Kopexa GmbH ("Kopexa") understands that privacy matters to you and is committed to protecting your personal data. This Privacy Policy explains how we collect, use and share information when you use our website, services or other Kopexa content. By accessing the Kopexa website or using our services, you agree to the practices described in this Privacy Policy.
What does this Privacy Policy cover?
This Privacy Policy applies to the collection and processing of personal data when you use the Kopexa website or our services. It does not apply to companies we do not own or control, or to individuals we do not manage.
Kopexa acts as a data processor for its customers, who act as data controllers. We process personal data only in accordance with our customers' instructions and implement technical and organizational measures to ensure compliance with the General Data Protection Regulation (GDPR).
Privacy rights for California residents
Under the California Consumer Privacy Act (CCPA), California residents may request information about the categories of personal data shared with third parties for marketing purposes. To exercise your rights, contact us at dataprivacy@kopexa.com.
Cooperation with data protection authorities
Kopexa works with the European Union Data Protection Authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) to resolve unresolved complaints related to the transfer of data from the EU and Switzerland.
Collection of personal data
Kopexa may collect the following personal data:
- When registering for Kopexa services: name, email address and IP address.
- When visiting our website: IP address, browser type and interaction logs.
- When using Kopexa services: login data, account activity and customer-submitted content.
We may also receive personal data from third parties, including our customers, service providers and publicly available sources.
Use of personal data
We process personal data for the following purposes:
- Providing, maintaining and improving our services.
- Authenticating and managing user accounts.
- Ensuring security and protection against fraud.
- Sending relevant product updates and marketing communications, subject to user preferences.
Marketing communications
By providing us with your email address, you agree to receive marketing communications about the use of the website, Kopexa services and our products. You can unsubscribe from marketing communications at any time via the unsubscribe link in our emails or by contacting us directly.
Sharing of personal data
Kopexa does not sell personal data. However, we share data with:
- Service providers (sub-processors) that support necessary business processes.
- Business partners where required for the provision of services.
- Authorities where we are legally required to do so.
A list of our sub-processors is available upon request.
Data transfers and security measures
Personal data may be processed outside the European Economic Area (EEA). In such cases, we ensure adequate protection through the following measures:
- Standard Contractual Clauses (SCCs) approved by the European Commission.
- Participation in the EU-U.S. Data Privacy Framework (DPF) for applicable data transfers.
All data is encrypted during transfer and storage. We use AES-256 encryption for stored data and TLS 1.2+ for secure transfers. Our infrastructure includes firewall protection, intrusion detection systems and access controls.
Cookies and tracking technologies
Kopexa uses cookies and similar technologies to improve the user experience. These include:
- Required cookies for basic functionality.
- Performance cookies for analytics and optimization.
- Third-party cookies for integrations such as Google Analytics.
Users can adjust their cookie preferences via the cookie settings in the website footer. For more information, see our Cookie Policy.
Retention of personal data
Personal data is retained only as long as necessary for the purposes described in this Privacy Policy. Retention periods are determined by:
- Legal requirements and compliance obligations.
- The duration of the customer relationship.
- Technical and operational considerations.
Data that is no longer needed is securely deleted in accordance with industry-standard security practices.
Rights to restrict the processing of personal data
If Kopexa processes your personal data on behalf of a customer, you should first contact that customer.
However, you may withdraw your consent to the processing of your data at any time by emailing dataprivacy@kopexa.com. Upon receipt of your request, Kopexa will delete your data unless there are legal or billing-related reasons for retention.
If your data is incorrect, you may request a correction at dataprivacy@kopexa.com.
Right to information about data protection measures for international data transfers
Kopexa ensures that adequate data protection measures are in place for the transfer of personal data outside the EEA. For countries without an adequacy decision by the European Commission, Kopexa relies on contractual safeguards in accordance with the GDPR.
Reporting data breaches
In the event of a data breach, Kopexa will:
- Analyze the incident and assess its scope.
- Notify affected individuals and relevant authorities without undue delay.
- Implement corrective measures to prevent future incidents.
Questions or concerns about the Privacy Policy
If you have questions or concerns about our privacy practices, you can contact us at dataprivacy@kopexa.com. We will process your request as quickly as possible.
Changes to this Privacy Policy
Kopexa continuously improves its website and services. Therefore, this Privacy Policy may be updated from time to time.
Changes will be communicated through an updated version on our website, an email notification or other appropriate communication channels. Continued use of our services after updates constitutes acceptance of the revised policy.
Contact
For privacy inquiries or data requests, contact us at:
Kopexa GmbH Data Privacy Office Schauenburgerstraße 116 24118 Kiel Email: dataprivacy@kopexa.com