Privacy Policy
Thank you for visiting our website and for your interest in KISSsoft, in the following called “the company” and our services. We refer to Gleason Corporation and its affiliates as “the company” in this Privacy Policy. To make you feel safe and comfortable when visiting our website, we take the protection of your personal data and its confidential handling very seriously.
With this information on data protection the company would therefore like to inform you when the company stores which data and for what purpose it uses such data – naturally in compliance with the applicable data protection regulations.
Should you have any further questions regarding the handling of your personal data, please do not hesitate to contact the Data Protection Officer of the company, whose contact details you will find below.
Constant technological development, changes in the company´s services or the legal situation, as well as other reasons may require adjustments to the Privacy Policy of the company. The company therefore reserves the right to change this data protection declaration at any time and ask you to inform yourself regularly about the current status.
Basic information
Unless otherwise stated in the following sections, no personal data is collected, processed or used when using websites of the company.
When you access internet pages of the company, web servers of the company automatically collect general information. This includes the type of web browser, the operating system used, the domain name of the Internet service provider, the IP address of the computer used, the website from which you visit, the pages you visit and the duration of your visit.
This data cannot be used by the company to identify the individual user. The company only evaluates the information statistically and uses it exclusively to improve the attractiveness, contents and functionalities of websites of the company.
Definition of "personal data"
The term personal data is defined in the German Federal Data Protection Act. According to this, these are individual details about personal or factual circumstances of a specific or identifiable natural person. This includes, for example, your real name, your address, your telephone number or your date of birth.
In the EU General Data Protection Regulation (GDPR), which is valid since May 2018, personal data is defined as follows:
Any information relating to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Legal basis for the collection and the processing of personal data
As far as the company obtains your consent for the processing of personal data, Art. 6 para. 1 lit. a GDPR serves as the legal basis for the processing of your personal data.
When processing your personal data in order to fulfil a contract between you and the company, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
As far as the processing of personal data is required to fulfil a legal obligation to which the company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.
If processing is necessary to safeguard a legitimate interest of the company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for the processing.
Data erasure and storage period
The personal data of the data subject will be erased or the processing restricted as soon as the purpose of storage ceases to apply. Furthermore, data may be stored, if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. The data will also be restricted or deleted if a storage period prescribed by the aforementioned legal provisions expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.
Collection and processing of personal data
Personal data is only collected if you provide it voluntarily, for example for processing of an order, when participating in a survey or promotions or if registering for personalized services. There you will be informed about the intended purpose of processing and, if necessary, asked for your consent to storage.
The personal data collected within the framework of websites of the company will only be used with your consent for order processing or processing your enquiries. Your personal data is saved and combined in a central customer and potential customer database which is administered under the responsibility of the company with your consent only. The use of this data is limited to marketing and market research purposes by companies of Gleason Corporation and its Sales and Service Organizations. You can revoke your consent at any time with effect for the future.
Your data is encrypted before transmission and processing in order to protect it from access by unauthorised persons. Please note that unencrypted e-mails are transmitted without access protection.
Your data will not be sold, rented or made available to third parties in any other way than described here. Personal data will only be transferred to state institutions and authorities within the framework of mandatory national legislation. Employees, agencies and dealers of the company are bound by the strictest confidentiality.
Contact
You can contact the company via our e-mail address or by telephone. The personal data transmitted to the company in this way will only be used for the purpose for which you made them available when contacting the company.
If you use the contact form of the company and the company requests information that is not required to establish contact, the company has always marked it as optional. These details serve the company to substantiate your inquiry and to improve the processing of your request. Providing this information takes place expressly on voluntary basis and with your consent. If this involves information on communication channels (e.g. e-mail address, telephone number), you also agree that the company may contact you via this communication channel to respond to your request.
You can revoke this consent at any time with effect for the future. For this, please contact the data protection officer of the company, whose contact details you will find below.
Log-in Area MyKISSsoft
With the log-in area „MyKISSsoft“ the company provides the possibility to obtain information about the company´s products and services. For this purpose, you setup a username which corresponds with your email and a password. The storing of your personal data in the database „MyKISSsoft“ provided by the website provider of the company is executed on your request and direct data entry. The database is provided by an external service provider. The company has made sure that your data is protected in ways that comply with the privacy regulations of the GDPR.
Your data is used to provide specific product information. When logging into My KISSsoft your entered data and product interest is saved and automatically forwarded to the respective sales contact for information.
Job Applications
You can apply for a job on the company´s online job portal. Your online application will be transmitted through an encrypted connection directly to Human Resources and handled confidentially. The company will use your details exclusively for processing your application and will not pass them on to third parties outside the company.
If you have applied for a specific job opening which has been already closed and the company deems you fit or even more suited for a different job opening, the company is able to offer, the company would like to forward your application to the appropriate department within the company. If this is the case, the company will contact you separately. Your personal data will be deleted immediately after completion of the application process or after a maximum of 6 months, unless you have expressly given us your consent for a longer storage of your data.
Please note that the company can receive job applications through the company´s online job portal only. If you elect to send your application by email, the company expressively wants to make you aware, that email attachments are not encrypted.
Please also refer to any separate job application privacy policies of Gleason companies located outside of Europe. www.gleason.com/en/privacy-job-applications-us
Newsletter
To register for the company´s newsletter the company uses the so-called Double-Opt-In Process. After you have entered your email in the registration form, the company sends you a confirmation email to the email provided in which we ask for confirmation that you want to receive the newsletter by email. If you do not confirm this request within 24 hours, your registration is automatically cancelled. If you confirm your request to receive the newsletter, the company saves your email address until you cancel the receipt of the newsletter. Saving your data has the sole purpose to be able to send you the newsletter. Furthermore, the company stores your IP-address when you sign in and when you confirm to receive the newsletter.
Obligatory data for receiving the newsletter is your email address only. Providing other personal data is an option and is used solely for the tailoring of newsletter content. Also, this data is completely deleted if you cancel your subscription to the newsletter.
You can cancel your agreement to receive the newsletter at any given time. The newsletter can be cancelled by clicking on the link at the bottom of each newsletter email or with an email to the Data Protection Officer. Your personal data is not forwarded to third parties.
The company would like to make you aware that the company analyzes your user behavior when sending the newsletter. For this analysis, the newsletter emails contain so called Web-Beacons, also called Tracking-Pixel. These are one pixel picture files which link to the website of the company and allow to analyze your user behavior by collecting Web-Beacons, which are assigned to your email address and are linked with their own ID. Links in the newsletter of the company contain Web-Beacons as well. With the recorded data the company establishes a user profile to tailor topics of the newsletter according to your interests. This includes information, when the newsletter is read and which links you click on, to conclude your personal interests. The data gathered is linked with the way you use the website of the company to tailor the company´s offering to your interest and to improve product offering in general.
Recorded data is saved by the newsletter provider on his server in the USA. The company has ensured that your data is protected in the ways requested by the GDPR. You can request to cancel tracking by clicking on the separate link in the newsletter email or contact the company´s Data Protection Officer. Tracking can also be avoided if you have deactivated the display of images in your email program. In this case the newsletter will not be displayed in its entirety and you may not be able to use all functions. If you elect to display images manually, the described tracking function is activated.
Data Transfer to Other Companies of Gleason Corporation
Transfer of your personal data to third parties outside Gleason Corporation principally does not take place, with the exception, that the company is obligated by law to do so, or if data transfer to third parties is required to fulfill the contractual obligation with you, or if you have explicitly agreed to the forwarding of your data. External suppliers and partner companies receive data only if it is required to process your request. In such cases the company limits the amount of data transferred to the absolute minimum. If suppliers of the company make contact with your personal data, we make sure that the regulations of the data protection laws are complied with. Please note also the data protection notes of the respective suppliers. The company is not responsible for the content of services of third-party suppliers. Suppliers are responsible for the content of their services, although the company checks services regarding their compliance with legal requirements to the extent of what is reasonable to be expected.
Data Transfer to External Suppliers (Contracted Companies)
Your personal data is transferred to service partners if they have been contracted by the company and support the company in providing the services requested.
Your data is processed by contracted suppliers according to the contract processing regulations of Article 28 GDPR.
Contracted suppliers are granted access to personal data required for the completion of requested tasks only. It is not permitted that these suppliers share your personal data or to use your data for other purposes, especially for their own advertising purposes.
Insofar as external suppliers have access to your personal data, the company has made sure by legal, technical and organizational measures as well as regular checks, that they respect the applicable data protection laws as well.
The company does not sell your personal data to other companies.
Cookies
The company use so-called "cookies" in some areas of its webpages. A cookie is a small text file that is placed on your hard drive by a website. Cookies do not cause any damage to your computer and do not contain any viruses. The cookies on the company´s internet pages do not collect any personal data. The company uses the information contained in cookies to make it easier for you to use the company´s pages and to tailor them to your needs.
The company uses both session cookies and permanent cookies on the company´s website. Session cookies are temporary cookies that are stored in the user's internet browser until the browser window is closed and the session cookies are deleted. Permanent cookies are used for repeated visits and stored in the user's browser for a certain period of time (usually 1 year or longer). These cookies are not deleted when the browser is closed. This type of cookie is used to reuse a user's preferences when returning to the site.
You can also view the company´s website without cookies. If you do not want cookies to be stored on your computer, you can deactivate the corresponding option in the system settings of your browser to avoid the storage of cookies for analysis and marketing purposes. Cookies which are required for the functioning of the website remain active. Additionally, you can delete saved cookies at any time in the system settings of your browser. You can find out how this works in detail from your browser manufacturer's instructions. However, we would like to point out that our website may allow only limited use without cookies.
Google Analytics
This website employs Google Analytics on request of the owner of the website. Google will analyze your use of the website to provide reports regarding the activities on the website and to provide further services regarding the website and internet use.
After the agreement between the Delegate for Data Protection and Free Information of the City of Hamburg and Google, which agreement was based on the decision of the „Duesseldorfer Kreis“ which determines analytics for reach measurement of internet offerings that conform with data protection regulations, the use of Google Analytics has become acceptable under certain conditions. The company conforms to these conditions. Specifically the company points out, that Google Analytics used on this website has been extended with the code „gat._anonymizeIp();“ to allow for an anonymous registration of IP addresses (so called IP Masking). Your IP address is shortened by Google when used within member states of the European Union or in other States which participate in the Agreement of the European Economic Area. The complete IP address is transferred to a server of Google in the USA in exceptional cases only and is shortened there. IP addresses transferred by your browser within the scope of Google Analytics are not combined with other data raised by Google. Further information regarding the terms of use and data protection can be found here:
https://www.google.com/analytics/terms/us.html or under
https://policies.google.com/?hl=en.
Google Analytics also uses so-called cookies. Information about your use of this website generated by a Cookie is generally transferred to and saved on a Google server in the USA. You can avoid the storage of Cookies with the appropriate setting in your browser software. Please note that if you do so, you may not be able to use all functions that this website has been designed to provide. Furthermore, you can avoid the registration of data generated by the Cookie about your usage (incl. your IP address) by Google as well as the processing of this data by Google by downloading and installing a Browser-Add-on. If you click this link an Opt-Out-Cookie will be set up, which prevents all future registration of your data when visiting this website: Deactivate Google Analytics.
Google DoubleClick
The company uses DoubleClick, a service provided by Google Inc. DoubleClick employs Cookies, to create individually tailored, user-based advertising. Cookies recognize which advertising has already been shown in your browser and if you have called up a website by clicking on an advertisement. While doing this, Cookies do not register personal information and cannot linked with such information either.
If you do not want to receive user-based advertising, you can deactivate this function with the appropriate setting in the advertising preferences of Google.
Further information on how Google employs Cookies, can be looked up in the data protection declaration of Google.
Social Bookmarks
The company integrates so-called Social Bookmarks (for example for Facebook and Twitter) on our website. Social Bookmarks are internet bookmarks which allow users to collect links and news messages. These are integrated on the company´s website as links to the appropriate services. After clicking on the integrated graphic, you are forwarded to the page of the respective supplier, only then your user information is transferred to the supplier. Please refer to the privacy policy of the respective supplier about the handling of your personal data when using these websites.
Data Security
The company´s website provider uses technical and organizational security measures to protect your data managed by the company against accidental or intentional manipulation, loss, destruction or access by unauthorized persons. The company´s security measures are continuously improved according to technological developments.
Facebook Page(s) of the company
In accordance with the amendments to the GDPR as of May 25, 2018 and the ruling of the European Court of Justice of June 5, 2018, we would like to inform you that the company and Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA are jointly responsible for the processing of personal data in connection with your visit to the Company's Facebook page(s).
In the following, the company would like to inform you about the extent to which personal data is processed by Facebook or by the company when you visit this Facebook page, insofar as the company can conclusively state this. It is not excluded that further processing by Facebook may take place.
Processing of Personal Data by Facebook
When accessing the Facebook page, various data is collected, such as the amount of data transferred, the IP address and/or the time of access to the page. Facebook also uses cookies to recognize its users and other website visitors. Cookies are small text files that are stored on your computer when you call up the company´s website and allow your browser to be reassigned. The technical access as well as the further use of this data, which is generated when accessing the Facebook page, is the sole responsibility of Facebook. The company has neither access to the usage data processed by Facebook nor can the company influence how Facebook processes this data. The legal basis for processing by Facebook is Art. 6 para. 1 sentence 1 letter b) GDPR for members and Art. 6 para. 1 sentence 1 letter f) GDPR for non-members. Processing by Facebook outside the EU or the European Economic Area cannot be ruled out.
If personal data is processed in a third country, a comparable level of data protection is ensured with appropriate guarantees according to Art. 44 f. GDPR.
For more details on how Facebook itself handles data collected by Facebook and how you can control it, please read the Facebook privacy policy: https://www.facebook.com/about/privacy/
Further details can also be found in the Facebook privacy statement at https://www.facebook.com/full_data_use_policy.
Processing of Personal Data of Facebook by the Company and Affiliated Companies
The company receives exclusively statistical and anonymous evaluations from Facebook regarding access to the company's Facebook page(s). These may include information on reach and page views as well as demographic information on age, gender and origin of users.
When you respond to Company postings or participate in a survey or sweepstakes, the company will receive relevant information. Depending on the type and volume of your post or the design of the interaction options, the information you provide may also contain personal data. Processing in these cases is strictly for the intended purpose. The legal basis for processing by the company is Art. 6 Para. 1 S.1 lit. b) GDPR. Processing by Facebook outside the EU or the European Economic Area cannot be excluded.
Rights of the Data Subjects (Facebook)
You assert the following rights vis-à-vis the respective data controller in accordance with your respective interaction with the Facebook page. In this context, Facebook is generally to be regarded as the person responsible for fulfilling your rights. If you wish to exercise your rights as a result of your participation in a survey or a competition of the company, please contact the company directly.
Without prejudice to any other administrative or judicial remedy, you have the right to complain to a supervisory authority if the person concerned believes that the processing of personal data concerning him or her is in breach of the DSGVO. This right may be exercised before a supervisory authority in the Member State in which he or she is resident, at his or her place of work or at the place where the alleged infringement is committed
You can contact the company's data protection officer at: policy@KISSsoft.com
You can reach the data protection officer of Facebook under this contact mask: https://www.facebook.com/help/contact/540977946302970
Data Collection and Processing at Events
If you participate in events that are organized directly by the company or affiliated companies or in which the company participates as exhibitor and presenting company, personal data may be stored and processed in connection with your registration for these events. The company will obtain your consent before recording your data. The provisions of this data protection declaration apply analogously to the protection of this data.
As far as the company commissions processors at events or personal data is stored by the contact management of the event organizer, the company will conclude a so-called contract for processing orders (AVV) with these processors, which regulates that the processors also comply with the provisions of the GDPR.
When using invitations and event tickets, which are provided by event organizers free of charge or for a fee and which are forwarded to you by the company, personal data is usually requested from you for registration. The respective organizer and the company as participating company are responsible for the protection. The company has concluded an AV contract with these organizers to ensure the protection of your data.
Event registration programs provided by the event organizers generally collect personal data by scanning your ticket/pass. This data is stored and processed by the company in order to provide you with tailor-made offers. The organizer and the company as participating company are responsible for the protection of your data. The company has concluded an AV contract with these event organizers to ensure the protection of your data.
The Company uses a registration program of the company Alivello GmbH (Bahnhofstrasse 34, 68526 Ladenburg, Germany) at certain events. With this registration program, the company collects data about your person and your product interest. This data is stored and processed by the company in order to provide you with customized offers. The company will obtain your consent before collecting your data. The company has concluded an AV contract with Alivello to ensure the protection of your data.
The Alivello privacy policy can be found at: https://www.alivello.de/Datenschutzhinweis.html (German language only)
Rights of the Data Subjects
If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights against the controller:
- Right of Access, Art. 15 GDPR
You can ask the company to confirm whether or not the company processes your personal data. If the company has processed your data, you have further rights to information as set out in Article 15 of the GDPR.
- Right to Rectification
If the information of the company has collected from you is incorrect or incomplete, you may immediately request the company to correct it in accordance with Article 16 of the GDPR.
- Right to restriction of processing
Under the requirements of Art. 18 GDPR, you may also request that the processing of personal data concerning you be restricted.
After the restriction, your data may only be processed with your consent or for the purpose of asserting, exercising or defending legal claims, or for the protection of the rights of another natural or legal person, or on grounds of an important public interest of the Union or a Member State. The company will inform you before the restriction is removed.
- Right to Erasure
If one of the reasons in Art. 17 para. 1 GDPR applies, you can request the company to delete your personal data immediately, unless there is an exception to the deletion obligation in accordance with Art. 17 para. 3 GDPR.
- Right to Notification
If you have exercised your right to rectification, erasure or restriction of processing, the company is obliged under Article 19 GDPR to inform all recipients of your personal data of this, unless the notification is impossible or involves disproportionate effort. You also have the right to be informed of the recipients.
- Right to Data Portability
In addition, according to Article 20 GDPR, you have the right to receive personal data concerning you from the company in a machine-readable format and to transmit the data to another controller without hindrance, provided that the requirements of Article 20 para. 1 lit. a GDPR are met, or to obtain that your personal data are transmitted directly by the company to another controller, provided that this is technically feasible and no freedoms and rights of other persons are impaired thereby. This right shall not apply to the processing of personal data necessary for the performance of a task in the public interest or for the exercise of official authority.
- Right to object
You have the right to object to the processing of personal data by the company concerning you pursuant to Art. 6 para. 1 lit. f GDPR at any time.
The company will no longer process your personal data, unless there are grounds for processing worthy of protection overriding your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
- Right to revoke the data protection declaration of consent
You have the right to revoke your data protection declaration of consent with a statement to the company at any time. The revocation of consent shall not affect the legality of the processing carried out on the basis of the consent until revocation.
- Right to lodge a complaint with a supervisory authority
You have the right, at all times, without prejudice to any other administrative or judicial remedy, to lodge a complaint with a supervisory authority, in particular in the Member State of your place of residence, of work or of the place of suspected infringement, if you consider that the processing of personal data concerning them is contrary to this regulation.
Changes to this Privacy Policy
This Privacy Policy is subject to change at any time. Changes will be updated on this page from time-to-time. In order to keep up to date with the current status of our data usage regulations, please check this page regularly.
Data Protection Officer
If you have questions regarding the European General Data Protection Regulation (GDPR) please refer to: privacy@KISSsoft.com
Responsible for Privacy of KISSsoft AG
KISSsoft AG
A Gleason Company
Rosengartenstrasse 4
8608 Bubikon
Switzerland
privacy@KISSsoft.com
Last Updated: September 08th, 2020