Privacy Policy

We are pleased that you are visiting our website and thank you for your interest in our company. Protecting your privacy when using our website is important to us. We therefore strictly comply with the applicable data protection regulations when using your personal data.

Below, we inform you about the collection and use of personal data when using our website.

What is personal data? The term personal data is defined in the German Federal Data Protection Act (BDSG, new version) and in the European General Data Protection Regulation (GDPR). It refers to individual information concerning the personal or factual circumstances of an identified or identifiable natural person. This includes, for example, your name, address, telephone number, email address or date of birth.

You can visit our website without providing any personal information. In this context, we do not store any personal data. In order to improve our offering, we only evaluate statistical data that does not allow any conclusions to be drawn about you personally. If personal data, such as name, address or email addresses, is collected on our pages, this is always done on a voluntary basis. This data will not be passed on to third parties without your express consent.

On the following pages, we would like to inform you about the processing of your personal data by us and about the claims and rights to which you are entitled under data protection regulations.

I. Name and Address of the Controller

The controller within the meaning of the General Data Protection Regulation (GDPR), other national data protection laws of the Member States and other data protection regulations is:

Kenda Rubber Industrial Co. Europe GmbH
Greimelstrasse 28
83236 Übersee
Germany

Phone: +49 (8642) 597149-0
Email: info@kendaeurope.com
Website: www.kendaeurope.com

II. Name and Address of the Data Protection Officer

The data protection officer of the controller is:

Sven Giesler
desegna Business IT Solutions
Eickhoffstr. 6
57234 Wilnsdorf
Germany

Phone: +49 (2737) 216179-0
Email: datenschutz@desegna.de
Website: www.desegna.de

III. General Information on Data Processing

1. Scope of the Processing of Personal Data

We generally collect and use personal data of our users only to the extent necessary to provide a functional website as well as our content and services. The collection and use of our users‘ personal data generally takes place only after the user’s consent has been obtained. An exception applies in cases where obtaining prior consent is not possible for practical reasons and the processing of the data is permitted by statutory provisions.

2. Legal Basis for the Processing of Personal Data

Where we obtain the consent of the data subject for processing operations involving personal data, Art. 6(1)(a) GDPR serves as the legal basis for the processing of personal data.

Where the processing of personal data is necessary for the performance of a contract to which the data subject is party, Art. 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations that are necessary for carrying out pre-contractual measures.

Where processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6(1)(c) GDPR serves as the legal basis.

Where vital interests of the data subject or of another natural person make the processing of personal data necessary, Art. 6(1)(d) GDPR serves as the legal basis.

Where processing is necessary to protect a legitimate interest of our company or of a third party, and where the interests, fundamental rights and freedoms of the data subject do not override the first-mentioned interest, Art. 6(1)(f) GDPR serves as the legal basis for the processing.

3. Data Erasure and Storage Period

The personal data of the data subject will be erased or blocked as soon as the purpose of storage no longer applies. Storage may also take place if provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. Data will also be blocked or erased when a storage period prescribed by the aforementioned standards expires, unless further storage of the data is necessary for the conclusion or performance of a contract.

IV. Provision of the Website and Creation of Log Files

1. Description and Scope of Data Processing

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing device.

The following data is collected:

Information about the browser type and version used
The user’s operating system
Date and time of access
The user’s IP address
Websites from which the user’s system accesses our website

The data is also stored in the log files of our system. This does not include the user’s IP addresses or other data that would allow the data to be assigned to a user. This data is not stored together with other personal data of the user.

2. Legal Basis for Data Processing

The legal basis for the temporary storage of the data is Art. 6(1)(f) GDPR.

3. Purpose of Data Processing

The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.

These purposes also constitute our legitimate interest in data processing pursuant to Art. 6(1)(f) GDPR.

4. Duration of Storage

The data is erased as soon as it is no longer necessary to achieve the purpose for which it was collected. In the case of data collection for the provision of the website, this is the case when the respective session has ended.

5. Objection and Removal Options

The collection of data for the provision of the website and the storage of data in log files is strictly necessary for the operation of the website. Consequently, the user has no option to object.

V. Use of Cookies

1. Description and Scope of Data Processing

Our website uses cookies. Cookies are text files that are stored in or by the internet browser on the user’s computer system. When a user visits a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string that enables the browser to be uniquely identified when the website is accessed again.

When our website is accessed, the user is informed about the use of cookies and their consent is obtained for the processing of the data used in this context. A reference to this privacy policy is also provided in this context.

2. Legal Basis for Data Processing

The legal basis for the processing of personal data using technically necessary cookies is Art. 6(1)(f) GDPR.

3. Purpose of Data Processing

The purpose of using technically necessary cookies is to make the use of websites easier for users. Some functions of our website cannot be offered without the use of cookies. For these functions, it is necessary that the browser is recognized even after changing pages.

The user data collected by technically necessary cookies is not used to create user profiles.

These purposes also constitute our legitimate interest in the processing of personal data pursuant to Art. 6(1)(f) GDPR.

4. Duration of Storage, Objection and Removal Options

Cookies are stored on the user’s computer and transmitted from there to our website. As a user, you therefore have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website in full.

VI. Contact Form and Email Contact

1. Description and Scope of Data Processing

Our website contains a contact form that can be used for electronic contact. If a user makes use of this option, the data entered in the input form is transmitted to us and stored.

This data includes:

Name
Email address
Message

At the time the message is sent, the following data is also stored:

Date and time of registration

Your consent is obtained for the processing of the data as part of the sending process, and reference is made to this privacy policy.

Alternatively, contact can be made via the email address provided. In this case, the user’s personal data transmitted with the email will be stored.

No data is passed on to third parties in this context. The data is used exclusively for processing the conversation.

2. Legal Basis for Data Processing

If the user has given consent, the legal basis for the processing of the data is Art. 6(1)(a) GDPR.

The legal basis for the processing of data transmitted in the course of sending an email is Art. 6(1)(f) GDPR. If the email contact is aimed at concluding a contract, an additional legal basis for processing is Art. 6(1)(b) GDPR.

3. Purpose of Data Processing

The processing of personal data from the input form serves solely to process the contact request. In the case of contact by email, this also constitutes the necessary legitimate interest in processing the data.

The other personal data processed during the sending process serves to prevent misuse of the contact form and to ensure the security of our information technology systems.

4. Duration of Storage

The data is erased as soon as it is no longer necessary to achieve the purpose for which it was collected. For personal data from the contact form input mask and data sent by email, this is the case when the respective conversation with the user has ended. The conversation is deemed to have ended when the circumstances indicate that the matter in question has been conclusively clarified. The additional personal data collected during the sending process is erased after a period of seven days at the latest.

5. Objection and Removal Options

The user has the option to withdraw their consent to the processing of personal data at any time. If the user contacts us by email, they may object to the storage of their personal data at any time. In such a case, the conversation cannot be continued. Further communication in this case is only possible by post. All personal data stored in the course of making contact will be erased in this case.

VII. Use of Google Fonts

Our website uses Google Fonts for the uniform display of certain fonts. The provider is Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland („Google“). When you access our pages, your browser loads the required fonts directly from our web server in order to display them correctly on your device. As a result, no data is collected or transmitted.

VIII. Newsletter

1. Description and Scope of Data Processing

On our website, it is possible to subscribe to a free newsletter. When registering for the newsletter, the following data from the input form is transmitted to us:

Company
Email address
Name

Your consent is obtained for the processing of the data as part of the registration process, and reference is made to this privacy policy.

2. Legal Basis for Data Processing

If the user has given consent, the legal basis for processing the data after registration for the newsletter is Art. 6(1)(a) GDPR.

The legal basis for sending the newsletter following the sale of goods or services is Section 7(3) of the German Act Against Unfair Competition (UWG).

3. Purpose of Data Processing

The user’s email address is collected in order to deliver the newsletter.

The collection of other personal data during the registration process serves to prevent misuse of the services or of the email address used.

4. Duration of Storage

The data is erased as soon as it is no longer necessary to achieve the purpose for which it was collected. The email address, voluntarily provided information and other personal data of the user are therefore stored for as long as the newsletter subscription is active.

5. Objection and Removal Options

The subscription to the newsletter can be cancelled by the data subject at any time. For this purpose, each newsletter contains a corresponding link. This also enables withdrawal of consent to the storage of the personal data collected during the registration process.

IX. Use of OpenStreetMap

1. Description and Scope of Data Processing

This website uses OpenStreetMap to display maps and create route plans. The provider is FOSSGIS e.V., Bundesallee 23, D-10717 Berlin („Fossgis“). To use the functions of OpenStreetMap, it is necessary for the address data you enter in the route planner to be transmitted to a Fossgis server and stored there. The provider of this website has no influence over this data transmission.

At the time the route request is sent, the following data is also stored:

IP address

Your consent is obtained before the data is processed, and reference is made to this privacy policy. In the Fossgis privacy policy at https://www.openstreetmap.de/impressum/datenschutz/, you will find information about which data is collected and for what purpose.

2. Legal Basis for Data Processing

If the user has given consent, the legal basis for processing the data is Art. 6(1)(a) GDPR.

3. Purpose of Data Processing

The integration of OpenStreetMap into our website serves the purpose of providing our customers with a simple tool to make it easier to find their way to our premises. Data entered in this respect is not passed on by us.

4. Duration of Storage, Objection and Removal Options

The data is erased as soon as it is no longer necessary to achieve the purpose for which it was collected. You can prevent data transmission to Fossgis by deactivating JavaScript in your browser. In that case, however, no maps can be displayed.

X. Use of Facebook

1. Description and Scope of Data Processing

Our website contains a link to our company page on the social network of Meta Platforms Ireland Ltd. („Facebook“). The operator of the pages is Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

We would like to point out that you use this Facebook company page and its functions on your own responsibility. This applies in particular to the use of interactive functions, such as commenting, sharing or rating. When you visit our Facebook company page, Facebook collects, among other things, information stored on your PC in the form of cookies. This information is used to provide us, as the operator of the Facebook company page, with statistical information about the use of the Facebook company page.

At the time the link to our Facebook company page is used, the following data is also stored:

The user’s IP address
Date and time

The data collected about you in this context is processed by Meta Platforms Ireland Ltd. and may be transferred to countries outside the European Union. Facebook describes in general terms what information it receives and how it is used in its data usage guidelines. There you will also find information about contact options for Facebook and about settings options for advertisements.

You can object to the tracking of your browsing behavior for advertising purposes at: https://www.facebook.com/settings?tab=ads

The data usage guidelines are available at: http://de-de.facebook.com/about/privacy

The complete Facebook data policy can be found here: https://de-de.facebook.com/full_data_use_policy

2. Legal Basis for Data Processing

If the user has given consent, the legal basis for processing the data is Art. 6(1)(a) GDPR.

3. Purpose of Data Processing

The way in which Facebook uses the data from visits to Facebook company pages for its own purposes, the extent to which activities on Facebook company pages are assigned to individual users, how long Facebook stores this data and whether data from a visit to Facebook company pages is passed on to third parties are not conclusively and clearly stated by Facebook and are not known to us. The primary responsibility under the GDPR for the processing of Insights data lies with Facebook, and Facebook fulfills all obligations under the GDPR with regard to the processing of Insights data. Facebook Ireland makes the essential elements of the Page Insights Addendum available to data subjects.

4. Duration of Storage

If you as a user are currently logged in to Facebook, a cookie with your Facebook identifier is stored on your device. This enables Facebook to track that you have visited this page and how you have used it. This also applies to all other Facebook pages. Based on this data, content or advertising can be tailored to you.

If you wish to avoid this, you should log out of Facebook or deactivate the „stay logged in“ function, delete the cookies on your device and close and restart your browser. In this way, Facebook information through which you can be directly identified is deleted. You can then use our Facebook page without your Facebook identifier being disclosed. If you access interactive functions of the page, such as Like, Comment, Share or Messages, a Facebook login screen will appear. After logging in, Facebook will again be able to recognize you as a specific user.

Information on how you can manage or delete information held about you can be found on the following Facebook support pages: https://de-de.facebook.com/about/privacy#

As the provider of the information service, we do not make any decisions regarding the processing of Insights data or any other information arising from Art. 13 GDPR, including the legal basis, the identity of the controller and the storage period of cookies on user devices.

The additional personal data collected during the sending process is erased after a period of ninety days at the latest.

XI. Use of Instagram

1. Description and Scope of Data Processing

Our website contains a link to our company page on the social network of Meta Platforms Ireland Ltd. („Instagram“). The operator of the pages is Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

We would like to point out that you use this Instagram company page and its functions on your own responsibility. This applies in particular to the use of interactive functions, such as commenting, sharing or rating. When you visit our Instagram company page, Instagram collects, among other things, information stored on your PC in the form of cookies. This information is used to provide us, as the operator of the Instagram company page, with statistical information about the use of the Instagram company page.

At the time the link to our Instagram company page is used, the following data is also stored:

The user’s IP address
Date and time

The data collected about you in this context is processed by Meta Platforms Ireland Ltd. and may be transferred to countries outside the European Union. Instagram describes in general terms what information it receives and how it is used in its data usage guidelines. There you will also find information about contact options for Instagram and about settings options for advertisements.

You can object to the tracking of your browsing behavior for advertising purposes at: https://www.facebook.com/settings?tab=ads

The data usage guidelines are available at: http://de-de.facebook.com/about/privacy

The complete Instagram privacy policy can be found here: http://instagram.com/legal/privacy

2. Legal Basis for Data Processing

If the user has given consent, the legal basis for processing the data is Art. 6(1)(a) GDPR.

3. Purpose of Data Processing

The way in which Instagram uses the data from visits to Instagram company pages for its own purposes, the extent to which activities on Instagram company pages are assigned to individual Instagram users, how long Instagram stores this data and whether data from a visit to Instagram company pages is passed on to third parties are not conclusively and clearly stated by Instagram and are not known to us. The primary responsibility under the GDPR for the processing of Insights data lies with Instagram, and Instagram fulfills all obligations under the GDPR with regard to the processing of Insights data. Facebook Ireland Ltd. makes the essential elements of the Page Insights Addendum available to data subjects.

4. Duration of Storage

If you as a user are currently logged in to Instagram or Facebook, a cookie with your Instagram identifier is stored on your device. This enables Instagram to track that you have visited this page and how you have used it. This also applies to all other Instagram pages. Based on this data, content or advertising can be tailored to you.

If you wish to avoid this, you should log out of Instagram or Facebook or deactivate the „stay logged in“ function, delete the cookies on your device and close and restart your browser. In this way, Instagram information through which you can be directly identified is deleted. You can then use our Instagram page without your Instagram identifier being disclosed. If you access interactive functions of the page, such as Like, Comment, Share or Messages, an Instagram login screen will appear. After logging in, Instagram will again be able to recognize you as a specific user.

Information on how you can manage or delete information held about you can be found on the following Instagram support pages: http://instagram.com/legal/privacy

The additional personal data collected during the sending process is erased after a period of ninety days at the latest.

XII. Use of YouTube

1. Description and Scope of Data Processing

Our website contains links to YouTube, a site operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA („YouTube“).

We would like to point out that you use this page and its functions on your own responsibility. This applies in particular to the use of interactive functions, such as commenting, sharing or rating. When you visit the page, YouTube collects, among other things, information stored on your PC in the form of cookies.

At the time the link is used, the following data is also stored:

IP address
Date and time
Time zone difference to Greenwich Mean Time (GMT)
Content of the request (specific page)
Access status/HTTP status code
Amount of data transferred
Referring domain
Browser type including version and language
Operating system

If you are logged in to your Google or YouTube account, you enable YouTube to assign your browsing behavior directly to your personal profile. You can prevent this by logging out of your Google or YouTube account.

Further information on the handling of user data can be found in YouTube’s privacy policy at https://www.google.de/intl/de/policies/privacy. There you will also find further information about your rights and settings options to protect your privacy.

2. Legal Basis for Data Processing

If the user has given consent, the legal basis for processing the data is Art. 6(1)(a) GDPR.

3. Purpose of Data Processing

The integration of YouTube into our website serves the purpose of presenting products to our customers in a simple way. Data entered in this respect is not passed on by us.

4. Objection and Removal Options

You have the right to object to the creation of these user profiles. To exercise this right, you must contact YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. You can prevent data transmission to Google by deactivating JavaScript in your browser. In that case, however, videos cannot be displayed.

XIII. Use of LinkedIn

1. Description and Scope of Data Processing

Our website contains a link to our company page on the LinkedIn social network of LinkedIn Corporation („LinkedIn“). The operator of the pages is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. This serves the active and modern addressing of potential employees in a professional environment. On this page, we also share information about our company and present ourselves externally in this way. We provide information there about our services, products and employment opportunities in our company.

We would like to point out that you use this LinkedIn company page and its functions on your own responsibility. This applies in particular to the use of interactive functions, such as commenting, sharing or rating. When you visit our LinkedIn company page, LinkedIn collects, among other things, information stored on your PC in the form of cookies. This information is used to provide us, as the operator of the LinkedIn company page, with anonymized statistical information about the use of the LinkedIn company page.

At the time the link to our LinkedIn company page is used, the following data is also stored:

The user’s IP address
Date and time

The data collected about you in this context is processed by LinkedIn Corporation and may be transferred to countries outside the European Union. Detailed information on the processing and use of data by the provider on its pages, as well as a contact option and your related rights and settings options to protect your privacy, can be found in LinkedIn’s privacy information: https://www.linkedin.com/legal/cookie-policy.

2. Legal Basis for Data Processing

Data processing is carried out on the basis of an agreement between joint controllers pursuant to Art. 26 GDPR, which you can view here: https://de.linkedin.com/legal/l/dpa

3. Purpose of Data Processing

We use the data provided and transmitted by you exclusively for processing your application. By uploading and sending your data to us, you expressly agree that we may store and process this data for the purpose of reviewing your application and notifying you pursuant to Art. 6(1)(a) and (b) GDPR. The data is not passed on to third parties.

4. Duration of Storage

If you as a user are currently logged in to LinkedIn, a cookie with your LinkedIn identifier is stored on your device. This enables LinkedIn to track that you have visited this page and how you have used it. Based on this data, content or advertising can be tailored to you.

If you wish to avoid this, you should log out of LinkedIn or deactivate the „stay logged in“ function, delete the cookies on your device and close and restart your browser. In this way, information through which you can be directly identified is deleted. You can then use our LinkedIn company page without your LinkedIn identifier being disclosed. If you access interactive functions of the page, such as Like, Comment, Share or Messages, a LinkedIn login screen will appear. After logging in, LinkedIn will again be able to recognize you as a specific user.

Information on how you can manage or delete information held about you can be found at https://www.linkedin.com/legal/privacy-policy?src=li-other&veh=de.linkedin.com%7Cli-other

The additional personal data collected during the sending process is erased after a period of seven days at the latest.

5. Objection and Removal Options

The user has the option to withdraw their consent to the processing of personal data at any time.

XIV. Rights of the Data Subject

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:

1. Right of Access

You may request confirmation from the controller as to whether personal data concerning you is being processed by us.

If such processing is taking place, you may request information from the controller about the following:

The purposes for which the personal data is processed;
The categories of personal data that are processed;
The recipients or categories of recipients to whom the personal data concerning you has been or will be disclosed;
The planned duration of storage of the personal data concerning you or, if specific information is not possible, criteria for determining the storage period;
The existence of a right to rectification or erasure of the personal data concerning you, a right to restriction of processing by the controller, or a right to object to such processing;
The existence of a right to lodge a complaint with a supervisory authority;
All available information about the origin of the data if the personal data was not collected from the data subject;
The existence of automated decision-making, including profiling, pursuant to Art. 22(1) and (4) GDPR and, at least in these cases, meaningful information about the logic involved as well as the significance and intended consequences of such processing for the data subject.

You have the right to request information as to whether the personal data concerning you is transferred to a third country or to an international organization. In this context, you may request to be informed of the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.

2. Right to Rectification

You have a right to rectification and/or completion vis-à-vis the controller if the processed personal data concerning you is incorrect or incomplete. The controller must carry out the rectification without undue delay.

3. Right to Restriction of Processing

Under the following conditions, you may request the restriction of the processing of personal data concerning you:

If you contest the accuracy of the personal data concerning you for a period that enables the controller to verify the accuracy of the personal data;
If the processing is unlawful and you oppose the erasure of the personal data and instead request the restriction of its use;
If the controller no longer needs the personal data for the purposes of processing, but you need it for the establishment, exercise or defense of legal claims; or
If you have objected to processing pursuant to Art. 21(1) GDPR and it has not yet been determined whether the legitimate grounds of the controller override your grounds.

Where the processing of personal data concerning you has been restricted, this data may, apart from being stored, only be processed with your consent or for the establishment, exercise or defense of legal claims, for the protection of the rights of another natural or legal person, or for reasons of important public interest of the Union or of a Member State.

If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.

4. Right to Erasure

a) Obligation to Erase

You may request that the controller erase personal data concerning you without undue delay, and the controller is obliged to erase this data without undue delay if one of the following reasons applies:

The personal data concerning you is no longer necessary for the purposes for which it was collected or otherwise processed.
You withdraw your consent on which the processing was based pursuant to Art. 6(1)(a) or Art. 9(2)(a) GDPR, and there is no other legal basis for the processing.
You object to the processing pursuant to Art. 21(1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21(2) GDPR.
The personal data concerning you has been processed unlawfully.
The erasure of the personal data concerning you is necessary for compliance with a legal obligation under Union law or the law of the Member States to which the controller is subject.
The personal data concerning you has been collected in relation to information society services offered pursuant to Art. 8(1) GDPR.

Information to Third Parties

If the controller has made the personal data concerning you public and is obliged to erase it pursuant to Art. 17(1) GDPR, the controller shall, taking account of available technology and the cost of implementation, take reasonable steps, including technical measures, to inform controllers that are processing the personal data that you, as the data subject, have requested the erasure by such controllers of any links to, or copies or replications of, that personal data.

b) Exceptions

The right to erasure does not apply to the extent that processing is necessary:

For exercising the right of freedom of expression and information;
For compliance with a legal obligation that requires processing under Union law or the law of the Member States to which the controller is subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
For reasons of public interest in the area of public health pursuant to Art. 9(2)(h) and (i) and Art. 9(3) GDPR;
For archiving purposes in the public interest, scientific or historical research purposes or statistical purposes pursuant to Art. 89(1) GDPR, insofar as the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
For the establishment, exercise or defense of legal claims.

5. Right to Notification

If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to notify all recipients to whom the personal data concerning you has been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves disproportionate effort.

You have the right to be informed by the controller about these recipients.

6. Right to Data Portability

You have the right to receive the personal data concerning you that you have provided to the controller in a structured, commonly used and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to whom the personal data was provided, where:

The processing is based on consent pursuant to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR, or on a contract pursuant to Art. 6(1)(b) GDPR; and
The processing is carried out by automated means.

In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another, where technically feasible. The freedoms and rights of other persons must not be adversely affected by this.

The right to data portability does not apply to processing of personal data that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

7. Right to Object

You have the right, on grounds relating to your particular situation, to object at any time to the processing of personal data concerning you that is based on Art. 6(1)(e) or (f) GDPR; this also applies to profiling based on those provisions.

The controller will no longer process the personal data concerning you unless the controller can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims.

If the personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for the purposes of such marketing; this also applies to profiling insofar as it is related to such direct marketing.

If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.

In connection with the use of information society services, and notwithstanding Directive 2002/58/EC, you have the option to exercise your right to object by automated means using technical specifications.

8. Right to Withdraw the Data Protection Declaration of Consent

You have the right to withdraw your data protection declaration of consent at any time. The withdrawal of consent does not affect the lawfulness of processing carried out on the basis of consent before its withdrawal.

9. Automated Individual Decision-Making, Including Profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, that produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision:

Is necessary for entering into or performance of a contract between you and the controller;
Is authorized by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights, freedoms and legitimate interests; or
Is based on your explicit consent.

However, these decisions must not be based on special categories of personal data pursuant to Art. 9(1) GDPR, unless Art. 9(2)(a) or (g) applies and suitable measures to safeguard your rights, freedoms and legitimate interests have been put in place.

With regard to the cases referred to in (1) and (3), the controller shall take suitable measures to safeguard your rights, freedoms and legitimate interests, including at least the right to obtain human intervention on the part of the controller, to express your point of view and to contest the decision.

10. Right to Lodge a Complaint with a Supervisory Authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or place of the alleged infringement, if you believe that the processing of personal data concerning you infringes the GDPR.

The supervisory authority with which the complaint has been lodged shall inform the complainant about the progress and outcome of the complaint, including the possibility of a judicial remedy pursuant to Art. 78 GDPR.

We reserve the right to amend this privacy policy at any time in compliance with applicable data protection regulations.

Current version: January 2026.