Last updated July 7, 2021
Principles of data processing in the KNAPP group
KNAPP attaches great importance to the protection of your private sphere and your personal data. When processing your personal data, conformity with the relevant data protection laws and in particular with the provisions of the General Data Protection Regulation (GDPR) is of great importance to KNAPP. Processing of personal data by KNAPP always takes place under the principles of lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation as well as integrity and confidentiality.
To fulfil our obligations to provide information according to Article 13 et seq. of the General Data Protection Regulation (GDPR), we are glad to provide you with the following information about data protection.
Who is responsible for data processing?
As defined in the data protection law, data controller is:
Phone: +43 5 04952 0
Further information about our company is found at: knapp.com/home/impressum/.
A contact person and, if necessary, the data protection officer for the companies of the group are found at: knapp.com/en/locations/
Which personal data is processed by KNAPP, and for what purpose?
If we have received data from you, then we only use this data, in general, for the purpose for which we have received or collected it.
Data processing for a different purpose would only come into question to the extent that the legal requirements according to Article 6(4) GDPR are fulfilled. In that case we will of course observe any obligations to inform under Article 13(3) GDPR and Article 14(4) GDPR.
If you are contacting us via E-Mail, the data you provide will only be stored by KNAPP for processing your request and, if applicable, in the case of follow-up questions for as long as necessary. The legal basis for this is legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR. This data will not be processed further without your consent.
The use of this website is generally possible without providing any personal data, however, it is possible, that your IP-adress as well as the start and ending of the session will be recorded. This is a technical requirement and thus qualifies as a legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR. Unless otherwise stated below, this data will not be processed further.
Only you determine whether, for example, you want to give us your email address or your postal address in order for us to get in touch with you, to process your request, or to grant you access to special information or offers. We do not collect any personal data on our website in this respect without your explicit and voluntary consent. If you provide us with personal data, it will be handled in strict confidence and will not be passed on to third parties without your explicit consent. All information we receive from you when you use our Internet services is exclusively used to process user information and for communication regarding orders, products and services.
The European Court of Justice classifies the level of data protection in the USA as inadequate. Therefore, there is a risk, that the data collected can be accessed by US authorities for control and monitoring purposes, whereas no effective legal remedies are available. That is why, you will be asked for your express consent in accordance with Art. 6 Para. 1 lit. a GDPR in conjunction with Art. 49 Para. 1 lit. a GDPR for the respective data processing, including the purpose of the processing, the storage period as well as the categories of data, before cookies are set. This information as well as the information regarding cookies can be found in the consent banner. You can also revoke your consent at any time with effect for the future.
Further information on data protection in connection with Google Analytics can be found in the Google Analytics Help Center (https://support.google.com/analytics/answer/6004245?hl=en).
Server log files
The website provider automatically collects and saves information in server log files, which your browser automatically transmits to us. They are as follows:
Browser type / browser version
Operating system used
Host name of the accessing computer
Time of the server query
This data cannot be attributed to specific persons. This data will not be combined with other sources of data. We reserve the right to check this data at a later time, if we learn of specific evidence of unlawful use.
What is the legal basis for the processing described above?
The legal basis for processing personal data is, in general – as long there is no specific legal requirement – Article 6 GDPR. Here the following possibilities must be observed in particular:
Consent (Article 6(1)(a) GDPR)
Data processing for the performance of contracts (Article 6(1)(b) GDPR)
Data processing based on the consideration of interests (Article 6(1)(f) GDPR)
Data processing for the compliance with a legal obligation (Article 6(1)(c) GDPR)
If personal data of yours will be processed on the basis of consent, you have the right to revoke such consent at any time and we are bound to respect the revocation in the future.
If we process data based on the consideration of interests, you, as the data subject, have the right to object with regard to the provisions of Article 21 GDPR to the processing of personal data.
How long will the data be saved?
We process the data as long as it is necessary for the purpose.
If there are legal obligations to retain the data – for example, under company law or tax law – the relevant personal data will be saved for the duration of the retention obligation. Once the retention obligation expires, a check is made whether further necessity exists for processing. When there is no necessity, the data is deleted.
You can naturally request information (see below) about your personal data that has been saved and, in the case, where there is no necessity, request that the data be deleted or that the processing be limited.
To which recipients will the data be given to?
Your personal data is generally only given to third parties if this is necessary to fulfil a contract with you, the data is permitted to be passed on based on the consideration of interests within the meaning of Article 6(1)(f) GDPR, we are legally obligated to pass the data on or if and when you have issued a consent.
How does KNAPP guarantee the security of data?
We take careful precautions to protect your data from loss, manipulation and unauthorized access. The precautions are in accordance with the current state of technology and legal requirements.
How can I exercise my rights as a “data subject”?
You have the right to access to the personal data that we have processed.
If the request for access to the data is not made in writing, we kindly ask you to note that we, if necessary, require proof from you that verifies that you are the person who you claim to be.
You also have a right to request rectification or erasure or restriction of processing as far as you are legally entitled.
You also have a right to object to such processing in accordance with legal requirements. The same applies to a right to data portability.
In particular, you have a right to object, according the Article 21(1) and (2) GDPR, to the processing of your data in connection to direct marketing purposes, if this is based on the consideration of interests.
You furthermore have the right to complain to the data protection supervisory authority regarding our processing of personal data. The responsible Austrian supervisory authority can be reached under following address:
Phone: +43 1 52 152-0
Wherever we collect data for a specific purpose on this website, you will be given the opportunity to exclude your data, either by clicking a box or by adjusting your browser settings accordingly.
You can consult email@example.com at any time for notices in connection to the above-mentioned rights, complaints as well as other questions, concerns or suggestions pertaining to the topic of data protection.
Links to other websites
The website contains links to external websites. As we are unable to influence these websites, we cannot take any responsibility for their content and data protection policies.