Website data privacy statement

The protection of personal data is an important concern for Koenig & Bauer. The personal data that you provide is therefore always handled in accordance with the relevant legal regulations, especially those of the EU General Data Protection Regulation (GDPR) and the Bundesdatenschutzgesetz (BDSG – German Federal Data Protection Act). Accordingly, Koenig & Bauer ensures that your personal data is processed and used transparently and for a specific purpose.

You can learn below to what extent we collect personal information from you while you use our website and the webshop, how we handle the data that is collected and to what purpose and on what legal basis it is processed.

Furthermore, we explain to you what personal data we make available to the companies of the Koenig & Bauer Group, how long we store your personal data and what rights you have in relation to the processing of your personal data.

Please note that this website may contain links to other websites that are not subject to the data privacy statement.

 

§ 1 Controller and data security officer

(1) The controller pursuant to Art. 4(7) of the EU General Data Protection Regulation (GDPR) is:

Koenig & Bauer AG
Friedrich-Koenig-Straße 4
97080 Würzburg
info(at)koenig-bauer.com

(2) The data protection officer (Group data protection officer) of Koenig & Bauer is:

Mr Steffen Demuss
Koenig & Bauer AG 
Friedrich-Koenig-Straße 4
97080 Würzburg
steffen.demuss(at)koenig-bauer.com

If you have any questions or concerns regarding the processing of your personal data by Koenig & Bauer or this data privacy statement, you are welcome to contact our data protection officer at any time.

(3) If you contact us by e-mail or using a contact form, the data provided by you (your e-mail address and possibly your name and your telephone number as optional information) will be stored by us in order to answer your question. We delete the data collected in this connection after it is no longer necessary to store it or we restrict the processing if statutory retention requirements apply. The data will be forwarded to affiliated group companies of Koenig & Bauer AG on a case-by-case basis if this is necessary in order to answer your specific query.

(4) We inform you in detail below of the relevant procedures for when we make use of commissioned (external) service providers for individual functions related to our offer or would like to use your data for advertising purposes. We also state here the criteria defined for the period for which the data is stored.

§ 2 Your rights

(1) You have the right at any time to demand more specific information about the data stored on you, to inspect this data and to request that incorrect data about you be rectified or that the stored data be erased completely or in part.

(2) If personal data from you is processed, you are the data subject within the meaning of the General Data Protection Regulation (GDPR) and you are entitled to the following rights in relationship to Koenig & Bauer (controller):

1. Right to information

In accordance with Article 15 GDPR, you can request information about your personal data that we process. In particular, you can request information on the purposes of the processing, the categories of personal data concerned, the categories of recipients to whom your data has been or will be disclosed, the envisaged period for which the data will be stored, the existence of the right to rectify or erase personal data or to object to such processing to restrict its processing or to object to such processing, the right to lodge a complaint, the source of their data where it has not been collected by us, and on the existence of automated decision-making, including profiling and any meaningful information on their details.

2. Right to rectification

In accordance with Article 16 GDPR, you can request that, where it is incorrect or incomplete, your personal data that we store be rectified or completed without undue delay.

3. Right to erasure

In accordance with Article 17 GDPR, you can demand the erasure of your personal data that we store, unless the processing is necessary to exercise the right of freedom of expression and information, to comply with a legal obligation, for reasons of public interest, or to establish, exercise or defend legal claims.

4. Right to restriction of processing

In accordance with Article 17 GDPR, you can demand that the processing of your personal data be restricted if you contest the accuracy of the personal data, the processing is unlawful but you oppose its erasure and we no longer need the data, but you require it in order to establish, exercise or defend legal claims or you have objected to the processing pursuant to Article 21(1) GDPR.

5. Right to data portability

In accordance with Article 17 GDPR, you can ask to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to have this data transmitted to another controller if the processing is based on consent or on a contract and the processing is carried out by automated means.

6. Right to object

If we process your personal data based on a balancing of interests (legal basis Article 6(1) f) GDPR), you can object, on grounds relating to your particular situation, at any time to the processing of the personal data concerning you; this also applies for any “profiling” based on those provisions.

Processing of your personal data based on a balancing of interests (legal basis Article 6(1) f) GDPR) takes place in particular when the processing is not necessary in order to fulfil a contract with you. We present this in the description below. When exercising an objection of this kind, please state the reasons why we should not process your personal data in the way in which we perform this. If you submit a reasoned objection, we will examine the situation and either suspend or adjust the data processing or demonstrate to you our compelling legitimate grounds on the basis of which we will continue to process the data.

You also have the right to revoke the declaration of consent you have given under data protection law at any time with future effect. The data in question will then be erased conditionally immediately. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

In this event, please send your revocation, stating your full name and your e-mail address to marketing@koenig-bauer.com

A restriction on the processing (blocking of the data) can be implemented instead of erasure in the cases stipulated by law.

You can of course object to the processing of your personal data for advertising purposes and data analysis at any time.

You can inform us of your objection to processing for advertising purposes by contacting us using the following contact details:

Koenig & Bauer Coding Gmbh
Marketing
Benzstraße 11
97209 Veitshöchheim

Telefon: +49-931-9085 0
marketing-coding@koenig-bauer.com

7. Automated individual decision-making, including profiling

You have the right not to be subject to a decision based solely on automated processing – including profiling – which produces legal effects concerning you or similarly significantly affects you. This shall not apply if the decision:

(1) is necessary for entering into, or performance of, a contract between you and the data controller;

(2) is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the your rights and freedoms and legitimate interests; or

(3) is made with your express consent.

However, these decisions may not be based on special categories of personal data referred to in Article 9(1) GDPR, unless point (a) or (g) of Article 9(2) applies and suitable measures to safeguard the your rights and freedoms and legitimate interests are in place.

In the cases referred to in (1) and (3), the data controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, which includes as a minimum the right to obtain human intervention on the part of the controller, to express your own point of view and to contest the decision.

8. Right to lodge a complaint with a supervisory authority

You furthermore have the right to file a complaint with the competent data protection supervisory authority about our processing of your personal data.

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to your the GDPR.

The supervisory authority with which the complaint has been lodged shall inform the complainant of the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78 GDPR.

9. General questions and contact options

Should you have any questions about the collection, processing or use or your personal data, or if you wish to receive information, correct or erase your data or revoke any consent you have granted, please contact our data protection officer. You can find the contact details under [point 1] of this data privacy statement.

§ 3 Collection of personal data when visiting our website

(1) The term “personal data” is defined by law in Article 4 no. 1 GDPR and means all “information relating to an identified or identifiable natural person”. Personal data is accordingly data that can be used to identify you personally, e.g. name, address, e-mail addresses, user behaviour and IP address.

(2) When using the website simply for information purposes, i.e. if you do not register or otherwise transmit information to us, we collect only the personal data that your browser transmits to our server. This information is stored temporarily in a log file. When you would like to view our website, we collect the following data, which we require for technical reasons in order to display our website to you and to guarantee its stability and security:

  • IP address
  • Date and time of the query
  • Time zone difference from Greenwich Mean Time (GMT)
  • Contents of the request (specific page)
  • Access status/HTTP status code
  • Data volume transferred each time
  • Website from which the request has come
  • Browser
  • Operating system and its interface
  • Language and version of the browser software.

The legal basis for collecting and storing this data is provided by Article 6(1) sentence 1 point (f) GDPR.

(3) In addition to the data mentioned above, cookies are also stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive and assigned to the browser you are using and through which information is transmitted to the client that has placed the cookie (us in this case). Cookies cannot execute any programs or transmit any viruses to your computer. They are used to make the Internet offer more user-friendly and efficient overall.

Cookies

§ 4 Other functions and offers on our website

(1) In addition to the use of our website for simple information purposes, we offer a variety of services that you can use if you are interested. To do so, you generally have to enter other personal data, which we use to perform the relevant service and for which the data processing principles stated above apply.

(2) When you use our contact form and in questions of every kind, we offer you the option of contacting us through a form provided on the website. It is necessary to provide a valid e-mail address here so that we know from whom the enquiry has come and so that we can answer it. Other information can be provided on an optional basis. The data processing for the purpose of contacting use is performed in accordance with Article 6(1) sentence 1 point (a) GDPR on the basis of your freely given consent. The personal data that we collect for using the contact form will be automatically deleted after the query you have submitted has been answered.

We use the Google service reCaptcha to determine whether certain inputs in our contact and newsletter forms stem from a human user or a computer. Google uses the following data to distinguish between a human user and a computer: IP address of the device used, the website page which you are visiting and on which the Captcha is integrated, the date and duration of your visit, the identification data of the browser and operating system used, your Google account if you are logged in to Google, mouse movements on the reCaptcha areas and challenges requiring you to identify images. The legal basis for the described data processing is Art. 6, paragraph 1, point (f) of the General Data Protection Regulation. A legitimate interest on our part is pursued by way of this data processing, which serves to guarantee the security of our website and protects us against automated inputs (attacks).

(3) You also have the opportunity to order printed brochures for our products, if available, or our customer magazine Report from our website. To do this, please click on the order symbol for the relevant brochure or for the report and then fill in the order form. We require only your name and address to send the order materials to you. This data is required so that we can send you the requested materials by post.

(4) We sometimes also make use of external service providers to process your data. They have been carefully selected and commissioned by us, are required to act in accordance with our instructions and are checked on a regular basis.

(5) Furthermore, we can forward your personal data to third parties if participation in campaigns, competitions, the entry into contracts or similar services are offered by us together with our partners. You can obtain more detailed information on this when disclosing your personal data or below in the description of the offer.

We disclose your personal data to third parties only when:

  • you have given your explicit consent to this in accordance with Article 6(1) sentence 1 point (a) GDPR;
  • the disclosure is necessary pursuant to Article 6(1) sentence 1 point (f) GDPR in order to establish, exercise or defend legal claims and there is no reason to assume that you have an overriding interest in the non-disclosure of your data that requires it to be protected;
  • there is a legal obligation to disclose the data pursuant to Article 6(1) sentence 1 point (c) GDPR;
  • this is necessary by law and pursuant to Article 6(1) sentence 1 point (b) in order to execute contractual relationships.

Transmission of your personal data to third parties for purposes other than those specified below does not take place.

(6) If our service provider or partner has their registered office in a state outside the European Union or the European Economic Area (EEA), we will inform you of the consequences of this circumstance in the description of the offer or of the service that is used.

§ 5 Data processing when using our webshop

(1) If you would like to place an order with our webshop, you will need to input your personal data that we require to execute your order in order to enter into a contract. The mandatory information that are necessary to execute the contracts are marked separately, while other information is optional. We process the data indicated by you to process your order. To this end, we can forward your payment data to our principal bank. The legal basis for this is provided by Article 6(1) sentence 1 point (b) GDPR.

You have the option to set up a customer account (see below for more on this), where we can store your data for other purchases later. When you set up an account under “My account”, the data that you enter will be stored irrevocably. You can always delete all other data, including your user account, in the customer area.]

We can furthermore process the data you have indicated in order to inform you about other interesting products from our portfolio or to send you e-mails with technical information.

(2) We are required on the basis of commercial and tax law to store your address, payment and order data for a period of ten years. However, we impose a restriction on its processing after [two years] , i.e. your data will be used only to that we can comply with the statutory obligations.

(3) In order to prevent unauthorised access by third parties to your data, especially financial data, the order process is encrypted using TLS technology.

§ 6 Creating a customer account and use our webshop portals

(1) If you would like to create a customer account for our webshop, you have to register by providing your e-mail address, a password that you select yourself and the user name that you choose. There is no requirement to use your own name. A pseudonym can be used.

(2) We use the double opt-in process for registration, i.e. your registration is completed only when you have confirmed your registration by clicking on a link that we send to you for this purpose in a confirmation e-mail. If your confirmation is not received within [24 hours], your registration will be automatically deleted from our database. The disclosure of the data specified above is compulsory. You can provide all other information as an option when using our webshop portal.

(3) When you use our webshop portal, we store your data that is need to fulfil the contract, including information on payment method, until you definitively delete your access. Furthermore, we store the data you have indicated voluntarily for the period of your use of the webshop portal, unless you delete this data beforehand. You can manage and edit all your information in the secure customer zone. The legal basis for processing your data is provided by Article 6(1) sentence 1 point (f) GDPR.

(4) In order to prevent unauthorised access by third parties to your data, especially financial data, the connection is encrypted using TLS technology.

§ 7 Newsletter

(1) With your consent, you can subscribe to our newsletter, which we use to inform you about our current offers/products of Koenig & Bauer AG and/or the relevant group company. The goods and services advertised are specified in the declaration of consent.

(2) We use the double opt-in procedure for registration to our newsletter. This means that, after you have registered, we send you an e-mail to the e-mail address you have indicated in which we ask you to confirm that you wish to be sent the newsletter. If you do not confirm your registration within [24 hours], your information will be blocked and automatically deleted after one month. Furthermore, we store the IP addresses you used and the times of registration and confirmation. The purpose of this procedure is to verify your registration and so that we can clarify any possible misuse of your personal data.

(3) The only compulsory information required for sending the newsletter is your e-mail address. The disclosure of other, separately marked data is optional and will be used to contact you personally. After receiving your confirmation, we store your e-mail address for the purpose of sending you the newsletter. The legal basis is provided by Article 6(1) sentence 1 point (b) GDPR.

(4) You can revoke your consent to receiving the newsletter at any time and unsubscribe from the newsletter. You can send your cancellation by clicking on the link provide in each newsletter e-mail or by sending an e-mail to [marketing@koenig-bauer.com].

(5) We draw you attention to the fact that we analyse your user behaviour when sending the newsletter. The e-mails that are sent contain web beacons or tracking pixels, which represent one-pixel image files, that are stored on our website for this analysis. We link the data specified in section 3 and the web beacons with your e-mail address and an individual ID for this analysis.

§ 8 Web Analyse und Nutzer-Tracking

Our intention in employing the analysis and tracking measures that are used is to ensure that the design of our website is tailored to the users’ needs and that it is continually optimised. Another reason we employ the tracking measures is to record the statistics concerning the use of our website and to evaluate this for the purpose of optimising our offer for you. These interests are to be regarded as legitimate within the meaning of the regulation specified above. The relevant data processing purposes and data categories can be found in the description of the corresponding analysis and tracking tools.

The analysis and tracking measures specified below and used by us are conducted on the basis of Article 6(1) sentence 1 point (f) GDPR (legal basis).

1. Use of Google Analytics

(1) This website uses Google Analytics, a web analysis service of Google Inc. (“Google”). Google Analytics uses “cookies”, text files that are stored on your computer and that enable your use of the website to be analysed. The information about your use of this website that is created by the cookie is generally transmitted to and stored on a Google server in the US. If IP anonymisation is activated on this website, your IP address will, however, be shortened by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. The full IP address will be transmitted to a Google server in the US and shortened there only in exceptional circumstances. Google will use this information on behalf of the operator of this website in order to evaluate your use of the website, in order to compile reports on the website activities and to perform other services associated with the use of the website and Internet use for the website operator.

(2) The IP address transmitted from your browser within the framework of Google Analytics is not combined with other data by Google.

(3) You can prevent cookies from being stored by setting your browser software to do this; we draw your attention to the fact, however, that you may not be able to use all the functions of this website in their full extent in this case. You can furthermore prevent the data generated by the cookie and relating to your use of the website (including your IP address) from being recorded and processed by Google by downloading and installing the browser plug-in from the following link: tools.google.com/dlpage/gaoptout.

(4) This website uses Google Analytics with the extension “_anonymizeIp()”. This means that IP addresses are processed in anonymised form, thus preventing individual users from being identified. If a personal reference can be assigned to the data collected about you, this is then immediately excluded and the personal data is immediately deleted.

(5) We use Google Analytics to be able to analyse and regularly improve the use of our website. The statistics gained enable us to improve our offer and to design it in a more interesting way for you as the user. Google has undertaken to be subject to the EU-US Privacy Shield, www.privacyshield.gov/EU-US-Framework, for the exceptional cases where personal data is transferred to the US.

The legal basis for using Google Analytics is provided by Article 6(1) sentence 1 point (f) GDPR.

(6) Information on the third-party service provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. Terms and conditions of use: www.google.com/analytics/terms/de.html, overview of data privacy: www.google.com/intl/de/analytics/learn/privacy.html, and the data privacy declaration: www.google.de/intl/de/policies/privacy.

2. LinkedIn conversion tracking

(1) We use the LinkedIn conversion tracking retargeting tool of LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Ireland (“LinkedIn”) on our website. We have no influence over the scope and the further use of the data that is collected by the use of this tool by LinkedIn and therefore provide you with the following information based on what we currently know: the LinkedIn Insight Tag is integrated on the website of Koenig & Bauer, which allows LinkedIn to collect statistical, pseudonymous data about your visit and the use of our website and to provide us with relevant aggregated statistics on this basis. Furthermore, this information is used to be able to display relevant offers and recommendations specific to your interests to you after you have shown an interest on the website for specific services, information and offers. The related data is stored in a cookie.

(2) You can use a browser setting to prevent cookies from being stored. Alternatively, you can object to this form of data processing by setting an opt-out cookie using the following link (https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out), which will remain on your device until you delete the cookies. This option is available both for LinkedIn members and non-members. For more information, please also see the data privacy statement of LinkedIn - https://www.linkedin.com/legal/privacy-policy.

(3) The legal basis for processing your data is provided by Article 6(1) sentence 1 point (f) GDPR.

§ 9 Use of integration of third-party content and redirection

It can happen that content from third parties, such as videos from YouTube, map material from Google Maps, RSS feeds or graphics from other websites will be embedded within this online service. A requirement for this is that the providers of this content know the user’s IP address. If they do not know the IP address, they cannot send the content to the user’s browser. The IP address is thus required to display this content. We make every effort only to use content of this kind from service providers that use the IP address only to deliver the content. However, we have no influence on whether the third-party provider stores the IP address, for example for statistical purposes. If we become aware of this, we will notify the user.

1. Embedding of YouTube videos

(1) We have embedded YouTube videos in our online program, which are stored at www.YouTube.com and which can be played directly on our website. [These are all embedded using the “extended data protection mode”, i.e. no data about you as a user is transmitted to YouTube if you do not play the videos. The data specified in subsection 2 is transferred only when you play the videos. We have no influence on this data transmission.]

(2) When you visit the website, YouTube receives the information that you have called up the relevant sub-page of our website. Furthermore, the data specified in section 3 of this statement is transferred. This happens irrespective of whether YouTube provides a user account, on which you are logged in, or a user account does not exist. If you are logged in to Google, your data will be directly assigned to your account. If you do not wish to be assigned with your profile at YouTube, you must log out before you activate the button. YouTube stores your data collected as user profiles and uses them for the purposes of advertising, market research and/or the tailored design of their website. An analysis of this kind is carried out in particular (even for users who are not logged in) to provide tailored advertising and to inform other users of the social network about your activities on our website. You have a right to lodge an objection to the creation of these user profiles, where you must contact YouTube in order to exercise this right.

(3) You can obtain more information on the purpose and scope of the data collection and processing by YouTube in the data privacy statements. You can also obtain more information there on your rights and settings options for protecting your privacy: www.google.de/intl/de/policies/privacy. Google also processes your personal data in the US and has undertaken to be subject to the EU-US Privacy Shield, www.privacyshield.gov/EU-US-Framework.

2. Embedding of Google Maps

(1) We use the service offered by Google Maps on this website. This enables us to display interactive maps for you directly on the website and allows you to use the map function conveniently.

(2) When you visit the website, Google receives the information that you have called up the relevant sub-page of our website. Furthermore, the data specified in section 3 of this statement is transferred. This happens irrespective of whether Google provides a user account, on which you are logged in, or a user account does not exist. If you are logged in to Google, your data will be directly assigned to your account. If you do not wish to be assigned with your profile at Google, you must log out before you activate the button. Google stores your data collected as user profiles and uses them for the purposes of advertising, market research and/or the tailored design of their website. An analysis of this kind is carried out in particular (even for users who are not logged in) to provide tailored advertising and to inform other users of the social network about your activities on our website. You have a right to lodge an objection to the creation of these user profiles, where you must contact Google in order to exercise this right.

(3) You can obtain more information on the purpose and scope of the data collection and processing by the plug-in provider in the data privacy statements of the service provider. You can also obtain more information there on your related rights and settings options for protecting your privacy: www.google.de/intl/de/policies/privacy. Google also processes your personal data in the US and has undertaken to be subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

3. Redirection

Any redirection to providers of social media services such as YouTube, Facebook, etc., is carried out via links, with the result that data about your visit to our program (e.g. IP address, time, URL) or data present on your device (e.g. cookie information) is transmitted to the relevant provider only when the link is consciously used.

§ 10 Data and IT security

During your visit to our website, we support the highest security encryption set by your browser.

We furthermore make use of suitable technical and organisational security measures in order to protect your data against accident or intentional manipulation, full or partial loss, destruction or unauthorised access by third parties. Our security measures undergo constant improvements in line with technological developments.

§ 11 Links to other websites

Please note that this website may contain links to other websites, including websites that are operated by Koenig & Bauer and that are not subject to this data privacy statement.

§ 12 Amendments and updates to the data privacy statement

This data privacy statement is currently valid in the version updated in May 2018. It may be necessary to amend this data privacy statement as a result of the further development of our website and related offers or on account of amendments to statutory or official regulations. We will published any amendments promptly on this page. You should therefore visit this page regularly in order to stay informed of the current status of the data privacy statement. You can retrieve and print out the data privacy statements currently in force from the website at https://www.koenig-bauer.com/datenschutz at any time.