PRIVACY.
THAT'S US.
Privacy is a fundamental human right.
And it's one of our core values.
Data Protection acc. to Art. 13 DSGVO
This policy pertains to The KMR Brands OÜ website, along with all other websites under our ownership and operation.
Name and Address of the Data Controller
The responsible entity within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations is:
The KMR Brands OÜ, Tornimäe 5, 10145 Tallinn, Estonia
Phone: +49 (0)30 5408 1517
E-Mail: privacy@thekmrbrands.com
General Information on Data Processing
Basis for the Processing of Personal Data
In accordance with Article 13 of the GDPR, we inform you about the legal bases for our data processing activities. If the legal basis is not specifically mentioned in the privacy notice, the following applies:
The legal basis for obtaining consent is Article 6(1)(a) in conjunction with Article 7 of the GDPR. The legal basis for processing to fulfill our services, carry out contractual measures, and respond to inquiries is Article 6(1)(b) of the GDPR. The legal basis for processing to fulfill our legal obligations is Article 6(1)(c) of the GDPR. If the processing of your data is necessary to safeguard a legitimate interest of our company or a third party, and if the interests, fundamental rights, and freedoms of the data subject do not override such legitimate interest, then Article 6(1)(f) of the GDPR serves as the legal basis for the processing. In cases where vital interests of the data subject or another natural person necessitate the processing of personal data, Article 6(1)(d) of the GDPR serves as the legal basis.
Data Deletion and Storage Period
We adhere to the principles of data minimisation as per Article 5(1)(c) of the GDPR and storage limitation as per Article 5(1)(e) of the GDPR. We only store your personal data for as long as necessary to achieve the purposes mentioned herein or as required by the statutory retention periods stipulated by the legislator. Once the respective purpose has been fulfilled or after the expiry of these retention periods, the relevant data will be deleted as soon as possible.
Note on the Transfer of Data to Third Countries
On our website, we also incorporate tools from companies based in third countries, notably including the USA. When these tools are active, your personal data may be transferred to the servers of the respective companies. The level of data protection in third countries generally does not comply with EU data protection law. Consequently, there is a risk that your data may be disclosed to authorities of these states. We do not have any influence over these processing activities.
External Links
This website may contain links to third-party websites or other websites under our responsibility. If you follow a link to a website outside of our responsibility, please note that these websites have their own privacy information. We do not assume any responsibility or liability for these external websites and their privacy notices. Therefore, before using these websites, please ensure that you agree with their respective privacy policies.
You can identify external links either by their colour differentiation from the rest of the text or by being underlined. Your cursor will indicate external links when you hover over them. Only when you click on an external link will your personal data be transmitted to the destination of that link. The operator of the other website will receive, in particular, your IP address, the time at which you clicked the link, the page on which you clicked the link, and further information that you can find in the privacy notices of the respective provider.
Please also note that individual links may lead to data transfers outside the European Economic Area. As a result, foreign authorities may gain access to your data. You may not have any legal remedies against these data accesses. If you do not wish for your personal data to be transferred to the link destination or potentially exposed to access by foreign authorities, please refrain from clicking on any links.
Rights of the Data Subject
As a data subject under the GDPR, you have the opportunity to assert various rights. The rights of the data subject arising from the GDPR include the right to information (Article 15), the right to rectification (Article 16), the right to erasure (Article 17), the right to restriction of processing (Article 18), the right to object (Article 21), the right to lodge a complaint with a supervisory authority, and the right to data portability (Article 20).
Right of Withdrawal:
Some data processing activities can only take place with your explicit consent. You have the right to withdraw your consent at any time. However, the legality of the data processing carried out until the withdrawal will not be affected by this.
Right to Object:
If the processing is based on Article 6(1)(e) or (f) of the GDPR, you, as the data subject, have the right to object to the processing of your personal data at any time for reasons arising from your particular situation. This right also applies to profiling based on these provisions as defined in Article 4(4) of the GDPR. Unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or for the establishment, exercise, or defence of legal claims, we will refrain from processing your data after you have exercised your right to object.
If the processing of personal data is for the purpose of direct marketing, you also have the right to object at any time. The same applies to profiling related to direct marketing. In such cases, we will cease the processing of your personal data as soon as you raise an objection.
Right to Lodge a Complaint With a Supervisory Authority:
If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority, without prejudice to any other administrative or judicial remedy, especially in the Member State of your habitual residence, your place of work, or the location where the alleged infringement occurred.
Right to Data Portability:
If your data is processed automatically based on consent or for the performance of a contract, you have the right to receive these data in a structured, commonly used, and machine-readable format. Additionally, you have the right to request the transfer and provision of your data to another controller, to the extent that this is technically feasible.
Right to Information, Rectification, and Erasure:
You have the right to obtain information about your processed personal data concerning the purpose of the data processing, categories, recipients, and the duration of storage. If you have any questions regarding this matter or other issues related to personal data, please feel free to contact us using the contact details provided in the imprint.
Right to Restriction of Processing:
You can assert the right to restrict the processing of your personal data at any time. To do so, you must meet one of the following conditions:
- You dispute the accuracy of the personal data. For the duration of the verification of the accuracy, you have the right to request a restriction of processing.
- If processing is carried out unlawfully, you can alternatively request restriction of the use of the data instead of deletion.
- If we no longer need your personal data for processing purposes, but you require the data for the establishment, exercise, or defense of legal claims, you can alternatively request restriction of processing instead of deletion.
- If you object to the processing pursuant to Article 21(1) of the GDPR, a balancing of interests between your rights and ours will be conducted. Until this balancing is completed, you have the right to request restriction of processing.
A restriction of processing means that, apart from storage, the personal data may only be processed with your consent, or for the establishment, exercise, or defense of legal claims, or to protect the rights of another natural or legal person, or for reasons of important public interest of the Union or a Member State.
Provision of the Website (Web Hosting Provider)
When you visit our website, we automatically collect and store information in so-called server log files. Your browser automatically transmits this information to our server or to the server of our hosting company.
These Include:
- IP address of the visitor's device accessing the website
- Device used
- Hostname of the accessing computer
- Operating system of the visitor
- Browser type and version
- Name of the accessed file
- Timestamp of the server request
- Amount of data
-Information on whether the data retrieval was successful
These data are not merged with other data sources.
The legal basis for processing this data is Art. 6(1)(f) of the GDPR. Our legitimate interest is the technically flawless presentation and optimization of this website.
Instead of operating this website on our own server, we may choose to host it on the server of an external service provider (hosting company). In this case, the personal data collected on this website will be stored on the servers of the hosting company. In addition to the aforementioned data, this may include, for example, contact inquiries, contact details, names, website access data, meta and communication data, contract data, and any other data generated via a website.
Another legal basis cited is the purpose of pre-contractual or contractual fulfillment towards the data subject (Art. 6(1)(b) GDPR). In the event that we have commissioned a hosting company, there exists a data processing agreement with this service provider.
Use of Cookies
Our website uses "cookies." Cookies are pieces of information that a web server (server providing web content) stores on your device to identify it. They are either temporary for the duration of a session (session cookies), being deleted after you leave a website, or permanent (persistent cookies), stored on your device until you delete them manually or your web browser deletes them automatically.
Cookies can also be stored on your device by third-party companies when you visit our site (Third-Party Requests). This enables us, as the operator, and you, as the visitor of this website, to utilize certain services from third parties installed on this website. Examples include cookies for processing payment services or cookies for displaying videos.
Cookies serve various purposes. They can enhance the functionality of a website, manage shopping cart functions, increase security and user comfort, and analyze visitor flows and behaviors. Depending on their specific functions, cookies are classified from a data protection perspective. They are either necessary for the operation of the website and the provision of specific functions (such as shopping cart functions) or used to optimize the website (e.g., cookies for measuring visitor behavior). In such cases, their use is based on Art. 6(1)(f) GDPR. As website operators, we have a legitimate interest in storing cookies for the technically flawless and optimized provision of our services. In all other cases, the storage of cookies only occurs with your explicit consent (Art. 6(1)(a) GDPR).
Where cookies are used by third-party companies or for analytical purposes, we will inform you separately within this privacy notice. Your necessary consent will be sought, and it can be revoked at any time.
Use of External Services
On our website, we utilize external services. External services refer to services provided by third-party providers that are integrated into our website. This integration can occur for various reasons, such as embedding videos or ensuring the security of the website. When using these services, personal data may be transferred to the respective providers of these external services. If we do not have a legitimate interest in using these services, we will obtain your revocable consent as a visitor to our website before using them (Art. 6(1)(a) GDPR).
Analytics
For the analysis of user behavior, we process personal data of website visitors. By evaluating the collected data, we can compile information about the use of individual components of our website. This enables us to enhance the user-friendliness of our website. Through the analytics tools employed, we can, for instance, create user profiles for targeted or interest-based advertising messages, recognize returning visitors on their subsequent visits, measure their click/scroll behavior and downloads, generate heatmaps, identify page views, measure visit duration, bounce rates, and trace the origin of website visitors (city, country, referring site). These analytics tools help improve our market research and marketing activities.
The processing of data is based on the legal basis of consent (Art. 6(1)(a) GDPR). As a website visitor, you have consented to the processing of your personal data with your voluntary, explicit, and pre-given consent. Without separate consent, and provided there is no other legal basis as per Art. 6(1) GDPR upon which we rely for processing, we do not process personal data in the manner described above. Similarly, if you withdraw your consent, the legality of the processing carried out up to the point of withdrawal remains unaffected.
Google Analytics
On our website, we utilize the Google Analytics service provided by Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland.
By using this service, data may be transferred to a third country, namely the USA. Further information can be found in the provider's privacy policy at the following URL: https://policies.google.com/privacy.
Consent Management
To comply with data protection requirements, we have implemented a Consent Management Tool on our website. With this tool, we obtain the necessary consents for setting cookies or using external services. The consents obtained are stored for reference.
The processing is necessary for compliance with a legal obligation to which the controller (operator of the website) is subject. Therefore, the legal basis for the processing is Article 6(1)(c) of the GDPR.
Wix Consent Management
On our website, we utilize the Wix Consent Management service provided by Wix.com Ltd., headquartered at 40 Namal Tel Aviv Street, Tel Aviv 6350671, Israel.
Since this service is hosted locally on the web server, no data transfer to third parties occurs.
Content Management System
A Content Management System (CMS) facilitates the creation, editing, organization, and presentation of digital content. We utilize a Content Management System to generate content for our website, enabling us to design a more appealing and user-friendly site.
We base this processing on a legitimate interest (Art. 6(1)(f) GDPR).
Our legitimate interest lies in the technically flawless presentation and optimization of the website.
Wix
On our website, we utilize the Wix service provided by Wix.com Ltd., headquartered at 40 Namal Tel Aviv Street, Tel Aviv 6350671, Israel.
By using this service, there may be a transfer of data to a third country (USA).
HR-Systems
We utilize software to more efficiently capture, store, and manage information related to personnel administration. In HR systems, personal data, including names, addresses, and salary information, are stored.
The processing of data is based on the legal basis of consent (Art. 6(1)(a) GDPR). As a website visitor, you have voluntarily, explicitly, and in advance consented to the processing of your personal data. Without separate consent, and provided there is no other legal basis under Art. 6(1) GDPR upon which we rely for processing, we will not process your personal data in the manner described above. Similarly, should you withdraw your consent, the legality of the processing carried out before the withdrawal remains unaffected.
JOIN
On our website, we utilize the JOIN service provided by JOIN Solutions GmbH, located at Schönhauser Allee 36, 10435 Berlin, Germany.
Further information can be found in the provider's privacy policy at the following URL: https://join.com/de/datenschutz/.
Interface Software
Business processes operate more cost-effectively, quickly, and with fewer errors when automated through software using interfaces. This allows for efficient integration into company processes via our website or through social networks. We employ interface software on our website to link various applications and securely transfer personal data from one application to another.
The processing of data is based on the legal basis of consent (Art. 6(1)(a) GDPR). As a website visitor, you have voluntarily, explicitly, and in advance consented to the processing of your personal data. Without separate consent, and provided there is no other legal basis under Art. 6(1) GDPR upon which we rely for processing, we will not process your personal data in the manner described above. Similarly, should you withdraw your consent, the legality of the processing carried out before the withdrawal remains unaffected.
Google Tag Manager
On our website, we utilize the Google Tag Manager service provided by Google Ireland Ltd., located at Gordon House, Barrow Street, Dublin 4, Ireland.
By using this service, data transmission to a third country (USA) may occur.
Further information can be found in the provider's privacy policy at the following URL: https://policies.google.com/privacy.