Privacy Policy of KyooBe Tech GmbH
Welcome to our website and thank you for your interest in our company. We take the protection of your personal data very seriously. We process your data in accordance with applicable personal data protection legislation, in particular the GDPR and our country-specific implementation laws, which provide comprehensive information about the processing of your personal data by KyooBe Tech GmbH and your rights.
Personal data is any information that makes it possible to identify a natural person. This includes, in particular, your name, date of birth, address, telephone number, email address and IP address. Anonymous data means, that no personal reference to the individual/user can be made.
Responsible body and data protection officer
Company address: KyooBe Tech GmbH
Max-Lang-Straße 56/1
70771 Leinfelden-Echterdingen
Company’s contact information: Phone: +49 711 252 785 01
E-Mail: your-input@kyoobe.tech
Contact info of the data protection officer: dsb.b-s@bausch-stroebel.de
Your rights as a data subject
We would first like to notify you of your rights as a data subject. These rights are set out in Articles 15 – 22 GDPR, and include:
- The right of access (Art. 15 GDPR),
- The right to rectification (Art. 16 GDPR),
- The right to data portability (Art. 20 GDPR),
- The right to object to data processing (Art. 21 GDPR),
- The right to erasure / right to be forgotten (Art. 17 GDPR),
- The right to restriction of data processing (Art. 18 GDPR).
To exercise these rights, please contact: dsb.b-s@bausch-stroebel.de. The same applies if you have any questions regarding data processing in our company or when you withdraw your consent. You also have a right of appeal to the relevant data protection supervisory authority.
Right to object
Please note the following with respect to your right to object:
If we process your personal data for the purpose of direct marketing, you have the right to object to this data processing at any time without providing the reasons for such objection. This also applies to profiling insofar as it is associated with direct marketing.
|
Purposes and legal bases of data processing
The processing of your personal data complies with the provisions of the GDPR and all other applicable data protection regulations. Legal bases for data processing arise in particular from Art. 6 GDPR.
We use your data to initiate business, to fulfil contractual and legal obligations, to conduct the contractual relationship, to offer products and services and to consolidate customer relationships, which may include marketing and direct marketing.
Your consent also constitutes a legal basis for data processing. In this respect, we will inform you of the purposes of data processing and the right to withdraw your consent. If the consent also relates to the processing of special categories of personal data, we will explicitly notify you in the consent process.
Processing of special categories of personal data within the meaning of Art. 9 Para. 1 GDPR may only take place where necessary on the grounds of legal regulations and there is no reason to assume that your legitimate interests should prevail to the exclusion of processing such data.
Data transfers / Disclosure to third parties
We will only transmit your data to third parties within the scope of given statutory provisions or based on consent. In all other cases, information will not be transferred to third parties unless we are obliged to do so owing to mandatory legal regulations (disclosure to external bodies, including the supervisory authorities or law enforcement authorities).
Data recipients / categories of recipients
In our organisation, we ensure that only individuals who are required to process the relevant data to fulfil their contractual and legal obligations are authorised to handle personal data.
In many cases, service providers assist our specialist departments to fulfil their tasks. The necessary data protection contract has been concluded with all service providers.
Transfers of personal data to third countries
A transfer of data to third countries (outside the European Union or the European Economic Area) shall only take place if required by law, if necessary for the conclusion or performance of a contract concluded or if you have provided your consent for such a transfer.
If we transfer your personal data to service providers or group companies outside the European Economic Area, we take all possible and necessary measures in accordance with Art. 44 et seqq. GDPR to establish a level of data protection in the third country.
Period of data storage
We store your data for as long as such is required for the relevant processing purposes. Please note that numerous retention statutory periods require that data must be stored for a specific period of time. This relates in particular to retention obligations for commercial or fiscal purposes (e.g. commercial code, tax code, etc.). The data will be routinely deleted after use unless a further period of retention is required.
We may also retain data if you have given us your permission to do so, or in the event of any legal disputes and we use the evidence within the statutory limitation period, which may be up to 30 years; the standard limitation period is 3 years.
Secure transfer of data
We implement the appropriate technical and organisational security measures to ensure the optimal protection of the data stored by us against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. The security levels are continuously reviewed in collaboration with security experts and adapted to new security standards.
The data exchange to and from our website is encrypted. We provide https as a transfer protocol for our website, and always use the current encryption protocols. You can recognize an encrypted connection in your browser’s address line when it changes from „http://“ to „https://“ and the lock icon is displayed in your browser’s address bar. If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
Moreover, it is also possible to use alternative communication channels (e.g. surface mail).
Obligation to provide data
A range of personal data is required to establish, implement and terminate the obligation and the fulfilment of the relevant contractual and legal obligations. The same applies to the use of our website and the various functions we provide.
We have summarised the relevant details in the above point. In some cases, legal regulations require data to be collected or made available. Please note that it will not be possible to process your request or execute the underlying contractual obligation without this information.
Data categories, sources and origin of data
The data we process is defined by the relevant context: it depends on whether, for example, you place an order online, enter a request on our contact form or if you want to send us an application or submit a complaint.
Please note that we may also provide information at specific points for specific processing situations separately where appropriate, e.g. when uploading application documents or when making a contact request.
We collect and process the following data when you visit our website:
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
For reasons of technical security (in particular to safeguard against attempts to attack of our web server), this data is stored in accordance with Article 6 Para. 1 lit. f GDPR. Anonymisation takes place no later than after seven days by abbreviating the IP address so that no reference is made to the user.
We collect and process the following data as part of a contact request:
- Last name, first name
- Contact information (e-mail)
- Your comment or message
Contact form / Contact via email (Article 6 Para. 1 lit a, b GDPR)
A contact form is available on our website which can be used to contact us electronically. If you write to us using the contact form, we will process the data you submitted in the contact form to respond to your queries and requests.
In doing so, we respect the principle of data minimisation and data avoidance, such that you only have to provide the information we require to contact you, which is your email address and the message field itself. Your IP address will also be processed for technical reasons and for legal protection. All other data is voluntary, and additional fields are optional (e.g. to provide a more detailed response to your questions).
If you contact us by email, we will process the personal information provided in the email solely for the purpose of processing your request.
Marketing purposes (Article 6 Para. 1 lit. f GDPR)
KyooBe Tech GmbH is keen to nurture the customer relationship with you and to send you information and offers about our product / services. We therefore process your data to send you the relevant information and offers via email.
You may object to the use of your personal data for the purpose of direct marketing at any time; this also applies to profiling insofar as it is associated with direct marketing. If you object, we will cease processing your personal information for this purpose.
You can withdraw your consent at any time free of charge and informally without stating the reasons for such and should be addressed to +49 711 252 785 01, sent via email to your-input@kyoobe.tech or via surface mail to KyooBe Tech GmbH, Max-Lang-Straße 56/1, 70771 Leinfelden-Echterdingen. |
Cookies (Art. 6 Para. 1 lit. a, f GDPR, Section 25 Para. 1, 2 TTDSG – The German Federal Law on Data Protection and the Protection of Privacy in Telecommunications and Telemedia)
On our website, we are using so-called cookies. Cookies use to make our content more user-friendly, effective and secure. Cookies are small text-files which are stored (locally) in your devices´ browser. Cookies are containing pseudonymous data only, in most cases even only anonymous data. Some cookies are persisting for a single browsing session (so-called session-cookies), others are active for a longer period of time (so-called persistent cookies, such as e.g. the ones used to save consent-settings). The latter kind of cookies is subject to auto-deletion after its pre-set expiration (usually 6 months). Besides our own cookies, we are also making use of cookies controlled by third parties. These may use the information contained in the cookies to, e.g. show you content or to track the sites you have visited.
Based on our legitimate interest (Art. 6 Para 1 lit a GDPR), we are using technically required cookies, which are mandatory to operate the website as such and to operate it technically perfect. Additionally, and again without your consent, we use cookies which´s sole purpose is to store or access information for transmitting messages or to offer services you expressly request, Section 25 II TTDSG.
With your consent, further cookies may be used, which enable us respectively third parties to analyze how our services are used. So, we can design our content according to our users´ preferences. Additionally, we may measure a single ad´s effectiveness and to place it according to the users´ interest in certain themes. The legal basis, here, is your express consent (Art. 6 Para 1 lit a GDPR, Section 25 Para 1 TTDSG).
You may revoke your consent anytime and with effect for the future, as well as you may change your cookie-settings via our consent-banner. Please remember, that all changes must be made per device.
Should you have accounts with the third party providers of ours and be logged into these while sufing our website, your data may be linked to your respective account. Such linking may be prevented by refusing to consent into the use of the respective cookies, to withdraw such consent if previously declared or by logging off the respective accounts before surfing our website.
Most browsers accept cookies automatically. However, you may deactivate, restrict or delete cookies manually by your browsers´ settings or software-based. Should cookies be deactivated, our website may eventually not be used anymore or to a limited extent, only.
The use of cookies which are not purely functional (Art. 6 Para. 1 lit. a / Art. 6 Para. 1 lit f GDPR).
The following tools and services are currently used on our website:
Google Analytics
We use the Google Analytics tool provided by Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland on our website. This tool enables us to analyse how you use our website.
To do so, the following information is stored:
- IP adress
- Usage data
- Click path
- App updates
- Browser information
- Device information
- JavaScript support
- Visited sites
- Referrer URL
- Downloads
- Flash version
- Location information
- Purchasing activity
- Widget interactions
- Date and time of visit
The legal basis for the processing of your personal data is your consent in accordance with Art. 6 Para. 1 lit a GDPR. You may revoke your consent at any time here. The purpose of processing your personal data by the Google Analytics service is to analyse the interaction of our website visitors with our website. By analysing the data collected, we can optimise our offerings and improve user-friendliness. We delete or anonymise data collected with Google Analytics as soon as they are no longer required for our purposes. This will be the case after 26 months.
This service can forward the data to another country. Please note that this service can transfer data outside of the European Union / European Economic Area to a third country, which does not offer a suitable level of data protection. If transferred to the USA, there is a risk that your data will be processed by US authorities for purposes of control and surveillance. In this case, you may not be entitled to legal recourse. However, we take all possible and necessary measures in accordance with Art. 44 et seqq. GDPR to establish a level of data protection in the third country.
Google Maps
On our website, we use Google Maps (API) provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter “Google”). To guarantee data protection, Google Maps is disabled when you first enter our website. A direct connection to the Google servers is not established until you activate Google Maps yourself (Consent according to Art. 6 Para. 1 lit a GDPR). You may revoke your consent at any time here. In this way, your data is not immediately transferred to Google as soon as you enter the site.
Google Maps will store your IP address once it has been activated. After that, the IP address will then generally be transferred to and stored in a Google server located in the USA.
As data are being transferred to a third country, there is a risk that your data will be processed by US authorities for purposes of control and surveillance. In this case, you may not be entitled to legal recourse. However, we take all possible and necessary measures in accordance with Art. 44 et seqq. GDPR to establish a level of data protection in the third country.
Further information on the handling of user data can be found in Google’s Privacy Policy: https://www.google.de/intl/de/policies/privacy/.
YouTube
The embedding of YouTube content is carried out using a technical process called framing. Framing describes the process of inserting a YouTube HTML link into a website’s code to create a frame on the third-party site, which enables the video stored on YouTube servers to be played.
We use the framing codes generated by YouTube in privacy-enhanced mode. According to the information provided by YouTube, cookie activity and the resulting data collection are only linked to the playback of the video itself. Data collection from simply using a website with framed content is therefore prohibited.
In order to play YouTube content, we need your consent (Art. 6 Para. 1 lit a GDPR), which you can give (if you have not already done so within the scope of your cookie selection) via the button in the respective section of the video. By clicking on the Play-Button, you consent to your IP address being transferred to YouTube (YouTube, LLC 901 Cherry Ave. San Bruno, CA 94066 USA) and to the provider saving a cooking in your browser. For your convenience, your consent is valid for 30 days and saved in a local storage object, which we store in your browser. You may revoke your consent at any time here.
Social plugins
You’ll find Links to social media services from LinkedIn on our website. Links to the webpages of this social media providers are recognisable by the respective company logo. When you click on the links, you will be forwarded to our page on the social media platform. Clicking on these links creates a connection to the social media providers’ servers, which then receive the information that you have visited our website. Additional data are also transferred to the social media service, for example:
- Address of the website where the activated link is located
- Date and time of your visit to the website or link activation
- Information about the browser and operating system used
- IP address
If you are already logged in to the social media site at the time the link is activated, the provider may be able to determine your user name and possibly even your real name from the data transferred and assign this information to your personal user account. To prevent this from happening, please make sure you are logged out of your account.
The social media providers’ servers are located in the USA and other countries outside of the European Union. For this reason, data can also be processed by the social media provider in countries outside of the European Union. Please be aware that business in these countries are not subject to the same strict levels of data protection as those who are member states of the European Union.
Please also be aware that we have no influence on the scope, type and purpose of data processing carried out by social media providers. Further information about the use of your data by the social media platforms embedded on our website can be found in the Privacy Policy of the respective social media provider:
- LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland)
Social media presence
We currently have a presence on the social media platform LinkedIn to communicate with registered customers and interested parties and inform them of our offers.
Please be aware that using these platforms and their functions is at your own risk. This is especially the case when using interactive functions such as commenting, sharing and leaving reviews.
We also wish to inform you that your data may be processed outside of the European Union.
Your data may additionally be processed for market research and marketing reasons, meaning, for example, that a user profile may be created based on your usage and interests. As a result, advertising both on and external to the platforms may be activated, which supposedly correspond to your interests. In order for this to happen, cookies are usually saved on your computer. Independently, data that is not collected directly from your end devices may also be stored in the user profiles (especially if you are member of a platform and are logged in).
Moreover, we, as the provider of this information service, collect and process no further data from your use of our services.
The processing of your personal data is based on our legitimate interest in effectively informing and communicating with our users in accordance with Art. 6 Para. 1 lit f GDPR. If a provider asks for your consent to data processing (e.g. by ticking a box or by clicking “confirm”), then processing is lawful in accordance with Art. 6 Para. 1 lit a and Art. 7 GDPR.
Opt-Out
If you are a member of a social network and do not want your personal data to be collected through our website and linked to your membership data on the respective network, you must:
- sign-out of the network before visiting our website,
- delete cookies stored on your device and
- re-start your browser.
After logging in again, you will once again be recognised by the network as a specific user.
For more detailed information on how data is processed and how you can opt out, please visit the pages of the respective providers listed below.
If you would like to request information or exercise your rights as a user, this can be done most effectively directly with the providers themselves as only they have direct access to user data and can therefore take appropriate action and provide information. If you do have any problems, you can of course contact us.
LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland) – Privacy policy https://www.linkedin.com/legal/privacy-policy ,
Opt out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
Online offers for children
Persons under the age of 16 may not submit personal data to us or give a declaration of consent without the authorisation of their legal guardian. We encourage parents and guardians to actively participate in the online activities and interests of their children.
External links
In instances where we set links from our website to third-party content, simply naming or linking to such content does not make it our own and we cannot accept liability for it. Exceptions to this only apply where expressly noted in the immediate context of a specific link. Any liability in connection with such content is confined to damages resulting from deliberate intent or gross negligence. In instances of minor negligence, we may only be held liable if damages occur in the context of key contractual duties („cardinal duties“). Other mandatory statutory liability provisions remain unaffected.
Copyright
All the content on this website – in particular, text, graphics and photographic images – is protected by copyright. The rights to the photographs, graphics and other visual material used on this website are held either by us or by third parties who are named as the rights holders. You may only download, duplicate or distribute content from this website when expressly permitted to do so (as is the case with newsletters or brochures, for example). Any other use of copyrighted content is prohibited without the prior consent of the rights holder.
Any content on this website not produced by the site operator respects the copyright of the content’s creator. Such third-party content is marked accordingly. If you nonetheless notice a copyright infringement, we request that you inform us. We will promptly remove any content that is in breach of the law.
Automated decisions in individual cases
We do not use purely automated processing to make decisions.