Privacy policy

Table of contents:

1. General
2. Responsible body for data processing
3. Type, scope, purposes and legal basis of the processing of your data
3.1. Visiting our internet pages (server log files)
3.2. Contact via the contact form
3.3. Contact by e-mail, telephone or fax
3.4. Processing of personal data for other contract fulfilments or for the implementation of necessary pre-contractual measures, which take place at your request
3.5 Processing of supplier data and data of other service providers
3.6. Direct advertising
3.7. Applicant data
3.8. Disclosure of your data to third parties
4. Other functions of our website
4.1. Cookies
4.2. Cookie Consent Manager (CCM19)
5. Use of tools and content from third parties
5.1. Google Analytics 4
5.2. Google Maps
6. Storage and deletion periods for personal data
7. Your rights as a data subject
8. Right to object
9. Right to revoke consent
10. Automated decisions in individual cases including profiling
11. Data security
12. Changes of purpose
13. Questions / comments

This privacy policy has been translated from German, where inconsistencies occur, the
German version will have precedence.

 

1. General

With this privacy policy we inform you about which personal data we process in connection with our services and when you use our website www.keo-connectivity.de and for what purpose we use this data.
You can access this information at any time at www.keo-connectivity.de/en/privacy-policy.
The protection of your personal data is very important to us. We process data in accordance with the applicable statutory data protection provisions, in particular in accordance with the European General Data Protection Regulation (hereinafter referred to as: GDPR) as well as the country-specific data protection provisions.

 

2. Responsible body for data processing

As the provider of our internet services, we are the data controller. You can reach us at the contact details given below:
KEO GmbH
Deutz-Mülheimer-Str. 183
51063 Cologne
E-Mai: info(at)keo-connectivity.de
T +49 221 670 282 – 0
F +49 221 670 282 – 99
If you have any questions or suggestions regarding data protection, please do not hesitate to contact us by e-mail at info(at)keo-connectivity.de.
You can reach our data protection officer as follows: Name: Lawyer Rainer Robbel, e-mail: dsb(at)rarobbel.de

 

3. Type, scope, purposes and legal basis of the processing of your data

Personal data will only be processed if this is permitted by law, for example to process enquiries, to fulfil a contract, if there is a legitimate interest or if you consent to the processing of your personal data.
In the following, we inform you about the type, scope, purposes and legal basis of the processing of your personal data:

 

3.1. Visiting our internet pages (server log files)

In the case of mere informational use of the website, i.e. if you do not register or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server:
• Browser type and version
• Operating system used
• Referrer URL (website from which the visitor came to the current website or file)
• Host name of the accessing computer
• Time of the server request
• IP address
The data collected is only used for statistical evaluations and to improve the website. However, we reserve the right to check the server log files retrospectively if there are concrete indications of illegal use.
The aforementioned data will be processed separately from all personal data that you provide to us when visiting our website and/or using a service and will not be combined under any circumstances.
This data processing described above has its legal basis in Article 6 (1) sentence 1 lit. b GDPR for the implementation of necessary pre-contractual measures, which are carried out at your request in order to enable you to use the internet pages you have accessed. Insofar as the above data is processed for security against unlawful cyber attacks, or in order to exercise, assert or defend legal claims, this is done on the legal basis of Art. 6 para. 1 sentence 1 lit. f of the GDPR. Our legitimate interest for this data processing lies in the evaluation of the data to improve our internet offer, to exercise, assert or defend legal claims if necessary and to protect our systems from illegal cyber attacks.
Reference is made to the right to object in accordance with section 8 of this privacy policy.

 

3.2. Contact via the contact form

If you send us enquiries via the contact form, your details from the enquiry form, including the contact details you provide there, will be stored for the purpose of processing the enquiry and to answer follow-up questions. We do not pass on this data without your consent.
The processing of this data is based on Art. 6 (1) lit. b GDPR if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in effective processing of enquiries (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested.
The data you enter in the contact form will remain with us until you request to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after processing your enquiry has been completed). Mandatory legal provisions – in particular retention periods – remain unaffected.

 

3.3. Contact by e-mail, telephone or fax

When you contact us by e-mail, telephone or fax, the data you provide (your e-mail address; your name and telephone or fax number, if applicable; your request) will be stored in order to answer your questions.
The processing of this data is based on Art. 6 (1) lit. b GDPR if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in effective processing of enquiries (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR) if this has been requested; the consent can be revoked at any time.
The data you send to us via contact requests will remain with us until you request to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after processing your enquiry has been completed). Mandatory legal provisions – in particular retention periods – remain unaffected.

 

3.4. Processing of personal data for other contract fulfilments

or for the implementation of necessary pre-contractual measures, which take place at your request
If you wish to use our services and products, we process your personal data for the above purposes on the legal basis of Article 6 (1) sentence 1 lit. b GDPR in order to fulfil a contract or to carry out necessary pre-contractual measures which take place at your request.
The following categories of data are processed or may be processed:
• Master data (e.g. names and addresses),
• Contact details (e.g. email addresses and telephone numbers),
• Contractual data (e.g. services used, content of the contract, contractual communication, names of contact persons),
• Payment data (e.g. bank details, payment history).
The purpose of processing your personal data is therefore, for example, to process enquiries or to provide a requested service. Without the provision of personal data, we cannot process your enquiry and/or conclude the contract and provide the services offered.
In some cases, the provision of personal data when concluding contracts (e.g. for invoices) is required by law due to tax and/or commercial regulations. In this case, the legal basis for the processing is Art. 6 para. 1 lit. c GDPR.

 

3.5. Processing of supplier data and data of other service providers

Insofar as we process the data of suppliers and other contractual partners (hereinafter uniformly referred to as “contractual partners”), the following shall apply:
The data processed in each case, the type, scope, purpose and necessity of their processing are determined by the underlying contractual relationship or the pre-contractual relationship. The following categories of data are processed or may be processed:
• Master data (e.g. names and addresses),
• Contact details (e.g. email addresses and telephone numbers),
• Contractual data (e.g. services used, contents of the contract, contractual communication, names of contact persons),
• Payment data (e.g. bank details, payment history).
The processing of data from suppliers and other service providers is carried out on the basis of Art. 6 para. 1 sentence 1 lit. b GDPR in order to fulfil contractual or pre-contractual obligations towards our contractual partners and to provide the services owed. Insofar as we process the data for the purposes of administration, organisation of our operations, financial accounting and compliance with legal obligations (e.g. archiving), the processing bases are Art. 6 para. 1 sentence 1 lit. c and lit. f GDPR. After weighing up the interests, data processing may also be carried out beyond the actual fulfilment of the contract in order to protect the legitimate interests of us or third parties (Art. 6 para. 1 sentence 1 lit. f GDPR).

 

3.6. Direct advertising

Your name and address may also be processed for an unlimited period of time for our own postal advertising purposes on the legal basis of Article 6 (1) sentence 1 lit. f GDPR, whereby our legitimate interest lies in direct postal advertising for our own services.
Reference is made to the right to object in accordance with section 8 of this privacy policy.

 

3.7. Applicant data

We only process applicant data for the purpose of and within the scope of the application procedure in accordance with the legal requirements. Applicant data is processed in order to fulfil our (pre-)contractual obligations within the scope of the application procedure within the meaning of Art. 6 (1) sentence 1 lit. b GDPR and Art. 6 (1) sentence 1 lit. f GDPR if data processing becomes necessary, e.g. within the scope of legal proceedings.
The application procedure requires applicants to provide applicant data. The necessary applicant data results from the job descriptions. In principle, this includes personal details, postal and contact addresses and the documents belonging to the application, such as cover letter, CV and certificates. In addition, applicants can voluntarily provide additional information.
Insofar as special categories of personal data within the meaning of Art. 9 (1) GDPR are voluntarily provided within the scope of the application procedure, their processing is additionally carried out in accordance with Art. 9 (2) lit. b GDPR (e.g. health data, such as severely disabled status or ethnic origin). Insofar as special categories of personal data within the meaning of Art. 9 (1) GDPR are requested from applicants as part of the application process, their processing is additionally carried out in accordance with Art. 9 (2) a GDPR (e.g. health data if this is necessary for the exercise of the profession).
If applicants send us their applications by e-mail, please note that e-mails are generally not sent in encrypted form and applicants themselves must ensure that they are encrypted. Therefore, we cannot assume any responsibility for the transmission route of the application between the sender and the reception on our server. Instead of applying by e-mail, applicants have the more secure option of sending us their application by post.
The data provided by applicants may, in the event of a successful application, be further processed by us for the purposes of the employment relationship. Otherwise, if the application for a vacancy is unsuccessful, the applicants’ data will be deleted. Applicants’ data will also be deleted if an application is revoked, which applicants are entitled to do at any time.

 

3.8. Disclosure of your data to third parties

In principle, your personal data will only be passed on without your consent in the following cases:
• If it is necessary to clarify illegal use of our services or for legal prosecution, personal data will be forwarded to the law enforcement authorities and, if necessary, to injured third parties. However, this only happens if there are concrete indications of unlawful or abusive behaviour. A transfer may also take place if this serves to enforce terms of use or other agreements. We are also legally obliged to provide information to certain public authorities upon request. These are criminal prosecution agencies, authorities that prosecute administrative offences subject to fines and the tax authorities.
The disclosure of this data is based on our legitimate interest in combating abuse, prosecuting criminal offences and securing, asserting and enforcing claims and that your rights and interests in the protection of your personal data are not overridden, Art. 6 para. 1 p. 1 lit. f GDPR.
• We also transmit personal data to third parties if this is necessary within the framework of the contract processing, for example to a payment service provider commissioned with the payment processing.
The basis for the data processing is Art. 6 para. 1 sentence 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
• We rely on contracted third-party companies and external service providers (“processors”) to provide our services. In such cases, personal data will be disclosed to these processors to enable them to continue processing. These processors are carefully selected and regularly reviewed by us to ensure that your privacy is protected. The processors may only use the data for the purposes specified by us and are also contractually obliged by us to treat your data exclusively in accordance with this privacy policy and the German data protection laws.
We currently have the following processors:
• Google LLC, USA
• Atlassian Corporation, USA
• Protego 24 ITS GmbH, Germany

 

4. Other functions of our website

 

4.1. Cookies

Our internet pages use so-called “cookies”. Cookies are small data packets and do not cause any damage to your end device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your end device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or until they are automatically deleted by your web browser. In some cases, cookies from third-party companies may also be stored on your terminal device when you enter our site (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. obtaining and managing consent). Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the display of maps or videos). Other cookies are used to evaluate user behaviour or display advertising. Cookies that are necessary to carry out the electronic communication process, to provide certain functions you have requested (e.g. for the shopping cart function) or to optimise the website (e.g. cookies to measure the web audience) are stored on the basis of Art. 6 para. 1 lit. f GDPR (necessary cookies), unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies for the technically error-free and optimised provision of services. If consent to the storage of cookies and comparable recognition technologies has been requested, the processing is carried out exclusively on the basis of this consent (Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG); the consent can be revoked at any time. You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited. Insofar as cookies are used by third-party companies or for analysis purposes, we will inform you separately about this within the framework of this privacy policy and, if necessary, request your consent.

 

4.2. Cookie Consent Manager (CCM19)

Our website uses the cookie consent tool from CCM19 Cookie to obtain your consent to the storage of certain cookies in your browser and to document this in a data protection compliant manner. The provider of this technology is Papoo Software & Media GmbH – Dr. Carsten Euwens. Bornschein, Auguststr. 4, 53229 Bonn (hereinafter CCM19). CCM19 is a tool with which we can obtain and manage the consent of our website visitors required for the use of third-party services in a data protection compliant manner.
When you enter our website, a cookie of this tool is stored in your browser, in which the consents you have given or the revocation of these consents are stored. This data is not shared with CCM19.
In doing so, a CCM19 cookie, which is stored in your browser, records and documents the consent you have given or the revocation of this consent. This data is not passed on to CCM19. The data collected will be stored until you delete the CCM19 cookie or the purpose for storing the data no longer applies. Mandatory legal retention periods remain unaffected.
You can access the CCM19 Cookie Consent Manager via the cookie icon at the bottom left of the website at any time to check and update your settings.
Details on CCM19 data processing can be found at https://www.ccm19.de/datenschutzerklaerung.html.

 

5. Use of tools and content from third parties

We use the following services of the provider “Google”. The company’s registered office and address are, insofar as you have your usual place of residence in the European Economic Area or Switzerland: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The address of the parent company is: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
The website with further information on Google’s marketing services can be reached at https://marketingplatform.google.com. The privacy policy can be found at https://policies.google.com/privacy. Alternatively, you can visit the Network Advertising Initiative (NAI) website at http://www.networkadvertising.org.
All processing described below, in particular the setting of cookies on the terminal device used, only takes place if you have given us your explicit consent for this via the Cookie Consent Tool CCM19 in accordance with Art. 6 para. 1 lit. a GDPR.
With your consent, you also agree to a possible transfer of your personal data to the USA and any further processing in the USA.
The European Commission adopted the adequacy decision for the EU-U.S. Data Privacy Framework (successor to the “Privacy Shield”) on 10.7.2023. With this new adequacy decision, personal data from the EU to the U.S. can flow again with immediate effect, without the need for further guarantees and safeguards or additional measures. However, this only applies if the organisation to which they are transferred is also certified under the EU-U.S. Data Privacy Framework. Google LLC and all of its U.S.-based subsidiaries are certified under the EU-U.S. Data Privacy Framework (for more information see: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active).
You can prevent the use of Google advertising features in various ways:
a) by a corresponding setting of your browser software;
b) via the Google ad settings on https://www.google.com/ads/preferences/?hl=de;
c) by means of a corresponding cookie setting or
d) by deactivating it on the Network Advertising Initiative (NAI) website at http://www.networkadvertising.org.
We would like to point out that in this case you may not be able to use all the functions of this website to their full extent.

 

5.1. Google Analytics 4

This website uses Google Analytics 4, a web analytics service provided by Google, which enables an analysis of your use of our website.
By default, Google Analytics sets 4 cookies when you visit the website, which are stored as small text modules on your end device and collect certain information. The scope of this information also includes your IP address. We have activated IP anonymisation so that your IP address is shortened by Google in the EU and EEA before transmission so that no other conclusions can be drawn about the person. Only this anonymised IP address is transmitted to Google.
Google uses the information collected to evaluate your use of our website, compile reports on website activity and provide other services relating to website activity and internet usage. The IP address transmitted and shortened by your browser as part of Google Analytics will not be merged with other Google data. The data collected in the context of the use of Google Analytics 4 will be stored for a period of two months and is then deleted.
The legal basis for the processing of your personal data by Google is consent pursuant to Art. 6 para. 1 lit. a GDPR.
Without your consent, Google Analytics 4 will not be used during your visit to the site. You can revoke your consent at any time with effect for the future. To exercise your right to revoke, please deactivate this service via the Cookie Consent Tool CCM19 provided on the website.
We have concluded an order processing agreement with Google, which ensures the protection of our site visitors’ data and prohibits unauthorised disclosure to third parties.
Further legal information on Google Analytics 4 can be found at https://policies.google.com/privacy?hl=de&gl=de and at https://policies.google.com/technologies/partner-sites.
Google Analytics 4 uses the special “demographic characteristics” function and can use this to create statistics that make statements about age, gender and interests of site visitors. This is done by analysing advertising and information from third-party providers. This allows target groups to be identified for marketing activities. However, the collected data cannot be assigned to a specific person and is deleted after being stored for a period of two months.

 

5.2. Google Maps

We use the map service Google Maps (API) on our website.
To use the functions of Google Maps, it is necessary to save your IP address. This information is usually transferred to a Google server in the USA and is stored there. The provider of this site has no influence on this data transmission. If Google Maps is activated, Google may use Google Fonts for the purpose of uniform display of fonts. When you call up Google Maps, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.
The legal basis for the processing of your personal data by Google is consent pursuant to Art. 6 para. 1 lit. a GDPR.
You can revoke your consent with effect for the future at any time. To exercise your right to revoke, please deactivate this service via the Cookie Consent Tool CCM19 provided on the website.

 

6. Storage and deletion periods for personal data

As a matter of principle, your personal data processed by us will be routinely deleted or blocked when the processing purpose for your respective personal data has ceased, unless you have consented to a permanent storage of your personal data.
If individual data must be retained after the processing purposes have ceased due to statutory retention periods (e.g. retention requirements under tax and commercial law), the deletion shall be replaced by the blocking of the data. The data to be retained may then be processed exclusively for the aforementioned purposes on the legal basis of Article 6 (1) sentence 1 lit. c GDPR.

 

7. Your rights as a data subject

You have the rights described below at any time:
• Right of confirmation and access to personal data processed in accordance with Article 15 of the GDPR
• Right to rectify your personal data in accordance with Article 16 of the GDPR
• Right to erasure of your personal data (“right to be forgotten”) pursuant to Article 17 GDPR
• Right to restrict the processing of your personal data pursuant to Article 18 GDPR
• Right to data portability of your personal data pursuant to Article 20 GDPR
You also have the right to complain to a data protection supervisory authority about our processing of your personal data.
Please send us your request to the contact details provided in section 2 of this privacy policy.

 

8. Right to object

Insofar as we base the processing of your personal data on the balance of interests, you can object to the processing. This is the case if the processing is in particular not necessary for the performance of a contract with you, which is shown in each case in the following description of the functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data in the way we have done. In the event of your objection, we will review the situation and either discontinue or adapt the data processing or show you our compelling legitimate grounds on the basis of which we will continue the processing.
Of course, you can object to the processing of your personal data for the purposes of advertising and data analysis at any time.
If you wish to exercise your right to object, it is sufficient to send an informal message to the contact details stated above under point 2.

 

9. Right to revoke consent

If you have given your consent to the processing of your data, you may revoke this consent at any time. Such a revocation affects the permissibility of the processing of your personal data after you have expressed it to us. The permissibility of the processing of your data up to the time of your revocation remains unaffected.
If you wish to make use of your right to revoke, an informal message to the contact details mentioned above under point 2 is sufficient.
Consents that you have given us via the Cookie Consent Tool CCM19 can be reviewed, updated and revoked at any time via the cookie icon at the bottom left of the website.

 

10. Automated decisions in individual cases including profiling

We do not use automated decision-making – including profiling in accordance with Article 22(1) and (4) of the GDPR.

 

11. Data security

We use technical and organisational security measures to protect the processing of personal data, in particular against accidental or intentional manipulation, loss, destruction or against attacks by unauthorised persons. Our security measures are continuously improved in line with technological developments.

 

12.Changes of purpose

Processing of your personal data for purposes other than those described above will only take place if permitted by law or if you have consented to the changed purpose of the data processing. In the event of further processing for purposes other than those for which the data was originally collected, we will inform you of these other purposes prior to further processing and provide you with all other relevant information.

 

13. Questions / Remarks

If you have any questions or comments about this privacy policy or about data protection in general, please contact us using the contact details provided in section 2 of this privacy policy.
Status of the privacy policy: 25.08.2023