Privacy Notice

Collaboration with Knecht GmbH

It is important to us that you, as a customer, supplier, or business partner, can trust that we handle your data – whether personal or publicly accessible – responsibly and confidentially. We select employees, service providers, and business partners with great care and expect all parties involved to handle data and business matters lawfully. These are our personal and business values.

Business Purpose and Processing of Personal Data

We process data necessary for establishing and fulfilling contractual services and indicate when providing such data is required. Disclosure to external parties only occurs if it is truly necessary within the scope of an assignment. When processing data provided to us as part of an assignment, we act according to the instructions of the client and the legal requirements of commissioned data processing under Art. 28 GDPR, and we do not process the data for any purpose other than the contractual one.

We process personal data (hereinafter referred to as: data) of our clients, candidates, applicants, suppliers, employees, and business partners exclusively to deliver our services at the highest quality and with the greatest reliability. Data is processed both automatically and non-automatically.

Typically, this includes the following data: name and address, email address, bank details, and phone numbers (landline and mobile). Within the scope of our services, special categories of data may also be processed (e.g., application content and details). This is always done with necessity, lawfulness, and purpose-appropriateness in mind, in accordance with Article 5 GDPR. “Data processing” includes, for example: collecting, recording, organizing, storing, using, transmitting, distributing, and deleting data (Article 4 No. 2 GDPR).

Responsible Entity / Supervisory Authority

Responsible Party

Knecht GmbH
Gaulsheimer Straße 16
55437 Ockenheim
Phone: 06725-30140
Fax: 06725-301441
Email: info@knecht-online.de

Data Protection Officer

Andrea Hild
Hild-Consult
In der Langmark 16
56295 Kerben
Phone: 0176 577 48 983
Email: ahild@hild-consult.de

Supervisory Authority

The State Commissioner for Data Protection
Hintere Bleiche 34
55116 Mainz
Email: poststel-le@datenschutz.rlp.de

Legal Basis for Processing

In accordance with Art. 13 GDPR, we inform users of our website and our customers about the legal bases for data processing. For users from the GDPR jurisdiction (i.e., the EU and EEA), the following applies unless otherwise specified in the privacy policy:

• The legal basis for obtaining consent is Art. 6(1)(a) and Art. 7 GDPR;
• The legal basis for processing to fulfill our services and carry out contractual measures as well as responding to inquiries is Art. 6(1)(b) GDPR;
• The legal basis for processing to fulfill our legal obligations is Art. 6(1)(c) GDPR;
• In cases where vital interests of the data subject or another natural person require the processing of personal data, Art. 6(1)(d) GDPR applies;
• The legal basis for the necessary processing to perform a task in the public interest or in the exercise of official authority vested in the controller is Art. 6(1)(e) GDPR;
• The legal basis for processing to protect our legitimate interests is Art. 6(1)(f) GDPR;
• Processing of data for purposes other than those for which it was collected is determined by Art. 6(4) GDPR;
• Processing of special categories of data (according to Art. 9(1) GDPR) is governed by Art. 9(2) GDPR (e.g., in HR management and application processing).

Data Deletion and Storage Period

Unless otherwise specified, we delete your data as soon as it is no longer needed or if you request us to do so. Data will also be deleted or blocked when a legally prescribed retention period expires, unless further storage is necessary for contract fulfillment or conclusion.

In our privacy notices, we may provide users and visitors of our website with additional information regarding data deletion and retention specific to individual processing procedures.

Certain data may be subject to longer storage periods due to legal requirements. You may request information at any time regarding stored data and its retention periods.

We regularly review the necessity of data storage; where legal retention obligations exist, data will be deleted after the respective period has expired (e.g., 6 years per § 257(1) HGB, 10 years per § 147(1) AO).

Visiting This Website

When visiting our website, SSL or TLS encryption is used to protect the transmission of incoming and outgoing requests. You can recognize an encrypted connection by the browser’s address bar beginning with “https://” and the lock symbol. If you are simply browsing our site, no personal data is collected except for the data transmitted by your browser to enable website access. This includes:

• Name of the retrieved webpage (e.g., the page currently accessed)
• Date and time of access (e.g., 11:45 on 25.05.2018)
• Amount of data transferred (e.g., 2427 bytes)
• Message about successful retrieval (e.g., whether there was an error loading the page)
• Browser type and version (e.g., Firefox 60.0.1)
• User’s operating system (e.g., MacOS 10.13.4)
• Referrer URL (the previously visited page)
• IP address and requesting provider (e.g., 95.91.215.example or 2a02:8109:9440:1198:bdb1:551f:example)

The IP address is particularly relevant since it can theoretically be linked to you personally. To protect your privacy, all data is deleted after your website visit. Temporary storage of the data is required to ensure connectivity, availability, and correct website display. IP address and technical data are essential to avoid display issues and resolve errors. Legal basis: our legitimate interest pursuant to Art. 6(1)(f) GDPR.

Website Built with WordPress

This website was created using WordPress. WordPress is a browser-based software that allows for website creation and management. WordPress comes with various plugins pre-installed and activated by default. Especially social media or analytics plugins can establish a direct connection between the visitor’s browser – i.e., yours – and the respective platform’s servers. As the website operator, we have limited influence over this and no knowledge or control over the extent of data collected or stored.

We have provided details in this privacy statement, to the best of our knowledge and as comprehensively as possible, about the tools and plugins we use in the WordPress environment.

Further information on WordPress privacy can be found at: https://de.wordpress.org/about/privacy/

Security

Security Measures

We take appropriate technical and organizational measures (TOMs) in accordance with legal requirements, considering the state of the art, implementation costs, nature, scope, context, and purposes of processing, as well as the varying likelihood and severity of risks to the rights and freedoms of natural persons, to ensure an adequate level of protection.

These measures include ensuring the confidentiality, integrity, and availability of data by controlling physical access, access permissions, input, transfer, availability, and separation of data. Additionally, we have implemented procedures to enable the exercise of data subject rights, data deletion, and response to data security incidents. Furthermore, we consider the protection of personal data during the development or selection of hardware, software, and processes in line with the principles of data protection by design and by default.

Collection, Processing, and Disclosure of Personal Data When Engaging Our Services

When you engage our services, we collect and process personal data only to the extent necessary to fulfill and execute your order or respond to your request. Providing the data is required for contract conclusion or task execution. Without it, no contract can be concluded. Processing is carried out pursuant to Art. 6(1)(b) GDPR and is necessary for fulfilling the contract. Data will only be disclosed where legally required or contractually regulated. In all cases, we strictly adhere to legal provisions. The scope of data transfer is kept to a minimum.

Types of Processed Data

• Inventory data (e.g., personal/customer master data, names, addresses, application documents)
• Contact data (e.g., email, phone numbers)
• Content data (e.g., text inputs, photographs, videos of objects)
• Usage data (e.g., visited websites, interest in content, access times)
• Meta/communication data (e.g., device information, IP addresses)

Contact via Email or Phone

If you contact us via email or phone, your inquiry including all resulting personal data (name, inquiry) will be stored and processed by us for the purpose of handling your request. We do not share this data without your consent.

The processing of this data is based on Art. 6(1)(b) GDPR if your inquiry is related to the performance of a contract or is necessary for pre-contractual measures. In all other cases, processing is based on your consent (Art. 6(1)(a) GDPR) and/or our legitimate interest (Art. 6(1)(f) GDPR), as we have a legitimate interest in effectively handling inquiries addressed to us.

Collaboration with Data Processors, Joint Controllers, and Third Parties

If we disclose data to other persons or companies (data processors, joint controllers, or third parties), transmit it to them, or otherwise grant them access, this is only done based on a legal permission.

We ensure that cooperation with business partners and service providers is regulated by a data processing agreement or a confidentiality agreement that ensures compliance with data and business secrecy. In joint responsibility arrangements, we ensure that our partners also commit to data protection obligations.

Data Transfers to Third Countries

If data is processed in a third country (i.e., outside the European Union) or this occurs in the context of using third-party services (software, applications, etc.), it is only done if necessary for fulfilling our (pre-)contractual obligations or if we have obtained your consent.

Subject to legal or contractual permissions, we only process or allow data to be processed in a third country if the legal requirements are met. This means processing is based on special guarantees or compliance with officially recognized specific contractual obligations. Our standard is the use of EU standard contractual clauses and adequacy decisions issued by the EU for providers from third countries.

Hosting and Email Services

The hosting services we use (server location in Germany) are provided for the following purposes: infrastructure and platform services, computing capacity, storage space and database services, email dispatch, security services, and technical maintenance services required for operating this online offering.

In this context, we – or our hosting provider – process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, prospects, and website visitors based on our legitimate interest in the efficient and secure provision of this online offering in accordance with Art. 6(1)(f) GDPR in conjunction with Art. 28 GDPR (data processing agreement).

Objection to Promotional Emails

The use of contact details published under the legal notice obligation for sending unsolicited advertising and information material is hereby rejected. As the website operator, we expressly reserve the right to take legal action in the event of the unsolicited sending of promotional information, such as spam emails.

Applicant Data

If you send us an application via email (bewerbung@knecht-online.de), your data will be treated confidentially. The processing of applicant data is carried out to fulfill our (pre-)contractual obligations within the framework of the application process pursuant to Art. 6(1)(b) and Art. 6(1)(f) GDPR, insofar as data processing becomes necessary, e.g., in legal proceedings (in Germany, § 26 BDSG also applies).

In the case of a successful application, the data may be further processed for the purposes of the employment relationship. Otherwise, applicant data will be deleted. For follow-up questions and as evidence in accordance with the General Equal Treatment Act, applications are retained for six months and then deleted.

Social Media Links

We provide links to our social media profiles. Unlike social media plugins, these links do not automatically inform the platforms of your visit when you access our site. Like any link, your data is only processed by the social media platform when you actively click on it.

Generally, the platform will store cookies on your device or link your usage behavior to your account, especially if you’re logged in. The platform may analyze your behavior and use it for (interest-based) advertising. This can result in advertising being displayed to you both on and off the platform.

Please ensure that you are aware of and accept this before using social media platforms (especially if you have not used them before). We have provided links to each platform’s privacy policy.

Facebook Plugins and Content: Facebook social plugins and content – this may include images, videos, texts, and buttons allowing users to share content from this online offering on Facebook. You can view the list and appearance of Facebook plugins here: https://developers.facebook.com/docs/plugins/; Service provider: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; Parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; Website: https://www.facebook.com; Privacy policy: https://www.facebook.com/about/privacy; Opt-out settings: https://www.facebook.com/settings?tab=ads.

Instagram Plugins and Content: Instagram plugins and content – including images, videos, texts, and buttons for sharing this online offering on Instagram. Service provider: https://www.instagram.com, Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA; Privacy policy: https://instagram.com/about/legal/privacy

Notes, Changes, and Updates to This Privacy Policy

This privacy policy is intended to provide you with an overview of the design and functionality of our website. We want you to gain a clear and transparent understanding of how we handle your personal data.

We only process data that is required for establishing, preparing, and fulfilling our (pre-)contractual services, and we will indicate when such data is necessary.

This is based on Art. 6(1)(b), (c), and (f) GDPR. For processing special categories of data, Art. 9(2) applies. For processing in the employment context, Art. 88 GDPR applies. Disclosure to external parties occurs only when absolutely necessary within the scope of an assignment. When processing data on behalf of a client, we follow the client’s instructions and the legal requirements of Art. 28 GDPR. In the case of joint responsibility, data protection obligations are shared in accordance with Art. 26 GDPR.

We update our privacy policy whenever changes to our data processing make it necessary or when legal changes require it. This information is provided to the best of our knowledge and as completely as possible.

Right of Withdrawal and Objection

You may withdraw your consent at any time with future effect via email to info@knecht-online.de or by mail to Knecht GmbH, Gaulsheimer Straße 16, 55437 Ockenheim. You may also object to the processing of personal data pursuant to Art. 21 GDPR using the same contact methods.

Further Information

Please note that this privacy policy applies solely to the websites of Knecht GmbH. If our site contains links to third-party websites, our privacy policy does not apply to those. Please refer to the respective websites for their privacy information.

For more information about us, please visit our legal notice: https://www.knecht-online.de/impressum.html

If you have any questions, suggestions, or requests, feel free to email us at info@knecht-online.de

Additional Contact

Do you have further questions about data protection? Then please contact us:
Contact details of the data protection officer: datenschutz@knecht-online.de

Status 03/2025