Kessel Inox GmbH – Privacy Statement
KESSEL Inox GmbH finds it extremely important to ensure the safe handling of your personal data and is responsible for processing your data in accordance with the General Data Protection Regulation (GDPR), as well as other national data protection laws in EU member states and other data protection provisions. You can find all our company’s details in our legal notice.
KESSEL Inox GmbH is part of the KESSEL group of companies (hereinafter referred to as the “KESSEL Group”), which comprises several independent companies and legal entities. For more information about the current members of the group, please contact our legal department. You may also send a written request for information to the mailbox of the data protection officer.
1. Legal Basis for the Processing of Personal Datn
If you consent to the processing of your personal data, the legal basis will be point (a) of Art. 6 (1) GDPR.
If the processing of personal data is necessary for the performance of a contract to which you are party, the legal basis will be point (b) of Art. (1) GDPR. The same applies to any pre-contractual measures.
If the processing of personal data is necessary for us to perform our legal obligations, the legal basis will be point (c) of Art. 6 (1) GDPR.
If data processing is necessary to protect your vital interests or those of another natural person, the legal basis will be point (d) of Art. 6 (1) GDPR.
If your personal data is processed to pursue a legitimate interest of our company or a third party – and this interest is not outweighed by your own interests and fundamental rights and freedoms – the legal basis will be point (f) of Art. 6 (1) GDPR.
2. General Privacy Statement
Your personal data will be processed according to the so-called “legitimacy principle” if you use our website, if processing is necessary to perform a contract or another legal relationship, if you consent to data processing, and if you contact us or vice versa. Your personal data will be shared within the KESSEL Group and with commissioned service providers, partners and other authorised recipients. This particularly applies in the following situations:
a) Enquiries from you
If you contact us by email, fax, phone or post, if you use our contact form, chat function or any other means of communication (incl. from external partners), or if you contact us in person (e.g. at trade fairs, events or through our sales force), we will process the personal data you provide (salutation, title, name, company, contact details) for the purpose of processing, documenting and following up on your request on the basis of point (b) of Art. 6 (1) GDPR or point (f) of Art. 6 (1) GDPR.
If you use our contact form, we will collect your first name, last name, telephone number and email address (required information). You can also share your company name (optional). Any information you enter in the comments box will also be sent to us. The transmission will be encrypted.
b) Order processing
We will process the personal data you provide (salutation, title, name, company, address, contact details, transaction data) to process orders (e.g. to perform a contract of sale or to provide services) on the basis of point (b) of Art. 6 (1) GDPR. We will send the necessary information to the companies commissioned to deliver or execute the order, and to banks, insurance companies and service providers commissioned to execute the transaction, adjust claims, run credit checks and check sanctions lists. This also applies to the execution of any pre-contractual measures and post-contractual services and complaints.
c) Events and factory visits
You may register for a (digital) event or factory visit by sending us an email or fax, by calling us, by filling out the registration form on our website, by contacting us in person, or by using other means of communication. We will process the personal data provided by you or our event partner / coordinator (salutation, title, name, company, address, contact details, transaction data) for the purpose of holding, documenting and following up on the event on the basis of point (b) of Art. 6 (1) GDPR or point (f) of Art. 6 (1) GDPR. We will send the necessary information to our partners involved in the training course (e.g. speakers, hotels or service providers), and to banks and service providers commissioned to execute the transaction and run credit checks.
d) Trade fairs, exhibitions, roadshows and informative events
You can learn more about our products and services at trade fairs, exhibitions, roadshows, (online) presentations and similar informative events. We will process the personal data you provide (salutation, title, name, company, address, contact details) for the purpose of documenting and processing your enquiries – and following up on each event – on the basis of point (b) of Art. 6 (1) GDPR or point (f) of Art. 6 (1) GDPR.
e) Enquiries from us
When carrying out customary property tracking, making appointments, informing you about new contacts via our communication channels and for similar purposes, you may be contacted by us or our commissioned service providers by phone, email, other communication channels or personally. We will process the personal data you provide or have already provided, as well as any publicly accessible information and any data provided by third parties (salutation, title, name, company, address, contact details, position) on the basis of point (b) of Art. 6 (1) GDPR or point (f) of Art. 6 (1) GDPR. This also applies to our surveys that we regularly carry out to ensure high quality standards and increase the satisfaction of our customers and partners. We will send the necessary information to our commissioned partners and service providers.
Use of communication media
If it makes sense to use a video function or other communication media in such cases (e.g. to prepare for the deployment of a service technician), you will explicitly agree to the use of the respective means of communication by using the system and, if applicable, by sharing data via the system. In such cases, the legal basis for the processing of your personal data will be point (a) of Art. 6 (1) GDPR.
We use “Microsoft Teams” a service provided by the Microsoft Corporation (One Microsoft Way, Redmond, WA 98052-6399, USA), in particular for our webinars and other online meetings (hereinafter referred to collectively as “online meetings”). Microsoft Limited Operations Limited, 70 Sir John Rogerson’s Quay, Dublin (hereinafter referred to simply as “Microsoft”) is responsible for Europe. If you use Microsoft Teams, various types of data will be processed. The scope of the data will partially depend on the information you provide before and during your participation in an online meeting. The following personal data will be processed: user details (display name, email address if applicable, preferred language, optional profile picture); meeting metadata (date, time, meeting ID, telephone numbers, location); text, audio and video data (you may have the option of using the chat function. In this respect, any text you enter will be processed to display your entries in the online meeting. Any data transmitted via the microphone and camera on your device will be processed throughout the meeting to enable the audio and video functions. You may switch off your camera or mute your microphone yourself at any time via the Microsoft Teams applications). If we wish to record an online meeting, we will inform you transparently in advance and, if necessary, ask for your consent. No “automated decision-making” will be used, as described in Art. 22 GDPR.
The personal data processed during your participation in a meeting will generally not be disclosed to third parties, unless the data is intended to be disclosed. Please note that the content of online meetings, as with face-to-face meetings, is often used to communicate with customers, prospective customers and third parties, and is therefore intended to be disclosed. In addition, Microsoft will have to receive the data listed above if this is stipulated in our data processing agreement with Microsoft. We have opted to use Microsoft’s data centres within Europe. As we cannot rule out the possibility that your data will be accessed by people working for Microsoft in third countries, in particular the USA, we have also established standard contractual clauses.
You can find more information about data protection at Microsoft here: https://privacy.microsoft.com/de-de/privacystatement.
If you contact us via the online form on our website, our chat function or any other digital means of communication, we will process your personal data on the basis of point (b) of Art. 6 (1) GDPR or point (f) of Art. 6 (1) GDPR.
Disclosure of personal data
Your personal data will be shared within the KESSEL Group and with commissioned service providers, partners and other authorised recipients. We will only ever disclose your personal data to third parties to pursue our relevant legitimate interests, to observe mandatory legal provisions or to comply with a court order. Your personal data will not be sold to third parties for commercial gain.
If you have a contractual relationship with the KESSEL Group, your personal data will be deleted in accordance with the mandatory deletion requirements, such as those stipulated in the German Commercial Code (HGB) and the German Fiscal Code (AO).
If we process your personal data to respond to your enquiry, contact you or otherwise communicate with you, your data will be deleted at the end of the enquiry, unless we have a legitimate interest in processing or storing the data for longer or you have consented to such.
Validity of the privacy statement
If changes to this privacy statement become necessary due to new legal requirements, changes in our range of products and services, technical developments, changing general conditions or other reasons, we reserve the right to make such changes at any time. The valid version of the privacy statement is the updated one published on our website.
3. Additional Online Features
The processing of personal data is sometimes absolutely essential to provide and operate our website and online features. This particularly applies to the following applications:
a) Log files
In order to deliver the website, ensure the functionality of certain features, optimise applications and ensure the security of the website, we will process the following personal data on the basis of point (f) of Art. 6 (1) GDPR:
- Your IP address;
- The date and time of access;
- The pages / files accessed;
- Access log and status;
- The volume of data transmitted;
- The referrer URL; and
- Information on the client / browser used
The log files and their content will be stored for 7 days and then deleted or, if necessary, anonymised, unless such information is required to document or shed light on any misuse or unlawful use of our website that might have become apparent during the retention period. The log files will be analysed for data security purposes.
b) External links
Our webpages contain links to websites operated by other providers who are not affiliated with us. If you click on such links, you will be redirected to the websites operated by the other providers. This will be reflected by certain aspects, such as a change in URL. As we have no control over the processing of your personal data from the moment you are redirected, we cannot assume any responsibility in this regard. When clicking on such links, please refer to the privacy statement on the external website for more information.
All our company’s webpages can only be used if you consent to the cookies that are absolutely essential for the operation of our website. At present, only technically necessary cookies are used on KESSEL Inox GmbH’s website.
Die Verwendung aller Unternehmenswebseiten setzt die Zustimmung für diejenigen Cookies voraus, die für den Betrieb zwingend notwendig sind. Aktuell werden auf den Webseiten der KESSEL Inox GmbH nur technisch notwendige Cookies eingesetzt.
5. Privacy Information for Applicants
Any data and documents that you provide as part of your application will be automatically recorded, stored and used by our HR department exclusively for that purpose. The term “personal data” is used to refer to any data that is collected, stored, transmitted and processed in connection with your name. We will only store your personal data within the KESSEL Group for as long as necessary to fulfil the purpose for which it is collected or for as long as necessary to comply with our statutory retention requirements. We will delete your data six months after the vacancy is filled, unless you consent to a longer retention period. We will not disclose the collected data to third parties; in particular, your data will not be sold or rented out.
6. Security of Your Data
We will secure the personal data you provide by taking the appropriate technical and organisational measures (e.g. data transfers via secure SSL connections), so that your data cannot be accessed by unauthorised third parties. When sending highly sensitive data or information, we will use the post as our preferred means of communication, as complete data security cannot be ensured when communicating simply via email.
The personal data you provide will be stored to the extent permitted for the duration of your use of our website or, if information or services are to be provided, in accordance with the GDPR and the new version of the German Data Protection Act (BDSG Neu). Your personal data will be deleted or blocked as soon as it is no longer required for the purpose for which it was originally stored. However, your personal data may be stored beyond this period if this is stipulated by EU Law or national legislation through EU regulations, laws or other provisions that are legally binding for the controller. The data will then be deleted or blocked at the end of the storage period established by such regulations, unless the further storage of the data is necessary for the conclusion or performance of a contract.
7. Rights of Data Subjects
If you would like to exercise your rights as a data subject, as described below, please refer to the contact details indicated in this privacy statement. Whenever you submit a request, we will ask you to confirm your identity to ensure your protection by preventing unauthorised access to your personal data. If conflicting legal regulations or documentation obligations prevent us from executing your request, we will provide you with the relevant information.
a) Access and data portability
You have the right to request the full disclosure of the personal data we hold on you and have the data handed over in a structured, commonly used and machine-readable format.
b) Rectification, restriction and erasure
If your personal data has changed, if the restriction of data processing is legally required or if you no longer consent to data processing, we will rectify your personal data, restrict our processing or erase your personal data at your request, unless such actions are prevented by statutory regulations.
c) Withdrawal of consent
You may withdraw all or part of your consent with future effect at any time. Any data processing performed on the basis of your consent before you withdraw your consent will remain lawful.
d) Right to lodge a complaint
You have the right to lodge a complaint about the processing of your personal data with our competent data protection supervisory authority (Bavarian State Office for Data Protection Supervision: www.lda.bayern.de/de/beschwerde.html).
If you have any questions or concerns about our privacy statement or the processing of your personal data, please write to us via email (
Data Business Services GmbH & Co. KG
Nördliche Münchner Str. 47