Language
Contact

Information

Here you will find detailed information on the subject of data protection, our imprint and our terms of use.

Data protection

Data protection information

Thank you for your interest in our website. Protecting your privacy is very important to Kenstone. When visiting our online shop, we process your personal data (all the information which relates to an identified or identifiable natural person) so far as this is allowed on the basis of legal provisions or your consent. This privacy statement provides you with information on how your personal data is processed (hereinafter referred to as “data processing” or “processing”). 

Contents

A. Data controller
B. Contact details of the Date Protection Officer
C. Operation and hosting of our website
D. Overview of our processes
E. Use of our website
F. Communication
G. Your other rights as a data subject
H. Data security

 

A. Data controller

The controller for data collected on this website is:

KENSTONE GmbH
Helfmann-Park 5
65760 Eschborn, Germany
Tel.: +49 30 2653 2069
Fax: +49 30 2653 2073
E-Mail: info@kenstone.de

 

B. Contact details of our Data Protection Officer

You can reach our Data Protection Officer at:

Data Protection Officer, KENSTONE GmbH
Commerzbank AG
GS-OS Physical Security & Data Protection 
Mainzer Landstr. 151 
60327 Frankfurt am Main, Germany

E-Mail: datenschutzbeauftragter@kenstone.de

 

C. Operation and hosting of our website

Our website is operated in our name and on our behalf (article 28 GDPR) by a service provider which carries out all of our data processing connected to the use of our website. This data processing is executed on the servers of a hosting service provider which connects the website to the internet on our behalf. Both service providers are based in Germany.

 

D. Overview of our data processing

We process data in the following contexts:

  • When our website is accessed and browsed (“Use of our website”), we process data from and on your device which could partly enable identification of yourself (details on this under E. below);
  • Finally, we process your data when you get in contact with us (“Communication”) by sending us a message using our contact form or using any other means of communication we have made available (details on this under F. below)

 

E. Use of our website

During every visit to our website, we process certain personal data from and partly also on your computer/device. This processing can be divided into the following categories:

  • logging of your visit/use of functional cookies (details on this under I. below);
  • website usage analysis with Google Analytics (details on this under II. below).

 

I. Logging of your visit/use of functional cookies

1. General information on data processing

Whenever our website is visited or a file from our website is downloaded, the following protocol data is automatically processed by us:

  • host name of your computer/device (IP address);
  • date and time of the visit/download;
  • the pages accessed;
  • the name of the downloaded file, if appropriate;
  • type of browser used;
  • operating system of your device;
  • the website from which you have visited us.

We also use functional cookies for the operation of our website. These are small text files which are saved by us on your computer/device. Firstly, there are what are known as session cookies which are only applied during the period of your visit to our website. Secondly, what are known as persistent cookies are used. These stay on your computer/device for longer. Both types of cookies have an alphanumeric string of characters which, in the case of persistent cookies, enable the recognition of your browser when you visit our website again.

 

2. Scope and purpose of the processing

Data is processed by us for the following purposes:

  • to identify and prevent attacks on our website;
  • to determine whether your internet browser supports cookies;
  • to prevent pop-ups being shown to you repeatedly;
  • to display the selected language on our website and
  • to show you the version of our website for your selected supplier country.

 

3. Data transfers/recipients

The recipients of your data are the technical operator and hosting service provider of our website (see under C. above)

 

4. Period for which data is stored

Data is stored for the following period of time:

  • Protocol data: until the purpose is realised, a maximum of three months;
  • Session cookies: until you leave our website;
  • Persistent cookies: a year.

 

5. Legal basis

Processing is carried out on the basis of our interest in the functionality and security of our website. In our consideration, this legitimate interest does not run counter to any overriding interests or fundamental rights and freedoms of data subjects (article 6, paragraph 1, f GDPR). 

 

6. Right to object

You have the right to object,  on grounds relating to your particular situation, at any time to such processing. We will then no longer process this data for these purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if processing serves for the establishment, exercise or defence of legal claims. You can send your objection to us using the contact details provided above under A. Alternatively, you can control whether or which type of cookies can be applied under the settings of your internet browser. If you do not accept the use of functional cookies, this can lead to limitations in the functionality of our website.

 

II. Website usage analysis with Google Analytics

1. General information on processing

We use Google Analytics, a web analytics service offered by Google Ireland Limited (“Google”).Google uses cookies. These are text files which are saved on your computer/device and enable analysis of your use of our website. The following information is processed:

  • type of browser;
  • operating system;
  • last website visited;
  • host name of your computer/device (shortened IP address);
  • time that the request is received by our server.

 

2. Scope and purpose of data processing

Google processes the information collected by cookies on our behalf in order to evaluate your use of our website, compile reports on website activity and provide us with other services associated with website usage and internet usage. We do not process data with which you could be identified. Notably, the cookies used do not contain usernames (user ID). The shortened IP address received from your browser as part of Google Analytics will not be merged with other data from Google.

 

3. Data transfers/recipients

The information generated by the cookies about your use of our website will be transferred to Google Ireland Limited and usually also to an associated Google LLC server in the USA and will be stored there. Through the deactivation of the user-ID function and the activation of IP anonymisation (shortening of the IP address to the last octet), the data can no longer be connected with you or your computer/device.

Google LLC is certified under what is known as the EU-US Privacy Shield. As the result of a Decision of the European Commission, personal data can be transferred to companies that have been certified accordingly on account of an appropriate level of data protection.

 

4. Period for which data is stored

The data processed will be stored for a period of 14 months and then deleted by Google.

 

5. Legal basis for processing

Data processing is carried out on the basis of our interest in the statistical evaluation of the use and, by extension, the efficiency of our website. In our consideration, this legitimate interest does not run counter to any overriding interests or fundamental rights and freedoms of data subjects (article 6, paragraph 1, f GDPR). On request, we can provide you with more information on our balance of interests.

 

6. Right to object

You have the right to object , on grounds relating to your particular situation, at any time to such processing. We will then no longer process this data for these purposes unless we can  demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if processing serves for the establishment, exercise or defence of legal claims. You can prevent the collection of the data created by the cookie and related to your use of the website as well as the processing of this information by Google if you download and install the browser plug in available from the following link: http://tools.google.com/dlpage/gaoptout?hl=en-GB. Alternatively, or when browsing on mobile devices, you can also click here to prevent Google Analytics from collecting data on this website in the future (the opt-out function only works in the browser and only for this domain). In doing so, an opt-out cookie will be dropped on to your device. If you delete your cookies in this browser, you will need to click on this link again. Finally, there is the option to prevent the use of cookies in your browser settings. If you do not accept the use of functional cookies, this can lead to limitations in the functionality of our website.

 

III. Displaying location on Google Maps

1. General information on data processing

On our website, we have integrated the map service Google Maps API from Google Ireland Limited (Google). When the “Locations” subpage is accessed, Google will receive the following information:

  • your IP address;
  • accessing the subpage with the integrated map service;
  • date and time of the request;
  • time zone difference from Greenwich Mean Time (GMT);
  • content of the request (exact page);
  • access status/HTTP status code;
  • respective volume of data transferred;
  • website from which the request has been received;
  • type of browser;
  • operating system and its interface;
  • language and version of the browser software.

2. Scope and purpose of data processing

Data processing is carried out so that you can find our locations in the integrated map from Google Maps.

If you have a Google user account and are logged in, further personal data of yours could be processed. This depends on the relevant agreement you have made with Google. You can find more information on the scope and purpose of data processing by Google and about your rights here.

3. Data transfer/recipients

Your data will be transferred to Google Ireland Limited, Gordon House, Barrow StreetDublin 4, Ireland, and usually also to a server of the associated company Google LLC  in the USA.

Google LLC is certified under what is known as the EU-US Privacy Shield. As the result of a Decision of the European Commission, personal data can be transferred to companies that have been certified accordingly on account of an appropriate level of data protection.

4. Period for which data is stored

The data processed will be stored by Google until the purpose has been realised and will then be deleted. You can find more information on how data is stored by Google in the Privacy Policy of Google Ireland Limited.

5. Legal basis for processing

Data processing is carried out in order to take steps at your request prior to entering into a contract (article 6, paragraph 1 b GDPR). In addition, our processing is based on our legitimate interest to enable you to instantly search for our location on our website. In our consideration, this legitimate interest does not run counter to any overriding interests or fundamental rights and freedoms of data subjects (article 6, paragraph 1 f GDPR).

6. Right to object

You have the right to object, on grounds relating to your particular situation, at any time to such processing. We will then no longer process this data for these purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if processing serves to the establishment, exercise or defence of legal claims. You can also prevent data transfer to Google yourself by not accessing the “Locations” subpage on our website or by deactivating JavaScript in your browser settings.  

 

F. Communication 

I. Making contact

1. General information on processing

You can contact us using the contact details provided under section A above or by using our contact form. We will then process the data you share with us in your message including your exact concern, your e-mail address for enquiries via e-mail, your postal address for letters, your telephone number for phone calls and your name, e-mail address and telephone number when you use our contact form.

 

2. Scope and purpose of the processing

We process your data in order to handle your enquiry and make contact with you for the purpose of answering it.

 

3. Data transfers/recipients

The recipients of your data are the technical operator and hosting service provider of our website (see under C. above)

 

4. Period for which data is stored

We store your data until we have answered your enquiry. We store business letters for six years in accordance with our commercial obligation to retain data. 

 

5. Legal basis for processing

Processing is carried out on the legal basis of taking steps prior to entering into a contract or for the performance of a contract (article 6, paragraph 1 b GDPR). As far it does not concern precontractual or contractual matters, the legal basis is our legitimate interest in the processing of your request. We assume that none of your overriding interests or fundamental rights and freedoms run counter to this (article 6, paragraph 1, f GDPR). On request, we can provide you with more information on our balance of interests.

 

6. Right to object

You have the right to object, on grounds relating to your particular situation, at any time to such processing. We will then no longer process this data for these purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if processing serves to the establishment, exercise or defence of legal claims. You can send your objection to us using the contact details provided above under A. 

 

G. Your additional rights as a data subject

In relation to your personal data and alongside the rights already mentioned in the context of the data processing, you also have the following rights:

  • Right of access: You can request information from us about the personal data which we have processed regarding you. You can find details on the scope of your right to access under article 15, GDPR and section 34 FDPA (2018).
  • Right to rectification: You can request from us rectification of incorrect and completion of incomplete personal data. You can find details on the scope of your right to rectification under article 16, GDPR.
  • Right to erasure: Under certain conditions, you can request that we delete your personal data. You can find details on the scope of your right to erasure under article 17, GDPR.
  • Right to restriction: Under certain conditions, you can request for the processing of your personal data to be restricted. You can find details on the scope of your right to restriction under article 18, GDPR.
  • Right to data portability: Under certain conditions, you can request that we send the personal data you have made available to us to you or another controller in a common, machine-readable format. You can find details on the scope of your right to data portability under article 20, GDPR.
  • Right to withdraw consent: As far as we are required to ask for your consent to process your personal data, you have the right to withdraw this consent at any time with effect for the future. You can find further details on your right to withdraw consent under article 7, paragraph 3, GDPR.
  • Right to lodge a complaint with a supervisory authority: You can also lodge a complaint with a supervisory authority. You can find details on the scope of your right to lodge a complaint under article 77, GDPR.

 

H. Data security

If your e-mail provider supports “Transport Layer Security” (TLS), then e-mail communication will be encrypted. For security reasons and to protect the transmission of confidential data (for example, for enquiries), we use SSL or TLS encryption. You will recognise the encrypted connection because the address line of your browser will change from “http://” to “https://” and to a padlock symbol in the URL line of your browser.


In addition, we also carry out further technical and organisational security measures in order to prevent the loss, destruction and misuse of data.