Privacy statement

 

Your trust is important for us. AKA Ausfuhrkredit-Gesellschaft mbH (hereinafter referred to as “AKA”, information on the statutory disclosures can be found here) is committed to protecting your personal data and to observing data protection legislation. For this reason, we would like to inform you here of the personal data that we record when you visit our website and the purposes for which we use it.

As amendments to the applicable legislation or modifications to our internal corporate processes may necessitate revisions to this privacy statement, we ask you to read it regularly. The privacy statement can be downloaded, stored and printed out at any time by visiting Privacy statement.

This privacy statement applies to AKA’s website, which is located at the domain www.akabank.de as well as the various subdomains (hereinafter referred to as “our website”).

 

§1 Controller and area of applicability

The controller as defined in the EU General Data Protection Regulation (hereinafter referred to as “GDPR”) and other national data protection legislation of the member states and other data protection rules is:

AKA Ausfuhrkredit-Gesellschaft mbH
Grosse Gallusstrasse 1-7
60311 Frankfurt 
Germany
Tel.: +49 69 - 29 891-00
E-Mail: info@akabank.de
Website: www.akabank.de

 

§2 Data protection officer

The controller’s external data protection officer is:

Attorney Dr. Karsten Kinast, LL.M.
KINAST Rechtsanwaltsgesellschaft mbH
Hohenzollernring 54
D-50672 Cologne
Tel.: +49 (0)221 – 222 183 – 0
E-Mail: mail@kinast-partner.de 
Website: http://www.kinast-partner.de/externer-datenschutzbeauftragter/

 

 

§3 Principles of data processing

Personal data refers to all information relating to an identified or identifiable natural person. This includes such information as your name, your age, your address, your telephone number, your date of birth, your e-mail address, your IP address and your browsing history. Information that we cannot trace back to you (or only at unreasonable expense), e.g. because it has been anonymised, is not classed as personal data. Personal data may always only be processed (e.g. collected, requested, utilised, stored or transmitted) if there is a statutory basis for doing so or we have your consent. Personal data is deleted as soon as the purpose for which it has been processed has been achieved and it is not subject to any statutory archiving requirements.

If we process your personal data to provide certain offerings, we will inform you below of the specific processes, the scope and the purpose for which the data is processed, the statutory basis on which it is processed and the period for which it is stored.

 

§4 Individual processing steps

1. Provision and utilisation of the website

a. Type and extent of data processing

When you visit and utilise our website, we collect the personal data which your browser automatically sends to our server. This information is temporarily stored in a log file. When you visit our website, we collect the following data which we require for technical purposes so that we can display our website to you and ensure its stability and security:

  • IP address
  • Date and time of inquiry
  • Time zone difference to Greenwich Mean Time (GTM)
  • Content of the request (specific page)
  • Access status/HTTP status code
  • Amount of data transferred
  • Originating website of the request
  • Browser
  • Operating system and user interface
  • Language and version of the browser software

 

b. Statutory basis

The statutory basis for the aforementioned data processing is Article 6 (1) Sentence 1 (f) of the GDPR. Processing the aforementioned data is necessary so that a website can be provided and thus serves the legitimate interests of our company.

 

c. Storage period

As soon as the aforementioned data is no longer required for displaying the website, it is deleted. It is necessary for data to be collected and stored in log files so that the website can be duly provided and maintained. Accordingly, the visitor to the website does not have any right of objection. The data may be stored for an additional period in individual cases if this is required by law.

 

2. Contact form

a. Type and extent of data processing

On our website, we invite you to contact us by completing a form which we provide for this purpose. When you submit your inquiry with us by using this contact form, we refer you to this privacy statement in order to obtain your consent. If you make use of this contact form, the following personal data will be processed

  • E-mail address
  • Name of company
  • First and last name
  • Position and telephone number as possible additional information

 

We use your e-mail address to allocate your inquiry and to reply to it. When you use the contact form, none of your personal data is transmitted to any third parties.

 

b. Statutory basis

The data processing as described in Section 4.2 (a) for contacting our company is subject to Article 6 (1) Sentence 1 (a) of the GDPR and the voluntary declaration of consent that you provide below:

 

Declaration of consent:

By entering my data and clicking on the “Send” button, I declare my consent to the use of my e-mail address for the purposes of replying to my contact request.

I may at any time revoke my consent to the collection of my personal data during the period in which I use the contact form.

 

c. Storage period

As soon as we have replied to your inquiry and the subject matter of your inquiry has been answered conclusively, we will delete the personal data which we have processed via the contact form. The data may be stored for an additional period in individual cases if this is required by law.

 

§5 Transmission of data

We only transmit your personal data to third parties if

  • you give us your express consent to do so in accordance with Article 6 (1) Sentence 1 (a) of the GDPR
  • this is permitted by law and required under Article 6 (1) Sentence 1 (b) of the GDPR to establish a contractual relationship with you
  • it is subject to a statutory requirement in accordance with Article 6 (1) Sentence 1 (c) of the GDPR 
  • transmission of the data in accordance with Article 6 (1) Sentence 1 (f) of the GDPR is required to preserve the company’s legitimate interests and to establish, exercise or defend any legal claims and there are no grounds for believing that you have any overriding legitimate interest in not having your data transmitted.

 

§6 Use of Cookies

a. Type and extent of data processing

We use cookies on our website. Cookies are small files that are sent to and deposited on your device's browser when you visit our website. Some of the features on our website are not fully available without the use of technically necessary cookies. Other cookies allow us to perform various analyses. Cookies, for example, are able to recognise the browser you are using when you visit our website again and to send various information to us. Among other things, we use cookies to make our website more user-friendly and effective, for example, by tracking your use of our website and identifying your preferred settings (such as the country and language settings). If third parties process information via cookies, they collect the information directly from your browser. Cookies do not damage your device. They cannot run any programs and do not contain viruses. Our website uses various types of cookies, the nature and function of which are explained in more detail below.

  • Transient cookies:
    Our website uses transient cookies, which are automatically deleted when you close your browser. This type of cookie records your session ID. This allocates different requests from your browser to a single session, allowing us to recognise your device when you visit the website again.
  • Persistent cookies:
    Our website uses persistent cookies. These are cookies that are stored in your browser for a protracted period of time and transmit information to us. The storage period depends on the cookie. You can delete persistent cookies independently via your browser settings.
  • Analytic cookies:
    These cookies enable us to carry out an analysis of the website usage and to improve the performance and functionality of our website. For example, they collect information on how visitors use our website, what pages are visited the most frequently and whether any error messages are displayed on certain pages.

 

b. Statutory basis

In view of the purposes outlined above (see § 6.a), the statutory basis for the use of cookies to process personal data can be found in Article 6 (1) Sentence 1 (f) of the GDPR. If you have given us your consent to use cookies on the basis of a “cookie banner” shown on our website, the statutory basis is Article 6 (1) Sentence 1 (a) of the GDPR.

 

c. Storage period

As soon as the data transmitted to us via the cookies has been used for the abovementioned purposes, it is deleted. The data may be stored for an additional period in individual cases if this is required by law.

 

d. Configuration of browser settings

Most browsers are set to automatically accept cookies. You can configure your browser to accept only certain or no cookies at all. However, you should be aware that you may not be able to use all the functions of this website if you do this. You can also configure your browser settings to delete cookies that have already been stored by the browser. It is also possible to set your browser to warn you before cookies are stored. As there may be differences in the functions of the various browsers, we recommend consulting the help menu of your browser for the configuration options. 

If you require a comprehensive overview of all third-party access to your Internet browser, we recommend installing specially developed plug-ins.

 

§7 Tracking and analytics tools

We use a tracking and analytics tool to ensure ongoing optimization and customization of our website. By using tracking tools, we are also able to record statistics on the use of our website by visitors and to utilise this information to enhance our website. In view of these interests, the use of the tracking and analytics tools described below is justified in accordance with Article 6 (1) Sentence 1 (f) of the GDPR. If you have given us your consent to use cookies on the basis of a “cookie banner” shown on our website, the statutory basis is Article 6 (1) Sentence 1 a of the GDPR. The purposes for which the data is processed and details of the data processed can be found in the following description of the tracking and analytics tools.

 

Matomo

This website uses the web analysis service Matomo, formerly Piwik, to evaluate user traffic to this website. Matomo currently does not use cookies. 

Matomo is an open source project. Third-party privacy information is available at https://matomo.org/docs/privacy/.

 

§8 Hyperlinks

Our website contains hyperlinks to third-party websites. When these hyperlinks are followed, you are taken straight to the third-party website in question. Among other things, you can see this from the change in the URL. We can assume no liability for the confidentiality of your data on such third-party websites as we are unable to exert any influence on the extent to which these companies observe the applicable data protection legislation. Please go to these websites to find out how these companies handle your personal data.

 

§9 Data subject rights

You as the data subject have the following rights under the GDPR:

  • Under Article 15 of the GDPR you may request information on the personal data that we process. In particular, you may request information on the purposes of the processing, the categories of personal data concerned, the recipients or categories of recipient to whom the personal data have been or will be disclosed, the envisaged period for which the personal data will be stored, the existence of the right to request rectification or erasure of personal data or restriction of processing of personal data or to object to such processing, the right to lodge a complaint, where the personal data is not collected by us, any available information as to its source, transmission of the data to third countries or international organisations, the existence of automated decision-making, including profiling, and meaningful information about the logic involved.
  • Under Article 16 of the GDPR, you may request the rectification of any incorrect data or the removal of any omissions in such data without undue delay.
  • Under Article 17 of the GDPR, you may request the deletion of the personal data which we store to the extent that processing is not necessary for the exercise of the right of free expression and information, to comply with any legal obligation, for reasons of public interest or to establish, exercise or defend any legal claims.
  • Under Article 18 of the GDPR, you may request the restriction of processing of your personal data if you dispute the accuracy of the personal data, the processing is unlawful, we no longer require the data and you oppose the erasure of the data as you require it to establish, exercise or defend legal claims. You may also rely on Article 18 of the GDPR if you have objected to processing in accordance with Article 21 of the GDPR.
  • Under Article 20 of the GDPR, you have the right to receive the personal data which you have provided to us, in a structured, commonly used and machine-readable format or request that it be transmitted to another data processor.
  • Under Article 7 (3) of the GDPR, you may revoke at any time any consent that you have given us. In this case, we will with future effect cease to process the data which was the subject of your prior consent.
  • Under Article 77 of the GDPR you have a right to lodge a complaint with a supervisory authority. Generally speaking, you can lodge such a complaint with the supervisory authority responsible for your customary place of abode or work or responsible for the town or city in which we are domiciled.

 

§10 Right of objection

When we process your personal data on the basis of legitimate interests in accordance with Article 6 (1) Sentence 1 f of the GDPR, you may lodge an objection under Article 21 of the GDPR to the processing of your personal data on any grounds relating to your particular situation as well as to direct marketing activities. In the case of direct marketing activities, you have a general right of objection, which we must observe even if you do not provide any reasons.

 

§11 Data security and security measures

We undertake to protect your privacy and keep your personal information confidential. To avoid any manipulation, loss or misuse of your stored data, we take extensive technical and organisational precautions that are periodically reviewed and revised in the light of technological progress. Among other things, this includes the use of recognised encryption methods (SSL or TLS).
However, please note that given the nature of the Internet other persons or entities outside our control may not observe the rules of data protection and the above-mentioned security precautions. In particular, unencrypted data – e.g. data sent by e-mail – may be intercepted and read by third parties. We have no technical influence on this. It is the responsibility of the user to protect the data provided by him by encrypting it or otherwise protecting it from unauthorised use.