Data protection at KENSTONE GmbH

Thank you for your interest in our website. The protection of your privacy is very important for KENSTONE. KENSTONE GmbH takes the protection of your personal data very seriously and observes the rules of data protection, in particular the regulations of the EU General Data Protection Regulation (referred to in the following text as GDPR). The following declarations provide you with an overview as to how KENSTONE GmbH ensures this protection and the type of data and for which purpose is gathered, processed or used on the websites.

Gathering, processing and use of personal specific data:

Person-specific data is fundamentally gathered to a level which is technically necessary. In no circumstances will the data gathered to be passed on to 3rd. parties without the consent of the person concerned. You may visit our websites without providing information relating to yourself, with the exception of the information typically transfered by browsers. For each visit to a website the WebServer only saves in an anonymous form for example your IP address in a so-called server log file along with the date, time, of the visit, the type and version of the browser used, the data volume transferred and the URLs visited (access data). This access data is only assessed for the specific purpose of ensuring smooth operation of the site (e.g. ensuring the site is displayed in the correct manner or for maintenance tasks), to guarantee IT security and improve our range of services (legal basis Art. 6 (1) f) of the GDPR). This is to ensure, in the context of a predominantly justified interest, assessment, the correct display and improvement of our range of services. All access data is deleted at the latest 14 days following the end of the visit to the site.

The Commerzbank AG provides hosting and website display services for us for order processing by a third party provider. All data which is gathered in the context of using this website is processed on their servers. Processing on other servers only takes place to the extent described here. The servers are located within Germany.

Person-specific data for the purposes of contract delivery:

We gather personal specific data if you provide this to us in the course of your commissioning or contacting us (e.g. by email). We use the data you provide to us for the delivery of contracts and to process your enquiries. The information is passed on to the unit responsible for your support within KENSTONE GmbH.

Bank secrecy and the confidentiality of the data remain guaranteed. Upon full completion of the contract your data is limited to further processing and then deleted following the expiry of taxation and commercial law storage deadlines insofar as you have not expressly approved further usage of your data (legal basis is Art. 6 (1) a) or b) GDPR).

Data dissemination:

We disseminate personal data regarding clients and commercial relationships if we are legally obliged to do so of if such dissemination is required based on the contractual agreement with the client or if such dissemination is required in order to enforce rights based on the contractual relations with the client or other such agreements or to protect our rights an the rights of our clients and those of third parties (legal basis is Art. 6 (!) c or f) GDPR). It is expressly clarified that in this context no transmission of data for the purposes of third-party benefit for our businesses takes place. In addition we work with service providers who process personal specific data on our behalf based on our instructions.

Encryption of personal specific data:

If your email provider supports Transport Layer Security (TLS), then email communication is encrypted. In addition to internal encryption processes on the part of the Internet provider, KENSTONE GmbH also uses more secure encryption procedures within the banking systems of the Commerzbank AG in order to exclude decoding by unauthorised parties. For security reasons and to protect the transmission of confidential data (e.g. for enquiries) we use an SSL-/TLS-encryption. The encrypted connection can be recognized in that the address line of the browser changes from "http://" to "https://" and a keylock symbol in the URL line of the browser.


In order to provide an attractive display of our website (e.g. optimisation of our website display on your end device) and to make possible the use of certain functions, to show suitable products and for purposes of market research, we use on various pages so-called cookies. Cookies are small text files which are automatically stored on your end device. Some of the cookies we use are then deleted following browser usage, that is to say upon closure of your browser (so-called site-visit cookie). Other cookies remain on your end device and make it possible for us to recognize your browser upon your next visit (persistent cookies). The time period of storage can be seen from the overview in the cookie settings on your web browser. They serve to make our range of services user-friendly, effective and secure. Passwords are automatically removed at the end of your visit.

When you finish your visit by closing your browser the cookies remains stored for a certain period of time and is subsequently overwritten or deleted by the client (e.g. your PC, your tablet). Our cookies do not damage your computer and contain no viruses.

The Internet protocol address (IP) is stored anonymously as are receipt and reading confirmations of emails, email addresses, information about the computer and Internet connections (e.g. browser type and version, operation system and platform) and the complete Uniform Ressource Locators (URL) through and from our website (legal basis is Art. 6 (1) b) and f) GDPR).

Your data protection rights:

You have the right to free information regarding the data stored with us relating to your person and, as applicable, a right to correction, limitation and processing and data dissemination or deletion of this data.

In justified cases and if our processing is based on Art. 6 (1) f) GDPR you can continue to veto the processing of your data. If you have consented to the processing of your personal specific data you can object to this at any time with respect to the future, e.g. by telephone on +49 30 2653 - 2069 or online at

Contact partner for data protection:

To exercise your rights or in the event of questions regarding the gathering, processing or usage of your personal specific data please refer to us through the contact details listed above or directly to our data protection officer:

Data protection officer of KENSTONE GmbH

Commerzbank AG

GS-OS Physical Security & Data Protection

Hafenstrasse 51 (DLZ 5) 18. Floor

D-60327 Frankfurt am Main

You still have the right to complain to the data protection authority responsible for you or us (for KENSTONE GmbH this is the data protection supervisory authority of the Federal State of Hesse).

Status of this data protection declaration: 25.05.2018