KARL MAYER Holding SE & Co. KG
Herr Dipl. Ing. (BA) Arno K.-H. Gärtner, Herr Dr. Helmut Preßl
for the websites under the following domains: www.kmon.net
2. Data protection officer
You can contact the data protection officer of the Controller at:
Data Protection Officer
c/o KARL MAYER Verwaltungsgesellschft AG,
Industriestrasse 1, 63179 Obertshausen, Germany
3. Personal data, purposes of data processing, legal bases, recipients
3.1. Scope of processing of personal data
Personal data is information that can reveal or disclose the identity of the user. We only process personal data of our users if this is necessary to provide a functional website as well as our contents and services. The processing of personal data of our users takes place regularly only after consent of the user. An exception applies in those cases where prior consent cannot be obtained for factual reasons and the processing of the data is permitted by law.
3.2. Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for the processing of personal data, Article 6(1)(a) GDPR serves as the legal basis.
For the processing of personal data necessary for the performance of a contract to which the data subject is a party, Article 6(1)(b) GDPR shall serve as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
Where the processing of personal data is necessary to fulfil a legal obligation to which KARL MAYER is subject, Article 6(1)(c) GDPR serves as the legal basis.
Where the vital interests of the data subject or another natural person require the processing of personal data, Article 6(1)(d) GDPR shall serve as the legal basis.
If processing is necessary to safeguard a legitimate interest of KARL MAYER or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first interest, Article 6(1)(f) GDPR serves as the legal basis for processing.
3.3. Data deletion and storage duration
The personal data of the data subject will be deleted or blocked as soon as the purpose of storage ceases to apply. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the data subject is subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.
3.4. Data processing for advertising purposes
3.4.1. Postal advertising
We may use your information for marketing purposes. We collect the following data for our own marketing purposes and for marketing purposes of third parties: e-mail address, first name, surname, postal address, year of birth. This data is stored in your customer account for the duration of the contract.
We are also entitled to store further personal data collected about you in compliance with legal requirements for our own marketing purposes. The aim is to provide you with advertising that is solely oriented towards your actual or supposed needs and not to bother you with unnecessary advertising.
In addition, the Controller pseudonymises / anonymises personal data collected about you for the purpose of using the pseudonymised / anonymised data for his own marketing purposes. The pseudonymised / anonymised data can also be used to advertise you individually online, whereby the advertising can be outsourced by a service provider / agency.
The legal basis for the use of personal data for marketing purposes is Article 6(1)(f) GDPR.
Reference to the right of objection:
You can use your personal data for the aforementioned advertising purposes at any time free of charge with effect for the future at email@example.com. If you file an objection, your data will be blocked for further promotional data processing. We would like to point out that in exceptional cases advertising material may still be sent even after receipt of your objection. This is technically due to the necessary lead time within the selection process and does not mean that we have not implemented your objection.
On our web pages we offer you the possibility to register for our newsletter. In order to be sure that no mistakes were made when entering the email address, we use the so-called double opt-in procedure: After you have entered your e-mail address in the registration field and transferred it to us, we will send you a confirmation link to this e-mail address. Only when you click on this confirmation link, your email address will be added to our mailing list for sending our newsletters.
The legal basis for this data processing is Article 6(1)(a) DSGVO. The email address is stored for the purpose of sending the newsletter as long as the subscription to the newsletter is active.
Reference to the right of withdrawal:
You can revoke your consent at any time with effect for the future by unsubscribing at the end of each newsletter (by clicking on the link contained therein).
3.5. Data processing for online presence and website optimization
If you have agreed to the so-called geolocalisation in your browser or in the operating system or other settings of your respective device, we use this function to be able to offer you individual services related to your current location (e.g. the location of the nearest branch). We process your location data processed in this way exclusively for this function. If you stop the use, the data will be deleted.
The legal basis for this data processing is Article 6(1)(f) GDPR.
You have the option of changing your browser or your operating system or the relevant location settings of your respective device in such a way that no location-related data is transmitted to us.
3.5.2. Cookies - General Information
Most of the cookies we use are deleted after the end of the browser session (so-called session cookies). With these we can offer you e.g. a shopping cart display across all websites, in which you can read how many articles are currently in your shopping cart and how high your current shopping value is. Other cookies remain on your computer and enable us to recognize your computer on your next visit (so-called permanent or cross-session cookies). These cookies in particular serve to make our webshop user-friendly, more effective and safer. Thanks to these files, it is possible, for example, to display information on the site that is specifically tailored to your interests.
If you have a customer account and are logged in or activate the "stay logged in" function, the information stored in cookies is assigned pseudonymised under a cookie ID.
The specific cookie usage is displayed on our website at first use by means of a cookie banner via Cookiebot (see section 3.5.9.), explained and your consent is requested. Your given consent will then be stored as specifically mentioned under section 6.
You can set your browser so that it does not place our cookies on your hard drive. The help function in the menu bar of most web browsers explains how to prevent your browser from accepting new cookies, how to have your browser notify you when you receive a new cookie or how to delete all cookies already received and block them for all others.
To do this, please proceed as follows:
- With Internet Explorer
- Select "Internet Options" from the "Tools" menu.
- Click on the "Privacy" tab.
- Now you can make the security settings for the Internet zone. Here you can set whether and which cookies should be accepted or rejected.
- Confirm your setting with "OK".
- Select Settings from the "Tools" menu.
- Click on "Privacy".
- Select "Create according to user-defined settings" from the drop-down menu.
- Now you can set whether cookies should be accepted, how long you want to keep these cookies and add exceptions to which websites you always or never want to allow cookies to be used.
- Confirm your setting with "OK".
On Google Chrome:
Click the Chrome menu on the browser toolbar.
- Now select "Settings".
- Click on "Show advanced settings".
- Under "Privacy", click on "Content Settings".
- Under "Cookies" you can make the following settings for cookies: delete cookies, block cookies by default, delete cookies and website data by default after closing the browser
- Allow exceptions for cookies from certain websites or domains
However, we would like to point out that in this case you may not be able to use all functions of this webshop to their full extent.
If these cookies and/or the information they contain are containing personal data, the legal basis for data processing is Article 6(1)(f) GDPR. Our interest in optimizing our webshop is to be regarded as justified in the sense of the aforementioned regulation.
3.5.3. Google Analytics
- Browser type/version
- The operating system used
- Referrer URL (the previously visited page)
- Host name of the accessing computer (IP address)
- Time of the server request.
As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking on this link. An opt-out cookie is set to prevent future collection of your data when you visit this webshop. The opt-out cookie is only valid in this browser and only for our webshop and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again. Further information on data protection in connection with Google Analytics can be found on the Google Analytics website.
We have concluded a data processing agreement with Google for this data processing.
3.5.4. Google Tag Manager
Our webshop uses the Google Tag Manager. Google Tag Manager is a solution that allows marketers to manage website tags through a single interface. The tool Tag Manager itself (which implements the tags) is a cookieless domain and does not collect any personal data. The tool triggers other tags, which in turn may collect data. Google Tag Manager does not access this data. If deactivation has been made at the domain or cookie level, it will remain in effect for all tracking tags implemented with Google Tag Manager.
And use the browser plugin available under „Doubleclick deactivation extension“. Alternatively, you can disable the Doubleclick cookies on the Digital Advertising Alliance site by following this link: http://www.aboutads.info/choices/
To protect input forms on our site, we use the "reCAPTCHA" service from Google. By using this service it can be differenciated whether the corresponding input is of human origin or is abusive through automated machine processing. The legal basis for this data processing is Article 6(1)(f) GDPR.
To our knowledge, the referrer URL, the IP address, the behaviour of webshop visitors, information about operating system, browser and dwell time, cookies, display instructions and scripts, the user's input behaviour and mouse movements in the "reCAPTCHA" checkbox area are transmitted to "Google". Google uses the information obtained in this way, among other things, to digitize books and other printed matter and to optimize services such as Google Street View and Google Maps (e.g. house number and street name recognition).
The IP address transmitted within the scope of "reCAPTCHA" will not be merged with other Google data unless you are logged in to your Google account at the time you use the "reCAPTCHA" plug-in. If you wish to prevent Google from transmitting and storing data about you and your behaviour on our webshop, you must log out of Google before you visit our site or use the reCAPTCHA plug-in.
3.5.7. Appeal/opt-out possibility
In addition to the described deactivation methods, you can also generally prevent the described targeting technologies by means of a corresponding cookie setting in your browser (see also 3.5.2). You also have the option of deactivating preference-based advertising using the preference manager which can be accessed here.
3.5.8. Social media links
We have our own social media pages at the third-party providers that can be reached via links from these websites. By using these links you can access the respective websites of the third party providers (e.g. Facebook, YouTube, LinkedIn, Instagram) and can also share our content. No data transfer takes place when you call up our websites. As soon as you have called up the page of the third party provider, you are in the area of responsibility of the respective third party provider, so that their data protection declaration or their declarations on the use of data also apply. We have no influence on this, but to avoid unnecessary data transfer, we recommend that you log out from the respective third-party provider before using a link, so that the use of the link does not lead to the creation of user profiles by the third-party provider.
On our website a web service from the company Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark (cookiebot.com) is loaded. We use this data to ensure the full functionality of our website.
In this context, your browser may transmit personal data to cookiebot.com. The legal basis for data processing is Art. 6 (1)(f) GDPR.
The legitimate interest lies in an error-free function of the website. The data will be deleted as soon as the purpose of their collection has been fulfilled.
You can prevent the collection and processing of your data by cookiebot.com by deactivating the execution of script code in your browser (see section 3.5.2) or by installing a script blocker in your browser.
3.6 Data processing Contact
You have the possibility to get in contact with us in several ways. By e-mail, by phone, by web contact form or by mail. If you contact us, we use the personal data that you voluntarily provide us with in this context solely for the purpose of contacting you and processing your request.
The legal basis for this data processing is Article 6(1)(a), Article 6(1)(b), Article 6(1)(c) GDPR and Article 6(1)(f) GDPR. Your data will be deleted once the respective purpose has been achieved.
3.7 Data processing Customer ratings / comments / other user content
If users leave comments or other contributions on KARL MAYER's websites, their IP addresses will be deleted on the basis of our legitimate interests within the meaning of Art. 6 (1)(f) GDPR for 7 days. This is done for our security, in case someone leaves unlawful content in comments and contributions (insults, prohibited political propaganda, etc.).
You also have the option of publishing your own content on KARL MAYER's websites in various places (e.g. product evaluations, comments, etc.). If you make a comment, a recommendation or a rating on products, brands and styles, we process the personal data which you voluntarily enter as part of the comment or rating. You can publish content on KARL MAYER's websites under your first name and abbreviated surname.
The legal basis for these data processing(s) is Article 6(1)(f) GDPR.
3.8 Data processing when using a customer account
If you register for a customer account, we process the data required for the performance or termination of a contract with you. This includes:
- First name, surname
- e-mail address
- telephone number
The legal basis for this is Article 6 (1)(b) GDPR, i.e. you provide us with the data on the basis of the respective contractual relationship (e.g. maintenance of your customer account) between you and us.
As far as we do not use your data for advertising purposes, we store the data collected for the contract processing until the expiry of the legal or possible contractual warranty and guarantee rights. After the expiry of this period, we will retain the information required under commercial and tax law for the contractual relationship for the legally specified periods. For this period, the data will be processed again solely in the event of a review by the tax authorities.
To provide you with the greatest possible convenience, we offer you the permanent storage of your personal data in a password-protected customer account.
After opening a customer account no new data entry is necessary. In addition, you can view and change the data stored about you in your customer account at any time.
In addition to the data requested when placing an order, you must enter a password of your own choice in order to set up a customer account. This password, together with your e-mail address, is used to access your customer account. Please treat your personal access data confidentially and do not make them available to unauthorised third parties. Please note that even after leaving our website you will remain logged in automatically unless you actively log out. You have the possibility to delete your customer account at any time. Please note, however, that this does not mean that the data visible in the customer account will be deleted once you have placed an order with us.
3.9 Data processing when using online applications
When you register to use our online applications, such as the k.management dashboard, we process the data necessary for the performance or termination of a contract with you. This includes:
- First name, surname
- e-mail address
- telephone number
The legal basis for this is Article 6(1)(b) GDPR, i.e. you provide us with the data on the basis of the respective contractual relationship between you and us.
In the online application k.management Dashboard, contents of your own machine control can be made visible. Machine operating data (machine statistics such as stop counters, yarn infeed, fabric take-off, rewinding) can be transferred from your machine to the cloud via ADAMOS & key infrastructure. Furthermore, you can download your own operating data via CSV. In the online application k.innovation online sampling, your creations can be sent from your machine directly to Karl Mayer ON.Machines for production. In the online application k.maintenance production planning, your productions can be tracked and planned.
To provide you with the greatest possible convenience when using our online applications, we offer you permanent storage of your personal data in a password-protected customer account. Once you have set up a customer account, you do not need to enter your data again. In addition, you can view and change the data stored about you in your customer account at any time.
To set up a customer account, you must enter a password of your choice. This password is used together with your e-mail address to access your customer account. Please treat your personal access data confidentially and in particular do not make them accessible to unauthorized third parties. Please note that even after leaving our website, you will automatically remain logged in, unless you actively log out. You have the option to delete your customer account at any time, but then the stored machine data will also be deleted.
4. Your statutory rights
Below you will find your rights that you can assert.
4.1. Overview of the individual statutory rights under Article 15 et seq. GDPR
In addition to the right to revoke your consent given to us, you have the following further rights if the respective legal requirements are met:
- the right to obtain information about your personal data stored by us (Art. 15 GDPR), in particular you can request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data was or will be disclosed, the planned storage period, the origin of your data if these were not collected directly from you;
- the right to correct inaccurate or complete correct data (Art. 16 GDPR),
- the right to delete your data stored with us (Art. 17 GDPR), as far as no legal or contractual retention periods or other legal obligations or rights for further storage are to be observed by us,
- the right to restrict the processing of your data (Art. 18 GDPR) if you dispute the accuracy of the data, if the processing is unlawful but you refuse to delete it; the data controller no longer needs the data, but you need them to assert, exercise or defend legal claims or you have filed an objection to the processing in accordance with Art. 21 GDPR,
- the right to tranfer data in accordance with Art. 20 GDPR, i.e. the right to receive selected data stored by us about you in a common, machine-readable format, or to request the transfer to another Controller.
You can assert the above-mentioned rights under firstname.lastname@example.org
4.2. Right to object
Under the conditions of Art. 21 (1) GDPR, data processing may be objected for reasons arising from the special situation of the data subject.
You can exercise this right at email@example.com
4.3. Right of withdrawal
Insofar as we process data on the basis of a consent given by you, you have the right to revoke the consent given at any time. The revocation of the consent does not mean that the data processing carried out on the basis of the consent up to the time of the revocation becomes ineffective.
You can exercise this right at firstname.lastname@example.org
4.4. Right of appeal
Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority, in particular in the Member State of your place of residence, employment or suspected infringement, if you believe that the processing of personal data concerning you is contrary to the GDPR.
6. Your current status regarding consent to cookies