This is a translation for information purposes only. Only the original declaration, which is available in German, is legally valid.
Who is responsible for the data collection on this website?
The data collected on this website are processed by the website operator. The operator's contact details can be found in the website's required legal notice.
How is data collected?
Some data are collected when you provide it, for example, be data that you sent with an email. Other data are collected automatically by the IT systems when you visit the website. This is primarily technical data such as the requested URL or when you accessed the page. The data is collected automatically as soon as you enter the website.
How is your data used?
Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site.
What rights do you have regarding your data?
You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or deleted. You can contact me at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities.
General information and mandatory information
Notice concerning the party responsible for this website
The party responsible for processing data on this website is:
Kevin Papst, Schweidlgasse 46/1/13, 1020 Wien, Österreich
Telephone: +49 (0) 30 / 120 872 29
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).
Revocation of your consent to the processing of your data
Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before your request was received may still be legally processed.
Right to file complaints with regulatory authorities
If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the Austrian state in which the company is headquartered.
Right to data portability
You have the right to have data which is processed based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to the site operator. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://" and the lock icon is displayed in your browser's address bar.
If SSL or TLS encryption is activated, the data you transfer cannot be read by third parties.
Information, blocking, deletion
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact me at any time using the address given in the legal notice if you have further questions on the topic of personal data.
Opposition to promotional emails
I hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested. The website operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.
Data collection on the website
Server Hosting and location
The service runs on the Cloud of the Hetzner Online GmbH (Germany). Server location is Falkenstein, Germany.
Server log files
The website provider does not collects or store any personal information in "server log files". Only in cases of errors the request time and error reason is stored. This data will be automatically deleted after 7 days. This data will not be combined with data from other sources. The basis for data processing is Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
In order to use the Kimai time tracking software, you must register via the website. The information required for registration can be found in the registration form. The provision of the data, which is marked as mandatory, is mandatory for the registration to be completed. If you register via an authentication provider (such as Google or GitHub), the data will be automatically transferred to me by this provider, through a process called OAuth. If you register manually via email, a Recaptcha verification needs to be solved which is served by Google. The authentication provider used will be notified of each login process on the website that you perform using this provider. The data provided will be processed for the purpose of providing the service. The processing is based on the legal basis of Art. 6 para. 1 sentence. 1 b DSGVO.
Order of a Kimai-Cloud plan
If you should decide for a chargeable plan, your invoice and payment data is processed for the purpose of contract fulfilment. The provision of invoice and payment data is mandatory for the conclusion of the contract. Insofar as it is necessary for the fulfilment of the contract, data is also transmitted to third parties (e.g. to the payment service provider or the commissioned credit institution). The legal basis for data processing is Art. 6 Para. 1 S. 1 b DSGVO.
By logging into the system and creating a Kimai Cloud, your email address and name is processed for the purpose of fulfilling the contract. Insofar as it is necessary for the fulfilment of the contract, data is also transmitted to third parties (e.g. to the email provider). The legal basis for data processing is Art. 6 Para. 1 S. 1 b DSGVO.
The website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of the pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of the pages you have visited. If you're logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account. YouTube is used to help make the website appealing and transfer knowledge about Kimai. Further information about handling user data, can be found in the data protection declaration of YouTube under https://policies.google.com/privacy. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.
Duration of storage
Unless otherwise stated in previous notices, your data will only be stored for as long as is necessary to achieve the processing purpose or to fulfil the contractual or statutory obligations. Such legal storage obligations may arise from commercial or tax law regulations.
To enable the provision of the services, third party service providers are engaged to assist with data processing. The service providers used, which are called sub-processors, are:
Version 1.6 (14. November 2023)
Recaptcha verification via Subprocessor "Google" re-added
Version 1.5 (25. April 2021)
Recaptcha verification via Subprocessor "Google" removed
Version 1.4 (01 Januar 2021)
Change of contact details after moving from Germany to Austria
Version 1.3 (18 December 2020)
Subprocessor "Gumroad" removed, Subprocessor "SendInBlue" (Email shipping) added, Subprocessor "Google" (Email shipping) removed, Links and addresses added to section "Subprocessor"
Version 1.2 (14 October 2020)
Recaptcha verification via Subprocessor "Google" added
Version 1.1 (04 December 2019)
Subprocessor "Hetzner" (Hosting) added, Section "Emails" added, Section "Subprocessor" added