The following privacy policy applies to the use of this website.
Data protection information with additional information for applicants as well as for visitors, business partners and interested parties can be found here:
We attach great importance to data protection. The collection and processing of your personal data is carried out in compliance with the applicable data protection regulations, in particular the EU General Data Protection Regulation (GDPR).
This notice describes how and for what purpose your information is collected and used, and what choices you have regarding personal information.
This privacy information applies to data processing by:
Controller:
GKD – Gebr. Kufferath AG (hereinafter: “GKD”)
Metallweberstraße 46
52353 Düren, Germany
You can reach our external data protection officer at
kinga.moeller@vuv-consult.de or
VUV Beratungs- und Service GmbH
Data Protection Officer GKD – Gebr. Kufferath AG
Theaterstr. 55
52062 Aachen, Germany
Our website is hosted by:
Mittwald CM Service GmbH & Co. KG
Königsberger Straße 4-6
32339 Espelkamp, Germany
Phone: +49-5772-293-100
2a) When visiting the website
When you visit our website, the browser used on your end device automatically sends information to the server of our website. This information is temporarily stored in what is known as a log file. The following information is collected without your intervention and stored until automated deletion:
The aforementioned data will be processed by us for the following purposes:
The legal basis for data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes listed above. Under no circumstances do we use the data collected for the purpose of drawing conclusions about your person.
The data in the above-mentioned server logs is stored with the shortened IP address for a period of 60 days and then deleted.
Content delivery network
To increase the security, stability and delivery speed of our website, we use the content delivery network (CDN) of Cloudflare, Inc., 101 Townsend St., San Francisco, CA 94107, USA (Cloudflare). A CDN is a network of servers that is distributed worldwide and delivers content to the users of a website. Cloudflare manages log data about events in the Cloudflare network. This metadata contains very limited personal data, mostly in the form of IP addresses. This enables Cloudflare to analyze the traffic between end devices and our website. It acts as a filter between our servers and potentially malicious traffic (e.g. bot attacks) from the internet. Cloudflare may also use cookies or other technologies. However, these are used exclusively for the purposes described here. The use of Cloudflare is based on our legitimate interest in providing our website as error-free and securely as possible (Art. 6 para. 1 lit. f GDPR). Personal data is stored by Cloudflare for as long as is necessary for the purposes described.
We have concluded a data processing agreement with Cloudflare. This includes compliance measures for international data transfers that apply to all global activities where Cloudflare processes personal data of EEA citizens (incl. addendum for UK and Switzerland). These measures are based on the EU standard contractual clauses and include the corresponding extensions for Switzerland and the UK.
Information on this can be found at: https://www.cloudflare.com/de-de/cloudflare-customer-dpa/
Cloudflare, Inc. participates in the U.S. Data Privacy Framework (EU, UK Extension and Swiss) and thus offers suitable guarantees to ensure an adequate level of data protection when transferring data to third countries.
To optimize loading times, images, javascripts and CSS files are compressed and delivered by a service provided by ShortPixel. When you call up a page, your browser loads the required images into the browser cache.
To do this, the browser you are using must establish a connection to the ShortPixel servers. Your IP address is transmitted to the ShortPixel server. The use of ShortPixel image optimization is in the interest of a uniform and appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
Further information on ShortPixel can be found at https://shortpixel.com/ and in ShortPixel’s privacy policy: https://shortpixel.com/privacy.
Multilingualism
To display our website in multiple languages, we use the WordPress plugin Polylang, which is provided by WP SYNTEX. Cookies from Polylang (pll_language) are used exclusively to recognize and store the language used or selected by the user. These cookies remain stored for one year and are then deleted. The legal basis for this results from Art. 6 para. 1 lit. f GDPR.
Further information on data protection compliance can be found here: https://polylang.pro/doc/is-polylang-compatible-with-the-eu-cookie-law/.
Cookies
In addition, we use cookies and analysis services when you visit our website. You can find more detailed explanations of this in the following sections of this privacy policy.
2b) When using our contact form
For questions of any kind, we offer you the possibility to contact us via a contact form provided on the website. It is necessary to provide a valid e-mail address and the name of your company. Further information can be provided voluntarily. We store your information from the form for processing the request in the event that follow-up questions arise and in the context of any resulting order. Data processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, our legitimate interest in processing your request and providing you with the requested information to your specified contact details. If your request serves to initiate a contractual relationship with GKD, the data processing is based on Art. 6 para. 1 lit. b GDPR.
We can process the following data that you provide to us via the contact form:
Mandatory information is marked accordingly with an asterisk. We require this information in order to respond your inquiry appropriately. For fields that are not marked, information is provided by you on a voluntary basis.
The data you enter in the form will be sent to us as the website operator by e-mail and stored on our self-hosted mail server. In addition, the data is stored for 14 days in the WordPress database to fulfill the obligation to provide evidence for the request and for any necessary error analysis.
The personal data will be deleted as soon as it is no longer required to fulfill the purpose for which it was collected. For personal data sent via contact forms, this is the case when the respective conversation has ended. The conversation is ended when it is clear from the circumstances that your request has been conclusively clarified. This may also include contacting you after the processing regarding your satisfaction with our service or about further interest in related services and products (e.g. invitations to or information on upcoming trade fairs and other events).
You have the right to object to such further contact by us at any time.
Data collected for the purpose of processing a contract shall remain stored for the duration of the contract and until the expiry of the statutory and contractual warranty and guarantee rights. After expiration of this period, we retain the information required by commercial and tax law for the periods specified by law (usually 6 to 10 years).
As a principle, we only use your personal data within our company.
If and insofar as we involve third parties in the performance of contracts (such as logistics service providers), they will only receive personal data to the extent that the transfer is necessary for the corresponding service.
In the event that we outsource certain parts of data processing (“processing on behalf”), we contractually oblige our processors to use personal data only in accordance with the requirements of data protection laws and to ensure the protection of the rights of the data subject.
Data transfer to entities or persons outside the EU beyond the cases mentioned in this statement does not take place and is not planned.
Description and scope of data processing
Cookies are used on our websites to enable the use of certain functions and to analyze the use of our website. Cookies are data records or other memory notes that store information on end devices and read out information from the end devices. What information is stored and read out by the cookies is explained below in connection with the respective functions.
Purpose and legal basis of processing
Cookies and related technologies perform various functions. We generally use cookies and related technologies for the following purposes:
If cookies are not technically necessary, we only set them with the user’s consent. We obtain consent via what is known as consent management (Borlabs) when you first visit our website. Insofar as the cookies also store or read out personal data, consent to the setting and reading of cookies also includes consent pursuant to Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future by calling up the consent management tool again (banner bar under “Cookies”) and adjusting your data protection settings.
Duration of storage
Cookies are stored on your end device either temporarily for the duration of a session (session cookies) or for a certain period of time or permanently (persistent cookies). The expiration of the cookie reflects the period during which a cookie stores data and makes it available for retrieval. Session cookies are automatically deleted when the browser is closed.
Essential
Essential cookies enable basic functions and are necessary for the proper functioning of the website.
Consent management
Name | Borlabs Cookie |
Provider | Owner of this website, Imprint |
Purpose | Saves the settings of the visitors selected in the Cookie Box of Borlabs Cookie. |
Cookie Name | borlabs-cookie |
Cookie Expiry | 1 year |
Multilingualism
Name | Polylang (WP Syntax) |
Provider | Owner of this website, Imprint |
Purpose | Saves the language settings of the visitors |
Cookie Name | pll_language, wp-wpml_current_language |
Cookie Expiry | 1 year |
Functional
Functional cookies allow us to deliver features you request, such as video content or social media feeds.
Vimeo
Name | Vimeo |
Provider | Vimeo |
Purpose | Management of data traffic (e.g. load balancing) and data traffic security (e.g. bot management) in the CDN. |
Cookie Name | __cf_bm, __cfuvid |
Cookie Expiry | 30 min, session |
Statistics
Statistics cookies collect information anonymously. This information helps us to understand how our visitors use our website.
Google Analytics
Name | Google Analytics |
Provider | Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland |
Purpose | Cookie from Google for website analytics. Generates statistical data on how the visitor uses the website. |
Cookie Name | _ga, _gat, gid |
Cookie Expiry | Up to 14 months |
Matomo
Name | Matomo |
Provider | Owner of this website, Imprint |
Purpose | Cookie by Matomo used for website analytics. Generates statistical data on how the visitor uses the website. |
Cookie Name | _pk_id, pk_ref, pk_ses |
Cookie Expiry | Up to 13 months |
Description and scope of data processing
Our website uses the Consent Management Borlabs cookie to obtain your consent to the storage of certain cookies in your browser or to the use of certain technologies and to document this in accordance with data protection law (known as “consent dialog”). The provider of this technology is Borlabs GmbH, Rübenkamp 32, 22305 Hamburg. When you enter our website, the “CookieConsent” cookie is stored in your browser, in which the consents you have given or the revocation of these consents are stored. The following data may be processed:
Purpose and legal basis of processing
The use of consent management is technically necessary and takes place in order to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.
Duration of storage
The consent cookie expires one year after consent is given or changed. If you delete the cookie earlier, the consent dialog will reappear when you visit our websites.
You can call up the consent dialog at any time and adjust your cookie preferences by clicking on the circle at the bottom left of the screen. The positioning may vary depending on the device used.
The tracking measures listed below and used by us are carried out on the basis of Art. 6 para. 1 sentence 1 lit. a GDPR, your consent. With the tracking measures used, we want to ensure a needs-based design and continuous optimization of our website on the one hand. On the other hand, we use tracking measures to statistically record the use of our website and evaluate it for the purpose of optimizing our offer for you. These interests are to be regarded as legitimate within the meaning of the aforementioned provision.
The respective data processing purposes and data categories can be found in the corresponding tracking tools.
Matomo
For statistical evaluation, we use the analysis tool of the provider “Matomo” on the website. Matomo is an open source tool that is integrated on the GKD website server itself. Matomo therefore does not transmit any data to servers that are outside the control of the controller, i.e. GKD. Matomo is deactivated when you visit the website. Your usage behavior is only recorded anonymously if you actively consent to this via the corresponding cookie consent management.
Matomo uses cookies for this purpose. The cookies that are placed on your computer allow us to analyze the access to the website accordingly.
If subpages of our website are accessed, the following data is stored:
The information generated by the cookie about your use of this website is not passed on to third parties.
Data processing is carried out on the basis of your consent in accordance with Section 25 para. 1 TDDDG and Art. 6 para. 1 lit. a GDPR. We manage these consents via consent management. You can revoke or change your consent at any time with effect for the future by calling up the CMT again and changing your cookie settings.
Google Analytics
On this website we use various Google services that are provided in the European Economic Area by Google Ireland Ltd. (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. The measurement and analysis is based on a pseudonymous user ID. This identification number does not contain any unique data such as names or e-mail addresses. In this context, pseudonymous usage profiles are created, in some cases across devices, whereby cookies may be used.
We only use Google Analytics with activated IP anonymization. The recorded data is stored together with the randomly generated user ID, which enables the evaluation of pseudonymous user profiles.
During your visit to our website, the following data, among others, is collected:
This data may also be transferred to servers of Google LLC in the USA and other locations. The legal basis for the transfer of data from Google Ireland Ltd. to Google LLC are the EU standard contractual clauses (SCC) as appropriate safeguards pursuant to Art. 46 para. 2 lit. c GDPR, which were agreed between Google Ireland Ltd. and Google LLC for the transfer of personal data for the Google Analytics service, as well as the EU-US Data Privacy Framework as an adequacy decision pursuant to Art. 45 GDPR:
EU-SCC: https://business.safety.google/adsprocessorterms/sccs/p2p-intra-group/
EU-US Data Privacy Framework Certificate: https://www.dataprivacyframework.gov/
Further information on data protection in connection with Google Analytics can be found at https://policies.google.com/privacy.
Google Analytics will use the above information to evaluate the use of the website and to compile reports on website activity for us. The reports provided by Google Analytics are used to analyze the performance of our website.
The collection, tracking and analysis of data using Google Analytics and the use of cookies only takes place if you have given us your consent in accordance with Section 25 para. 1 TDDDG and Art. 6 para. 1 lit. a GDPR. We manage these consents via consent management. You can revoke or change your consent at any time with effect for the future by calling up the CMT again and changing your cookie settings.
The user-related data is automatically deleted after 14 months. Other data remains stored in aggregated form indefinitely.
We have included videos on our website to give you an insight into our work, products and projects in an easily accessible form. As the performance of local video hosting is not sufficient, we rely on external video providers. We use the video platforms Vimeo and YouTube for this purpose. The integration of videos inevitably requires access to the providers’ servers. In addition, cookies and similar technologies may be used, which are technically necessary on the one hand, but on the other hand also enable the video platforms and third parties to collect information about user behavior and to place advertisements. Any data processing of your browser or end device that is associated with this is subject to the data protection notices of the respective providers.
The transmission of data and the use of cookies or comparable technologies only takes place if you have activated external media via the consent management (“cookie banner”) or initialize the playback of the videos. The data will only be used with your consent or if this is technically necessary for the provision of the telemedia service you have expressly requested.
The information on data protection by Vimeo Inc. can be found at: https://vimeo.com/privacy.
Insofar as the processing involves a data transfer – in particular to the USA – this is based on the EU standard contractual clauses (including the extension for the UK and Switzerland). Vimeo is also certified in accordance with the Data Privacy Framework: https://www.dataprivacyframework.gov/list
and therefore falls within the scope of the EU adequacy decision of July 10, 2023, which you can view on the EU Commission’s website.
Our presence in social networks
You can also reach our online presences on various social media channels via our website. You can recognize the links by the symbol. By clicking on the links, you will leave our website and be directly connected to our respective online presence on the corresponding social media platforms.
We would like to point out that the respective terms of use and data protection information of the operator of the social network apply on these platforms. As long as you do not click on the links, no additional connections will be established or further data collected.
Data from users of social networks is generally used for market research or advertising purposes and is also merged into usage profiles for this purpose, especially if you as a user have an account on these platforms and are logged into your profile at the time of visiting our website. In this way, data assigned to your social media account or other accounts can also be merged across devices and services. However, data collection, which is also associated with the setting of cookies, also takes place if you are not a registered user or are not currently logged in.
Personal data may also be processed in third countries outside the European Union. Which data is processed in detail by the respective third-party platform providers is beyond our knowledge. We also have only limited ability to influence this processing. In this respect, we refer to the privacy settings of the platform provider:
LinkedIn (social network of the LinkedIn Ireland Unlimited Company, with registered office at Wilton Plaza, Wilton Place, Dublin 2, Ireland):
Data protection information: https://de.linkedin.com/legal/privacy-policy
Cookie policy: https://de.linkedin.com/legal/cookie-policy
Terms of use: https://de.linkedin.com/legal/user-agreement
Privacy settings: https://www.linkedin.com/help/linkedin/answer/a1338877/understanding-your-privacy-settings?lang=de
YouTube (video platform of Google Ireland Limited, with registered office at Gordon House, Barrow Street, Dublin 4, Ireland)
Data protection information: https://policies.google.com/privacy
Cookie policy: https://policies.google.com/technologies/cookies
Terms of use: https://www.youtube.com/static
Privacy settings: https://policies.google.com/privacy?gl=DE&hl=en#infochoices
Social media management
We use a social media management tool that helps us to manage, analyze and optimize our presence and activities on the various social media channels. This mainly uses statistical data that is already collected on the platforms (see above) and is not personally identifiable. A personal reference only exists for messages or contributions that you post as a registered user on our social media page and that are also directly visible to us on our social media page. The legal basis for this processing is our legitimate interest in effective social media communication in accordance with Art. 6 para. 1 lit. f GDPR. The provider of the tool is Sprout Social Inc., located at 131 Dearborn St. Floor 7, Chicago, IL 60603, USA. This company acts as a processor in accordance with our instructions. We have concluded an order processing contract with the service provider, which includes the standard contractual clauses for the transfer of personal data to third countries:
https://media.sproutsocial.com/uploads/Downloadable-Customer-DPA.pdf
Sprout Social Inc. is also certified according to the Data Privacy Framework (https://www.dataprivacyframework.gov/list) and therefore falls within the scope of the EU adequacy decision of July 10, 2023, which you can view on the EU Commission’s website.
Unless specifically stated, we delete or block personal data as soon as the purpose for storing it no longer applies.
In addition, storage my take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject.
You have the right:
If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are grounds for doing so that arise from your particular situation or the objection is directed against direct advertising. In the case of direct marketing, you have a general right to object, which will also be implemented by us even if you do not specify a particular situation.
If you wish to exercise your right of revocation or objection, simply send an e-mail to datenschutz@gkd.de.
Within the website visit, we use the widespread SSL (Secure Socket Layer) procedure in connection with the highest encryption level supported by your browser. As a rule, this involves 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the status bar of your browser.
We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
This privacy policy is currently valid and is dated April 2024.
Due to the further development of our website and our offers or due to changed legal or official requirements, it may become necessary to change this privacy policy. The current privacy policy can be found on the website at https://www.gkd-bluebacker.com/en/privacy-policy/. This can be called up and printed out by you at any time.