The following privacy statement applies to use of Kern Group websites:
www.kern.ch, www.kernworld.com, www.kerngmbh.de, www.kernfrance.fr, www.kern.es, www.kernbv.nl, www.kernnv.be, www.kerninc.com, www.packontime.ch, www.packontime.com, www.smart-terminal24.com, www.kreuz-konolfingen.ch
(referred to below as “website”).
We place significant importance on data privacy. Collection and processing of your personal data takes place in compliance with the applicable data protection regulations; in particular the EU General Data Protection Regulation (GDPR). We collect and process your personal data, to provide you with the above portal. This declaration describes how, and the purpose for which, your data are collected and used, and the choices available to you in terms of personal data.
By using this website, you consent to the collection, use and transfer of your data in accordance with this privacy statement.
1. Responsible body
Responsible for the collection, processing and use of your personal data, within the terms of the GDPR, are the following Kern Group subsidiaries:
Elbinger Strasse 12
Contact Data Protection Responsible
Kern France SAS
229 rue la Fontaine
Sistemas Kern S.A.U.
Calle Neptuno, 20
28229 Villanueva del Pardillo
Kern Nederland B.V.
2718 SM Zoetermeer
Sphere Business Park
Doornveld 161, Zone 3
1731 Zellik Asse
2. General use of the website
2.1 Access data
We collect information about you when you use this website. We collect information automatically about your usage behaviour and interaction with us, and store data on your computer or mobile device. We collect, store and use information about each access to our online offering (server log files). Access data include the name and URL of the downloaded file, access date and time, transferred data volume, successful retrieval notification (HTTP response code), browser type and version, operating system, referrer URL (the page previously visited), IP address, and the requesting provider.
We use these log data, with no reference to your person or other profiling, for statistical evaluations to operate, secure, and optimise our online offering; but also for anonymous recording of the number of visitors to our website (traffic), as well as the extent and the nature of the use of our website and services. Using this information, we can provide personalised and location-based content, and analyse data traffic, find and fix errors, and improve our services. We reserve the right to retrospectively review log data, if, based on concrete evidence, a legitimate suspicion of unlawful use exists. We store IP addresses for a limited period of time in the log files, where required for security reasons, or in order to provide or bill for a service – for example, if you use one of our offers. If the order process is cancelled, or once payment is received, we delete the IP address if it is no longer required for security purposes. We also store IP addresses, if we have a concrete suspicion of an offence having been committed in connection with the use of our website. In addition, as part of your account, we store the date of your last visit (e.g., when registering, logging in, clicking links, etc.).
2.2 Email contact
If you contact us (e.g., via the contact form or email), we will save your data in order to process the request, and in case related questions arise. We store and use additional personal data, only if you agree to this, or as permitted by law where no specific consent exists.
2.3 Google Analytics
This website uses Google Analytics, a web analytics service provided by Google, Inc. («Google»).
2.4 Google Maps
This website uses Google Maps from Google Inc. By using this website, you consent to collection, processing, and use of data collected automatically by Google Inc, their representatives, and third parties.
Our websites use Google Maps to display our location, and to generate route descriptions. This uses a service from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, referred to below as “Google”.
Via its certification in accordance with the EU-US Privacy Shield, Google guarantees that the EU data protection guidelines are adhered to, including when data are processed in the USA. In order to display certain fonts in our websites, we establish a connection to the Google server in the USA when one of our websites is accessed.
If you access the Google Maps component included in our website, Google stores a cookie on your device via your internet browser. In order to display our location and provide directions, your user settings and data are processed. When doing so, we cannot rule out the possibility of Google using USA-based servers.
The legal basis for this is Article 6(1) lit. f) GDPR Our legitimate interest lies in optimising the functionality of our internet presence.
Via the connection to Google established in this way, Google can identify the website your request was sent from, and the IP address to which the directions are to be transmitted.
If you do not consent to this processing, you have the ability to prevent cookie installation via the relevant settings in your internet browser.
2.5 Adobe Fonts for websites
What information is collected by the Adobe Fonts service for websites?
To provide the Adobe Fonts service for websites, Adobe may collect information about the fonts being served to your website. The information is used for the purposes of billing and compliance, and may include the following:
- Fonts served
- Web Project ID
- Web Project type (string “configurable” or “dynamic”)
- Account ID (identifies the customer the Web Project is from)
- Service providing the fonts (e.g., Adobe Fonts)
- Server serving the fonts (e.g., Adobe Fonts servers or Enterprise CDN)
- Hostname of page loading the fonts
How does the Adobe Fonts service for websites use the information it collects?
Adobe uses the information collected from websites using Adobe Fonts to provision the Adobe Fonts service and diagnose delivery or download problems. This information is also used to pay and fulfill our contracts with the font foundries whose fonts are used. We share aggregate reporting with font foundries and we may confirm to a font foundry that you have a valid license from Adobe, but we do not otherwise share your personal information with font foundries.
2.6 Legal basis and storage duration
The legal basis for data processing in accordance with the above paragraphs is GDPR Article 6(1)(f). Our interests in terms of data processing are, in particular, to safeguard website operation and security, analyse the way in which visitors use the website, and simplify use of the website.
Unless specifically stated, we only store personal data for as long as is necessary to fulfil the intended purposes.
3. Social media plug-ins
On our website, on the basis of Article 6(1) lit. f GDPR, we use social plug-ins from the Facebook, XING, LinkedIn, and Twitter social networks, to promote our company. We also include YouTube and Vimeo videos in our online offering. The underlying advertising purpose is to be viewed as a legitimate interest within the meaning of the GDPR. Responsibility for privacy compliant operation is to be ensured by the respective providers.
Our integration of these plug-ins is via the double-click method, to provide the best possible protection to visitors to our website.
YouTube and Vimeo videos are stored on www.youtube.com and www.vimeo.com can be played directly from our website with a single click. The data specified in paragraph 2 are only transferred when you play the videos. We have no influence on this data transfer. We make sure that videos from the two service providers are only embedded with «YouTube no-cookie» and «Vimeo do-not-track» URLs.
When visiting the third-party website, the respective third party receives the information that you accessed the relevant subpage from our website. In addition, the data referred to in Section 4 of this declaration are transmitted. This takes place, regardless of whether the third party provides a user account to which you are logged in, or where no user account exists. If you are logged in to the respective third-party provider, these data are associated with your account directly. If you do not want the third party to make the association with your profile, you must log out before activating the button.
The third-party provider stores these data as a user profile, and uses them for advertising, market research, and/or needs-based website design purposes. An evaluation of this type takes place in particular (including for users who are not logged in) to provide needs-based advertising, and to inform other users about your activities on our website. You have the right to object to creation of these user profiles. Any objection must be addressed to the respective third party.
You can find more information on the purpose and scope of data collection and the processing of these data by the respective third party in the following privacy statement. This also includes more information on your rights and configuration options for the purpose of protecting your privacy.
Addresses of respective third parties and URL with their privacy notices:
Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA
Facebook Inc. complies with European data protection law and is certified under the Privacy Shield agreement
XING SE, Dammtorstrasse 30, 20354 Hamburg, Deutschland
Youtube, Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA
Vimeo.com, Inc., Attention: Data Protection Officer, 555 West 18th Street, New York, New York 10011
We give you the option of registering with us for our free newsletter, via our website. For newsletter distribution, we use MailChimp, a service of The Rocket Science Group, LLC, 512 Means Street, Suite 404, Atlanta, GA 30318, USA, referred to below as “The Rocket Science Group”. Via its certification in accordance with the EU-US Privacy Shield https://www.privacyshield.gov, The Rocket Science Group guarantees that the EU data protection guidelines are adhered to, including when data are processed in the USA. In addition, The Rocket Science Group provides further data privacy information at mailchimp.com/privacy/. If you subscribe to our newsletter distribution, the data requested during the registration process, such as your email address and, optionally, your name and address, are processed by The Rocket Science Group. In addition, your IP address is saved, as well as the date and time of your registration. As part of the subsequent registration process, your consent to the sending of the newsletter will be obtained, the specific content described, and this privacy statement referenced. The newsletter, which is subsequently sent via The Rocket Science Group, also contains a tracking pixel, which is also referred to as a web beacon. Using this pixel, we can evaluate if and when you read our newsletter, and whether you have followed the links in the newsletter. In addition to other technical data, such as your computer system data and your IP address, the processed data are stored so that we can optimise our newsletter offering, and respond to reader requests. The data are therefore used to increase the quality and attractiveness of our newsletter offering. The legal basis for sending the newsletter and for the analysis is Article 6(1) lit. a.) GDPR. You can revoke your consent to newsletter distribution at any time with future effect in accordance with Article 7(3) GDPR. To do so, you simply have to inform us of your revocation, or press the unsubscribe link contained in each newsletter.
Cancellation and termination: You can withdraw your consent to receive the newsletter at any time, thereby cancelling the newsletter subscription. After your cancellation, your personal data are deleted. Your consent to newsletter distribution expires at the same time. You will find the unsubscribe link at the end of each newsletter.
4. Your rights as the data subject
Under applicable law, you have various rights regarding your personal data. If you would like to assert these rights, please send your request by email or by post, with a clear identification of your person, to the address specified in paragraph 1.
Below is a summary of your rights
4.1 Right to confirmation and information
You have the right to obtain confirmation from us as to whether your personal data are being processed at any time. Where this is the case, you have the right to obtain free information from us about the personal data stored about you, together with a copy of these data. In addition, there is a right to the following information:
1. the processing purposes:
2. the categories of personal data, which are processed;
3. the recipients or categories of recipient, to whom the personal data are disclosed or to be disclosed, in particular in terms of beneficiaries in third countries or international organizations; 4. where possible, the planned duration for which the personal data are to be stored or, if this is not possible, the criteria used to determine that duration;
5. the right to correction or deletion of personal data concerning you, or to restriction of processing by those responsible, or to objection to this processing;
6. the existence of a right of appeal to a supervisory authority;
7. if the personal data are not collected from you, all available information about the origin of the data;
8. the existence of any automated decision-making, including profiling in accordance with Article 22(1) and (4) GDPR and – at least in these cases – meaningful information about the logic involved and the implications and consequences to you of such processing.
If personal data are transmitted to a third country or to an international organisation, you have the right to be informed about the appropriate guarantees in accordance with Article 46 of the GDPR in connection with the transfer.
4.2 Right to correction
You have the right to demand immediate correction of inaccurate personal data related to you. Taking into account the purposes, you have the right to request the completion of incomplete personal data, including by means of a supplementary statement.
4.3 Right to deletion (“right to be forgotten”)
You have the right to ask us to delete your personal data immediately, and we are required to delete your personal data immediately, if one of the following is true:
1. The personal data are no longer required for the purposes for which they were collected or otherwise processed.
2. You revoke your consent on which the processing under Article 6(1)(a) GDPR or Article 9(2)(a) GDPR was based, and no other legal basis exists for the processing.
3. In accordance with Article 21(1) GDPR, you object to the processing, and there are no legitimate reasons for the processing, or you object to the processing in accordance with Article 21(2) GDPR.
4. The personal data were processed unlawfully.
5. The deletion of personal data is required to fulfil a legal obligation under Union or national Member State law, to which we are subject.
6. The personal data were collected in relation to information society services offered in accordance with Article 8(1) GDPR.
If we have made the personal data public and we are required to delete it, we shall take appropriate measures, including technical means, to inform those responsible for processing the personal data, taking into account the available technology and the implementation costs, that you have requested that they delete any links to these personal data or copies or replicas of these personal data.
4.4 Right to restriction of processing
You have the right to require us to restrict processing if any of the following conditions apply:
1. you contest the accuracy of your personal data, for a period of time that allows us to verify the accuracy of your personal data;
2. the processing is unlawful and you have rejected deletion of the personal data in favour of demanding restriction of the use of your personal data;
3. we no longer require your personal data for processing purposes, but you need the data for the establishment, exercise or defence of legal claims; or
4. You object to the processing in accordance with Article 21(1) GDPR, as long as it is not certain that the legitimate reasons of our company outweigh yours.
4.5 Right to data portability
You have the right to receive the personal data that you have provided us in a structured, common, and machine-readable format, and you have the right to transfer those data to another owner without hindrance, provided that
1. the processing is based on consent in accordance with Article 6(1)(a) GDPR or Article 9(2)(a) GDPR, or on a contract in accordance with Article 6(1)(b) GDPR; and
2. the processing is carried out using automated procedures.
In exercising your right to data portability in accordance with paragraph 1, you have the right to ensure that the personal data are transmitted directly by us to another owner, as far as this is technically feasible.
4.6 Right of objection
You have the right, for reasons relating to your own particular situation, to object to the processing of personal data relating to you at any time in accordance with Article 6(1)(e) or (f) GDPR; this also applies to profiling based on these provisions. We no longer process personal data, unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purposes of asserting, exercising or defending legal claims.
If personal data are processed by us in order to advertise directly, you have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising. You have the right, for reasons relating to your own particular situation, to object to the processing of your personal data relating to you for scientific or historical research purposes or for statistical purposes under Article 89(1) GDPR, unless processing is necessary to fulfil a task in the public interest.
4.7 Automated decisions including profiling
You have the right to not be subject to a decision based solely on automated processing, including profiling, which will have a legal impact on, or significantly affect you in a similar manner.
4.8 Right to revoke data protection consent
You have the right to revoke your consent to the processing of personal data at any time.
4.9 Right to complain to a supervisory authority
You have the right to complain to a supervisory authority, in particular in the Member State of your residence, employment or the place of the alleged infringement, that you believe that the processing of your personal data is unlawful.
5. Data security
We make every effort to ensure the security of your data within the framework of applicable data protection laws and technical feasibility.
We transmit your personal data in encrypted form. This applies to your orders, and also to customer login. We use the SSL (Secure Socket Layer) coding system, but point out that data transmission via the internet (for example, when communicating by email) may have security vulnerabilities. Seamless data protection from access by third parties is not possible.
To safeguard your data, we maintain technical and organizational security measures that we continually adapt to state-of-the-art technology.
We also do not guarantee that our offering will be available at specific times; malfunctions, interruptions or failures cannot be excluded. The servers we use are regularly and carefully backed up.
6. Automated decision-making
No automated decision-making takes place based on the personal data collected.
7. Disclosure of data to third parties, no data transfer to non-EU countries
We only ever use your personal data within our company.
If and to the extent that we engage third parties when fulfilling contracts (such as logistics service providers), these personal data will only be received to the extent that the transmission is required for the corresponding service.
In the event that we outsource certain parts of the data processing (“order processing”), we contractually oblige processors to use personal data only in accordance with the requirements of data protection laws, and to ensure the protection of the rights of the data subject.
Data transmission to agencies or persons outside the EU, other than in the cases mentioned in section 2.3 of this declaration, does not take place and is not planned.