This privacy policy has been compiled to better serve those who are concerned with how their 'Personally identifiable information' (PII) is being used online. PII, as used in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website.

What personal information do we collect from the people that visit our blog, website or app?

When you register on our website, you may be asked to enter your name, e-mail address or other information necessary to process your order. This represents a legitimate interest in the sense of Art. 6 Para. 1 lit. f DSGVO.

What personal information do we collect from people who order products from us via our webshop or Amazon?

When you order goods on our website, you will be asked to enter your personal data, which are necessary for the order processing. This represents a legitimate interest in the sense of Art. 6 para. 1 lit. f DSGVO.
This includes the following data: Your name, e-mail address, billing address and delivery address. Payment data (e.g. when using Paypal, Apple Pay or credit card payments via Stripe) will only be stored by the payment partner selected by you to process the payment. KAndySoft has no access to your payment information.

If you order goods from us via our Amazon Shop, Amazon will transfer your data necessary for delivery processing to us. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.
The data transmitted by Amazon include: Your name, Amazon email address for this purchase (not your own email address), billing address and delivery address. KAndySoft has no access to your payment data at Amazon.

Legal basis for data collection

Insofar as we obtain the consent of the data subject for processing of personal data, Article 6 (1) lit. a EU-DSGVO serves as the legal basis.
In the processing of personal data required for the performance of a contract to which the data subject is a party, Article 6 (1) (b) EU-DSA serves as the legal basis. This also applies to processing operations required to implement pre-contractual measures.
Insofar as processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Article 6 (1) lit. c EU-DSGVO serves as the legal basis.

What rights do you have regarding your data?

You have the right to receive information free of charge about the origin, recipient and purpose of your stored personal data at any time. You also have the right to demand the correction, blocking or deletion of this data. For this purpose, as well as for further questions regarding data protection, you can contact us at any time at the address given in the imprint. Furthermore, you have a right of appeal to the responsible supervisory authority.

When do we collect information?

We collect information from you when you Login to Google Drive or enter information on our site. Anonymised usage date is also collected in order to improve recognition methods and usability. Usage data is never linke to your name or email or any other personal data.

How do we use your information?

We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
  • To personalize user's experience and to allow us to deliver the type of content and product offerings in which you are most interested.

How do we protect visitor information?

  • We do not use vulnerability scanning and/or scanning to PCI standards.
  • We use regular Malware Scanning.
  • We do not use an SSL certificate
  • We use encrypted storage methods to protect your data

Deletion periods for personal data

KAndySoft will delete your personal data for order processing from our webshop and the Amazon webshop by anonymization 30 days after your order is shipped.
Anonymized: Your name, email address, billing and shipping address.

Do we use 'cookies'?

We use cookies for the following purposes: data protection setting (opt-in/opt-out), language setting and for our web store.
We do not use cookies for tracking purposes.
Most of the cookies we use are so-called session cookies. They are automatically deleted at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser during your next visit.
You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.
Cookies that are required to carry out the electronic communication process or to provide certain functions that you have requested (e.g. shopping basket function) are stored on the basis of Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of his services. Insofar as other cookies (e.g. cookies to analyze your surfing behavior) are stored, they are treated separately in this privacy policy.

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of the server request
  • IP address

This data is not merged with other data sources.
The basis for data processing is Art. 6 para. 1 lit. f DSGVO, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.

Third Party Disclosure

We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information.

Third party links

Occasionally, at our discretion, we may include or offer third party products or services on our website. These third party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.

Google

Google's advertising requirements can be summed up by Google's Advertising Principles. They are put in place to provide a positive experience for users. https://support.google.com/adwordspolicy/answer/1316548?hl=en
We have not enabled Google AdSense on our site but we may do so in the future.

We use Google Analytics on our site to collect statistical data about our visitors. The personal data (IP address) is ANONYMISED. The collection via Google Analytics takes place exclusively after you have agreed to this via the banner on the main page with "I agree".

If you wish to withdraw your consent, you can do so here:
Disable Google Analytics

Google Web Fonts

This site uses so-called web fonts, which are provided by Google, for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache to display texts and fonts correctly.
For this purpose, the browser you are using must connect to the servers of Google. This enables Google to know that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and attractive presentation of our online offers. This represents a legitimate interest in the sense of Art. 6 para. 1 lit. f DSGVO.

If your browser does not support Web Fonts, a standard font from your computer will be used.
Further information about Google Web Fonts can be found at https://developers.google.com/fonts/faqund in the Google privacy policy: https://www.google.com/policies/privacy/.

Google Maps

This site uses the map service Google Maps via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use the functions of Google Maps it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.
The use of Google Maps is in the interest of an attractive presentation of our online offers and to make it easy to find the places we have indicated on the website. This represents a legitimate interest in the sense of Art. 6 para. 1 lit. f DSGVO.
More information on the handling of user data can be found in Google's privacy policy: https://www.google.de/intl/de/policies/privacy/.

How does our site deal with "Do not Track" settings?

We take care not to use tracking and not to set cookies or use advertising if a DNT browser mechanism (Do Not Track) is available.

Does our site allow tracking of third party behavior?

It is also important to note that we do not allow behavior tracking by third parties.
We do not send advertising emails.

General notes and mandatory information

Privacy

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and according to the legal data protection regulations as well as this privacy policy.
When you use this website, various personal data is collected. Personal data is data with which you can be personally identified. This privacy policy explains what data we collect and what we use it for. It also explains how we do this and for what purpose.

We would like to point out that data transmission over the Internet (e.g. communication by e-mail) can have security gaps. It is not possible to completely protect data from access by third parties.

Note on the responsible body

The person responsible for data processing on this website is
KAndySoft UG (limited liability)
Klaus Kerschbaumer
Donaustauferstr. 13
80993 Munich
Phone: +49 (89) 543 569-20
e-mail: admin@kandysoft.de

Responsible party is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.).

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke a previously given consent at any time. For this purpose, an informal notification by e-mail to us is sufficient. The legality of the data processing that took place until the revocation remains unaffected by the revocation.
Right of complaint to the responsible supervisory authority

In the event of violations of data protection laws, the person concerned has a right of appeal to the competent supervisory authority. The competent supervisory authority in data protection matters is the data protection commissioner of the federal state in which our company is located. A list of the data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Right to data transferability

You have the right to have data, which we process automatically on the basis of your consent or in fulfilment of a contract, handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible party, this will only be done to the extent technically feasible.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from http://kandysoft.de to https://kandysoft.de and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you send to us cannot be read by third parties.

Information, blocking, deletion

Within the framework of the applicable legal provisions, you have the right to obtain information free of charge at any time about your stored personal data, its origin and recipients and the purpose of the data processing and, if applicable, a right to correct, block or delete this data. For this purpose, as well as for further questions regarding personal data, you can contact us at any time at the address given in the imprint.

Data protection officer

Statuatory Data protection officer
KAndySoft UG (haftungsbeschränkt)
Klaus Kerschbaumer
Donaustauferstr. 13
80993 München
Telefon: +49 (89) 543 569-20
E-Mail: admin@kandysoft.de

California Online Privacy Protection Act

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law's reach stretches well beyond California to require a person or company in the United States (and conceivably the world) that operates websites collecting personally identifiable information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals with whom it is being shared, and to comply with this policy. - See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf

According to CalOPPA we agree to the following:
  • Users can visit our site anonymously
  • Once this privacy policy is created, we will add a link to it on our home page, or as a minimum on the first significant page after entering our website.
  • Our Privacy Policy link includes the word 'Privacy', and can be easily be found on the page specified above.
    Users will be notified of any privacy policy changes:
    - On our Privacy Policy Page
  • Users are able to change their personal information:
    - By calling us

How does our site handle do not track signals?

We honor do not track signals and do not track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.

Does our site allow third party behavioral tracking?

It's also important to note that we do not allow third party behavioral tracking

COPPA (Children Online Privacy Protection Act)

When it comes to the collection of personal information from children under 13, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation's consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online.
We do not specifically market to children under 13.

CAN SPAM Act

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

We collect your email address in order to:

  • respond to your inquiries

To be in accordance with CANSPAM we agree to the following: If at any time you would like to unsubscribe from receiving future emails, you can and we will promptly remove you from ALL correspondence.

Contacting Us

If there are any questions regarding this privacy policy you may contact us using the information on our imprint page

Last Edited on 2020-08-24