PRIVACY POLICY  


Data Privacy Policy - Kernwert GmbH

We take the protection of your personal data very seriously, and we particularly value high levels of data security and complying with regulations pertaining to data privacy. Unless we are obliged to pass on specific data on the basis of administrative or judicial orders, official or court orders, the data we collect is under no circumstances sold nor passed to third parties without the express prior permission of the persons affected.

In the following policy on data privacy, we shall inform you of which personal data we collect, process and use, the purposes for which this happens, and how you can prohibit specific collection, processing or use of your personal data.

We would like you to understand when we collect which data and how we use it. For any questions regarding data privacy, please write to the following e-mail address: privacy@kernwert.com

What rights do you have with us?
At any time and with future effect, visitors to our website www.kernwert.com can revoke their consent to the processing of their personal data. A message in text form (e.g. e-mail, letter) sent to the contact details provided here is sufficient to do this.

In addition, you have the following rights under the Basic EU Data Protection Ordinance (GDPR):
  • The right to information (Article 15 GDPR)
  • The right to correction or deletion (Article 16/ Article 17 GDPR)
  • The right to restriction of processing (Article 18 GDPR)
  • The right to data portability (Article 20 GDPR)
  • The right to revoke processing (Article 21 GDPR)
  • The right to complain to the supervisory authority responsible (Article 77 GDPR)
What data do we collect from you?
In the following, we will explain to you which data we collect from you when you visit our website www.kernwert.com and why we do this.

1. When using our website
a) Access data
Upon using our website, if you do not log on, register or pass other information to us, the only data collected is that which your browser sends automatically to enable you to visit our website. From this, we collect the following access data:
  • IP address of the inquiring computer
  • Date and time of access
  • Name and URL of the retrieved file
  • Website from which access was made
  • Browser used and, if necessary, your computer’s operating system.
For security reasons (e.g. to identify attacks), this access data is passed to us by your browser and saved for a limited period in a log file on secure servers. If any personal data is processed here, it is done in accordance with Article 6 Paragraph 1 f) GDPR. Data is not passed on to third parties. Data is deleted after statistical and anonymous analysation. No user profiles are generated.

Our website contains links to the websites of other providers. We have no influence on whether these providers follow current regulations on data privacy. We therefore recommend that you read carefully the data privacy policies of these providers.

b) Computer centre
Our website is provided on our own server systems exclusively in Germany in a computer centre of mpex GmbH. mpex GmbH is certified to "ISO/IEC 27001" and "Trust in Cloud Infrastructure". "ISO 27001" is an internationally recognised standard of information security, which covers aspects such as data security, data privacy and failure safety.

Within the scope of this collaboration, we do not directly pass any personal data to our service providers. However, the service provider may at least potentially obtain access to personal data (e.g. through maintenance work). As in such cases, a so-called order processing is available according to Article 28 GDPR, we have concluded a contract on a data privacy with the service providers compliant with this. This also guarantees the protection of your personal data.

2. If you voluntarily provide us with data
a) Via a form on our website
In addition to the data stated above, we also collect and process personal data if you voluntarily provide us with it via a form on our website, particularly regarding:
  • Contact details
  • Registering for a webinar
  • Requesting test access
  • Requesting a quote.
The following personal data is then collected and processed:
  • Title (gender)
  • Surname, forename
  • Company
  • E-mail address
  • Telephone number
  • Address, if necessary
  • Message, if any
  • Date and time of the enquiry
  • Language choice used.
The data is processed so that we can process your request and reply to you. This data is not passed to any third party without your consent.

The use of one of our forms means that you agree to us processing your data. In this respect, Article 6 Paragraph 1 a) or b) GDPR provides the legal basis for its processing – depending on whether this is a commercial (e.g. contract initiation) or a general enquiry.

b) Via a form on our software solution, e.g. as a participant in a study
In addition to the above data, we also collect and process personal data if you voluntarily provide us with this via a form on our software solution as a participant, project manager, moderator or observer of a market or opinion research study, particularly for conducting a survey or a discussion.

Depending on any possible instructions of our customers, we collect and process the following personal data, amongst other things, in these cases:
  • Authentication data (e.g. user name and password)
  • Categorisation (e.g. age group, gender)
  • Survey and results data (e.g. comments, video and image data)
  • Performance and usage data (e.g. tasks carried out and pages visited)
  • Contact data, if necessary (generally a pseudonym and e-mail address).
The data is processed so that we can conduct studies on market- and opinion-research. This data is not passed to any third party without your consent. In this respect, please note the paragraph "What rights do I have as a participant in a study?" in this explanation.

The use of our software solution means that you agree to us processing your data. Article 6 Paragraph 1 a) or b) GDPR is the legal basis for its processing - depending on whether this is a contribution by a participant, project manager, moderator or observer.

c) In another way, e.g. if you contact us by e-mail
You can also contact us in another way, e.g. by using the e-mail addresses stated on our website or the telephone numbers or address stated there.
Depending on the content of your message to us, we collect and process the following personal data, amongst other things, in these cases:
  • Title (gender), if necessary
  • Surname, forename, if necessary
  • Company, if any
  • E-mail address,
  • Telephone number, if necessary
  • Address, if necessary
  • Subject of message
  • Message text
  • Date and time of the enquiry.
Your data is processed exclusively so that we are able to process your request and reply to you. This data is not passed to any third party without your consent.

The use of our contact data means that you agree to us processing your data. Article 6 Paragraph 1 a) or b) GDPR is the legal basis for its processing – depending on whether this is a commercial (e.g. contract initiation) or a general enquiry.

d) Length of time this data is saved
Unless there are any legal storage periods, we will delete your data once the purpose of storage has been met. This means that your data will be deleted by us once it is no longer necessary for us to contact you, perhaps because we have successfully answered your enquiry and you have no further questions for us.

When using our software solution, all project data that are allocated to this contractual relationship will be deleted within one month of the end of the contract in the case of a cancellation by our customers or within one month of the end of the agreed life of the contract.

Of course, you can revoke your permission at any time for us to store your voluntarily provided data. In this case, too, we delete your data in accordance with applicable regulations. Please be aware that in the case of legal periods of retention, we are not permitted to delete your data.

3. On ordering our newsletter
a) Consent to the newsletter mailing service

To send you current information and offers by KERNWERT at regular intervals by e-mail, we offer a newsletter service. For e-mail registration, we use a so-called double opt-in procedure. We thus only send you a newsletter if you have expressly confirmed in advance that you want to receive it. To do this, we will send you a notification e-mail and ask you to confirm, by clicking on a link contained in the e-mail, that you wish to receive our newsletter.

If you order our newsletter, we will save your consent pursuant to Article 6 Paragraph 1 a) GDPR along with:
  • E-mail address
  • Surname, forename, if necessary
  • Date and time of the registration
  • Time registration was confirmed
  • IP address of the inquiring computer
  • Browser used and, if necessary, your computer’s operating system
  • Language choice used.
This data is used exclusively for to distribute the newsletter.

b) External service provider
To send our newsletter, we use the service provider CleverReach GmbH & Co. KG. For this, data saved when registering for the newsletter is transferred to a server of the service provider where it is saved and processed according to current data privacy regulations.

The service provider processes the data on our behalf and according to our specifications. Such a case is so-called order processing according to Article 28 GDPR. In compliance with this regulation, we have therefore signed a data privacy contract with this service provider. This also guarantees the protection of your personal data.

c) Revocation of consent
If you no longer wish to receive a newsletter from us, you can end your subscription at any time, simultaneously revoking your consent to save and process your data. In the case you revoke your consent, we will delete your data in accordance with current regulations.

A message in a text form to info@kernwert.com is sufficient for this. There is also an Unsubscribe link in each of our newsletters. Of course, there will be no additional charges for this revocation.

d) Newsletter tracking
Our newsletters contain so-called web bugs, which we use to identify whether and when an e-mail was opened and which links in the e-mail were followed by the recipient.

If you cancel the newsletter, you simultaneously revoke your consent to the newsletter tracking described here. Your data is then deleted by us in accordance with current regulations.

4. On ordering our services
a) Customer information
We collect and process personal data that is directly necessary for processing an order for products and services, i.e. to
  • Create a user account
  • Check customer identities
  • Carry out the service
  • Process payment.
To be able to do this, it is necessary to save and process the following information. This includes, in particular:
  • Name of the company
  • Company address
  • Language of the point of contact
  • Point of contact’s title
  • Forename and surname of the point of contact
  • Point of contact’s position and department
  • E-mail address for the point of contact
  • Point of contact’s telephone number
  • Required scope of the service
  • Date and time of order
  • Message, if any.
This data is collected with your consent upon creation of a user account or through an order in accordance with Article 6 Paragraph 1 a) GDPR and in accordance with Article 6 Paragraph 1 b) GDPR for the further handling of your order. Data is not passed to any third party.

b) Length of time this data is saved
We delete your data once the purpose of storage has been met. This means that your data is deleted by us once your order has been successfully handled and the data is no longer required for any further business contact.
You can revoke your permission at any time for us to store the data you provided to us when placing an order. In this case, too, we delete your data in accordance with applicable regulations. Please note, however, that under certain circumstances we may not be able to process your order.
In accordance with legal obligations to retain data, we are as a service provider obliged to keep specific data. We can therefore only finally delete your data if there is no legal obligation to retain it. If we cannot delete your data due to a legal obligation to retain it, we will block your data.

What cookies or services do we use?

When visiting our website or software solution, we only use temporary session cookies for the purpose of data protection. Cookies are small files that contain a character string that is sent to your computer when you call up a website. Using the cookie, your browser can recognise if you call up an additional page of this website.

Using the session cookie, then you will remain logged on for the entire user session when using a protected area of our software solution. The session cookies are processed by us in an intrusion-detection system and discarded at the end of the user session.

You can deactivate cookies in your browser settings. Via your browser, you can at any time delete cookies that are already saved. However, we would like to point out that in this case it may not be possible to use all functions of this website to their full extent.

What rights do I have as a participant in a study?
We provide software solutions to conduct studies on market and opinion research. We are generally commissioned to provide these services, and they are exclusively carried out on the instruction of our customers.  As a participant in a study, please also read the respective data privacy declaration of our customers. Our customers will provide you with this data privacy declaration in the protected area of the respective study.

If, on the orders and instructions of our customers, we process any data, it is processed in accordance with Article 28 GDPR. In these cases, and in accordance with this regulation, we will sign a data privacy contract with the customer. This also guarantees the protection of your personal data.

As a software provider and IT service provider, we have no influence on the content of the study or on the legal payment procedure for the participants. Should you have any questions, please contact directly the point of contact for your study.

Who can I complain to about unwanted e-mails (abuse)?
All customers of our software solutions are obliged to adhere to the respective applicable laws. Thanks to our security measures and anti-spam rules, unwanted e-mails occur very rarely. However, should you have reason to complain, please send an e-mail to abuse@kernwert.com. Please send the complete unwanted e-mail as an attachment to your message.

Name and contact details of the person responsible:
Kernwert GmbH
Gubener Straße 24, 10243 Berlin
Germany
Tel. +49 (0)30-53 01 23-60
Fax +49 (0)30-53 01 23-61
privacy@kernwert.com

Management:
Dirk Wieseke, Christoph Gehricke

Register of companies:
AG Berlin-Charlottenburg, registration no. 167811 B

VAT ID no. DE300354671

External data-protection officer:
Marco Tessendorf (procado Consulting, IT- & Medienservice GmbH)
Warschauer Str. 58a, D-10243 Berlin
privacy@kernwert.com

info@kernwert.com    ­ +49-(0)30-53 01 23-60    ­ Gubener Straße 24, 10243 Berlin, Germany
© 2018 KERNWERT, BERLIN
Made and Hosted in Germany  Made and Hosted in Germany