiting the KESSEL website). This information might be matched to you personally with the help of other information that Facebook Ireland Limited might have stored on you (e.g. if you have a Facebook account). The information collected via the pixel can then be used to display targeted advertising on your Facebook account for our products and services that interest you (retargeting). In addition, the information collected via the pixel may be aggregated by Facebook Ireland Limited, and the aggregated information may then be used by Facebook Ireland Limited for its own advertising purposes or for third-party advertising purposes. For example, Facebook Ireland Limited may be able to analyse information about your surfing habits on our website to ascertain your interests and advertise third-party products. Facebook Ireland Limited may also link the information collected via the pixel to other information that Facebook Ireland Limited has collected on you via other websites and/or in connection with your use of its social network; as a result, Facebook Ireland Limited may create and store a profile about you. This profile may be used for advertising purposes. More information can be found here: https://www.facebook.com/about/privacy/ and https://en-gb.facebook.com/business/a/online-sales/custom-audiences-website

Your Facebook website custom audiences data will be processed by Facebook for no more than 180 days.

h) LinkedIn pixel (convenience and marketing)

Our website uses LinkedIn conversion tracking, a web analysis service provided by the LinkedIn Corporation, on the basis of point (f) of Art. 6 (1) GDPR. LinkedIn conversion tracking uses “cookies”, i.e. text files that are saved on your computer by the LinkedIn Insight Tag, enabling us to analyse how you use our website.

The information collected by the LinkedIn Insight Tag on your use of our website will be encrypted. The cookie will be stored in the LinkedIn member’s browser until it is deleted or expires (the expiry date will be six months after the Insight Tag was last loaded by the member’s browser).

LinkedIn members may opt out of conversion tracking, and they can block and delete cookies and disable demographic characteristics at https://www.linkedin.com/psettings/advertising/. In the LinkedIn settings, you cannot separately opt out of third-party impressions or click tracking for campaigns running on LinkedIn, as all underlying campaigns respect the settings of LinkedIn members.

You can find more information from the third-party provider (LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA) here:

http://www.linkedin.com/legal/privacy-policy; https://www.linkedin.com/help/lms/answer/85787; https://www.linkedin.com/help/linkedin/answer/87150/linkedin-marketinglosungen-und-die-datenschutz-grundverordnung-dsgvo-?lang=de

i) Google Tag Manager

Our website uses Google Tag Manager, a service provided by Google LLC. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). If your habitual place of residence is in the European Economic Area or Switzerland, the controller responsible for your data is Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). This application enables the management of the JavaScript tags and HTML tags used to implement tracking and analytical tools. This form of data processing allows us to optimise our website and make sure it meets the needs of our users. Google Tag Manager itself does not save cookies and is not used to process personal data. However, it enables the activation of other tags that may collect and process personal data. You can find more information on the terms of use and data protection at https://www.google.com/intl/de/tagmanager/use-policy.html.

Other Google features

Our website uses the remarketing or “similar audiences” function provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google“). If your habitual place of residence is in the European Economic Area or Switzerland, the controller responsible for your data is Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). The purpose of the application is to analyse user behaviour and visitor interests. In order to analyse the use of the website, which forms the basis for the creation of targeted advertising, Google uses cookies. The cookies record website visits and anonymised data about the use of the website. They do not save the personal data of website visitors. If you subsequently visit another website in the Google Display network, you will be shown advertising that is highly likely to consider the product and information sections you have previously accessed. Your data may be transferred to the USA on the basis of a valid transfer instrument or on the basis of your consent obtained by Google online. The data processing, particularly the placement of cookies, will be performed with your consent on the basis of point (a) of Art. 6 (1) GDPR. You may withdraw your consent at any time; this will have no bearing on the lawfulness of any data processing carried out before the withdrawal of your consent. You can find more information about Google remarketing and the relevant privacy policy here: https://www.google.com/privacy/ads/

j) Google Fonts

Our website features Google Fonts. Google Fonts is a library of over 800 fonts that Google Inc. makes available to its users free of charge. Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for all Google services in Europe.

You do not have to log in to use Google Fonts and no cookies will be stored in your browser. The files (CSS, Fonts) will be requested from the Google domains fonts.googleapis.com and fonts.gstatic.com. According to Google, requests for CSS and fonts are completely separate from all other Google services. Even if you have a Google account, your Google account data will not be sent to Google. Google will record the use of CSS (Cascading Style Sheets) and specific fonts, and it will store this data securely.

Google Fonts enables us to use fonts on our website without having to upload them to our own server. Google Fonts is an important component to ensure the high quality of our website and speed up loading times. All fonts provided by Google are automatically optimised for the web. This saves data volumes and is a great advantage for use on mobile devices. Thanks to the fast content delivery network (CDN), there are no issues when using Google Fonts across different platforms. Google Fonts supports all major browsers and works reliably on most modern mobile operating systems.

If you visit our website, the fonts will be downloaded from a Google server. This means data will be transmitted to the Google servers. Google will then be able to see that our website is being visited from your IP address. The Google Fonts API (Application Programming Interface) was developed to reduce the use, storage and collection of end user data to the volume required to properly deliver fonts. Whenever a request is submitted via Google Fonts, information will be automatically sent to the Google servers, such as your language settings, IP address, browser version, browser resolution and browser name. It is not clear whether this data will also be stored, as this is not clearly communicated by Google.

Google stores requests for CSS assets for one day on its servers, which are mainly located outside the EU. Google stores font files for one year. Google uses the usage data to determine how well each font is received. Its aim is to significantly improve the loading time of websites.

The data stored by Google for a day or a year cannot simply be deleted. The data will be automatically submitted to Google when you access the website. If you would like your data to be deleted before the deadline, please contact the Google Help Centre:

support.google.com

The only way you can prevent data storage in this case is by not visiting our website.

More information about Google Fonts and other issues can be found here:

developers.google.com/fonts/faq

.

k) Google Maps

Our website uses Google Maps, an external maps service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). This service enables us to ensure the appealing presentation of our website by loading map contents from an external server. The necessary data is typically requested from a Google server in the USA. Whenever you submit such a request, information such as your IP address and the pages you visit on our website will usually be sent to a Google server in the USA and stored there for several months. More information on the handling of user data can be found in Google’s privacy policy: https://www.google.de/intl/de/policies/privacy/

We use Google Maps in the interest of ensuring the appealing presentation of our website. This constitutes our “legitimate interest”, as defined in point (f) of Art. 6 (1) GDPR. You can prevent the use of Google Maps by simply blocking it via the cookie banner. If you do so, your data will not be sent to Google. If you block “convenience and marketing” cookies in the cookie banner but still load a map, you will automatically consent to the placement of cookies by Google Maps.

l) Google Analytics

We use Google Analytics, a web analysis service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). The information generated by these cookies on your use of our website will generally be transferred to a Google server in the USA and stored there. As IP anonymisation is activated on all our webpages, however, Google will truncate your IP address before transferring data within member states of the European Union or the European Economic Area. Your full IP address will only be transmitted to a Google server in the United States and truncated there in exceptional cases. Google will use this information on behalf of the website operator to evaluate your use of the website, compile reports on website activities and provide the website operator with other services related to the use of this website and the Internet. Google will not associate the IP address transmitted from your browser in the course of Google Analytics with any other data held by Google. More information on the handling of user data can be found in Google’s privacy policy: https://www.google.de/intl/de/policies/privacy/

You can adjust your browser settings to prevent the storage of cookies. If you do so, however, please note that you may not be able to fully use all the features of this website. You may also stop the data generated by the cookie on your use of this website (incl. your IP address) from being transferred to Google for processing by downloading and installing the following browser plug-in: http://tools.google.com/dlpage/gaoptout?hl=de

m) Google reCAPTCHA

We sometimes use reCAPTCHA, a service provided by Google Inc., to ensure an adequate level of data security when submitting online forms. This mainly helps us distinguish whether data has been entered by a natural person or improperly by automated processors. As part of the service, we will send your IP address to Google, as well as any other data required by Google to provide the reCAPTCHA service. The data protection provisions of Google Inc. will apply in such cases. More information on the privacy policy of Google Inc. can be found at www.google.de/intl/de/privacy or www.google.com/intl/de/policies/privacy/

n) YouTube

Our website features components from YouTube, a website belonging to Google. The website is operated by YouTube, LLC (901 Cherry Ave., San Bruno, CA 94066, USA).

Whenever you visit one of our webpages featuring a YouTube plug-in, a connection will be established with the YouTube servers. As a result, YouTube will find out which of our webpages you have visited. If you are logged in to a YouTube account, you will enable YouTube to match your surfing habits directly to your personal account. You can prevent this by signing out from your YouTube account.

We use YouTube in the interest of ensuring the appealing presentation of our website. This constitutes our “legitimate interest”, as defined in point (f) of Art. 6 (1) GDPR. You can prevent the use of YouTube by simply blocking it via the cookie banner. If you do so, your data will not be sent to YouTube.

More information on the handling of user data can be found in YouTube’s privacy policy: https://www.google.de/intl/de/policies/privacy

o) OXOMI media portal

We use OXOMI, a web-based application provided by scireum GmbH (“scireum”), to make a media portal with product and marketing information available on our website, which can be accessed without registering or logging in. scireum will not disclose your personal data to third parties or market your metadata. The application is operated on European servers under German data protection law. scireum uses Crashlytics, an analytical tool developed by Fabric, for its mobile applications (e.g. OXOMI Pocket for iPad). Whenever a software problem arises, Crashlytics records the issue and the relevant error environment for further analysis and saves this data for 90 days. scireum uses this data exclusively for troubleshooting purposes. More details are contained in scireum GmbH’s privacy policy: www.scireum.de/scireum/datenschutz

p) DrawBridge

We have integrated DrawBridge on our website; this is a service provided by Gimbal, Inc. to show users targeted advertising. DrawBridge uses cookies and other browser-based technologies to analyse user behaviour and recognise users. DrawBridge collects information about user behaviour on various websites. This information is used to optimise the relevance of our advertising. DrawBridge also provides targeted marketing based on behavioural profiles and geographic location. Your IP address and other identifiers (e.g. your user agent) will be sent to the provider. In such cases, your data will be disclosed to the company that operates DrawBridge: Gimbal, Inc., 8605 Santa Monica Blvd #62545 West Hollywood, CA 90069-4109, USA.

Web tracking technologies are used to create pseudonymised user profiles. These profiles cannot be matched to you as a natural person; they enable market segmentation when displaying advertising. We will use DrawBridge to process data for the purpose of optimising our advertising campaigns and for marketing purposes on the basis of your consent pursuant to point (a) of Art. 6 (1) GDPR.

We have no control over the retention period of the processed data; it will be determined by Gimbal, Inc. You can find more information in DrawBridge’s privacy policy:

gimbal.com/gdpr/

q) Cloudflare

Our website uses Cloudflare, a service provided by Cloudflare, Inc. (101 Townsend St., San Francisco, CA 94107, USA), to make our website faster and safer. Cloudflare uses cookies and processes user data. Cloudflare, Inc. is an American company that provides a content delivery network (CDN) and various security services. A CDN is a network of servers connected via the Internet. Cloudflare has distributed such servers around the world to speed up the delivery of websites.

Cloudflare generally only forwards data controlled by website operators. In other words, the content is not specified by Cloudfare itself, but always by the website operator. Cloudflare may also collect information about the use of our website and may process data that we send or data for which Cloudfare has received specific instructions. Cloudflare usually receives data derived from browser activity, such as contact details, IP addresses, security fingerprints, DNS log data and website performance data. The log data helps Cloudflare to perform certain tasks (e.g. to detect new threats). This allows Cloudflare to ensure a high level of protection for our website. As part of its services, Cloudflare processes this data in accordance with the applicable laws. Cloudflare will mainly store your information in the USA and the European Economic Area. Cloudflare may transfer and access the information described above from around the world. Cloudflare generally stores user-level data for less than 24 hours. You can find more information about data protection at Cloudflare here: https://www.cloudflare.com/de-de/privacypolicy/

r) jQuery / Bootstrap

We use services provided by jQuery CDN and Bootstrap to ensure the fast and smooth delivery of our website on various devices. The services are distributed across the CDN of the software company StackPath (LCC 2012 McKinney Ave. Suite 1100, Dallas, TX 75201, USA). The services use JavaScript libraries to enable the fast delivery of our webpages. The necessary files are loaded by a CDN server. As soon as a connection has been established with the CDN server, your IP address will be recorded and stored. This will not be necessary if the data is already stored in your browser from a previous website visit. StackPath’s privacy policy makes explicit reference to the fact that it uses aggregated and anonymised data from various services (e.g. jQuery or Bootstrap) to increase security and for its own services. However, the data cannot be used to identify you as a person. More information about data protection at StackPath can be found here: https://www.stackpath.com/legal/privacy-statement/; more information about data protection at jQuery is available here: https://openjsf.org/wp-content/uploads/sites/84/2019/11/OpenJS-Foundation-Privacy-Policy-2019-11-15.pdf; and Bootstrap provides more information here: https://www.bootstrapcnd.com/privacy-policy/

s) Hotjar CDN

Our website uses Hotjar, a service provided by Hotjar Limited (Level 2, St Julian’s Business Centre, 3, Elia Zammit Street, St Julian’s STJ 1000, Malta), to statistically evaluate user data so that we can analyse and improve the quality of our website. Hotjar is a service that uses a combination of tools to analyse the behaviour and feedback of users on our website. Hotjar sends us reports and visual presentations to show where and how users navigate our website. All personal data is automatically anonymised and never reaches the Hotjar servers. That means you will not be personally identified as a website user. The following data may be collected by a tracking cookie: your IP address (collected and stored in an anonymised form), screen size, browser information, country, preferred language settings, webpages visited (subpages), and date and time of access to our website. Hotjar does not generally disclose collected data to third parties. However, Hotjar explicitly points out that it is sometimes necessary to share data with Amazon Web Services. If this is the case, some of your information will be saved on Amazon’s servers. However, your data will be stored in an exclusively anonymised form. In addition, Amazon is bound by a confidentiality agreement and will not disclose your data. More details on data protection at Hotjar can be found here: https://www.hotjar.com/legal/policies/privacy?tid=331606641411

t) Adobe Typekit

We use Adobe Typekit for the visual design of our website. Typekit is a service from Adobe Systems Software Ireland Companies (4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland) that grants us access to a font library. In order to integrate the fonts, your browser must establish a connection to an Adobe server in the USA and download the font required for our website. Adobe will then be informed that our website has been accessed from your IP address. We do not receive any personal data through the integration of Adobe Typekit. More information about Adobe Typekit can be found here:

www.adobe.com/de/privacy/policy.html

Our website uses cookies to offer a smooth surfing experience and optimise the use of our webpages. Cookies are small text files that are saved on a user’s device and contain specific user and usage information.

 

All our company’s webpages can only be used if you consent to the cookies that are absolutely essential for the operation of our website. In addition, you may consent to the use of other cookies (e.g. for analysis and marketing purposes). You will be asked to give your consent before using our website for the first time; your consent will serve as the legal basis for the processing of your personal data that is automatically collected on our website (salutation, title, name, company, IP address, user information, etc.) on the basis of point (a) of Art. 6 (1) GDPR.

The table below shows the cookies that are regularly used on our company’s website. Not all cookies are used on each webpage:

Cookie

Description

Expiry

Type

kessel_comfort

This manages the approval of cookies described as “convenience and marketing” in the cookie banner.

1 year

Essential

kessel_necessary

This manages the approval of cookies described as “essential” in the cookie banner.

1 year

Essential

kessel_statistic

This manages the approval of cookies described as “statistical” in the cookie banner.

1 year

Essential

Lidc

This is a Microsoft MSN first-party cookie that ensures the proper functioning of the website.

1 day

Essential

bcookie

This is a Microsoft MSN first-party cookie that enables our website content to be shared on social media.

2 years

Essential

ROUTEID

These cookies are used to make sure users are always directed to the same server.

Session

Essential

fe_typo_user

This cookie name is assigned to the Typo3 web content management system. It is generally used as a user session identifier to allow user settings to be saved, but it might not be necessary in many cases because it can be set by the platform by default; however, this can be prevented by the website administrators. It contains a random identifier instead of specific user data.

Session

Essential

DIE

This cookie contains information about the use of the website by each end user and any advertising that might have been seen by each end user before visiting the website.

2 years

Statistical

IDE

This cookie contains information about the use of the website by each end user and any advertising that might have been seen by each end user before visiting the website.

2 years

Marketing

CONSENT

This cookie contains information about the use of the website by each end user and any advertising that might have been seen by each end user before visiting the website.

Session

Statistical

JSESSIONID

This cookie identifies each user for the duration of a session (until the browser is closed or the cookie is deleted). For example, temporary settings for each user’s preferred view are stored during each session.

Session

Essential

DSID

This cookie is used to record your specific user identity. It contains a unique ID that is hashed / encrypted.

Session

Essential

Anonymus-consents

This cookie stores the consent given by anonymous users.

1 year

Essential

cookieconsent_status

This cookie stores the consent given by anonymous users.

1 month

Essential

Cookie-notification

This cookie stores the consent given by anonymous users.

11 years

Essential

ANID

This cookie is used to collect information as to how our website is used by visitors. We use the information to compile reports and improve our website. The information is collected in an anonymised form.

1 year

Marketing

lang

This cookie is used to save language settings.

Session

Essential

datr

This is a Facebook cookie used to prevent fraud.

2 years

Marketing

c_user

This is a Facebook cookie used to save a unique user ID.

90 days

Marketing

fr

This is a Facebook cookie used to activate ad delivery or retargeting.

3 months

Marketing

_fbp

Facebook
This cookie is used to provide a range of advertising services, such as real-time bidding from third-party providers.

3 months

Marketing

_utmc

Google Analytics
This cookie enables us to track user behaviour and measure the performance of our website.

Session

Statistical

_utmb

Google Analytics
This cookie enables website owners to track user behaviour and measure the performance of their website.

30 minutes

Statistical

_utmz

Google Analytics
This cookie enables website owners to track user behaviour, as measured by the performance of their website. It identifies the source of website traffic, so that Google Analytics can let website owners know where their visitors have been redirected from.

6 months

Statistical

_gid

Google Analytics
This cookie is used to distinguish between users.

1 day

Statistical

_gat

Google Analytics
This cookie is used to monitor the request rate for our company’s servers.

1 minute

Statistical

_utmt

Google Analytics
According to the documents at our disposal, this cookie is used to slow down requests for the service and limit the collection of data on websites with high traffic.

10 minutes

Statistical

_gat_gatg_UA_31480790_24

Google Analytics
This cookie is used to distinguish between the different tracking objects created during a session. The cookie is created when the JavaScript library is loaded and there is no previous version of the _gat cookie. The cookie will be refreshed every time you send data to Google Analytics.

4 minutes

Statistical

_utma

Google Analytics
This cookie records how many times a user has visited a website and collects data on their first and last visit.

2 years

Statistical

PREF

Google
This cookie may be placed by Google or DoubleClick; it can be used by advertising partners to create an interest profile and display relevant advertisements on other websites. It works by uniquely identifying your browser and device.

1 year

Statistical

_utmv

Google Analytics
This cookie enables website owners to track user behaviour and measure the performance of their website.

2 years

Statistical

_ga

Google Analytics
This cookie is used to distinguish between users when collecting information about page views.

2 years

Statistical

NID

This Google cookie is used to create user profiles.

6 months

Marketing

_Secure-3PAPISID; _Secure-3PSID; _Secure-3PSIDCC

Google
These cookies are created by the Google Maps plug-in on our route map. 

Session

Essential

1P_JAR

Google
This cookie is used to optimise our advertising to provide users with relevant advertisements, improve our campaign performance reports or prevent users from seeing the same adverts on several occasions.

1 month

Essential

_hjid

Hotjar
This cookie is placed when a customer lands on a page with the Hotjar script for the first time. It is used to maintain the random user ID that is unique to those webpages in the browser. This ensures that user behaviour is assigned to the same user ID during subsequent visits to the website.

1 year

Statistical

_hjAbsoluteSessionInProgress

Hotjar
This cookie is used to count the number of times a website has been visited by different users; this is done by assigning a random ID to each visitor, so that their visits are not registered twice.

33 minutes

Statistical

_hjIncludedInPageviewSample

Hotjar
This cookie is used to inform Hotjar whether a visitor is included in the data collection defined by the website’s page view limit.

5 minutes

Statistical

_hjTLDTest

Hotjar
When the Hotjar script is run, we try to determine the most general cookie path to use instead of the page hostname. This is done to enable cookies to be shared across subdomains (if applicable). We determine this by trying to save the _hjTLDTest cookie for different URL substring alternatives until it fails. The cookie is removed after this verification process.

Session

Statistical

li_sugr

LinkedIn
This cookie is used by the LinkedIn Insight Tag for the browser identifier.

3 months

Marketing

bscookie

LinkedIn
This cookie is used by the social network provider, LinkedIn, to track the use of embedded services.

2 years

Marketing

_pk_id.38.7bb6

Matomo
This cookie name is associated with Matomo, which is an open-source web analytics platform. It enables website owners to track user behaviour and measure the performance of their website.

1 year

Essential

_pk_ses.38.7bb6

Matomo
This cookie name is associated with Matomo, which is an open-source web analytics platform. It enables website owners to track user behaviour and measure the performance of their website.

30 minutes

Essential

PHPSESSID

This session cookie contains log-in status information and user settings for online stores and websites.

Session

Essential

Sb

This is a Facebook cookie used to save browser details.

2 years

Marketing

Sid

This cookie is used to manage the session status.

1 hour

Essential

UserMatchHistory

This cookie is required to save your log-in details.

1 month

Convenience

VISITOR_INFO1_LIVE

YouTube
This cookie is used to track user preferences for YouTube videos embedded within webpages; it can also be used to determine whether website visitors are using the new or old version of the YouTube interface.

6 months

Marketing

wordpress_test_cookie

This cookie is used on websites created with WordPress. It tests whether cookies are activated in the browser.

Session

Essential

Xs

This is a Facebook cookie used to save a unique session ID.

3 months

Marketing

YSC

YouTube
This cookie is used to track views of embedded videos.

Session

Marketing

acceleratorSecuredGUID

This cookie ensures additional log-in security. It is only placed after the log-in process and is only valid for the duration of the session.

Session

Essential

kessel-de-cart

This cookie enables the contents of the shopping basket to be restored after a session has ended and a visitor has returned to the website. For this purpose, the cookie saves data to be able to recognise each visitor’s device and saves the goods that have been placed in the shopping basket for future sessions.

3 months

Essential

Retention period
Your consent to the use of cookies will be saved until revocation and may be changed with future effect at any time.

Restricting the use of cookies
In your browser settings, you can prevent cookies from tracking your online activities (do not track / tracking protection list) and block the storage of third-party cookies. If you delete all cookies on your devices, you will also delete any opt-out cookies that might have been saved and will then have to opt out again.

Restricting targeted online advertising
You can opt out of targeted online advertising (e.g. based on retargeting) here: https://www.youronlinechoices.com

Any data and documents that you provide as part of your application will be automatically recorded, stored and used by our HR department exclusively for that purpose. The term “personal data” is used to refer to any data that is collected, stored, transmitted and processed in connection with your name. We will only store your personal data within the KESSEL Group for as long as necessary to fulfil the purpose for which it is collected or for as long as necessary to comply with our statutory retention requirements. We will delete your data six months after the vacancy is filled, unless you consent to a longer retention period. We will not disclose the collected data to third parties; in particular, your data will not be sold or rented out.

 

We will secure the personal data you provide by taking the appropriate technical and organisational measures (e.g. data transfers via secure SSL connections), so that your data cannot be accessed by unauthorised third parties. When sending highly sensitive data or information, we will use the post as our preferred means of communication, as complete data security cannot be ensured when communicating simply via email.

 

The personal data you provide will be stored to the extent permitted for the duration of your use of our website or, if information or services are to be provided, in accordance with the GDPR and the new version of the German Data Protection Act (BDSG Neu). Your personal data will be deleted or blocked as soon as it is no longer required for the purpose for which it was originally stored. However, your personal data may be stored beyond this period if this is stipulated by EU Law or national legislation through EU regulations, laws or other provisions that are legally binding for the controller. The data will then be deleted or blocked at the end of the storage period established by such regulations, unless the further storage of the data is necessary for the conclusion or performance of a contract.

If you would like to exercise your rights as a data subject, as described below, please refer to the contact details indicated in this privacy statement. Whenever you submit a request, we will ask you to confirm your identity to ensure your protection by preventing unauthorised access to your personal data. If conflicting legal regulations or documentation obligations prevent us from executing your request, we will provide you with the relevant information.

 


a)    Access and data portability
You have the right to request the full disclosure of the personal data we hold on you and have the data handed over in a structured, commonly used and machine-readable format.


b)    Rectification, restriction and erasure
If your personal data has changed, if the restriction of data processing is legally required or if you no longer consent to data processing, we will rectify your personal data, restrict our processing or erase your personal data at your request, unless such actions are prevented by statutory regulations.


c)    Withdrawal of consent
You may withdraw all or part of your consent with future effect at any time. Any data processing performed on the basis of your consent before you withdraw your consent will remain lawful.


d)    Right to lodge a complaint
You have the right to lodge a complaint about the processing of your personal data with our competent data protection supervisory authority (Bavarian State Office for Data Protection Supervision: www.lda.bayern.de/de/beschwerde.html).

 

Contact

If you have any questions or concerns about our privacy statement or the processing of your personal data, please write to us via email (datenschutz@kessel.de) or contact our data protection officer:

 

Data Business Services GmbH & Co. KG
Nördliche Münchner Str. 47
D-82031 Grünwald
k-dsb@db5.eu

Last updated: December 2020