KRONSOFT Development SRL
Bulevardul Saturn 51
500428 Brasov, Romania
Phone: +40 368 441024
www.kronsoft.ro
E-Mail: office@kronsoft.ro
Managing Directors: Florin Popa, Herbert Wild
Registered office: Brasov, Romania
Register court Brasov J0871537 / 06.06.2007
Responsible for the website in terms of media law:
Florin Popa
KRONSOFT Development SRL
Bulevardul Saturn 51
500428 Brasov, Romania
Data protection statement
Preamble
Hereafter we inform you about the collection of the personal data when using our website. The personal data represents all the data that is related to you, e.g. name, address, e-mail addresses and user behaviour.
Responsible for the data processing
KRONSOFT Development SRL
Bulevardul Saturn 51,
Braşov 505600,
Romania
Managing Directors: Florin Popa, Florian Giermann
Data protection officer of the person in charge
Radu Mitroi
KRONSOFT Development SRL
Bulevardul Saturn 51
500428 Brasov, Romania
E-Mail: dpo@kronsoft.ro
1. General data collection when accessing our website
The concept of personal data is defined within the GDPR. Thereafter, all such information relates to an identified or identifiable natural person (hereinafter ‘the person concerned’). A natural person is regarded as identifiable and thus this individual can be identified either directly or indirectly, particularly in association with an identifier such as a name, an identification number, the location data, an online identifier or one or more special features, these indicators being the expression of the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person. This includes also, for example, your real name, your address, your telephone number or your date of birth.
In case of a rather informative use of the website, meaning you do not register or do not provide us further information, we only collect the personal data that your browser transmits to our server. If you want to visit our website, we collect the following data that is technically necessary for us in order to display our website and to ensure stability and security (The legal basis is the legitimate interest in accordance with Art. 6 Par. 1 S. 1 Lit. f of the GDPR).
In compliance with the balance of interests and with Art. 6 Par. 1 Lit. f of the GDPR, we have considered and balanced our interest in provisioning information and your interest regarding the processing of the personal data in conformity with the data protection.
The provision of the below listed data is technically regarded as being mandatory, so that we can grant you both access to our website, but also guarantee stability and security, especially against the data violation and therefore we have reached the outcome, that this data can be processed appropriately, in conformity with data protection regulation and the current level of the technology that ensures the data security.
Each time our website is accessed, our system automatically collects data and information from the computer system of the calling device (computer, smartphone, tablet, etc.).
The following data is collected (in brackets the purpose of collection):
- operating system used (evaluation of the devices to ensure optimized display of the website)
- product and information regarding the version of the used browser (evaluation of the used browsers to optimize our web pages in a specific way)
- Internet service provider (evaluation of the Internet service provider) of the user ‘s IP address (display of the website on that certain device)
- date, time, access status - file found, file not found, etc. - and the request your browser made to the server (ensuring the proper use of the website)
- if necessary, the manufacturer and the type designation of the smartphones, tablets or other used end-devices (evaluation of the device manufacturers and of the types of mobile end-devices used, for statistical purposes)
- the amount of data transferred and the internet page from which you accessed our website (ensuring the proper use of the website)
- the individual pages of our website that you visit (ensuring the proper use of the website)
The collecting of the data and its storage within the log files is absolutely mandatory for granting access and respectively for ensuring the operation of our website. Consequently, no contesting option is available on the user side.
The data will be deleted as soon as it no longer serves for the purpose of its collection. Therefore, the data collected for granting access to the website, will be automatically deleted when the session ends.
Data saved within the log files can be removed after a maximum of 7 days. Anyway, an extended storage is possible. In this case, the IP addresses of the users are being deleted or distorted, so that identifying the clients is no longer possible.
2. Contact
You have the possibility to contact us via our e-mail address or via the various contact forms. Of course, we will use the passed on personal data only for the specific purpose you provided it, when getting in touch with us.
Should we ask within the contact forms for information that is not mandatory when contacting us, we have marked this as optional. These details serve for the clarification of your request and contribute to a better handling of your inquiry. The reporting of this data to a third party is undertaken explicitly on a voluntary basis and with your consent. As far as the information regarding the communication channels is concerned (for example, e-mail address or telephone number), you agree that if necessary, we can contact you via the respective communication channel in order to answer your request.
You can undoubtedly revoke this consent at any time in the future. Please contact our data protection officer, whose contact details are listed above.
The following data is being collected (in brackets the purpose of collection):
- IP address when logging in (transfer of the form content to the web server)
- Salutation (direct approach)
- First name (direct approach)
- Last name (direct approach)
- Company (direct approach)
- Concern (answering the request)
- E-mail address (answering the request)
- IK number (specific assignment for answering the request)
- * Telephone number (answering the request)
- * Fax (answering the request)
- * Company address (answering the request)
- * Customer number (better handling of your inquiry)
* optional information
Legal basis of the data processing: consent / initiation / execution of the contractual relationship
Duration of storage: until the achievement of the objective / end of the period implying obligation to provide evidence
3. Job application and storage period
You can apply electronically for jobs within our company. Obviously, we will use your data only for processing your job application and will not pass it on to third parties. Please be aware that the e-mails sent unencrypted are not access restricted. Currently, you can send us your job application via e-mail only in clear text.
The applicant's personal data that has been collected, processed and accordingly used will be deleted in case no employment agreement could be reached, but not later than 6 months after the application process has ended. Further storage of the data, for future application procedure consideration, is possible only based on the applicant’s prior explicit consent.
Should a contractual relationship establish between you and us, according to § 26 Abs. 1 of the BDSG (Federal Data Protection Act) we may use the data you have provided us for the employment purposes, in case this is needed for processing or ending the contractual relationship, for exercising or fulfilling a right or obligation, which is stipulated within the law or a pay agreement, within the employment or a service agreement (collective agreement) and also for representing the interests of the employees.
Further detailed information regarding the data protection for our applicants can be found on the individual sites of the brands / divisions of the NOVENTI Group www.noventi.de/karriere/
4. Data transfer
A transfer of your personal data to third parties for other purposes than those listed does not take place.
We only share your personal information with third parties in case:
- you have given your express consent,
- the transfer is required to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding interest in not disclosing your information,
- there is a legal obligation to disclose it, as well as if
- this is permitted by law and it is required for the settlement of the contractual relationship with you.
When transferring data outside the European Union, there is generally no high European level of data protection. In the case of a transfer, it may happen that there is currently no adequate decision of the EU Commission in terms of Art. 45 Par. 1, 3 of the GDPR. This means that the EU Commission has so far not asserted positively that the country-specific level of data protection corresponds to the level of data protection of the European Union, as stipulated by the GDPR, and therefore we have provided the afore-mentioned appropriate guarantees.
Possible risks that in the context of the data transfer may not be completely excluded are, in particular, the following ones:
- your personal data might be used beyond its original intended purpose.
- moreover, it might happen that you can’t permanently claim or assert your data protection rights, such as your right of information, rectification, deletion or data portability
- there may also be a high probability of incorrect data processing and that the security of the personal data does not comply with the requirements of the GDPR, both in a quantitative and qualitative sense.
5. Integration of services and third parties content
It may happen that along with the online offer, different content from third parties, such as videos from YouTube, maps from Google Maps, search functions from google, RSS feeds or graphics from other websites are also integrated. Provided that you use these functions, this implies that the providers of these contents detect the user IP address. Sending the content to the browser of the respective user would be impossible without the IP address. Therefore the IP address is needed for displaying these contents. We have no control over the eventual further purposes the IP address would be saved for, e.g. for statistical purposes. In this sense, the above statements hold true. Please consider also the privacy policy of the respective provider.
6. Data security
We have taken extensive technical and operational measures in order to protect your data from accidental or intentional manipulation, loss, destruction or access of unauthorized persons. Our security procedures are being regularly reviewed and adapted to the technological progress.
7. Direct mail permission according to § 7 Abs. 3 UWG
The e-mail address provided when purchasing a good or a service on our website is collected and used for directly promoting further own and similar products and / or services. Should you no longer want to receive direct advertising from us, you can revoke the use of your e-mail address at all times.
If you no longer wish to receive such direct advertising mails, you may dissent the specific use of your e-mail address any time by post to KRONSOFT Development SRL, Data Protection Officer, Bulevardul Saturn 51, Braşov 505600, Romania, or by e-mail.
8. Cookies - General Information
Our website uses cookies. Cookies are text files that are stored within the internet browser, respectively files that the internet browser stores on the user’s computer system. When a user visits a website, a cookie can be consequently stored on the user's operating system. This cookie contains a characteristic string that enables the clear identification of the browser next time the website is being accessed.
a) Technically necessary cookies
In order to improve our website and to make its usage as optimal as possible for you, we use cookies. Cookies are small text files that are stored on your computer when you visit our website and allow the future reassignment of your browser. Cookies store information, such as your language setting, the duration of your visit on our website or the inputs you made here. In this way, the additional re-entering of all the necessary data, every time the website is accessed, will be avoided. Technically necessary cookies are not required for displaying the website. However, some features of the website may not be used properly without these cookies.
Consequently, there is no objection possibility on the user part, as the deactivation of these cookies can be done by changing the settings of the respective browser. Most browsers accept cookies automatically. In case you want to prevent the storage of cookies, you can choose the option ‘do not accept cookies’ in the browser settings. Details regarding the way in which this procedure is performed are to be found out within the instructions of your browser manufacturer. The cookies that are already stored on your computer can be deleted at any time. However, we would like to point out that accessing our website offers without cookies may eventually be possible only in a limited way.
b) Cookies for measuring the range
The reach measurement cookies collect information about the usage of our website, e.g. number of web page views or received error messages. These cookies do not store information that allows the user identification. The collected information is aggregated exclusively and therefore evaluated in an anonymous way.
Description and scope of data processing
We use the open-source software tool Matomo (former PIWIK) on our website in order to analyze the surfing patterns of our users. The software sets a cookie on the users’ device (for cookies see the above section). In case individual pages of our website are accessed, the following data will be saved:
- IP address*
- Visitor ID
- Date, time of the access
- Page title, Page URL
- Website from which the visitor came to the current website
- Screen resolution
- Time in the time zone of the visitor
- Downloads
- Related links
- Loading time of the visited website
- Language of the browser software
- The software is set in such a way, so that the IP addresses are not completely stored, but 2 bytes of the IP address are masked (e.g: 192.168.xxx.xxx). In this way, the assignment of the shortened IP address to the requesting device is no longer possible
Legal basis: Art. 6 Par. 1 Lit. f of the DSGVO.
Purpose of the data processing:
The processing of the users' personal data enables us to analyze the surfing patterns of our users. After evaluating the data obtained we are able to collect information about the use of the individual components of our website. This helps us to constantly improve our website and its user-friendliness. In order to fulfill these purposes, our legitimate interest lies in processing the data according to Art. 6 Par. 1 Lit. f of the GDPR. The anonymization of the IP address considers in a proper way the users’ interest regarding the protection of their personal data.
Duration of storage:
As a result of the IP address shortening, undertaken for the purpose of storage, this can no longer be assigned to any specific device or user and therefore it no longer represents personal data. Therefore, in the context of our use of Matomo, no personal data is stored. Thus, the processing of the personal data refers entirely to the collection and shortening of IP addresses.
Disagreement and clearance options:
The cookies are stored on the user’s computer and then transferred to our website. Therefore, as a user, you have full control over the use of the cookies. Changing the settings of your internet browser can disable or restrict the cookies transfer. Already saved cookies can be deleted at any time. This can also be done automatically. In case the cookies are disabled for our website, it might be possible that not all the functions of the website can be used to their full extent.
The software runs exclusively on the servers of our website. Thus, the storage of the user’s personal data takes place only there. Moreover, a transfer of the data to third parties does not take place.
We offer our users the possibility to opt out of the analysis process on our website. For this purpose you must follow the appropriate link. In this way, another cookie that signals our system not to store the user's data is saved on your system. In case the user deletes the corresponding cookie from his own system, then he must set the opt-out-cookie again. The same applies also when the user accesses our website from another device.
For more detailed information on the privacy settings of the Matomo software, please visit the following link: matomo.org/docs/privacy/
9. Social Plugins
Our website uses social plugins (‘plugin’) from the social network facebook.com that is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland ("Facebook"). The plugins are recognizable by one of the Facebook logos (white ‘f’ on a blue tile or a ‘thumbs up’ sign) or are marked with the annotation ‘Facebook Social Plugin’. The list and appearance of Facebook Social Plugins can be accessed here: developers.facebook.com/search/
If you visit a page of our website that contains such a plugin, your browser establishes a direct connection with the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser and integrated by this in the website. We therefore have no influence on the extent of the data that Facebook collects with the help of this plugin and therefore inform you according to our level of awareness:
By integrating the plugins, Facebook receives the information that you have accessed the corresponding page of our website. In case you are logged in to Facebook, then Facebook can assign the visit to your Facebook account. Should you interact by means of the plugins, for example pressing the Like button or leaving a comment, the information is transmitted from your browser directly to Facebook and stored there. If you are not a Facebook member, it is still possible that Facebook finds out and saves your IP address. The purpose and extent of the data collection, the further processing and the use of the data by Facebook, as well as your rights and options for privacy protection are to be found within the Facebook privacy policy: www.facebook.com/policy.php.
Should you be a Facebook member that accesses our website, but you don’t want Facebook to collect your data and correlate it with your Facebook member information, then you muss log out from Facebook before visiting our website. Further settings and objections regarding the use of the data for advertising purposes are possible within the Facebook profile settings: www.facebook.com/settings.
10. Guidance regarding the rights of the persons concerned
Each person concerned owns the right to information according to the Art. 15 of the GDPR, the right to demand data rectification according to the Art. 16 of the GDPR, the right to get the data deleted according to the Art. 17 of the GDPR, the right to a limited processing of the data according to the Art. 18 of the GDPR, the right to objection stated within Art. 21 of the GDPR, as well as the right to data portability mentioned within Art. 20 of the GDPR. The rights to information and deletion are subject to the limitations stated within §§ 34 and 35 of the BDSG (Federal Data Protection Act).
11. Guidance regarding the possibility of complaint
You also have the right to complain to the data protection supervisory authority about the processing of your personal data.
12. Guidance regarding the revocation with consent
You may revoke your consent for the processing of your personal data at any time. This also applies for the revocation of the declarations of consent issued to us prior to the application of the General Data Protection Regulation, therefore before 25 May 2018. Please note that the revocation is valid only for the future. The processing that occurred before the revocation is not regarded.
13. Legal right in case of data processing for direct mail advertising purposes
According to Art. 21 Par. 2 of the GDPR, you have the right to dissent at any time the processing of your personal data. Should you disagree with the use of your data for direct mail advertising purposes, then we will no longer use your data for the above mentioned aim. Please note that the revocation is valid only for the future. The processing that occurred before the revocation is not regarded.
14. Reference to the right of appeal in case of balancing of interests
As long as our handling of your personal data is based on the balancing of interests, you may revoke the data processing. Should this disagreement occur, we will ask you to explain the reasons why your personal data can’t be further on processed, as described by us. After receiving your justified objection, we will examine the circumstances and will either discontinue or adapt the data processing or explain to you our compelling legitimate reasons.
15. Links to other websites
According to the general legislation we, as provider, are responsible for our own content. Moreover we should make a clear difference between our own contents and the links containing information from other providers. Thus, the provider is not held responsible for the third party contents, accessible via different links, which he has no knowledge of. Also the provider is not responsible for actions or circumstances that are unknown to him, out of which an illegal activity or information would become obvious or if he has taken prompt action, so that the information is being removed or the access to it would be blocked, immediately upon his being made aware of it. In case of illegal, incorrect or incomplete contents, as well as for any harm resulting from the use or non-use of the available information, the provider of the website, which was referred to, is liable.
16. Changes to the privacy policy
We reserve the right to change or to adapt this Privacy Policy at any time in accordance with the current data protection regulations.