related to KID-Systeme GmbH / www.KID-Systeme.com (issued 62 183 01 on 13. December 2022).
KID-Systeme GmbH (also known as, “KID”, or “we” or “us”) website including download portal (KENT) provides information about the company and products along with separate access to maintenance and repair documents. We appreciate your interest in our products, services and business lines and your use of our website and KENT portal. The website includes links to other websites or applications which are not necessarily covered by this Privacy Notice. In this event, we encourage you to carefully read the privacy policies of such websites. KID-Systeme GmbH is committed to protecting the privacy of individuals and to complying with applicable personal data protection laws and regulations. We want you to feel comfortable using our website and KENT portal. This Privacy Notice will inform you of the personal data we collect when using KENT portal: How we use and disclose your personal data; how you can control the use and disclosure of your personal data; and how we protect your personal data.
What is personal data?
Personal data is information that can be used to identify a person either directly or indirectly. It includes information such as name, contact details, identification numbers, financial data, location data or online identifiers.
Which sources and what personal data do we use?
The personal data we process in relation to download portal (KENT) are as follows:
What are the purposes of the processing of your personal data?
By using KENT download portal, KID will process your personal data for the following purposes:
We will use your personal data for the above Purposes only, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose (for preserving particular evidence or in the context of legal statutes of limitation for example). If we need to use your personal data for an unrelated purpose, we will notify you prior to this further personal data processing and provide you the relevant privacy information notice.
What is the legal basis for the processing of your personal data?
Subject to the applicable law, we process your personal data under the following legal basis:
Who will receive your personal data?
Subject to applicable law, we may disclose your personal data to the following recipient(s) on a need to know basis:
Is any of your personal data transferred overseas?
Except for Airbus Affiliates operating outside the European Economic Area or the UK, your personal data will generally be processed in the European Economic Area. We share your personal data within Airbus. Any transfers within Airbus for Airbus daily business activity and internal organization are covered by an intra-group agreement (Binding Corporate Rules). The Binding Corporate Rules includes contractual protections to ensure that your personal data receives an adequate level of protection wherever it is transferred within Airbus. If you have any questions regarding transfers, please contact us (firstname.lastname@example.org) for further details.
How long will your personal data be retained?
We retain your personal data as long as reasonably necessary for the purposes for which it was collected. For KENT we retain for 06 months from the date of collection or our last interaction with you. In some circumstances, we may retain your personal data for a longer period of time than is needed for those purposes such as where we are required to do so in accordance with legal, regulatory, tax or accounting requirements.
What about the security of your personal data?
We use technical and organizational security measures in order to protect the personal data we have under our control against accidental or intentional manipulation, loss, destruction and against access by unauthorized persons. Our security procedures are continually enhanced as new technology becomes available.
What are your rights?
At any time you may exercise your personal data protection rights as listed below by contacting us at email@example.com:
How to exercise your rights and/or contact Airbus in respect of your personal data?
If you want to exercise your rights or you are unhappy with the way in which your personal data has been processed or should you have any questions regarding the processing of your personal data, you may refer in the first instance to the Airbus Data Protection Officer, who is available, at the following email address: firstname.lastname@example.org. In case of doubt of your identity, we may ask you to justify it by enclosing a copy of any identity document.
Are you obliged to provide your personal data?
Under certain circumstances, when some personal data is necessary to enter into a contract or to comply with legal obligation, any failure to provide the requested personal data may result in us not being able to fulfill our contractual/legal obligations or to achieve the expected results.
Do we use automated decision-making, or conduct profiling?
As a matter of principle, we do not use fully automated decision-making processes nor conduct automated processes with the objective of evaluating certain personal aspects (profiling). In the event that we should use such processes, we will inform you in advance. We conduct profiling when we process your personal data, which means that we process your personal data in order to evaluate your KENT user and access rights.
How to ask for assistance from the competent authorities?
If you remain unsatisfied, then you have the right to apply directly to a Data Protection Supervisory Authority. Listed below are the four main countries where Airbus operates and the relevant Supervisory Authority
for California Residents
In addition to the information provided above, the following section is made specifically pursuant to the California Consumer Privacy Act of 2018 ("CCPA"). We don’t sell your personal information to third parties and we will not sell your personal information to third parties unless provided otherwise by a specific privacy notice. We do not discriminate against California residents who exercise their CCPA privacy rights.To exercise your California privacy rights please refer to the section "How to exercise your rights".
for Chinese residents
By participating in the KENT tool your personal information will be transferred to KID-Systeme GmbH located outside of China and will be processed in accordance with this privacy notice. We will comply with the applicable obligations and requirements under Chinese PIPL regulation in relation to sharing and cross-border transfers of personal information.
WHAT ARE COOKIES?
Cookies are small files or amounts of information that may be stored to, accessed and removed from your device when you access KENT. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. For instance, a “Cookie” may refer to “http cookie”, flash cookie” (used by some applications or website relying on Flash technology), local storage area of your internet browser, unique identifier calculated from your internet browser characteristics (also known as “browser fingerprinting”), or unique identifiers related to your device or your internet browser (device serial number, MAC address, Android ID, advertising ID, etc...)].
HOW CAN YOU DISABLE OR DELETE COOKIES?
When the Cookies we use are strictly necessary for technical reasons, they are marked as “mandatory” on the table above. Those Cookies do not require consent from you. However, if you choose not to accept Cookies that are strictly necessary for the provision of our services provided by our Website, it may result in a reduced availability of such services. For the Cookies that require a consent from you, please be informed that you can revoke this consent at any time. You can also manage and control the cookies we use, and delete them directly on KID-Systeme.com through the cookies settings interface. [please detail here the way users can manage cookies. If applicable please provide a link to the page where user can manage its preferences].
Modification of the Privacy Notice
KID-Systeme GmbH will update this Privacy Notice from time to time in order to reflect the changes in our practices and services and also to remain compliant to Data Protection Laws and Regulations. We will inform you of any substantial modification in how we process your personal data.
Collection and Purpose for Use of Personal Data
In principle, we process your personal data only to the extent necessary to provide a functioning website. In addition, we only process data that you have provided to us in the context of contacting us.
1.1 Website Visits
Each time you visit our website, your browser automatically sends certain information to the server of our website, which it then stores in a log file (hereinafter „logfile“). These are information about
The legal basis for the collection and processing of the information stored in a log file is Article 6 (1) lit. f) GDPR.
We use this data to ensure the functionality of the website, in particular to detect and eliminate website errors, to determine the utilization of the website and to make adjustments or improvements. This is also the purpose of our legitimate interest in data processing. The processing is expressly not for the purpose of gaining knowledge of your person as a visitor to the site.
The information stored in a log file is deleted as soon as it is no longer necessary for the purpose of its collection. We will delete your IP address after leaving our website. Further storage of the data in log files is possible. In this case, your IP address is disassociated so that it is no longer possible to associate it with the visiting client.
The collection of data for the provision of our website and the storage of data in log files is essential for the operation of our website. Consequently, you are not entitled to object in this matter.
1.2 Email Contact
On our website, an email address is provided, which can be used for electronic contact. If you do this, your personal data transmitted by email will be stored.
In this context, there is no disclosure of the data to third parties. The data is used exclusively for processing the conversation.
The legal basis for processing data transmitted in the course of sending an email is Article 6 (1) lit. f GDPR. If the intention of email contact is to conclude a contract, then additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.
The processing of personal data when contacting us by email serves only to process the contact. This also includes the required legitimate interest in processing the data.
The data will be deleted as soon as it is no longer necessary for the purpose of its collection. For the personal data sent by email, this is the case when the conversation with you has ended. The conversation is ended when it can be inferred from the circumstances that the relevant facts have been finally clarified. If the data collected during contact is required to fulfil a contract, deletion of the data is only possible, so long as there are no contractual or legal obligations against deletion.
You can object to the storage of your personal data by contacting us by email at any time. In such a case, the conversation cannot continue.
All personal data stored in the course of contacting will be deleted in this case. Legal requirements for the storage of personal data during the execution of the contract, in particular those which we have to keep for tax reasons, remain unaffected.
We only use so-called session cookies (also referred to as temporary cookies), i.e. those that are cached exclusively for the duration of your use of one of our internet pages. The purpose of these cookies is to facilitate the use of our website. For example, you can use the session cookies to see whether you have already visited the individual pages on our website. After leaving the website, these session cookies are automatically deleted.
You can set your browser to not accept cookies in general, or accept them only after explicit confirmation by you. You can easily find out how this works by using the help function of your browser. If your browser does not accept cookies, the functionality of our website may be limited or unavailable.
The data processed by cookies for the aforementioned purposes are justified for safeguarding our legitimate interests under Art. 6 para. 1 lit. f) GDPR.
Disclosure of Personal Data
Personal data are disclosed to third parties, if
In other cases, personal data will not be disclosed to third parties.
Data Protection and Third Party Websites
Our website may contain hyperlinks to and from third party websites. If you follow a hyperlink to any of these websites, please note that we cannot accept any responsibility or liability for third party content or privacy. Please carefully read their data protection policy before submitting personal information to these websites.
Your Rights as the Data Subject and Contact
As far as your personal data are processed during the visit of our website, you have the following rights as "data subject" within the meaning of the GDPR:
5.1 Right of Access
You may request confirmation from us as to whether personal information concerning you is processed by us. If such processing exists, you can request information from us about the following data:
You have the right to request information about whether your personal information relates to a foreign country or an international organization. In this connection, you can request the appropriate guarantees in accordance with Art. 46 GDPR in connection with the transfer.
5.2 Right of Correction
You have a right to correction and/or completion with respect to us, if the personal data processed is incorrect or incomplete. We are obligated to perform the correction immediately.
5.3 Right to Restriction of Processing
You may request restriction of the processing of your personal data under the following conditions:
If the processing of personal data concerning you has been restricted, this data may only be used with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of important public interest of the union or member state.
If processing restrictions are limited according to the aforementioned conditions, you will be informed by us before the limitations are lifted.
5.4 Right to Deletion
You may request us to delete your personal information without delay and we are required to delete that information immediately, if any of the following applies:
The right to deletion does not exist if processing is necessary
5.5 Right to Information
If you have asserted your right to rectify, delete or restrict processing, we are obliged to notify all recipients to whom your personal data have been disclosed of this correction or deletion of the data or restriction of processing, unless this proves to be impossible or involves a disproportionate effort.
You have the right to be informed about these recipients.
5.6 Right of Data Transferability
You have the right to receive personally identifiable information you provide us in a structured, common and machine-readable format. You also have the right to transfer this data to another person, who has been provided with the personal data, without hindrance from us, provided that
The right to data portability does not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority that has been delegated to us.
5.7 Right to Revoke Consent
You have the right at any time, for reasons that arise from your particular situation, to revoke consent to the processing of your personal data, which pursuant to Art. 6 para. 1 lit. e or f GDPR; this also applies to profiling based on these provisions.
We will no longer process personal information relating to you unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or processing for the purposes of asserting, pursuing or defending legal claims.
Regardless of Directive 2002/58 / EC, you have the option, in the context of making use of services of the information society, of exercising your right to object through automated procedures that use technical specifications.
5.8 Right to Revoke the Data Protection Declaration of Consent
You have the right to revoke your data protection declaration at any time. The revocation of consent does not affect the legality of the processing performed on the basis of the consent until the revocation.
5.9 Automated Decision on an Individual Basis Including Profiling
You have the right not to be subjected to a decision based solely on automated processing - including profiling - that will have legal ramifications or similarly affect you in a similar manner. This does not apply if the decision
However, these decisions must not be based on special categories of personal data under Art. 9 (1) GDPR, unless Art. 9 (2) lit. a or g GDPR applies and reasonable measures have been taken to protect the rights and freedoms as well as your legitimate interests.
With regard to the first and last mentioned cases, we shall take reasonable steps to uphold the rights and freedoms and your legitimate interests, including at least the right to obtain the intervention of a person through us, to express one's own position and to contest the decision.
5.9.1 Right to Complain to the Regulatory Authorities
Without prejudice to any other administrative or judicial remedy, you shall be entitled to complain to a regulatory authority, in particular within the member state of your residence, place of work or place of the alleged infringement, if you believe that the processing of the personal data concerning you violates the GDPR.
The regulatory authority to which the complaint has been submitted shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy pursuant to Article 78 of the GDPR.
To assert any of your rights and/or to receive more information about this, please contact our data protection officer under
Lueneburger Schanze 30
Proof of your identity may be required before your request is implemented. This serves to protect your data against manipulation or deletion by third parties.
Data Protection Provisions for Applicants
The data you send to us together with your application is processed in order to clarify professional aptitude and go through the application process. The legal basis for processing your data is Art. 6 para. 1 lit. a GDPR.
Your data will be forwarded to the relevant department for review and a possible application process. Any transfer of your data to third parties or their transmission to third countries will not take place without your separate consent.
Your application data (contact details / application documents) will be deleted six months after completing the application process, unless we are obliged to store them due to legal requirements.
Your Rights as a Data Subject
Regarding the processing of your personal data, you have the following rights: first, you have the right to information (Art. 15 GDPR) and, if necessary, correction (Art. 16 GDPR) and/or deletion (Art. 17 GDPR) and/or blocking of your personal data. You also have the right to restrict processing (Art. 18 GDPR) as well as a right to data portability (Art. 20 GDPR).
In addition, you have the right to object to the processing of data concerning you at any time without giving any reason (Art. 21 GDPR) and to change or revoke consent statements with effect for the future. Any data processing performed until revocation is not affected. You may submit the withdrawal by email, fax or post.
To assert your rights, please contact the contact address specified under 5.9.2.
State and Updating of this Data Protection Policy
This data protection policy is effective as of May 25, 2018. We reserve the right to update our data protection policy in due course to improve data protection and/or amend it according to changes in regulatory practice or jurisdiction.
IT Applications for Military/DU EC data:
Provided you have all applicable export control authorisation(s) for all those who are eligible to access the information, you may store/share export controlled data (ITAR, BAR, Military, Dual Use). If in doubt speak to your local Export Control Officer (ECO)