Privacy policy
Preamble
We would like to inform you that our company KATMA Engineering GmbH processes your personal data (hereinafter referred to as "data").
Personal data is all information that relates to an identified or identifiable natural or legal person. This includes information such as name, contact details, online identifiers and identification data or other typical characteristics belonging to the user.
The following declaration applies to all visits to our website, as well as any use of other services, in particular the use of our web apps.
This declaration can be supplemented or replaced by the additional data protection declarations and conditions provided to you in due course.
The GDPR serves as the relevant legal basis. For Switzerland, the Swiss DPA also applies.
Responsible
Patrick Kathöfer
KATMA Engineering Ltd.
Zum Sporkfeld 58a
33397 Rietberg
Authorized representatives: Felix and Patrick Kathöfer
E-mail address: legal@katma-clean.de
Imprint: www.katma-clean.de/impressum
What personal data do we collect?
Exactly which data we collect from you depends on the respective use of the service.
We may therefore collect the following personal data:
First name and surname
E-mail address (if validated and verified)
Telephone or mobile phone number and SIM card number
Billing address (street, house number, postal code, city) /payment data
Contract data
Account access data, such as security information and access password of the app (completely encrypted and unreadable)
Browser ID/ IP address
Browser version and type
Usage data
Browser activity tracking
Job-related information, e.g. details of employment and activity
Meta, communication and process data in general
Location data
When using the WebAPP, film, photo and audio recordings may be made
Persons concerned
Customers
Interested parties
Communication partner
Users
Business and contractual partners
Participants
Processing purposes
Provision of contractual services and fulfillment of contractual obligations
Contact requests and communication
Security measures
Direct marketing
Reach recording/ location analysis and acquisition
Organizational procedures
Managing and responding to inquiries of any kind
Feedback
Marketing
Profiles with user-related information
Information technology infrastructure
Provision of our online services and user-friendliness
Digital signing of documents
How do we collect personal data?
- Direct interaction, e.g. when you sign up for our services
- Use of NFC programs and QR codes
- Automated tracking technologies, e.g. information collected automatically about your interaction with our services and websites using cookies, etc. Further guidance on processing operations, procedures and services:
- Provision of online offer on rented storage space: For the provision of our online offer, we use storage space, computing capacity and software that we rent or otherwise obtain from a corresponding server provider (also called "web hoster"); Legal basis: Legitimate interests (Art. 6 para. 1 p. 1 lit. f) DSGVO).
- Provision of online offer on own/ dedicated server hardware: For the provision of our online offer, we use server hardware operated by us as well as the associated storage space, computing capacity and software; Legal basis: Legitimate interests (Art. 6 para. 1 p. 1 lit. f) DSGVO).
- Collection of access data and log files: Access to our online offer is logged in the form of so-called "server log files". The server log files may include the address and name of the web pages and files accessed, the date and time of access, the volume of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page) and, as a rule, IP addresses and the requesting provider. The server log files may be used, on the one hand, for security purposes, e.g., to prevent server overload (especially in the event of abusive attacks, so-called DDoS attacks) and, on the other hand, to ensure the utilization of the servers and their stability; Legal basis: Legitimate interests (Art. 6 para. 1 p. 1 lit. f) DSGVO). Deletion of data: Log file information is stored for a maximum period of 30 days and then deleted or anonymized. Data whose further storage is required for evidentiary purposes is exempt from deletion until final clarification of the respective incident.
- E-mail dispatch and hosting: The web hosting services we use also include the dispatch, receipt and storage of e-mails. For these purposes, the addresses of the recipients and senders as well as further information regarding the e-mail dispatch (e.g. the providers involved) and the contents of the respective e-mails are processed. The aforementioned data may also be processed for SPAM detection purposes. Please note that e-mails are generally not sent encrypted on the Internet. As a rule, e-mails are encrypted in transit, but (unless a so-called end-to-end encryption method is used) not on the servers from which they are sent and received. We can therefore not assume any responsibility for the transmission path of the e-mails between the sender and the reception on our server; Legal basis: Legitimate interests (Art. 6 para. 1 p. 1 lit. f) DSGVO).
How do we use your personal data?
The personal data we collect will be used for the lawful and legitimate purposes, as defined in the GDPR, as well as for the purposes for which we collected it. We want to use your personal data to improve the quality of our customer service, to expand our site analysis and to protect ourselves against criminal conduct to the detriment of our machine and internal business information.
Release of your personal data
The personal data we collect is generally used exclusively by us, KATMA Engineering GmbH.
Personal data generated through the use of the WebApps is passed on to the respective location owner for the analysis of washing behavior or location-related purchasing power. Only the information relevant to the analysis is transmitted.
In the event of necessary criminal prosecution, this data is also made available to the relevant authorities.
How long do we keep your personal data stored?
Your personal data will be processed to the extent and for the duration necessary to fulfill our obligations and achieve our objectives for which the data was collected. This is done in accordance with the applicable data protection laws.
If we no longer need your personal data, we will take all necessary measures to irrevocably delete it from our systems and records, thereby preventing you from being re-identified.
What rights do you have?
Within the framework of the German, as well as European data protection laws, you have the following rights:
- Right of access, Art. 15 DSGVO
- Right to rectification, Art. 16 DSGVO
- Right to erasure, Art. 17 DSGVO
- Right to restriction of processing, Art. 18 DSGVO
- Right to data portability, Art. 20 DSGVO
International data transfers
If we process data in a third country (i.e. outside the European Union) or the processing takes place in the context of the use of third-party services or the disclosure/transfer of data to other persons, bodies or companies, this is done exclusively in accordance with the legal requirements. Subject to Art. 49 DSGVO, we only process or have the data processed in third countries with a recognized level of data protection in accordance with Art. 45 DSGVO.
Use of cookies & plug-ins
We use cookies and plug-ins in accordance with legal requirements, so we obtain the necessary consent from our users in advance, unless this is not required by law. In particular, consent is not required if the storage and reading of the information is absolutely necessary to provide the user with an expressly desired online offer.
We use cookies and plug-ins to optimize our website and WebApps and to analyze traffic within our systems. If we have informed you in advance and obtained your consent, we may use other third-party cookies for corporate marketing purposes. In addition, our cookies and plug-ins may be necessary to facilitate navigation on our website and in our WebApps and to provide a better user experience. In this respect, the general processing purposes are the same as those
of personal data. With regard to the storage period, the following types of cookies are to be differentiated:
- Temporary cookies (also: session cookies): Temporary cookies are deleted at the latest after a user has left an online offer and closed his end device (e.g. browser or mobile app).
- Permanent cookies: Permanent cookies remain stored even after the end device is closed. For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again. Likewise, user data collected with the help of cookies can be used for reach measurement. Unless we provide users with explicit information about the type and storage duration of cookies (e.g., when obtaining consent), users should assume that cookies are permanent and that the storage period can be up to two years.
Cookie settings/opposition: Clickskeks: https://www.clickskeks.at
Further guidance on processing operations, procedures and services:
- Google Optimize: Software for the analysis and optimization of online offers on the basis of feedback functions as well as pseudonymously performed measurements and analyses of user behavior, which may include in particular A/B tests (measurement of popularity and user-friendliness of different content and functions), measurement of click paths and interaction with content and functions of the online offer; Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal basis: consent (Art. 6 (1) p. 1 lit. a) DSGVO); Website: https://optimize.google.com; Privacy policy: https://policies.google.com/privacy; Order processing agreement: https://business.safety.- google/adsprocessorterms; Basis third country transfer: EU-US Data Privacy Framework (DPF), Standard Contractual Clauses (https://business.safety.google/adsprocessorterms). Further information: https://privacy.google.com/businesses/adsservices (types of processing and data processed).
- Google Analytics 4: We use Google Analytics to measure and analyze the use of our online offer on the basis of a pseudonymous user identification number. This identification number does not contain any unique data, such as names or email addresses. It is used to assign analysis information to an end device in order to recognize which content users have accessed within one or various usage processes, which search terms they have used, have accessed again or have interacted with our online offering. Likewise, the time of use and its duration are stored, as well as the sources of the users referring to our online offer and technical aspects of their end devices and browsers. In the process, pseudonymous profiles of users are created with information from the use of various devices, whereby cookies may be used. Google Analytics does not log or store individual IP addresses for EU users. However, Analytics provides coarse geographic location data by deriving the following metadata from IP addresses: City (and the derived latitude and longitude of the city), Continent, Country, Region, Subcontinent (and ID-based counterparts). For EU traffic, IP address data is used exclusively for this derivation of geolocation data before being immediately deleted. They are not logged, are not accessible, and are not used for any other purpose. When Google Analytics collects measurement data, all IP queries are performed on EU-based servers before traffic is forwarded to Analytics servers for processing; service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal basis: Legitimate interests (Art. 6 para. 1 p. 1 lit. f) DSGVO); Website: https://marketingplatform.google.com/intl/de/about/analytics/; Privacy policy: https://policies.google.com/privacy; Order processing agreement: https://business.safety.google/adsprocessorterms/; Basis third country transfer: EU-US Data Privacy Framework (DPF), Standard Contractual Clauses (https://business.safety.google/adsprocessorterms); Opt-out: Opt-Out Plugin: https://tools.google.com/dlpage/gaoptout?hl=de, Ad Display Settings: https://adssettings.google.com/authenticated. Further information: https://privacy.google.com/businesses/adsservices (types of processing and data processed).
- Google Tag Manager: Google Tag Manager is a solution with which we can manage so-called website tags via an interface and thus integrate other services into our online offering (please refer to further information in this privacy policy). With the Tag Manager itself (which implements the tags), therefore, no profiles of users are created or cookies are stored, for example. Google only learns the IP address of the user, which is necessary to run the Google Tag Manager; service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Legal basis: consent (Art. 6 (1) p. 1 lit. a) DSGVO); Website: https://marketingplatform.google.com; Privacy policy: https://poli- cies.google.com/privacy; Order processing agreement: https://business.safety.google/adsprocessorterms. Basis for third country transfers: EU-US Data Privacy Framework (DPF), Standard Contractual Clauses (https://business.safety.google/adsprocessorterms).
- Jetpack (WordPress Stats): Jetpack provides analytics - features for WordPress software; service provider: Aut O'Mattic A8C Ireland Ltd, Grand Canal Dock, 25 Herbert Pl, Dublin, D02 AY86, Ireland; Legal basis: consent (Art. 6 para. 1 p. 1 lit. a) DSGVO); Website: https://automattic.- com; Privacy policy: https://automattic.com/privacy. Basis for third country transfers: EU-US Data Privacy Framework (DPF).
How to contact us
If you have any questions about the processing of your personal data or would like to exercise your rights, you can contact us at any time by email at legal@katma-clean.de. We will make every effort to process your request as quickly as possible.
Updates
If we change or update our terms, we will update this privacy policy with a new date.
This version is valid from November 2023.
