Privacy Policy

Introduction

This Privacy Policy describes how kxprocteurynter GmbH ("we", "our", or "us") collects, uses, and protects your personal information when you visit our website, use our services, or interact with us. As a cybersecurity company based in Germany, we are committed to protecting your privacy and complying with all applicable data protection laws, including the General Data Protection Regulation (GDPR).

Data Controller

The data controller responsible for your personal data is:

Data Collection

The data we collect includes personal information that you provide directly to us, information we collect automatically when you use our services, and information we may receive from third parties. This includes your name, email address, phone number, company information, IP address, browser type, device information, and usage data about how you interact with our website and services. We collect this information through various means including our contact forms, service requests, cookies, and analytics tools.

Information You Provide

• Contact information (name, email, phone number, address)
• Company information (organisation name, role, industry)
• Service requests and enquiry details
• Communication preferences
• Account credentials and profile information
• Payment information (processed by secure third-party providers)

Information We Collect Automatically

• IP address and location information
• Browser type, version, and language settings
• Device information and operating system
• Website usage data and navigation patterns
• Cookies and similar tracking technologies
• Log files and technical information

How We Use Your Information

We explain how we use your information for various purposes including providing our cybersecurity services, communicating with you, improving our services, and ensuring security and compliance. Our use of your data is always based on a lawful basis under GDPR, such as legitimate interests, contract performance, or your consent. We process your information to deliver the services you request, respond to your enquiries, send important updates, conduct security assessments, and maintain the security and functionality of our systems.

Legal Basis for Processing

• Contract Performance: To provide cybersecurity services and fulfil our contractual obligations
• Legitimate Interests: To improve our services, conduct business operations, and ensure security
• Consent: For marketing communications and non-essential cookies
• Legal Obligation: To comply with applicable laws and regulations
• Vital Interests: To protect against security threats and incidents

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information with trusted service providers who assist us in operating our business, such as cloud hosting providers, payment processors, and analytics services. These providers are contractually bound to protect your information and use it only for the purposes we specify. We may also disclose information when required by law or to protect our rights and safety.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. Generally, we retain contact information and service data for the duration of our business relationship plus seven years for legal and regulatory compliance purposes. Website analytics data is typically retained for 26 months, and marketing data is kept until you opt out or request deletion. We regularly review and delete data that is no longer needed.

International Data Transfers

As a company based in Germany, we primarily process data within the European Economic Area (EEA). When we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission or transfers to countries with adequacy decisions. We work with service providers who maintain appropriate data protection standards and comply with international data transfer requirements.

Your Rights

Under GDPR and applicable data protection laws, you have several rights regarding your personal data. These rights include the ability to access, correct, delete, or restrict processing of your personal information. You can also object to processing, request data portability, and withdraw consent where applicable. To exercise these rights, please contact us using the information provided below.

Your Rights Include:

• Right of Access: Request a copy of the personal data we hold about you
• Right to Rectification: Correct inaccurate or incomplete information
• Right to Erasure: Request deletion of your personal data in certain circumstances
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for data processing where applicable

Security Measures

As a cybersecurity company, we implement robust technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include encryption, access controls, regular security assessments, employee training, and incident response procedures. We continuously monitor and update our security practices to address evolving threats and maintain the highest standards of data protection.

Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your browsing experience, analyse website performance, and provide personalised content. Our Cookie Policy provides detailed information about the types of cookies we use, their purposes, and how you can manage your cookie preferences. You can control cookie settings through your browser or our cookie consent management tool.

Children's Privacy

Our services are not directed to individuals under the age of 16, and we do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child without appropriate consent, we will take steps to delete such information promptly. Parents or guardians who believe their child has provided personal information to us should contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or business operations. We will notify you of any material changes by posting the updated policy on our website and updating the "Last Updated" date. We encourage you to review this policy regularly to stay informed about how we protect your information.

Contact Us

If you have questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding data protection matters, please reach out to us using the contact information below. We are committed to addressing your concerns promptly and transparently.

Supervisory Authority

You have the right to lodge a complaint with a supervisory authority if you believe your data protection rights have been violated. In Germany, you can contact your local data protection authority or the Federal Commissioner for Data Protection and Freedom of Information (BfDI).