Data Protection

 

We are pleased about your visit to our website https://kilnteck.com and the associated interest in our company. With the aim of offering you the greatest possible degree of transparency, we will inform you below about the type, scope and purpose of the collection, processing and use of personal data that arise when using our website. The General Data Protection Regulation (hereinafter referred to as “GDPR”) can be accessed here as a complete document.

 

Contents 

1. Definitions of terms 

2. Responsible party according to Article 4 No. 7 GDPR 

3. data protection officer

4. Lawfulness of processing

5. Data retention and deletion policy 

6. Transfer of personal data 

7. Collection of personal data 

7.1 Exclusive informational use of our website 

7.2 Contact via email 

8. Hosting

9. Cookies

10. Matomo

11. Your Rights 

12. Right of objection 

13. Data Protection

 

1. Definitions of terms 

The following terms that we use in our data protection declaration are defined within Art. 4 of the GDPR. This is only an excerpt from Art. 4 of the GDPR. All definitions can be found in the GDPR (available here).

Personal Data (Art. 4 No. 1 GDPR)
Personal data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing (Art. 4 No. 2 GDPR)
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Pseudonymisation (Art. 4 No. 5 GDPR)
Pseudonymization means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

Controller (Art. 4 No. 7 GDPR)

Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

Processor (Art. 4 No. 8 GDPR)

Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Third party (Art. 4 No. 10 GDPR)

third party means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

Consent (Art. 4 No. 11 GDPR)

Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

Enterprise (Art. 4 No. 18 GDPR)

Enterprise means a natural or legal person engaged in an economic activity, irrespective of its legal form, including partnerships or associations regularly engaged in an economic activity.

 

2. Responsible party according to Article 4 No. 7 GDPR

KILNTECK GmbH Spaces Square One

Leopold-Unger-Platz 2/1/, PLZ 1190

Vienna, Austria

E-Mail: info@kilnteck.com  

You can access our complete imprint here:

Imprint

3. Data protection officer

Elisa Drescher, Mag. iur.

SCALELINE LTD

Apostolou Pavlou 16

8046 Paphos, Cyprus

You can reach our data protection officer at the following e-mail address: elisa.drescher@scaleline-ltd.com 

 

4. Lawfulness of processing

For each processing described in our privacy policy, we will inform you of the relevant legal basis on which the processing is carried out. We distinguish between the following groups of cases in which processing is lawful:

  • the data subject has given consent to the processing of his or her personal data for one or more specific purposes (Art. 6 Para. 1 C. 1 Letter a GDPR).

  • processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (Art. 6 Para. 1 C. 1 Letter b GDPR).

  • processing is necessary for compliance with a legal obligation to which the controller is subject (Art. 6 Para. 1 C. 1 Letter c GDPR).

  • processing is necessary in order to protect the vital interests of the data subject or of another natural person (Art. 6 Para. 1 C. Letter d GDPR).

  • processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller (Art. 6 Para. 1 C. 1 Letter e GDPR). processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child (Art. 6 Para. 1 C. 1 Letter f GDPR).

 

5. Data retention and deletion policy

Within the processing described in our data protection policy, we will inform you of the corresponding storage period or the times of deletion or blocking of data. If no explicit storage period is defined, the data will be deleted or blocked as soon as the purpose or legal basis for the storage no longer exists. Data may be stored beyond the defined periods if legal regulations to which we are subject (e.g. § 147 AO, § 247 HGB) stipulate a different storage period. Following the storage period, the personal data will be deleted or blocked unless further storage is required by us on a legal basis. Furthermore, storage beyond the specified period is possible in the event of a (possible) legal dispute with you or other legal proceedings.

 

6. Transfer of personal data

If your personal data is passed on, you will be informed accordingly at the relevant Letter in our data protection declaration. If your personal data is transferred outside the European Economic Area and thus to so-called third countries, you will be informed accordingly at the relevant Letter in our data protection declaration. As a matter of principle, we only transfer personal data to third countries where the EU Commission has confirmed an adequate level of protection or where we can guarantee the careful handling of personal data on the basis of contractual agreements or other suitable guarantees.

 

7. Collection of personal data

In the following, we will inform you about the collection of personal data (such as name, e-mail address, address or user behaviour).

 

7.1 Exclusive informational use of our website

If you do not register on our website (for example in the form of a newsletter) or transmit data to us in any other way (for example by using a contact form), only that personal data is collected which is transmitted to our server by your browser. This is data that is technically necessary for us to provide you with the website for viewing while ensuring a secure and stable display. This is the following information, which is derived from a log file line:

  • Internet protocol address (IP address)

  • Time and date of the respective access

  • Time zone difference to Greenwich Mean Time (GMT)

  • The specific page accessed

  • Status of the access / Hypertext Transfer Protocol (http)

  • Amount of data transferred in each case

  • Website from which our website was accessed (referrer URL)

  • Internet browser used (incl. language and version)

  • Operating system used

 

The legal basis for the collection of the listed data results from Art. 6 Para. 1 (1) Letter f GDPR. We have a legitimate interest in ensuring an error-free connection and comfortable use of our website, as well as analysing system stability and security and using the data for further administrative purposes.

 

7.2 Contact via email

If you contact us via the e-mail address in Section 2 or other e-mail addresses of our company that are published on our website, your e-mail address and other contact data contained in your e-mail (e.g. your name or your telephone number) stored by us in order to process your request. This data will be deleted immediately as soon as further storage is no longer necessary. If there are legal retention periods for the data, instead of deleting the data, the processing will be restricted accordingly. Depending on the reason for sending the e-mail, the legal basis for processing the data is Article 6 Paragraph 1 Clause 1 Letter b GDPR or Article 6 Paragraph 1 Clause 1 Letter f GDPR, i.e. it occurs either for Processing of the contract concluded with you and to fulfill our (pre)contractual obligations or is based on our legitimate interest in contacting those interested in our service.

 

8. Hosting

Our website is hosted by the company SiteGround Spain S.L., Calle de Prim 19, 28004 Madrid (hereinafter referred to as “SiteGround”), Imprint: https://de.siteground.com/viewtos/impressum?lang=de_DE. When you access our website, the personal data mentioned in this data protection declaration is transmitted to SiteGround for purely informational use of the website. For this purpose, we have concluded a corresponding contract for order processing with the company SiteGround. SiteGround’s privacy policy can be accessed here: https://de.siteground.com/privacy.htm. The server location used by us is in Germany.

 

9. Cookies

We use cookies on our website. Cookies are small, browser-specific text files that are stored on your hard drive. Through this, the body that sets the respective cookie receives certain information, whereby, however, neither programmes can be executed nor viruses can be transmitted. Cookies are divided into the following classes:

  • First, there is a distinction according to who set the respective cookie (website operators in the form of first-party cookies or third parties in the form of third-party cookies). 

  • Then there is a distinction with regard to the duration of storage. 

  • There are transient cookies that are automatically deleted when the browser is closed, which mainly concerns so-called session cookies that store a session ID. With these session cookies, your computer is recognised if you call up our website again within a session with the same browser. When you close the browser or log out, these temporary cookies are deleted. 

  • In addition, there are so-called persistent cookies, which are stored for a longer period of time (up to two years). However, the period until deletion differs from cookie to cookie. You can delete these cookies manually at any time via the settings of your browser.

  • Another group is formed by the so-called flash cookies. This is a Flash player-bound cookie that stores the technical data required for the playback of video or audio content (e.g. picture quality or network speed). Normally, there is no automatic expiry date here and the cookies store the required data independently of the browser used. Some browsers (e.g. Firefox) offer the option of deleting Flash cookies together with the other cookies.

  • Furthermore, a distinction is made between cookies based on their function, which is most relevant from a data protection perspective.

  • Technical (essential) cookies are cookies that are necessary to perform basic functions of the website (e.g. saving a product that has been placed in the shopping cart). 

  • Performance cookies collect information about the use of the website and any errors that occur. This is anonymous information that is used to improve the website.

  • Advertising cookies or targeting cookies make it possible to display adapted advertising (also from third parties) to the user of the website and to determine the effectiveness of this advertising.

  • Sharing cookies connect the website to other services (e.g. social media presences).

 

We only use automated technical cookies and thus cookies that are essential for the operation of our website on the basis of our legitimate interest within the meaning of Art. 6 (1) sentence 1 letter f GDPR in order to effectively design and continuously improve our website. 

 

We would like to point out that you can prevent the storage of cookies at any time by setting your browser accordingly. We have compiled further information in this context with regard to the most popular browsers below, but we would like to point out that this may restrict the functionality of our website. 

 

Mozilla Firefox: https://support.mozilla.org/de/kb/verbesserter-schutz-aktivitatenverfolgung-desktop 

Microsoft Edge: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies

Google Chrome: https://support.google.com/chrome/answer/95647

Opera: https://help.opera.com/de/latest/web-preferences/#cookies

Safari: https://support.apple.com/de-de/guide/safari/sfri11471/mac 

Specifically, the following essential cookie is set on our website:

Cookie name: pll_language

Duration of storage: 1 year

Purpose: Set by WordPress to store the website user’s language preference.

 

10. Matomo

We use the web analysis tool “Matomo” (https://matomo.org/). Matomo is an open source tool maintained by the company “InnoCraft Ltd”, 150 Willis St, 6011 Wellington, New Zealand, https://www.innocraft.com/ (hereinafter referred to as “InnoCraft”) (InnoCraft Ltd was founded by the developers of Matomo). Matomo’s privacy policy can be found here: https://matomo.org/privacy-policy/. Matomo does not use cookies, but only a so-called digital fingerprint (a hash value, i.e. a combination of characters from which the original data cannot be derived, is created by various technical data such as the browser used), which is changed every 24 hours. We use Matomo on the basis of our legitimate interest according to Art. 6 para. 1 p. 1 letter f GDPR to optimise our website and operate it economically. We use a self-hosting variant of Matomo so that your data is stored within the EU.

 

You can object to data processing at any time here:

You may choose to prevent this website from aggregating and analyzing the actions you take here. Doing so will protect your privacy, but will also prevent the owner from learning from your actions and creating a better experience for you and other users.

11. Your Rights

Below we explain your rights under the GDPR. You can access the GDPR as a complete document here.

 

Right of access by the data subject under Art. 15 Para. 1 GDPR

The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information: the purposes of the processing; the categories of personal data concerned; the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations; where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period; the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing; the right to lodge a complaint with a supervisory authority; where the personal data are not collected from the data subject, any available information as to their source; the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

Right to rectification under Art. 16 GDPR

The data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

Right to erasure (‘right to be forgotten’) under Art. 17 Para. 1 GDPR

You have the right to request that we delete the personal data concerning you immediately. According to Art. 17 Para. 3 GDPR, however, this right does not exist if the processing is carried out to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest in the area of public health, for archiving purposes in the public interest or is required to assert, exercise or defend legal claims.

Right to restriction of processing under Art. 18 Para. 1 GDPR

The data subject shall have the right to obtain from the controller restriction of processing where one of the following applies: the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data; the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead; the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims; the data subject has objected to processing pursuant to Article 21(1) pending the verification whether the legitimate grounds of the controller override those of the data subject.

Right to data portability under Art. 20 GDPR

The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where: the processing is based on consent pursuant to Letter (a) of Article 6(1) or Letter (a) of Article 9(2) or on a contract pursuant to Letter (b) of Article 6(1); and the processing is carried out by automated means.

Right to withdraw given consent under to Art. 7 Para. 3 GDPR

The data subject shall have the right to withdraw his or her consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Prior to giving consent, the data subject shall be informed thereof. It shall be as easy to withdraw as to give consent.

Right to lodge a complaint under Art. 77 GDPR

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of personal data concerning you infringes the GDPR. As a rule, you can contact the supervisory authority of your usual place of residence, your place of work or the place of the alleged infringement. For more information, please visit the website of the Austrian Data Protection Authority.

12. Data processing in the context of application procedures

For the purpose of receiving and managing the application and thus for the purpose of (possibly) establishing an employment relationship, you may send us your application documents by e-mail.

The legal basis for this data processing is Art. 6 para. 1 lit. b) DSGVO. As part of the application process, we only collect the data from you that is required to establish the employment relationship with us.

Within our company, only those persons who are involved in the decision-making process will have access to your personal data.

In the event of a successful application, your personal data will be stored for the duration of your employment relationship. In addition, after its termination, your tax-relevant data will be archived within the framework of the statutory retention periods. In the event of an unsuccessful application, your personal data will be deleted 7 months after the rejection.

 

13. Right of objection

In addition to the aforementioned rights, you also have the right to object at any time with future effect to the processing of your personal data which is conducted on the basis of the performance of a task carried out in the public interest or in the exercise of official authority (Art. 6 (1) Clause 1 Letter e GDPR) or for the protection of legitimate interests on our part (Art. 6 (1) Clause 1 Letter f GDPR), provided that there are grounds for doing so which arise from your particular situation. In the event of an objection, no further processing of the personal data will be carried out unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. In the case of processing of your personal data for the purpose of direct marketing or profiling, where there is a link to direct marketing, you have a general right to object without having to provide grounds based on your particular situation. In the event of an objection, we will immediately cease processing the personal data for these purposes.  To exercise your right of revocation or objection, simply send an email to:  info@kilnteck.com 

 

14. Data Protection

The encryption and communication protocol TLS 1.3 (Transport Layer Security) is used on our website. With the TLS certificate we use and issued by a certification authority, we enable encrypted data exchange between the web browser and web server, which means that sensitive data cannot be read by third parties. We use the process with the highest level of encryption that your browser supports, which is usually 256-bit encryption. The higher the number of bits, the longer the key and the better the protection against third parties.

15. Data protection information for our social media presences

We operate the following social media presences:
Twitter:https://twitter.com/kilnteck
LinkedIn: https://www.linkedin.com/company/kilnteck/about/?viewAsMember=true

Data processing by us:

1. Maintaining the above-mentioned social media pages and placing ads (“advertisements”)
The personal data entered on social media pages, such as comments, videos, images, likes, public messages, etc. are published by the respective social media platform. We reserve the right to delete content if necessary. We may share content on our site and contact you via the social media platform, for example via the messengers offered. In addition, we regularly place advertisements (“ads”) via our social media pages. The legal basis for this data processing is the legitimate interest pursuant to Art. 6 para. 1 lit. f) GDPR, which is in the interest of our public relations and communication.

2. Page Insights
The social media platforms provide anonymized statistics and insights that help us gain insights into the types of actions people take on our site (so-called “Page Insights”). These page insights are created on the basis of certain information about people who have visited our site.

The legal basis for this data processing is our legitimate interest pursuant to Art. 6 para. 1 lit. f) GDPR, which is based on obtaining information about the actions and visitors to our pages .

This processing of personal data is carried out by the social media platform and us as so-called joint controllers in accordance with Article 26 GDPR. In the case of joint responsibility, a separate agreement must be concluded.

Twitter: https://gdpr.twitter.com/en/inbound-controller-dpa.html
LinkedIn: https://legal.linkedin.com/pages-joint-controller-addendum


If you wish to object to certain data processing over which we have an influence (e.g. deletion of comments), please contact the contact details above.

Note: The provision of your data is neither legally nor contractually required or required for the conclusion of a contract. You are not obliged to provide your personal data. The consequence of non-provision is that you do not communicate with us via our social media pages, interact oder am Gewinnspiel teilnehmen können. Zur Kontaktaufnahme nutzen Sie dann bitte die oben genannte E-Mail-Adresse.

Data processing by the operator of the social media platform:
In addition to us, there is also the operator of the social media platforms themselves. From a data protection point of view, this is also regarded as another controller who carries out his own data processing. This means that the operator is also a separate responsible body according to the GDPR. However, we have only limited influence on the data processing by the operator. At the points where we can exert influence (e.g. through parameterization), we work within the scope of our possibilities towards the data protection-compliant handling by the operator of the social media platform. In many places, however, we cannot influence the data processing by the operator of the social media platform and do not know exactly what data it processes. The respective operator informs you about the processing of personal data in its own data protection declaration:

LinkedIn: https://de.linkedin.com/legal/privacy-policy
Twitter: https://twitter.com/de/privacy

As part of the use of the platform, your personal data is usually also processed by the respective platform operator on servers in third countries, in particular in the USA and the United Kingdom. Certain third countries are certified by the European Commission as having a so-called adequacy decision. This means that the legal situation for the protection of privacy in these countries is comparable to that in the EU .dem or EEA. Further information on the current countries with adequacy decisions can be found here. In all other cases, we conclude so-called standard contractual clauses with the platform operators for the transfer of personal data to third countries.

Note: The operator of the social media platform uses web tracking methods. Web tracking can also take place regardless of whether you are logged in or registered with the social media platform. As already shown, we can hardly influence the web tracking methods of the social media platform. For example, we cannot turn it off. Please be aware of this: It cannot be ruled out that the provider of the social media platform uses your profile and behavioral data, for example to describe your habits or personal relationships and preferences, etc. Evaluate. We have no influence on the processing of your data by the provider of the social media platform.

No automated decision-making
Automatic decision-making or profiling does not take place by us.

Provision
Unless otherwise stated, the provision of personal data is neither legally nor contractually required or required for the conclusion of a contract. The non-provision of personal data may result in us, e.g. cannot communicate with you through our social media accounts.

This privacy policy has been prepared in cooperation with the consulting firm SCALELINE . The legal texts are subject to copyright.

This data protection declaration was created individually for this website by Frame for Business GmbH in cooperation with the law firm Dr. Schultheiss created.

Spaces Square One
Leopold-Unger-Platz 2, PLZ 1190
Vienna, Austria

Products

Socials