The protection of personal data is an important concern for Koenig & Bauer. Any personal data that you provide is therefore always handled in accordance with the relevant legal regulations, in particular those defined in the EU General Data Protection Regulation (GDPR) and the Bundesdatenschutzgesetz (BDSG – German Federal Data Protection Act). Accordingly, KOENIG & BAUER ensures that your personal data is processed and used transparently and for the specific intended purpose.
In the following, we explain the extent to which personal information is collected from you when you use our website, how we handle the data that is collected, and for which purpose and on which legal basis it is processed.
Furthermore, we inform you about which personal data that is made available to companies of the Koenig & Bauer Group, how long we save your personal data, and which rights you have regarding the processing of your personal data.
Please note that this website may provide links to other websites that are not subject to this data privacy statement.
§ 1 Controller and data protection officer
(1) Controller in accordance with Article 4(7) of the EU General Data Protection Regulation (GDPR) is:
Koenig & Bauer AG
Friedrich-Koenig-Straße 4
97080 Würzburg
info(at)koenig-bauer.com
(2) The designated data protection officer (group data protection officer) of Koenig & Bauer AG is:
If you have any questions or concerns relating to the processing of your personal data by Koenig & Bauer or to this data privacy statement, please feel free to contact our data protection officer at any time.
(3) When you contact us by e-mail or by using a contact form, the data you provide (your e-mail address and, where applicable, your name and telephone number – where provided as optional information) is saved to enable us to answer your questions. The data collected in this context is deleted once it is no longer necessary to save the data, or its further processing is restricted where statutory retention requirements apply. In certain individual cases, the data may be passed on to affiliated group companies of Koenig & Bauer AG if this is necessary to enable us to answer your specific query.
(4) Insofar as we employ (external) service providers to handle individual functions of our offers or else wish to use your data for advertising purposes, we will inform you in detail below regarding the procedures followed. In addition, we also specify the criteria that determine the duration of data retention.
§ 2 Your rights
(1) You have the right, at any time, to demand more specific information on the data saved about your person, to view this data, and to demand either that incorrect data be rectified or that the save data be deleted either in full or in part.
(2) Where personal data obtained from you is processed, you are the data subject within the definition specified in the General Data Protection Regulation (GDPR) and are entitled to assert the following rights vis-à-vis Koenig & Bauer (as controller):
1. Right of access to information
In accordance with Article 15 GDPR, you are entitled to demand information about our processing of your personal data. In particular, you can demand information regarding the purposes of the processing, the categories of personal data concerned, the categories of recipients to whom your data has been or may be disclosed, the planned duration of retention of the data, your entitlement to demand the rectification or erasure of personal data, or to object to or restrict data processing, your right to lodge a complaint, the source of your data insofar as it was not collected by us, and the existence of any automated decision-making processes, including profiling, and as applicable any significant information on the details of such processes.
2. Right to rectification
In accordance with Article 16 GDPR, you can demand that, where the personal data saved by us is inaccurate or incomplete, it be rectified or completed without undue delay.
3. Right to erasure
In accordance with Article 17 GDPR, you can demand the erasure of personal data saved by us, insofar as the processing is not necessary to enable the exercise of the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defence of legal claims.
4. Right to restriction of processing
In accordance with Article 18 GDPR, you can demand that processing of your personal data be restricted insofar as you contest the accuracy of the personal data, the processing is unlawful but you oppose its erasure and we no longer need the data, however you require it for the establishment, exercise or defence of legal claims, or you have objected to the processing in accordance with Article 21 GDPR.
5. Right to data portability
In accordance with Article 20 GDPR, you can demand to receive the personal data that you have provided to us in a structured, commonly used and machine-readable format or to have this data transmitted to another controller, insofar as the processing is based on consent or on a contract and the processing is carried out by automated means.
6. Right to object
Insofar as we process your personal data on the basis of a balancing of interests (legal basis as per Article 6(1)(f) GDPR), you are entitled to object to the processing of your personal data at any time on grounds relating to your particular situation; this also applies to any so-called “profiling” on the basis of said provisions.
Processing of your personal data is performed on the basis of a balancing of interests (legal basis as per Article 6(1)(f) GDPR), in particular where the processing is not necessary in order to fulfil a contract with you, as indicated by us in the subsequent description in each case. When raising such an objection, we ask you to state the reasons why we should refrain from processing your personal data in the current manner. If you submit a reasoned objection, we will examine the facts of the situation and either cease or adapt our data processing or else present to you the compelling legitimate grounds that form the basis for which we will continue to process the data.
You are also entitled to revoke your declaration of consent under data protection law at any time with effect for the future. The data concerned will then be erased accordingly without delay. The withdrawal of your consent does not affect the lawfulness of processing based on the consent prior to said withdrawal.
Please send notification of your withdrawal of consent, stating your full name and your e-mail address, to:
Restriction of any further processing (blocking of the data) is permitted in lieu of erasure in the cases specified in the legal provisions.
You are naturally entitled to object to the processing of your personal data for advertising purposes and data analysis at any time.
You can inform us of your objection to the processing of personal data for advertising purposes using the following contact details:
Koenig & Bauer AG
Marketing / Communication
Friedrich-Koenig-Str. 4
97080 Würzburg
marketing[at]koenig-bauer.com
7. Automated individual decision-making, including profiling
You have the right not to be subject to decisions based solely on automated processing – including profiling – where such decisions produce legal effects or affect you otherwise in a similarly significantly manner. This shall not apply if the decision
(1) is necessary to enable the concluding or performance of a contract between you and the data controller;
(2) is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and your legitimate interests; or
(3) is based on your explicit consent.
Such decisions, however, must not be based on the special categories of personal data referred to in Article 9(1) GDPR, unless either point (a) or (g) of Article 9(2) applies and suitable measures to safeguard your rights and freedoms and your legitimate interests are in place.
In the cases referred to in (1) and (3) above, the data controller shall implement suitable measures to safeguard your rights and freedoms and your legitimate interests, including at least the right to obtain human intervention on the part of the controller, to express your own point of view and to contest the decision.
8. Right to lodge a complaint with a supervisory authority
You are furthermore entitled to lodge a complaint with the competent supervisory authority in data protection matters regarding our processing of your personal data.
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority in particular in the Member State of your habitual residence, your place of work, or the place of the alleged infringement if you believe that the processing of your personal data is not compliant with GDPR provisions.
The supervisory authority with which a complaint is lodged will inform the complainant on the progress and the outcome of the complaint, including the possibility of judicial remedy in accordance with Article 78 GDPR.
9. General questions and contact options
If you have any questions regarding the collection, processing or use of your personal data, or if you wish to receive information, to demand correction or erasure of your data, or to revoke any consent you have previously granted, please contact our data protection officer. Contact options can be found under [point §1] of this data privacy statement.
§ 3 Collection of personal data when you visit our website
(1) A legal definition of the term “personal data” is provided by Article 4(1) GDPR, according to which it refers to “any information relating to an identified or identifiable natural person”. Personal data is thus all data that can be used to identify you personally, e.g. name, address, e-mail addresses, user behaviour and IP address.
(2) When you visit the website solely for information purposes, i.e. without registering or otherwise sending individual information to us, we collect only those personal data that your browser sends to our server. This information is temporarily saved in a log file. When you submit a request to view our website, we collect the following data, which is required for technical reasons to enable us to display the website and to guarantee its stability and security:
- IP address (anonymised)
- Date and time of your request
- Time zone difference relative to Greenwich Mean Time (GMT)
- Contents of the request (specific page)
- Access status/HTTP status code
- Data volume transferred in each instance
- Website from which the request originated
- Browser used
- Operating system and its interface
- Language and version of the browser software
- User location
The legal basis for collection and storage of this data is provided by Article 6(1) subparagraph 1(f) GDPR
(3) In addition to the data mentioned above, we also save cookies to your computer when you use our website. Cookies are small text files that are saved to your hard drive and assigned to the browser you are using, enabling certain information to be provided to the client that places the cookie (us in this case). Cookies are not able to execute programs or transmit viruses to your computer. Their purpose is to enhance the overall user-friendliness and efficiency of the website.
(4) Use of cookies:
a) This website uses the following types of cookies, the scope and function of which are explained below:
- Transient cookies (see b)
- Persistent cookies (see c)
b) Transient cookies are deleted automatically when you close your browser. They include, in particular, so-called session cookies, which save what is known as a session ID to enable separate requests from your browser to be assigned to a common session. This allows your computer to be recognised again when you return to our website. Session cookies are deleted when you log out or close your browser.
c) Persistent cookies are deleted automatically after a specified time, which can vary depending on the cookie. You can delete cookies at any time by using the security settings of your browser.
d) You can configure your browser settings to suit your preferences, e.g. to decline the acceptance of third-party cookies or to reject all cookies.
e) When you visit one of our websites for the first time, you are offered the option of declining the use of cookies. The setting can be changed at any time. We would like to point out, however, that you may not be able to use all the functions of this website in certain browser configurations.
f) The cookies listed below are used by our websites:
§ 4 Further functions and offers of our website
(1) Alongside access to our website solely for information purposes, we offer various additional services that you can use if you so wish. To this end, it is generally necessary for you to enter further personal data, which we then use to provide the service concerned and to which the data processing principles stated above apply.
(2) To facilitate contact with us and to enable you to ask any questions you may have, we offer you the option of contacting us by using a form provided on the website. Use of this form requires that you provide a valid e-mail address, so that we know from whom the query came and to enable us to reply. Further information can be provided voluntarily. Data processing for the purpose of establishing contact with us is performed on the basis of your freely given consent in accordance with Article 6(1) subparagraph 1(a) GDPR. The personal data that we collect in connection with your use of the contact form is processed in Salesforce.
(3) In some cases, we make use of external service providers for the processing of your data, for example Salesforce and Google. Such providers are carefully selected and commissioned by us, are bound to follow our instructions, and are monitored on a regular basis.
(4) Furthermore, we may pass your personal data on to third parties to enable participation in special campaigns or competitions, the conclusion of contracts, or similar services offered by us together with partners. More detailed information is provided when you are asked to disclose your personal data, or below in the description of the offer.
We disclose your personal data to third parties only where:
- you have given your explicit consent to disclosure in accordance with Article 6(1) subparagraph 1(a) GDPR;
- the disclosure is necessary in accordance with Article 6(1) subparagraph 1(f) GDPR to enable the establishment, exercise or defence of legal claims and there is no reason to assume that you have an overriding legitimate interest in the non-disclosure of your data;
- we are subject to a legal obligation to disclose the data in accordance with Article 6(1) subparagraph 1(c) GDPR; or
- disclosure is legally permissible and necessary to enable performance of a contract entered into with you in accordance with Article 6(1) subparagraph 1(b) GDPR.
Your personal data are not passed on to third parties for purposes other than those specified.
(5) Insofar as our service providers or partners have their registered offices in a state outside the European Union or the European Economic Area (EEA), we will inform you of the consequences of this circumstance in the description of the offer or of the service used.
§ 5 Creating a customer account and use of our webshop portals
(1) If you wish to create a customer account for our webshop, you must register by providing your email address, setting a password of your own choice and specifying a user name that you are free to select. There is no requirement to provide your real name; use of a pseudonym is possible.
(2) We use a so-called double opt-in process for registration, i.e. your registration does not become effective until you confirm your intention to register by clicking on a link in a confirmation email sent to you for this purpose. If this confirmation is not received within [24 hours], your registration is automatically deleted from our database. Disclosure of the aforementioned data is mandatory; all further information may be provided as optional information when using our webshop portal.
(3) When you use our webshop portal, we save the data you provide to enable us to fulfil a contract, including information on the payment method, until you finally delete your access credentials. Furthermore, we store the data you provide as optional information for the duration of your use of the webshop portal, unless you delete this data beforehand. All data can be managed and edited in the secure customer area. The legal basis for processing of your data is provided by Article 6(1) subparagraph 1(f) GDPR.
(4) To prevent unauthorised access to your personal data, and in particular your financial data, by third parties, the connection is encrypted using TLS technology.
§ 6 Newsletter
(1) By giving your consent, you can subscribe to a newsletter in which we inform you about current offers/products of Koenig & Bauer AG and/or the relevant group company. The advertised goods and services are specified in the declaration of consent.
(2) We use a so-called double opt-in process for registration to receive our newsletter. This means that, after your initial registration, we send an email to the email address that you provide, in which we ask you to confirm that you wish to receive the newsletter. If your registration is not confirmed within [24 hours], the information that you have provided will be blocked and then deleted automatically after one month. Furthermore, we save the IP addresses you used and the times of your registration and confirmation. The purpose of this procedure is to document your registration and to enable us to clarify any misuse of your personal data.
(3) Specifying your first name, surname and e-mail address is mandatory in order to receive the newsletter. Further data that is marked specifically as optional information may be provided voluntarily and is used to address you personally. After receiving your confirmation, we save your e-mail address for the purpose of distribution of the newsletter. The legal basis for this is provided by Article 6(1) subparagraph 1(f) GDPR.
(4) You can revoke your consent and unsubscribe from the newsletter at any time. To cancel your subscription, click on the link provided in each newsletter email or send an email to marketing@koenig-bauer.com.
(5) We wish to point out that we analyse your user behaviour in connection with distribution of our newsletter. For this analysis, the emails that are sent to you contain so-called web beacons or tracking pixels, i.e. single-pixel image files that are saved on our website. These web beacons, together with the data specified in § 3, are linked with your e-mail address and an individual ID for the purposes of this analysis.
§ 7 Web analysis and user tracking
The analysis and tracking measures that we employ are intended to ensure a user-friendly design and ongoing optimisation of our website. At the same time, we employ tracking measures to enable statistical evaluation of the use of our website, with the objective of optimising our offers for you. These interests are to be regarded as legitimate within the meaning of the aforementioned regulation. The respective data processing purposes and data categories are specified in the descriptions of the analysis and tracking tools concerned.
The legal basis for our use of analysis and tracking tools is provided by Article 6(1) subparagraph 1(f) GDPR.
§ 8 Integration of third-party content and redirection
There may be situations in which content from third parties, such as videos from YouTube, map material from Google Maps, RSS feeds or graphics from other websites, is embedded within this online service. In such cases, it is always necessary for the user’s IP address to be known to the provider of this content. Without knowledge of the IP address, the content cannot be sent to the user’s browser. The IP address is thus a prerequisite for displaying such content. We endeavour to restrict our use of such content to those service providers that use the IP address solely to deliver the content. We have no influence, however, over whether or not the third-party provider saves the IP address, for example for statistical purposes. Where we are aware of such data retention, we will notify the user accordingly.
1. Embedding of YouTube videos
(1) We have embedded YouTube videos into our online service; these videos are hosted at https://www.Youtube.com and can be played directly from our website. [All such videos are embedded in “extended data protection mode”, which means that no data about you, as a user, is shared with YouTube if you do not play the videos. The data specified under (2) below is only sent when you play the videos. We have no influence over this data transfer.]
(2) When you visit the website, YouTube receives the information that you have called up the corresponding sub-page of our website. Furthermore, the data specified under § 3 of this statement is sent. This will occur irrespective of whether you are logged in to a user account provided by YouTube or no corresponding user account exists. If you are logged in to Google, your data will be allocated directly to your account. To prevent allocation to your profile at YouTube, you must log out before you activate the button. YouTube saves data collected as user profiles and uses this data for purposes of advertising, market research and/or user-tailored website design. Such analysis is carried out in particular to facilitate tailored advertising and to inform other users of the social network about your activities on our website (even in relation to users who are not logged in). You are entitled to object to the creation of such user profiles. To exercise this right, a corresponding request must be addressed to YouTube.
(3) Further information on the purpose and scope of data collection and processing by YouTube can be found in the relevant data privacy statement. This statement also provides information on your rights and on optional settings that serve to protect your privacy: www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and has agreed to be subject to the EU-US Privacy Shield, https://www.dataprivacyframework.gov/s/
2. Embedding of Google Maps
(1) We use the service offered by Google Maps on this website. This permits us to present interactive maps to you on the website and enables convenient direct use of the map function.
(2) When you visit the website, Google receives the information that you have called up the relevant sub-page of our website. Furthermore, the data specified under § 3 of this statement is sent. This will occur irrespective of whether you are logged in to a user account provided by Google or no corresponding user account exists. If you are logged in to Google, your data will be allocated directly to your account. To prevent allocation to your profile at Google, you must log out before you activate the button. Google saves data collected as user profiles and uses this data for purposes of advertising, market research and/or user-tailored website design. Such analysis is carried out in particular to facilitate tailored advertising and to inform other users of the social network about your activities on our website (even in relation to users who are not logged in). You are entitled to object to the creation of such user profiles. To exercise this right, a corresponding request must be addressed to Google.
(3) Further information on the purpose and scope of data collection and processing by the plug-in provider can be found in the provider’s data privacy statements. These statements also provide information on your rights and on optional settings that serve to protect your privacy: https://policies.google.com/privacy?hl=en&gl=en.
3. Redirection
All redirection to providers of social media services, such as YouTube, Facebook, etc., is realised by means of links, which means that any data about your visit to our website (e.g. IP address, time, URL) or data present on your device (e.g. cookie information) is only sent to the provider concerned in case of conscious use of the link.
§ 9 Data and IT security
During your visit to our website, we support the highest security encryption set by your browser.
SSL / TLS encryption
This website uses SSL or TLS encryption as a security measure and to protect transfer of confidential content, e.g. contact forms that you send to us as operator of the website. You can verify that you are connected to our website via an encrypted connection when the address in the browser changes from “http://” to “https://” and a padlock icon is displayed on the browser bar.
When SSL or TLS encryption is activated, data that you send to us cannot be read by third parties.
In addition, we employ suitable technical and organisational security measures in order to protect your data against accidental or intentional manipulation, full or partial loss, destruction and unauthorised access by third parties. These security measures are subject to continuous improvement in line with advances in technology.
§ 10 Links to other websites
Please note that this website may provide links to other websites, including websites that are not operated by Koenig & Bauer and are not subject to this data privacy statement.
§ 11 Amendment and updating of the data privacy statement
This data privacy statement is currently valid in the version dated February 2024. Through further development of our website and our associated offers, or in response to amendments to legal or official regulations, it may become necessary to amend this data privacy statement in the future. Amendments will be announced in good time on this page. You should therefore visit this page regularly to stay informed on the current wording of the data privacy statement. You can view and print out the data privacy statement that is currently valid at any time by visiting our website: https://drupa.koenig-bauer.com/privacy-policy/