Data Protection Regulations

Date: May 2018

1.           General aspects

Protecting your personal data is something we take very seriously. We treat your personal data confidentially and in compliance with statutory data protection regulations.

This Privacy Notice informs you about how your personal data are processed when you use the https://www.kps.de/en/ (hereinafter the ‘website’).

The controller within the meaning of the General Data Protection Regulation (‘GDPR’), as far as the processing of personal data in connection with the website is concerned, is KPS Programme Schulenberg GmbH & Co. KG, Contrescarpe 75A, 28195 Bremen, Germany, (hereinafter ‘KPS’, ‘we’, ‘us’).

In the following, we tell which data we collect and for what purposes when you use our website, how we use those data, and what your rights are in that respect.

Please note that the website may contain links to the websites of other providers, over which we have no control and to which this Privacy Notice does not apply.

2.           Processing of your data

As a basic principle, we process your personal data only to the extent necessary to provide a functioning website, our content and our services.

a)           Visiting the website

aa)
You may, in principle, visit our website without communicating any personal data to us. As is common practice on most websites, our systems automatically log every access to and retrieval of information from our website and store these log data temporarily in a log file. The data thus stored include the following in particular:

  • the IP address of the computer submitting the enquiry,
  • the name and URL of the file retrieved,
  • the date and time of access,
  • the access status/HTTP status code,
  • the volume of data transferred in each case,
  • the identification data of the browser being used.

bb)
These data are associated with persons who cannot be identified by us. Nor are any personal user profiles generated (but please note the following statements concerning ‘analytics’). The aforementioned data processing is carried out to enable use of the website (establishing a connection) and for internal, system-related purposes (technical administration, system security). Data are stored in log files to ensure the operability of the website. These data also help us to optimise the website and to safeguard the security of our systems.

If and to the extent that the data processed when you visit the website are personal data, such data are processed on the basis of Article 6 (1) (f) GDPR (legitimate interests). These legitimate interests derive from the purposes mentioned above.

b)          Contacting by email

aa)
It is possible on the website to contact us by email using the address provided. In this case, the user’s personal data which are sent with the email are stored.

bb)
Said data are used solely for the purpose of responding to the respective requests for contact.

cc)
The legal basis for processing said data is provided in Article6 (1) (f) GDPR (legitimate interests). These legitimate interests derive from the fact that we are only able to do what the user requests of us (e.g. respond to enquiries) if the user’s data are processed accordingly. If the aim of establishing contact is to conclude a contract, then an additional legal basis for processing is provided by Article 6 (1) (b) GDPR (performance of a contract, steps prior to entering into a contract).

c)           Use of cookies

Our website uses cookies, which are small text files that are stored in the cache of your browser and contain technical data for session control. They make it easier for you to navigate our website and enable us to analyse user behaviour anonymously in order to design our website to suit user needs. It is not possible to identify a data subject using cookies.

We use ‘session cookies’ to recognise that you have already visited individual pages of our website. These session cookies are automatically deleted when you leave the website.

To optimise user-friendliness, we also use temporary cookies which are stored on your device for a predefined period. If you revisit our website to avail of our services, the website automatically detects that you have already been there, and what inputs and settings you made, so that you do not need to enter them again. These cookies are automatically deleted after a respectively defined period.

Most browsers accept cookies automatically. However, you can configure your browser in such a way that no cookies are stored or so that a notice always appears before a new cookie is created. However, full deactivation of cookies may result in your not being able to use all the functions of our website (in full).

The legal basis for the above processing of personal data is Article 6 (1) (f) GDPR (legitimate interests). These legitimate interests derive from the purposes mentioned above, in particular to optimise use of the website and to improve your user experience.

Cookies set by the Wordfence plugin

This page uses the security plugin WORDFENCE to protect the website from hacker attacks etc. The provider is DEFIANT, 800 5th Ave Ste 4100, Seattle, WA 98104.

WORDFENCE currently uses three cookies and the following explains what each cookie does, who set the cookie and why the cookie helps protect the site.

wfwaf-authcookie-(hash)

What it does: This cookie is used by the Wordfence firewall to perform a capability check of the current user before WordPress has been loaded.

Who gets this cookie: This is only set for users that are able to log into WordPress.

How this cookie helps: This cookie allows the Wordfence firewall to detect logged in users and allow them increased access. It also allows Wordfence to detect non-logged in users and restrict their access to secure areas. The cookie also lets the firewall know what level of access a visitor has to help the firewall make smart decisions about who to allow and who to block.

wf_loginalerted_(hash)

What it does: This cookie is used to notify the Wordfence admin when an administrator logs in from a new device or location.

Who gets this cookie: This is only set for administrators.

How this cookie helps: This cookie helps site owners know whether there has been an admin login from a new device or location.

wfCBLBypass

What it does: Wordfence offers a feature for a site visitor to bypass country blocking by accessing a hidden URL. This cookie helps track who should be allowed to bypass country blocking.

Who gets this cookie: When a hidden URL defined by the site admin is visited, this cookie is set to verify the user can access the site from a country restricted through country blocking. This will be set for anyone who knows the URL that allows bypass of standard country blocking. This cookie is not set for anyone who does not know the hidden URL to bypass country blocking.

How this cookie helps: This cookie gives site owners a way to allow certain users from blocked countries, even though their country has been blocked.

You can find more information on handling user data in DEFIANT’s data protection declaration: https://www.WORDFENCE.com/privacy-policy/

d)          Transfer of data to third parties

The personal data collected when you use the website are not transferred or otherwise communicated to third parties without your consent – except in other cases explicitly described in this Privacy Notice. Exceptions include the communication of personal data to government agencies and authorities if we have a legal obligation to do so. The legal basis for such processing of your personal data is Article 6 (1) (c) GDPR (compliance with a legal obligation).

To operate the website and to provide the services offered on the website, external service providers are used by us (e.g. to host the website), who process personal data of yours on our behalf. These service providers process the data solely in accordance with our instructions. The legal basis for such data processing is provided in Article 6 (1) (b) GDPR (performance of a contract, steps prior to entering into a contract) and Article 28 GDPR (processor).

3.           Duration that your personal data are kept

Unless a shorter duration of storage is specified in the other provisions of this Privacy Notice, we store your personal data which we obtain in connection with your use of the website only for as long as this is necessary to process your enquiry to us and subsequently only to the extent that we have a legal obligation to do in order to comply with statutory archiving requirements. If we no longer need your data for the purposes described above, they are stored merely for the respective statutory archiving period and are not processed for other purposes.

4.           Your rights

You have the right to demand information from us at any time about your personal data stored by us. If the statutory requirements are met, you also have rights to the rectification, erasure and restriction of processing of the respective data, the right to object to your data being processed by us and the right to receive the personal data concerning you in a structured, commonly used and machine-readable format (you may arrange for said data to be transferred or communicated to other bodies). If you have granted your consent to the use of personal data, you may revoke that consent at any time.

If you believe that our processing of the personal data relating to you is in breach of the applicable data protection laws, you may file a complaint with the competent supervisory authority for data protection.

5.           Contact details of the data protection officer

You can contact us under the address stated in clause 1 above, or by using the email address info@kps.de, or by phoning +49 (0) 421 36 66 0.

If you have any questions relating to data protection (including the exercise of your rights described in 4 above), you can also contact our data protection officer directly. The contact details of the data protection officer are as follows: The Data Protection Officer, KPS Programme Schulenberg GmbH & Co. KG, Contrescarpe 75A, 28195 Bremen, Tel.: +49 (0) 421 36 66 0, email: datenschutz@kps.de.

6.           Data security

KPS implements state-of-the-art technical measures to safeguard data security, in particular to protect your personal data against risks ensuing from the transmission of data and against third parties gaining knowledge of the data. These measures are continuously updated to match the current state of technological development.

7.           Changes in the Privacy Notice

It may be necessary from time to time to make changes to this Privacy Notice, for example due to further development of our website or due to changes in the law. We therefore reserve the right to make changes to this Privacy Notice at any time, with effect for the future. We therefore recommend that you read through this Privacy Notice again at regular intervals.

***