Privacy Policy

In the following, we would like to explain to you what data we collect about you and what we do with this data. We also inform you about your privacy rights and explain to whom you can turn with questions about data privacy.

About us

Data controller responsible for the processing of your data (hereinafter: “controller”):

Kito Europe GmbH
Heerdter Lohweg 93
40549 Düsseldorf
Tel. +49 211 528 009 - 0
E-Mail: info@kito.net
CEO: Martin Rothe

We want to protect and uphold your privacy rights, so you can contact our data protection officer
for questions about this privacy policy, the processing of your data, your rights, or other concerns
in the area of data protection.

Contact details of the data protection officer:

Xamit Bewertungsgesellschaft mbH
Monschauer Str. 12
40549 Düsseldorf
E-Mail: info@xamit.de

Scope of application

This privacy policy applies to the website www.kitogroup.eu. It is aimed at the visitors of our website.
On our pages further links are offered which lead to the websites of other operators for which this privacy policy does not apply.
Responsibility for integration of advertisements, text advertisements or commercials before or during embedded videos lies with the respective operator.

Do I have to enter my data?

When you visit our website, user data are automatically stored. Some of the collected data is necessary for the use of a website. In addition, we also process your data in order to safeguard our legitimate interests according to a balance of interests. This will enable us to continuously improve the services we offer to you. On the following pages, you will learn about the background of our interests as well as whether and how you can object to the use of your data or disable the use of the data.
In order to use one of our offers or to send a request, you will be asked to provide your personal data. You can decide for yourself whether to take advantage of these offers and to provide your data. Of course, we process your data only for the purpose for which you provided us with your data. We also offer services for which we process your data only if you have given us your consent. The granting of consent is always voluntary. Consent that has been granted may be revoked at any time.
Please note that if you provide information about other persons, you must have obtained their prior consent and informed them of the purposes for which the information is being disclosed, as set forth in this privacy policy.
We also ask you to share this information with the people you include in the use of our services, such as family members or authorised persons.

What data do we process?

I. Your visit to our website

When you visit our website, different personal data are stored and used.

1. Processed data and processing purposes:

  • Service provision: In order to visit and use our website, the specified data must be collected.
  • Data security: Every instance of access to our website is saved in a log file. We collect and use these data only for the purpose of data security
  • Display of fonts: In order to load the fonts that we use on this web site into your browser cache the indicated data need to be processed.
  • Processing of inquiries: We process the data you give us if you have a question or concern. This includes the data that you have sent by e-mail or fax.
Dates Service provision Data security Display of fonts Processing of inquiries
IP number x x x
Name of the retrieved file x x x
Transferred amount of data x x x
Visited website x
Referrer URL (the previously visited website) x x
User agent your browser sends (only for mobile version or automatic voice control) x x x
Session cookie x x x
Date and time of access x x
Date and time of the last user activity (for session timeout) x x
Browser type Browser version Browser resolution (inner window size) browser language screen size Screen resolution incl. Color depth x
URL of the viewed page/downloads x x
Cookie on/off x
Java script on/off x
Installed plugins x x
Message/inquiry x
Contact details and other data which you send to us x

In addition, the above-mentioned data are used for the following purposes in the context of a consideration of interests (Art. 6 (1) (f) GDPR) and the fulfillment of legal obligations (Art. 6 (1) (c) GDPR). The interests and legal obligations are named below:
(1) Should a security incident occur in our company that affects your data, we are obliged to report the case to our data protection supervisory authority (Art. 33 GDPR). Since our legitimate interest is to comply with this statutory reporting obligation as quickly as possible, it may happen that in the context of the investigation of the corresponding security incident data about you are processed. Reports of these security incidents to data protection supervisory authorities do not contain any of your personal data.
(2) As it is in our interest to ensure the security of our systems, we regularly conduct security and efficiency tests that allow us to process your above-mentioned data.
(3) It is in our interest, in the event of litigation, to keep evidence until all relevant statutory limitation periods pursuant according to sections 195 and fallowing of the German Civil Code, have expired. For this purpose, we retain the relevant data about you in accordance with these limitation periods.
(4) In addition, it is in our interest to investigate suspected cases and to hand over relevant information to law enforcement authorities in case of a specific criminal suspicion.

2. Information about automated individual decisions
No automated individual decisions take place.

3. Legal basis for the use of your data

  • In addition, we process your data in order to safeguard our legitimate interests (Art. 6 (1) (f) GDPR):
    (1) It is in our interest to process your data provided under the provision of services and the display of photos for the fulfillment of our service, so that you can access and use our website.
    (2)
    It is in our interest to be able to guarantee data security. For this purpose, the data of each visit are stored and evaluated in a log file.

You have the right, for reasons that arise from your particular situation, to object to the processing of your data in order to safeguard our legitimate interests.

4. Deletion periods (or storage duration)

  • The data processed for the purpose of data security will be deleted after 7 days.
  • For inquiries: 7 days after receiving your inquiry
  • For the preservation of evidence, we retain data in accordance with the statutory limitation periods according to sections 195 and following of the German Civil Code. The storage duration of your data may exceed the duration stated above. The statutory limitation periods can be up to 30 years. The normal limitation period is 3 years..

5. Origin of the data
There is no data collection from third parties.

II. Contact and other services

1. Processed data and processing purposes
In the following, we would like to discuss the purposes for which your data is processed, if you have a concern or use our services.

  • Processing of inquiries incl. contact form: We process the data you give us if you have a question or concern. This includes the data that you have sent by e-mail or fax.

We receive the data which you provide us with your inquiry.

In addition, the above-mentioned data are used for the following purposes in the context of a consideration of interests (Art. 6 (1) (f) GDPR) and the fulfillment of legal obligations (Art. 6 (1) (c) GDPR). The interests and legal obligations are named below:
(1) In case of a security incident at our company that affects your data, we are obliged to report this case to data protection supervisory authority (Art. 33 GDPR). Since our legitimate interest is it to comply with this statutory reporting obligation as quickly as possible, it may happen that in the context of the investigation of the corresponding security incident, your personal data will be processed. Reports of these security incidents to data protection supervisory authorities do not contain any of your personal data.
(2) As it is in our interest to ensure the safety of our systems, we regularly conduct safety and efficacy tests that allow us to process your above-mentioned data.
(3) In the event of litigation, is it in our interest to keep evidence until all relevant statutory limitation periods pursuant to sections 195 and following of the German Civil Code have expired. For this purpose, we retain the relevant data about you in accordance with these limitation periods.
(4) In addition, it is in our interest to investigate suspected cases and to hand over relevant information to law enforcement authorities in case of a specific criminal suspicion.
2. Information about automated individual decisions
No automated individual decisions are made.
3. Legal basis for the use of your data
a) We process your data as described under "Processing of inquiries", specified in the context of a contract-like relationship of trust (Art. 6 (1) (b) GDPR). If you wish to use these services, we will need the data provided to provide these services.
b) In addition, we process your data in order to safeguard our legitimate interests (Art. 6 (1) f) GDPR)
4. Deletion periods (or storage duration)

  • 7 days after receiving your inquiry
  • For the preservation of evidence, we retain data in accordance with the statutory limitation periods according to sections 195 and following of the German Civil Code. The storage duration of your data may exceed the duration stated above. The statutory limitation periods can be up to 30 years. The normal limitation period is 3 years.

5. Origin of the data
There is no data collection from third parties.

Which organizations receive your data?

The following table shows which organizations (“data recipients”) receive your data in which cases. You can read about the specific data in the corresponding sections of this privacy policy. Transfer of your data may sometimes occur due to legal reporting requirements. In other cases, we use selected vicarious agents and service providers who work for us as commissioned data processors (in accordance with Art. 28 GDPR) and may obtain access to your data in the required scope. Commissioned data processors are subject to numerous contractual obligations and may, in particular, process your personal data only on our instructions and solely for the fulfilment of the orders received from us.

Data recipient Explanation
IT service provider As part of the operation of our IT infrastructure and our website, the respective service providers can gain access to your data. We require our service providers to always limit the processing of your data to what is necessary to carry out the purpose.
Police, lawyers, law enforcement agencies, public prosecutor, state or federal criminal police It is in our interest to investigate suspected cases and to hand over all necessary data to law enforcement authorities in case of a specific criminal suspicion against a customer.
Service provider for fonts When opening our website, your browser loads the fonts of our service provider into your browser cache in order to display texts and fonts. The service provider receives the data as described in the table above.

Data recipients in non-EU countries

We use Google Fonts. When opening a page, your browser loads the required fonts into your browser cache in order to display texts and fonts correctly. Google LLC (hereafter referred to as “Google”) receives the data as described in the table above. The EU Commission determines which non-EU countries have an appropriate level of data protection. The EU Commission recognizes companies in the US who participate in the EU-US Privacy Shield (also EU-US Privacy Shield) as data recipients with an adequate level of data protection. This agreement between the US and the EU ensures that data protection regulations when processing data in the US by EU-US Privacy Shield companies comply with the data protection standards of the European Union. According to their own statement, Google LLC has acceded to the EU-US Privacy Shield. For more information about the processing of your data by Google, please refer to Google’s privacy policy.

Your rights

You have the legal right to:

  • Access to your personal data that we process (Art. 15 GDPR)
  • Rectification and completion of your data (Art. 16 GDPR)
  • Erasure (Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)

Objection to the processing of your data in order to safeguard our legitimate interests or the legitimate interests of third parties (Art. 21 GDPR) – You have the right, for reasons arising from your particular situation, to object to such processing at any time; this also applies to profiling based on these provisions within the meaning of Art. 4 (4) GDPR.

To exercise these rights, you can contact us in particular via info@kito.net.
You also have the legal right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR).

© 2018 Kito Europe GmbH - Imprint - Privacy Policy

TOP