Back
Data Protection

    Data protection

    1. Privacy Notice

    Krones Middle East Africa FZCO (hereinafter referred to as “Krones, “we” or “us”) is glad that you are visiting our websites as well as mobile applications  (collectively also referred to as “Online Offer”) and that you are interested in our company and our products.

    We view the protection of your personal data as an essential consideration which we take into account in our business processes. We process personal data collected during your visit to our Online Offers  in a confidential manner, in compliance with  applicable law.

    Data protection and information security are part of our company policy.

    2. Controller

    Krones is the controller responsible for the processing of your personal data.

    Our contact details are as follows:

    Krones Middle East Africa FZCO 
    DAFZ Office 9WC-130 & 4WA-213
    P.O. Box 293547. Dubai, U.A.E.

    Telephone: +971 4 211 5300
    Fax: +971 4 299 63 22

    E-mail:  info.MEA@krones.ae

    You can contact our Data Protection Officer using the following contact details:

    E-mail: data.protection@krones.com

    3. Processing of personal data

    3.1. Principles

    Personal data is any information relating to an identified or identifiable natural person, i.e. for example names, addresses, telephone numbers, e-mail addresses, contractual, booking and accounting data which is the expression of a person’s identity.

    We process personal data (including IP addresses) only if there is a legal basis for this or if you granted us your consent in this regard, for example in the course of registration .

    Which personal data is processed in detail and how it is used depends largely on the agreed services and your use of our website . Therefore, not all parts of this information will apply to you.

    3.2. Categories of personal data processed

    The following personal data categories are processed:

    • Communication data (e.g. name, telephone, e-mail, address, IP address)
    • Key contract data (contractual relationship, product or contractual interest)
    • Customer history 
    • Contract billing and payments data 
    • Planning and control data 
    • Disclosed information (from third parties, e.g. credit reference agencies or from public directories)
    • Http data that is technically generated when the website is called up. This includes, for example, IP addresses, type and version of your internet browser, the pages accessed, the previously visited page, date and time of access.
    • Search function data that you enter as search terms in the respective search form of the website.
    • Cookie setting data , which we use to manage your cookie settings. This includes your consent (if given), your objections and, if applicable, your individual selection for the use of cookies and other tracking tools.
    • Depending on your individual cookie selection, other transaction data about your visit to our website for reach measurement and market research.
    • Error data are error messages from the server and individual applications, which are stored.

    3.3. Purposes of processing and legal bases

    We and service providers engaged by us may process your personal data for the following purposes of processing and subject to the following legal bases, which can vary depending on the applicable data protection laws:

    3.3.1. Contractual basis (preparation, performance, termination):

    • Answering enquiries
    • Handling of your orders
    • Preparation, negotiation and fulfilment of a contract with you
    • Granting access to certain information and offers.
    • Preparation and implementation of face-to-face meetings and virtual events

    3.3.2. Legal obligation

    • Official or judicial order
    • Tax and commercial legislation

    3.3.3. Legitimate interest of Krones

    • Direct marketing
    • Improvement of products and services
    • Online surveys (note: if we involve a market research institute for survey, it will only become active on our behalf and subject to our instructions)
    • Establishment or protection of legal claims or defence of court actions
    • Image and sound recordings of the events we organise for press and public relations
    • Prevention and detection of abuse, attacks on our IT infrastructure or other unlawful activities
    • Guarantee of data security

    3.3.4. Consent

    • Product or customer surveys by e-mail and/or telephone
    • Sending newsletters
    • Use of cookies for marketing or statistical purposes

    3.4. Log files

    During each use of our website, your internet browser automatically transmits certain information to us which we store in so-called log files (e.g. internet browser used and operating system; domain name of the website you previously visited number of visits; average dwell time, pages accessed). This information is not associated with a specific person.

    We and our subsidiary companies worldwide store these log files for the detection of disturbances and for security reasons (e.g. for the clarification of attempted attacks) for a short time and deleted thereafter. Log files the continued retention of which is required for evidentiary purposes shall be excluded from the deletion until final clarification of the respective incident and can be forwarded to investigating authorities on an individual basis.

    Log files are also used for analysis purposes (without the complete IP address ); for this, see the Web Analysis Section.

    4. Obligation for the provision of personal data

    To the extent there is a contract between you and us, you have to provide the personal data which is required for commencement, performance and termination of the contractual relationship and for the fulfilment of the contractual obligations related thereto or to the collection of which we are legally obliged. Without the provision of such personal data, we will generally not be able to enter into, perform and terminate a contract with you.

    The transmission of certain personal data (e.g. IP address) is required to establish a connection to our website and to display the content of the website. To the extent the processing of your personal data in the course of your use of our website is not required for the commencement, performance and termination of a contractual relationship or for the fulfilment of contractual obligations and is not required under applicable laws, the provision of your personal data shall be voluntary. Please note that certain functionalities of the website or services cannot be used if you do not provide the personal data required for such purposes.

    5. Use of cookies

    Our website uses cookies. Cookies are small text files that are stored on your computer when you visit our website. To the extent permitted by the applicable law, we use cookies particularly to guarantee the use of our Online Offer, for marketing, for individual website optimization and to guarantee IT security.

    When you visit our website, we display a so-called "cookie banner" in which you can click on a button to declare your consent to the use of cookies on this website and make an individual selection of the cookies used on the website. 
    Alternatively, you can also adjust the settings for cookie management in your Internet browser. You can particularly arrange for cookies that have already been set to be deleted or prevent cookies from being set in the future. Please note that the settings will vary depending on the browser you are using.

    Depending on their function and purpose, the use of certain cookies requires the user's consent.

    Cookies, which are necessary to use our online offer or to guarantee IT security, do not require consent. The setting of these cookies and related processing activities are permitted by art. 6 para. 1 lit. f) GDPR (legitimate interest). According to Section 25 (2) TTDSG , no consent is required for the use of such cookies. 

    Cookies for all other purposes, such as for individual website optimization, for marketing or for carrying out statistical evaluations of your activities on the website, require your consent in accordance with art. 7 GDPR, respectively Section 25 (1) TTDSG and relevant provisions under the applicable laws, which we request as part of the cookie banner.

    5.1. Web analysis

    We need statistical information on the use of our online offer in order to make it more user-friendly, to perform reach measurements and to carry out market research activities.

    To that end, we use the web analysis tools described in this Section.

    The use profiles generated by using analysis cookies or evaluating the log files will not be combined with personal data. The tools either do not use IP addresses of the users at all or shorten them immediately after collection. The providers of the tools process personal data as processors only subject to our instructions and not for their own purposes.

    For tools which work with opt-out cookies, it has to be noted that the opt-out function is specific to devices and/or browsers and generally only applies to the end device or browser you are currently using. If you use several end devices and/or browsers, you have to set opt-out for each individual end device and for each browser used.

    Furthermore, you can prevent the generation of user profiles as a whole by deactivating the use of cookies in general.

    6. Data disclosure

    6.1. Forwarding of personal data to other controllers

    In general, we transfer your personal data to third parties only if this is required for contract performance or, where permitted by applicable law, if the third party has a legitimate interest in the personal data disclosure of if you provided your consent thereto. Third parties may be subsidiary companies of Krones. To the extent personal data is transferred to third parties based upon a legitimate interest, this is explained in this Privacy Notice.

    Furthermore, personal data can be transferred to other controllers to the extent we are obliged to do so due to statutory provisions or enforceable official or judicial orders.

    6.2. Service providers

    We engage external service providers to perform tasks such as sales and marketing services, contract management, payment processing, programming, data hosting and hotline services. We have chosen these service providers carefully and monitor them on a regular basis, in particular their careful treatment and protection of the personal data stored with them. We oblige all service providers to maintain confidentiality and to comply with the requirements provided under the applicable law.

    7. Disclosure to recipients outside the EEA or your country of residence 

    We may also transfer personal data to recipients who are based outside the European Economic Area (EEA), or outside of your country of residence (as applicable), in so-called third countries. Such personal data transfer takes place insofar as:

    • It is necessary for the execution of your orders (e.g. delivery orders) in accordance with the performance of the contract between us
    • It is required by law (e.g. tax reporting obligations) or
    • You have given us your consent

    Furthermore, to the extent permitted by the applicable law, a transfer to third countries may occur in the following cases:

    • To maintain and ensure the IT operation and IT security of the company, and
    • To combat money laundering, the financing of terrorism and other criminal offences.

    In these cases, we ensure before the transfer that the recipient either has an adequate level of data protection (e.g. on the basis of an adequacy decision of the European Commission or such other competent regulator for the relevant country or the agreement of so-called EU standard contractual clauses with the recipient) or has your consent to the transfer.

    The current version of the EU standard contractual clauses adopted by the European Commission on 4 June 2021 is available at: https://commission.europa.eu/publications/standard-contractual-clauses-international-transfers_en. For data transfers since 27 September 2021, we will only use the version of the EU Standard Contractual Clauses available at the reference provided.  

    If data is transferred to the USA in the constellations  described above, we only use EU standard contractual clauses, as there is no adequacy decision by the European Commission in this case.

    8. Use of our mobile applications

    In addition to our Online Offer, we also provide to with mobile applications  (“apps”) which you can download to your mobile end device. Apart from the personal data collected on websites, we collect further personal data via our apps which arise from the specific use of a mobile end device. However, we only do this if you provide us with your consent.

    8.1. Processing of your location data 

    Our Online Offer also includes so-called location-based services by means of which we provide you with specific offers which are customised for your individual location. In order to be able to provide you with these functions of the app, we collect the respective last three GPS locations transmitted by the mobile end device and your IP address if you consent thereto. We do not create movement profiles in the course thereof. You can deactivate or reactivate or temporarily deactivate in the pause mode this function in the settings of the respective app or the operating system of your mobile end device without impairing the basic functionality of the app.

    8.2. App analysis

    We need statistical information on the use of our Online Offer in order to make it more user-friendly, to perform reach measurements and to carry out market research activities. To that end, we use the app analysis tools described in this section.

    The use profiles generated by these tools will not be combined with personal data. The tools either do not use IP addresses of the users at all or shorten them immediately after collection.
    The providers of the tools process personal data as processors only subject to our instructions and not for their own purposes.

    Below, you will find information regarding each tool on the respective provider and on your possibility to object to the collection and processing of data by the tool. 

    8.3. Data processing by operators of app stores

    The transfer of data such as user name, e-mail address and individual device identification number to an app store (e.g. Google Play by Google, App Store of Apply, Galaxy App Store of Samsung) in the course of downloading the respective application shall not represent personal data collection by us and is outside our scope of responsibility. We do not have any influence on such personal data collection and further processing by the app store as data controller.

    9. Duration of storage; retention periods

    In general, we store your personal data as long as this is required for the provision of our online offers and the services related thereto or, where permitted by the applicable law, as long as we have a legitimate interest in continued storage (for example, we may have a legitimate interest in postal marketing after fulfilment of the contract). In all other cases, we delete your personal data with the exception of personal data which we have to keep for the fulfilment of legal obligations (e.g. under tax or commercial law).

    10. Newsletter

    In the course of our Online Offer, you can subscribe to newsletters. For this, we use the so-called double opt-in process; accordingly, we will only send you a newsletter by e-mail, mobile messenger services (e.g. WhatsApp), SMS or push message if you first expressly confirm activation of the newsletter service by clicking on a link in a notification. If you no longer wish to receive newsletters, you can end the subscription at any time by withdrawing your consent. The withdrawal is made for e-mail newsletters by clicking on the link set forth in the newsletter or, where applicable, in the administrative settings of the respective online offer. Alternatively, please contact us using the details set forth in the “Controller” section.

    11. Virtual events

    To register for our virtual events, we use either a form on our website, the software service provider GoToWebinar by LogMeIn or the sales tool cuenect. We process the personal data you provide for the purpose of processing your registration for our event, sending you a registration confirmation including a participation link, and providing you with the information shown during the event and, if applicable, the video for the recorded event. In principle, our virtual events can be recorded in image and sound. In this case, we expressly point out the recording at the beginning of the event. Our speakers, their presentations as well as contributions and questions, which can be asked by you either as word or chat contribution in anonymous form, are recorded in picture and sound.

    12. External Links

    Our Online Offer may contain links to third-party websites − i.e. of providers not affiliated to us. After clicking on the link, we do not have any influence on the collection, processing and use of any personal data transferred to the third party by clicking on the link (such as the IP address or the URL of the page containing the link) as the behaviour of third parties is naturally not under our control. We do not assume any responsibility for the processing of such personal data by third parties.

    13. Safety

    Our employees and the service providers acting on our behalf are obliged to maintain confidentiality and comply with the provisions of the applicable data protection laws.

    We take all required technical and organisational measures in order to ensure an appropriate level of protection and to protect your personal data managed by us particularly against the risks of accidental or unlawful destruction, manipulation, loss, alteration or unauthorised disclosure or unauthorised access. Our security measures are subject to continuous improvement according to technological developments.

    14. Your rights as a user

    Please use the contact details set forth in the “Controller” section to assert your rights. When doing so, please ensure that we are able to clearly identify you.

    You are entitled to obtain from us information on the processing of your personal data. For this purpose, you can assert a right of access regarding your personal data we process. In addition, you can require us to rectify incorrect  personal data and - to the extent the statutory provisions are met - complete or erase your personal data. However, this shall not apply to personal data required for billing and accounting purposes or subject to the statutory retention obligation. To the extent access to such personal data is not required, processing thereof will be restricted. In addition, you can require us to - to the extent the statutory provisions are met - restrict the processing of your personal data.

    Objection to personal data processing:

    Moreover, you are entitled to object to us processing your personal data at any time. We will then cease processing your personal data, unless we can - in accordance with the statutory provisions - demonstrate compelling legitimate grounds for the further processing which override your interests.

    Objection to direct marketing:

    Apart from that, you can object to the processing of your personal data for marketing purposes at any time (“objection to marketing”). Please note that for organisational reasons, your withdrawal and the use of your personal data in the course of a campaign which has already commenced may overlap.

    Objection to data processing if “legitimate interest” is the legal basis:

    In addition, you are entitled to object to personal data processing by us at any time to the extent such processing is based upon the legal basis of a legitimate interest. We will then cease processing your personal data, unless we can - in accordance with the statutory provisions - demonstrate compelling legitimate grounds for the further processing which override your interests.

    Withdrawal of consent:

    If you have given us your consent to the processing of your personal data, you can withdraw it at any time with effect for the future. A withdrawal shall not affect the lawfulness of the processing of your personal data up until the time of the withdrawal.

    14.1. Data portability

    Furthermore, you are entitled to receive personal data which you provided to us in a structured, common and machine-readable format or - to the extent technically feasible - to request transfer of such personal data to a third party.

    14.2. Right to lodge a complaint with the supervisory authority:

    You are entitled to lodge a complaint with a supervisory authority. For this, you can contact the data protection authority which is competent for your place of residence or your state or the data protection authority competent for us. This is:

    Telecommunications and Digital Government Regulatory Authority (TDRA)
    Al Wuheida St - Deira - Dubai
    P.O.Box: 116688 Dubai, United Arab Emirates

    Toll free: 800 12
    Telephone: +971 4 7774049
    Fax: +971 2 777 2229

    E-mail: info@tdra.gov.ae

    14.3. Fully automated decision-making

    In accordance with Art. 22 GDPR or equivalent provisions under the applicable laws,  you also have the right not to be subject to fully automated decision-making. As a matter of principle, we do not use fully automated decision-making for the implementation and termination of the business relationship. Should we use this procedure in individual cases (e.g. to improve our products and services), we will inform you separately about this and about your rights in this regard, insofar as this is legally prescribed.

    15. Changes to the Privacy Notice

    We reserve the right to amend our security and data protection measures to the extent this is necessary due to technological advancements. In these cases, we will also adjust our data protection information accordingly. Therefore, please note the respective current version of our Privacy Notice.

    Version: 2023.09.01

    Information on the handling of customer data in the Krones Group
    0.14 MB, .pdf
    Information on the handling of supplier data in the Krones Group
    0.54 MB, .pdf

    Overview of the services integrated on the website

    Below you will find a list of all the services integrated on the website. Which services are actually used depends on your individual cookie settings.

    kronesEN
    kronesEN
    0
    10
    1