Under no circumstances shall personal data be leased or sold to third parties for advertising purposes. Without the consent of the visitor no personal data shall be used for advertising or marketing purposes.
In the following we will explain what data we collect, how and what they are used for. We would like to point out that the online transmission of data (such as via email) may be exposed to security gaps. It is impossible to protect data completely against unauthorised access by third parties.
The data controller for the processing of personal data on this website is:
K. & M. Holland GmbH
What are personal data:
Pursuant to Article 4 of the GDPR, personal data are any information that identifies you as a person. This includes a person's name, email address or telephone number. Personal data also include preferences, hobbies, memberships or the websites someone has visited.
Article 6 para. 1 lit. a of the GDPR serves our company as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary to fulfil a contract of which the data subject is a party, as is the case, for example, in processing operations necessary for the supply of goods or the provision of any other service or consideration, the processing is based on Article 6 para. 1 lit. b of the GDPR. The same applies to processing operations that are necessary to carry out pre-contractual measures, for example in cases of inquiries about our products or services. If our company is subject to a legal obligation which requires the processing of personal data, such as the fulfilment of tax obligations, the processing is based on Article 6 para. 1 lit. c GDPR. In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or of another natural person. This would be the case, for example, if a visitor were injured at our company premises and his or her name, age, health insurance data or other vital information would have to be passed on to a doctor, hospital or other third party. Then the processing would be based on Article 6 para. 1 lit. d of the GDPR. Finally, processing operations could be based on Article 6 para.1 lit. f of the GDPR. This legal basis is used for processing operations which are not covered by any of the abovementioned legal grounds where processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject. Such processing operations are particularly permissible because they have been specifically mentioned by the European legislator. The legislator considers that a legitimate interest could be assumed if the data subject is a client of the data controller (Recital 47 clause 2 of the GDPR).
The duration of the data storage of your personal data depends on the respective legal retention periods. After this period expires, the corresponding data shall be routinely erased, as long as they are no longer necessary for the fulfilment of the contract or the initiation of a contract.
In the context of the legal provisions, at any time you can inquire and receive information free of charge about your personal data stored, their origin, recipients and the purpose of data processing.
It is also possible for you to request the correction, deletion or blocking of these data by us. Please contact our data protection officer in this respect (firstname.lastname@example.org).
You have the right pursuant to Article 18 of the GDPR in the context of the legal provisions to demand a limitation of the processing of the data concerning you.
Revocation of your consent once given pursuant to Article 7 para. 3 of the GDPR. As a result, we are no longer allowed to continue processing data based on this consent in the future. If you want to exercise your right to revoke or object, please send an email to email@example.com
You can file a complaint with a supervisory authority pursuant to Article 77 of the GDPR. As a rule, you can contact the supervisory authority in your normal place of residence or your workplace or our head office location.
Any data subject has the right, as granted by the European directive and legislator, to receive any of the personal data he/she has provided to the data controller in a structured, established and machine readable format. In addition, the data subject has the right to transmit these data to another data controller without hindrance by the current data controller to whom the personal data has been made available, provided that the processing does not conflict with the consent given pursuant to Article 6 para 1 lit. a of the GDPR or Article 9 para. 2 lit. a of the GDPR, or for a contract pursuant to Article 6 para. 1 lit. b GDPR and the processing is performed with the aid of automated procedures, provided that the processing is not necessary for the performance of a task in the public interest or in the exercise of official authority delegated to the data controller.
Furthermore, the data subject has the right to transfer data pursuant to Article 20 para. 1 of the GDPR; the data subject has the right to demand that the personal data be transmitted directly by a data controller to another data controller, insofar as this is technically feasible and insofar as this does not affect the rights and freedoms of other persons.
To assert the right to data portability, the data subject can contact our data protection officer (datenschutz@kmholland).
1. Contact form
If you contact us via the contact form, the requested information on the form, including contact data specified by you, shall be stored by us solely for the purpose of processing the request and for follow-up questions. We shall not share these data without your consent. The processing of the data entered in the contact form is thus carried out exclusively on the basis of your consent (Article 6 para. 1 lit. a of the GDPR). We shall keep the data you enter in the contact form until you request to delete them, you revoke your consent for them to be stored or until the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions, especially retention periods, remain unaffected.
If you visit our website or download something there, your device automatically transmits certain data for technical reasons. The following data are stored separately from any other data that you may submit to us:
This information is mandatory for the technical transfer of websites and secure server operation. A personalised evaluation of these data does not take place.
1. Use of Facebook social plugins
The responsible entity uses on its website social plugins (“plugins”) of the social network facebook.com, which is operated by Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA (“Facebook”). The plugins are marked with a Facebook logo. If the customer accesses a website of the responsible entity that contains such a plug-in, the customer's browser establishes a direct connection with the Facebook servers. The content of the plugin is transmitted by Facebook directly to the browser of the customer and incorporated by it into the website.
By integrating the plugins, Facebook receives the information that the customer has called up the corresponding page of the website of the responsible entity. If the customer is logged into Facebook, Facebook can assign the customer's visit to his or her Facebook account. If the customer interacts with the plugins, for example, presses the “Like” button or leaves a comment, the information is transmitted from the browser of the customer directly to Facebook and is stored there.
If the customer does not want Facebook to collect data in the manner described above, the customer must log out of Facebook before visiting the website.
2. Use of Instagram social plugins
The responsible entity uses Instagram's “Plugins” on its website, which is operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”). The plugins are identified using an Instagram logo, such as in the form of an “Instagram camera”. An overview of the Instagram plugins and their appearance can be found here:
If you access a page of our website containing such a plugin, your browser will establish a direct link to the Instagram servers. The content of the plugin is transmitted by Instagram directly to your browser, which embeds it into the website. By integrating the plugin, Instagram receives the information that your browser has called up the corresponding page on our website, even if you do not have an Instagram profile, or are not currently logged in to Instagram. This information (including your IP address) is sent directly by your browser to an Instagram server in the USA, and is stored there.
If you are logged into Instagram, Instagram can directly associate your visit to our website with your Instagram account. If you interact with the plugins, for example pressing the “Instagram” button, the corresponding information will also be sent immediately to an Instagram server and be saved there. The information will also be published on your Instagram account and displayed to your contacts there.
If you would not like Instagram to associate the data gathered during visit to our website with your Instagram account, you must log out of Instagram before visiting our website. You can completely avoid loading the Instagram plugins using add-ons for your browser, e.g., with the Script Blocker “NoScript” (http://noscript.net/).