1 General information on Data Processing

This privacy statement describes the collection and use of personal data in connection with the use of our website in accordance with the requirements of the General Data Protection Regulation ("GDPR"). Processing activities that are not covered by this privacy statement may be supplemented by further privacy statements that shall apply separately.

1.1 Controller

Controller pursuant to the GDPR is

Kenjo GmbH ("Kenjo"/"we"/"us")

Urbanstraße 71,

10967 Berlin,

Germany

We inform you in the following about the processing of your personal data within the scope of our web offer https://www.kenjo.io/ ("website").

1.2 Data Protection Officer

You can reach our appointed data protection officer at:

  • by mail at:

Kenjo GmbH

- Data Protection Officer -

Urbanstraße 71,

10967 Berlin,

Germany

  • or by e-mail at:

dataprotection@kenjo.io

1.3 Data Subject Rights and Supervisory Authority

You may exercise the following rights:

  • Right to information about your data stored by us and its processing (Art. 15 GDPR),
  • Right to rectification of inaccurate personal data (Art. 16 GDPR),
  • Right to have your data stored by us deleted (Art. 17 GDPR),
  • Right to restriction of data processing if we are not yet allowed to delete your data due to legal obligations (Art. 18 GDPR),
  • Right to portability of data if you have consented to the data processing or have concluded a contract with us (Art. 20 GDPR),
  • Right to object to the processing of your data by us (Art. 21 GDPR)

To exercise your rights, you can contact us by email at dataprotection@kenjo.io.

For identification purposes, please provide the following information:

  • First and last name
  • Company

The processing of your request and the identification of your person is based on Art. 6 para. 1 lit. c) GDPR.

You can file a complaint at any time pursuant to Art. 77 GDPR in conjunction with § 19 German Federal Data Protection Act (BDSG) with a supervisory authority, e.g. with the competent supervisory authority of the federal state in which you live or with the authority responsible for us.

Under the following link you will find all supervisory authorities for Germany for non-public bodies: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

1.4 Processing of Data, Purpose and Legal Basis

We process your personal data in accordance with the provisions of the GDPR and the BDSG.

The legal bases of all our processing activities stem from Art. 6 (1) GDPR.

Personal data is initially processed by us for the fulfillment of contractual obligations or pre-contractual measures according to Art. 6 para. 1 p. 1 lit. b) GDPR.

Furthermore, we process your data based on your consent in accordance with Art. 6 para. 1 p.1 lit. a) GDPR for certain purposes, in particular:

  • to the newsletter dispatch with regular offers
  • to receive special information and offers from Kenjo
  • to support website usage processes with reminder functions and live chats
  • for the personalized use of the website and personalized offers
  • for analytical purposes in order to optimize our offer for you

Consent given can be revoked at any time. The revocation of consent is only effective for the future and does not affect the lawfulness of the data processed until the revocation.

In addition, we process your data to protect our legitimate interests according to Art. 6 para. 1 p. 1 lit. f) GDPR,

  • to ensure the security and stability of our website,
  • to contact you, as far as a permanent business relationship with you or your employer exists or is intended (business contacts).

In addition, we will process your data in accordance with Art. 6 Para. 1 lit. c) GDPR if we are legally obliged to do so, for example in order to comply with our obligations to keep records under commercial or tax law.

1.5 Storage Duration

We will take all reasonable steps to ensure that your personal data is processed only for the period required by the purpose of processing in each case. If the storage period is not specified below, your personal data will be deleted or blocked as soon as the purpose or legal basis for storage ceases to apply. Personal data will not be deleted if storage is required by law (e.g. § 257 HGB, 147 AO). Furthermore, we may store your personal data until the expiry of the statutory limitation periods (usually 3 years; in individual cases, however, up to 10 years or longer), provided that this is necessary for the assertion, exercise or defense of legal claims.

1.6 Data Security

To protect the security of your data during transmission, we use technical and organizational security measures, in particular the encryption of our website to prevent unauthorized access by third parties. Our security measures are continuously improved and adapted according to technological developments.

1.7 Transmission to Service Providers

We use service providers for the provision of our offers. These service providers act only according to our instructions and are contractually obligated to comply with the provisions of Art. 28 GDPR. If not further specified below, the service providers are contracted for the following services:

  • Maintenance of IT systems and related services
  • Request management
  • Website performance measurement

1.8 Data Transfer to third Countries

Unless otherwise stated below, your data will not be transferred to a third country outside the European Union. Your personal data will only be transferred to third countries if the requirements of Art. 44 - 49 GDPR are met, in particular standard contractual clauses, binding corporate rules, adequacy decisions of the Commission.

1.9 No Obligation to provide Data/no Profiling

There is no legal or contractual obligation to provide us with data. However, some services can only be provided if the required data is provided by you. Your personal data will not be used for profiling or automated individual decision making.

2 Processing Activities

Our website offers different areas with different functionalities for the visitor, which are described in more detail below.

2.1 No Obligation to provide Data/no Profiling

Nature and purpose of data processing:

When you access our website, information of a general nature is automatically collected. This information, known as server log files, includes:

  • IP address
  • Name of the access provider
  • Browser type, browser software version and browser language
  • Operating system
  • Date and time of access
  • Access content
  • Amount of data transferred
  • Access status (successful transmission/error)
  • Web page(s) to which the access was redirected
  • Visited websites

The processing is carried out for the following purposes:

  • Ensuring a trouble-free connection to the website
  • Ensuring a smooth use of our website
  • Assessment of system security and stability

Legal basis:

The processing is carried out pursuant to Art. 6 para. 1 lit. f GDPR, based on our legitimate interest to host the website and to improve and monitor the security, stability and functionality of the website.

Recipient:

Recipients of the data are technical service providers who are responsible for the operation and maintenance of our website. As processors, the service providers are obliged to process the data only within the scope of our instructions.

2.2 Marketing Activities

Nature and purpose of the processing:

On our website, we offer you the opportunity to sign up for updates, regular product news, and events and webinars. For these purposes, we process the following data:

  • Name
  • E-mail
  • Company name
  • Role in the company
  • Country
  • Correspondence

Legal basis:

The processing is necessary for correspondence and conducting events and webinars (Art. 6 para. 1 lit. b GDPR), or based on your separate consent (Art. 6 para. 1 lit. a GDPR).

Right to withdraw consent:

You have the right to revoke your consent to the use of your data at any time with effect for the future (e.g. by clicking on the unsubscribe link in one of our newsletters).

Recipient:

The recipients of the data are order processors. As processors, the service providers are obliged to process the data only within the scope of our instructions.

Retention period:

We process your data until you unsubscribe from our newsletter, revoke your consent, or request that we delete it.

Withdrawal of consent:

If you no longer wish to receive newsletters from us in the future and/or wish to object to the analysis of your data by such newsletters, please use the "unsubscribe" link contained in each newsletter or send us an email at dataprotection@kenjo.io.

2.3 Appointments / Onboarding Support

Nature and purpose of the processing:

We offer you the opportunity to make an appointment with us. The data you enter and submit will be processed exclusively for the purpose of arranging an appointment for a demo session with you. We will process your email address, name, phone number and the respective time slot to enable the digital appointment schedule on our website.

Legal basis:

The data is processed to carry out pre-contractual measures (Art. 6 para. 1 lit. b GDPR) or due to legitimate interests (Art. 6 para. 1 lit. f GDPR) to provide you with efficient communication.

Recipient:

The recipients of the data are processors on behalf. As processors, the service providers are obliged to process the data only within the scope of our instructions.

2.4 Contacting Us

Nature and purpose of the processing:

In order to provide you with the best possible support when using our offers, we offer you the possibility to contact our customer service in chat form on the website, by email or by phone. All communications directed to us become support tickets. In this context, we process your name, e-mail address and phone number, if applicable, as well as contents of your request.

Legal basis:

The data is either processed for the implementation of pre-contractual measures (Art. 6 para. 1 b) GDPR), or based on our legitimate interests (Art. 6 para. 1 f GDPR) to provide customers with a customer service available anywhere on the site (in the form of chat or a customer-facing e-mail).

Recipients:

Recipients of the data are service providers within the EU and a service provider in the United States. As processors on behalf, the service providers are obliged to process the data only within the scope of our instructions set forth in a data processing agreement.

Transfer to third countries:

Adequate safeguards for the transfer of your data to countries outside of the EU/EAA are in place. The data processing agreement with the services provider includes Standard Contractual Clauses approved by the EU Commission and adequate guarantees that data protection obligations will be met.

2.5 Website Analytics

Nature and purpose of data processing:

This website uses cookie-based technology to help us better understand how the website is used. We do this by compiling reports about activity on the website that do not identify specific individuals.

Legal basis:

The processing is carried out with your consent according to Art. 6 para. 1 lit. a) GDPR.

You can find more information in the Cookies section.

2.6 Personalized Advertising

Nature and purpose of data processing:

We use cookie-based technologies that help us deliver more effective and personalized advertising.

Legal basis:

The processing is carried out with your consent according to Art. 6 para. 1 lit. a) GDPR.

You can find more information in the Cookies section.

2.7 Applications

Nature and purpose of data processing:

On our website you have the possibility to apply for open positions. In order to accept and evaluate your application we will need to process the following personal information:

  • Name
  • E-Mail Address
  • Information contained in cover letter and CV
  • e.g. Address, Age, Sex, Picture, Career, Prior Occupations, Grades etc.

Legal basis:

The data is processed on the basis of pre-contractual measures (Art. 6 Para. 1 lit. b GDPR).

Retention Period:

In the event that your application was unsuccessful, your application data is deleted after 6 months.

2.8 Talent Pool

Nature and purpose of data processing:

If we cannot offer you a position based on your application immediately we may like to retain your application and the data contained therein (see 2.7) for future openings.

Legal basis:

The data is processed on the basis of your consent (Art. 6 Para. 1 lit. a GDPR).

Retention Period:

If we could not offer you a position at Kenjo our data will be deleted from the talent pool after 2 years.

3 Social Media Appearances

We operate pages on the following social media channels:

  • Facebook:

www.facebook.com or mobile app of Facebook Inc. 1601 S. California Ave, Palo Alto, CA 94304, USA or Facebook Ireland Ltd. 4 Grand Canal Square, Dublin 2, Ireland, see at: https://www.facebook.com/policy.php,

  • Instagram:

www.instagram.com or mobile app of Facebook Ireland Ltd. 4 Grand Canal Square, Dublin 2, Ireland, see: http://instagram.com/about/legal/privacy/,

  • Twitter:

www.twitter.com or mobile app from Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, see also: https://twitter.com/en/privacy,

  • LinkedIn:

www.linkedin.com or mobile app by LinkedIn Corporation, Legal Department - Privacy, 1000 W. Maude Ave, Sunnyvale, CA 94085, USA or LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland, see at: https://www.linkedin.com/legal/privacy-policy,

  • Buffer:

www.buffer.com or mobile app by Buffer Inc, 2243 Fillmore, St #380-7163, San Francisco, CA 94115, USA, see also: https://buffer.com/legal#privacy-policy,

  • Crunchbase:

Crunchbase.com or mobile app by Crunchbase, 564 Market Street, Suite 700, San Francisco, CA 94104, USA, see also:

https://about.crunchbase.com/terms-of-service/privacy-policy/,

  • Investory:

www.Investory.ch by INVESTORY AG, Marktgasse 15, CH-8302 Kloten, Switzerland, see also:

https://www.investory.ch/fileadmin/user_upload/dokumente/Datenschutzbestimmungen_INVESTORY.pdf,

  • Xing:

www.xing.de or mobile app from New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany see also: https://privacy.xing.com/de/datenschutzerklaerung,

  • YouTube:

www.youtube.com or mobile app from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4th, Ireland, see also: https://policies.google.com/privacy,

  • ShareThis:

On our pages, we use social plugins from the bookmarking service ShareThis Inc. By using the social plugins of ShareThis, you can share content from our website in various social media channels such as Facebook, Twitter, Instagram and Co. See also: https://sharethis.com/privacy/.

When you visit our social media pages, data is processed both by us and by the respective social media provider as the responsible party.

The respective social media provider assumes the data protection obligations towards you as a user, such as providing information about data processing, and is the contact for your rights. This results from the fact that such a provider has direct access to the relevant information on the social media site and the processing of your data.

When using Facebook, Instagram, Twitter, LinkedIn or Reddit, data may also be processed outside the EU.

3.1 Data Processing and Legal Basis

Our social media pages allow us to communicate with you and provide you with interesting information. Through your comments, shared images, messages and reactions, we may receive further data from you, which we process to communicate with you. If you use social media on multiple devices, data may be analyzed across devices.

In addition, social media site providers may also use cookies and tracking technologies to analyze and improve their services.

Data processing is carried out with your consent or for the purpose of responding to your inquiry (Art. 6 (1) a), b) GDPR) or on the basis of legitimate interest in improving the services and external presentation (Art. 6 (1) f) GDPR).

3.2 Facebook

Facebook and we use the "Page Insights" function to process statistical data from users of our Facebook pages (see also the agreement at: https://www.facebook.com/legal/terms/page_controller_addendum). This involves processing data in the form of so-called "Page Insights", which are described in more detail at: https://www.facebook.com/legal/terms/information_about_page_insights_data.

From the usage data of the Facebook pages, evaluations and statistics are created in the form of Page Insights, which help us improve our marketing activities and our external presence. We can also learn about the users and their behavior who interact with our Facebook pages or use them to display relevant content and develop features that may be of interest to them. These page statistics show us, for example, which people from certain target groups interact most with our Facebook page or which content on the Facebook page was visited, shared or clicked on, when and how often. When classifying people into target groups, demographic data or data about a person's location are also included in order to target advertising at these people. If you use Facebook on multiple devices, data can be analyzed across devices. The data collected in this way is processed statistically and is generally anonymous, i.e. we cannot establish a reference to the individual person.

Information on these Page Insights and data processing can be found, for example, in Facebook's privacy policy at https://www.facebook.com/policy.php or at https://www.facebook.com/business/a/page/page-insights.

Facebook also uses cookies and storage technologies. You can find more information here: https://www.facebook.com/policies/cookies/

As a Facebook user, you can always influence how your user behavior is recorded when visiting Facebook pages. To do this, you can manage the settings for advertising preferences in your Facebook account or at: https://www.facebook.com/ads/preferences or the Facebook settings in your account or at https://www.facebook.com/settings.

Facebook also provides ways to contact or exercise rights at: https://www.facebook.com/help/contact/2061665240770586 or https://www.facebook.com/help/contact/308592359910928 .

3.3 Instagram

If you use Instagram and have an account there, Instagram can associate your activities with your profiles there. Instagram and we use the Instagram Insights function to process statistical data of the users of our Instagram pages (see also for Facebook, which is affiliated with the provider of Instagram, the agreement at: https://www.facebook.com/legal/terms/page_controller_addendum). This involves processing data in the form of so-called "Instagram Insights", which are described in more detail at https://help.instagram.com/788388387972460?helpref=faq_content.

In the form of Instagram Insights, evaluations and statistics are created from the usage data of the Instagram pages, which support us in improving our marketing activities and our external presence. With the help of Instagram Insights, we can learn more about our users and the performance of our content with you as an audience. For this purpose, Instagram provides us with statistics on specific posts and stories created to find out how users interacted with them. When categorizing people into audiences, we also include demographic data or data about a person's location in order to target ads to those people. If you use Instagram on multiple devices, a cross-device analysis of the data can take place. The data collected in this way is processed statistically and is generally anonymous, i.e. we cannot establish a reference to the individual person.

Instagram also uses cookies and similar technologies. You can find more information about this at: http://instagram.com/about/legal/privacy/

As an Instagram user, you can always influence how your user behavior is recorded when you visit Instagram pages. To do this, you can manage the settings for advertising displays in your Instagram account or at https://www.instagram.com/accounts/privacy_and_security/. Instagram also offers ways to contact us or exercise your rights at: https://help.instagram.com/contact/1845713985721890 or http://instagram.com/about/legal/privacy/.

4 Overview of Cookies

5 Changes to the Privacy Statement

We reserve the right to adapt this data protection declaration so that it always complies with the current legal requirements or to make changes to our offers in the data protection declaration, e.g. when introducing new services. The current version of the data protection declaration applies in each case.

PRODUCT

Reports and Analytics

Digital HR

Employee Surveys

Goals & OKR

Recruitment

Book a demo

Free trial

RESOURCES

HR-Templates

HR resources

Blog

Knowledge Base

FAQ

Pricing

KENJO

Contact Us

Our Mission

Our Team

Jobs

Testimonials

Press

LEGAL

Legal notice

Terms & Conditions

Privacy policy

Financing Program

Become A Partner

HR GUIDES

Performance Reviews

Time Off

Human Resource Management

People Analytics

Recruiting

Employee Development

Kenjo logo
youtubefacebooklinkedin

© 2023 Kenjo GmbH. All rights reserved.

BERLIN

Urbanstrasse 71,
10967 Berlin,
Germany

MADRID

Memorial 11 de marzo de 2004, nº1
28016 Madrid,
Spain

ZÜRICH

Pfingstweidstrasse 60,
8005 Zürich,
Switzerland

MÉXICO

Varsovia, 36
06600 México City,
CDMX México

EU logoEFRE logo