1. Collection and processing of personal data
In general, it is not necessary to provide personal data in order to use our website. However, we may require your personal data insofar as it is necessary for the performance of a contract with us or for the implementation of pre-contractual measures (see Art. 6 (1) (b) of the GDPR). All your personal data, specifically your email address, your name, your residential address, and your date of birth, are collected by us only when you provide this to us. Visitors can of course choose not to provide any data in order to use the website anonymously, but must then be aware that some functions may in certain circumstances only be available to a limited extent.
KTM Industries recognizes and respects the importance of the responsible use of the data collected from visitors and customers. KTM Industries will not use this data to contact you and inform you of product news, services and offers without your permission.
2. Transfer of personal data to third parties
If required by law or contract, or if we have a legal and legitimate interest, it may be necessary in an individual case to submit your data to our group companies or external business partners.
Your data will not be sold, leased, or otherwise transmitted to external third parties. This does not include: trustworthy partners who support us in operating the website, in the course of doing business, or in other services in which it is, of course, ensured that they are obligated to maintain confidentiality.
The transmission of the data to the group companies of KTM Industries or other third parties shall only take place to the extent such recipients have provided KTM Industries with an undertaking to observe the applicable data protection regulations.
Insofar as we involve external business partners in the context of data processing, we have ensured that these have been selected and are monitored in accordance with the relevant statutory provisions and are also obliged to comply with the data protection regulations and laws. Apart from this, your data is not transferred.
We also take in-house data protection within the group very seriously. Our employees and subcontracted business partners are obliged by us to maintain confidentiality and to adhere to the data protection regulations.
The respective KTM Industries’ group company works with trustworthy partners.
3. Collection and storage of usage data
When accessing the website, the following electronic communication metadata are stored: IP address, date and time of access, name of the file called up, sub-page as well as anonymous username, city, user’s region and country, user’s operating system, user’s browser, user’s browser version, user’s interactions on the website, pages visited by the user, duration of the session and number of sessions of the user, date of the first visit to the website, date and time of each interaction of the user, time spent on the website, duration of requests by the user, user’s requests, exception errors of the website, date and time and duration of exception errors. The data can be evaluated anonymously for statistical purposes. This data is kept strictly confidential and not transferred outside the KTM system or made accessible to other third parties, unless this is necessary to fulfil legal or contractual obligations or to fulfil the legal and legitimate interests of KTM Industries.
We delete or anonymize your data as soon as it is no longer needed for the transmission of a communication. If the processing of the electronic communications metadata is for billing purposes, we shall retain the relevant communication metadata up to the end of the period during which the invoice may be legally challenged or the claim for payment asserted. We store this electronic communications metadata for a period of three years from the conclusion of the contract because in terms of the Austrian General Civil Code (ABGB) a claim on the grounds of error must be asserted within three years from conclusion of the contract (see Art. 1487 of the ABGB) and claims for supplies of goods or services to a commercial business lapse after three years (see Art. 1486, para. 1, line 1 of the ABGB).
Cookies may be used on certain KTM Industries websites. A cookie is a small data record that can be stored on your hard drive. This data record is generated and sent to you by the web server with which you are connected via your browser. The cookie enables you to be recognized when visiting the website without having to re-enter the data that you previously entered. The default setting of most browsers is to automatically accept cookies. You can, however, reset your browser to decline such cookies or display them in advance including the necessary requirements for acceptance. You can also delete cookies from your system at any time.
To the extent that the collection and storage of data with cookies is lawful, this occurs exclusively in an anonymous form, so that it is not possible to draw any conclusion about you as a natural person.
The following cookies are currently used on websites for the following purposes:
- ai_user – Set by a third-party service of Microsoft Azure called Application Insights. The cookie is used to check performance, to log errors that arise for the client, and to track how the website is used.
- .ASPXANONYMOUS– Unique and anonymous username used to collect information to personalize the website.
- ASP.NET_SessionId – Unique and anonymous username used to collect information to personalize the website.
- WishListAnonymousId – Unique and anonymous username used to store products in a wish list for the current visitor.
- cookies-accepted – Used to identify whether the current user has removed the cookie notification on the website.
- UserDetails – Used to store data on the user’s nationality and position (in latitude and longitude). Specifically for personalization and map-related services on the website (such as dealer search).
- Redirector – Used to store data about the group of languages of the website that the user is visiting, and to redirect the user to the correct group of languages on returning to the website.
- _gat – Set by a third-party service of Google called Google Analytics. Used to limit the number of requests being simultaneously sent to Google Analytics.
- ai_session – Set by a third-party service of Microsoft Azure called Application Insights. The cookie is used to check performance, to log errors that arise for the client, and to track how thewebsite is used.
- _ga – Set by a third-party service of Google called Google Analytics. This is a unique and anonymous username that identifies the user on the website when tracking user interactions and page visits.
- _gid – Set by a third-party service of Google called Google Analytics. This is a unique and anonymous username that identifies the user on the website when tracking user interactions and page visits.
- VehicleProduct-******* – Used to store the user’s configuration code for the specific configuration of a model on the website by means of the configurator. The ******* part is the code of the vehicle variant for which the cookie was generated. Depending on the vehicle for which the user is using the configurator, several variants of this cookie can be generated.
5. Scope of data collection
The data that you submit to us will be processed by us for the purposes of implementing a contract (see Art. 6 (1) (b) of the GDPR), for processing your requests, and for compliance with legal obligations (see Art. 6 (1) (c) of the GDPR).
6. Use of web analysis services
7. Storage and protection of personal data
We have taken a number of security measures to guarantee the safety of your personal data. We adopt appropriate data collection, storage and processing practices, and security measures for protection against unauthorized access, changes, transfer, or destruction of personal data, user names, passwords, transactions, information and other data stored on our website. These processes can be maintained by our suppliers. The transfer of this data may include the processing and completion of orders on our website, as well as the provision of support services. We take all appropriate measures to ensure that personal data is handled securely and according to our data protection guidelines.
The information is protected in a secure environment by a combination of physical and technical measures. There is no public access to this information. All information provided can only be accessed by specially authorized persons with access rights to our system, who are obliged to treat the information as strictly confidential. In addition, national legislation might oblige us to store information for a certain period of time.
The Internet is not secure. You should accordingly be careful of the information you disclose when you are online. We cannot guarantee the security of information that we have gathered electronically or by other means, we do, however, take all necessary steps to provide the best possible security. Consequently, visitors transfer information to us at their own risk.
The data protection laws are governed by the principle that personal data is only to be stored for as long as it is necessary for the purposes for which it is processed. Depending on the purpose for which your personal data is stored, we accordingly retain your data for different periods of time:
- ai_user – 1 year from creation.
- .ASPXANONYMOUS – 3 months from creation.
- ASP.NET_SessionId – after closing the website.
- WishListAnonymousId – 1 month from creation.
- cookies-accepted – 10 years from creation.
- UserDetails – 1 day from creation.
- Redirector – 1 day from creation.
- _gat – after closing the website.
- ai_session – after closing the website.
- _ga – 2 years from creation.
- _gid – 24 hours from creation.
- VehicleProduct-******* – 1 day from creation.
8. Rights of the data subject
You have the right at any time and without providing reasons to obtain information in regard to your stored personal data, its origin and recipients, as well as the purpose of the storage (Art. 15 of the GDPR). In this regard, please use the contact address provided in point 13. In order to receive information, you must identify yourself as the person about which the information is to be provided or submit proof that you are authorized to receive information about a third party. Furthermore, we would also like to inform you that you have the right to have your data corrected or deleted (Art. 16 of the GDPR); have the right to request the processing of your data to be restricted (Art. 18 of the GDPR); have the right to object to data processing (Art. 21 of the GDPR) and the right to data portability (Art. 20 of the GDPR).
If, in spite of our obligation to process your data lawfully, your right to the legitimate processing of your data is infringed, contrary to expectation, you have the right to lodge a complaint with the regulatory authority or to apply to court for relief.
9. Links to external websites
The website may contain hyperlinks to external websites that do not belong to the KTM Industries organization. If you visit such websites, KTM Industries can no longer be responsible for the treatment of your data as confidential. The transmission of your data from the Internet occurs in part unencrypted. Consequently, unauthorized access by third parties cannot be entirely excluded.
KTM Industries AG