Frequently asked questions about data protection

The security of our software and your data in particular is a key concern of ours. That’s why we have summarized the most important questions and answers about data protection and data security in our company for you. For more detailed information on our data protection measures, please read our KundenMeister privacy policy concept.

Data backup
Our server location is in Austria in the data center of eww ITandTEL.

eww ag
Stelzhamerstraße 27
4600 Wels
T.: +43 (0) 7242 493-0
F.: +43 (0) 7242 493-138
info@eww.at

Advantages:
– 24×7 availability
– Redundant high-speed fiber optic connection
– Provider-independent
– Highly available power connection(99,9%)
– Redundant UPS system with battery and generator
– Energy-efficient, redundant climate control concept
– Early fire detection and fire extinguishing system
– Monitoring by network management and building management systems
– Logged access system
– Certification according to ISO / IEC 27001
– Green IT: environmentally friendly and economical
We create daily backups for our customers for six weeks. I.e., the last 42 days are backed up for you every day. A recovery of the data is possible according to the fair use principle, which means that we, generally, do not charge for a recovery.
Access & deletion of data
Our employees only access customer data if the customer has made a request to customer support or data access is required in order to provide the services or to avoid or deal with service or technical problems, or if KundenMeister is obliged due to mandatory legal regulation.

KundenMeister declares in a legally binding manner that all persons entrusted with data processing have been obliged to maintain confidentiality before commencing their work. In particular, the confidentiality obligation of the persons entrusted with the data traffic remains intact even after the end of their activity and leaving the service provider. The obligation of confidentiality must also be observed for data from legal entities and commercial partnerships. There are also separate confidentiality agreements with our partners (Brunner Webhosting, ITandTEL).

Insofar as KundenMeister is obliged to disclose it under mandatory legal regulation, KundenMeister will neither check, pass on to third parties or refer to it.

Beyond the data you have provided, in particular data that you have made available to us purely for contract processing for internal purposes, we will only make available to third parties if there is a corresponding legal obligation or to safeguard legitimate interests.
A deletion requested by you will usually be carried out within 2 working days.

It is also possible to delete single data records, but we must point out that the deletion of single data records, causes costs that we must claim against our customers. Unless, it’s precisely defined what should be deleted.

If it should be necessary to restore data, care is taken to ensure that deleted data is not restored.
Use of the services of Körbler GmbH
If data is collected on your website via Typo3, WordPress or our KundenMeister software (e.g. by means of a newsletter or contact form), the data protection declaration must indicate that Körbler GmbH is a contract processor and collects, processes and uses data on your behalf.
Due to the principle of data economy and data avoidance, only the e-mail address may be a prerequisite for registration.

When registering, it must be clear to the respective user what the content of the newsletter is. He/she must also be informed that it is possible to cancel at any time.

As soon as you also collect personal data using a newsletter/contact form (e.g. name, address, email), the visitor must be informed in the data protection declaration about how this data will be used. Therefore, every form must be equipped with a checkbox, which only allows the input to be sent after activation/approval by the user.

The text for the declaration of consent as well as for the privacy policy can easily be stored in the KundenMeister.
No, even previously valid consent does not lose its validity. However, you must have proof of your consent to do so (e.g. in writing or using digital recordings).

For example, if you do not have valid consent from interested parties, you are no longer allowed to send e-mails to them. Since any data processing must be based on a valid legal basis, data must also be deleted immediately if there is no valid consent.
To save the necessary data protection settings in the KundenMeister, click on “Settings – Global Settings – Data Protection”. Here you must first activate the application in general and enter the description of your data protection settings (e.g. name of the form for which you are creating the consent text). You can then either define an individual consent text for your checkbox yourself or adapt the version proposed by us accordingly (e.g. addition of the company name, newsletter topic, etc.).

In a further step, the data protection declaration must be stored. You can insert these as text in the KundenMeister or – if there is already an existing page with your privacy policy – link it externally. On request, we will be happy to create a suitable data protection declaration for you.

Finally, you have to activate the checkbox and determine the forms for which the consent and privacy policy should apply.
It is recommended that every company has a processing directory, i.e., a directory of all processing operations in the company. This processing directory should provide information on the procedure of data processing in the company and should be created in writing, preferably electronically. Information such as the purpose of the data processing, the recipients, the intended storage period and so on should be defined for all data in the company.

In the KundenMeister under “Settings – Global Settings – Data Protection – Processing Directory” you can initially store all the necessary information for your contact groups. To do this, double-click in the respective column and add your details or, if personal data is transmitted to third countries, activate the corresponding checkbox. Then select the duration of the storage period and enter a general description of the technical and organizational measures for the security of data processing.

In addition to the processing operations in the KundenMeister, you can also add further lines to this processing directory yourself, to record processing operations that take place outside of this in your company.