Priva­cy policy (EU)

This priva­cy state­ment was last updated on 10. April 2025 and appli­es to citizens and legal perma­nent residents of the European Econo­mic Area and Switzerland.

In this priva­cy state­ment, we explain what we do with the data we obtain about you via https://www.kern-unternehmensnachfolge.com/en. We recom­mend you careful­ly read this state­ment. In our proces­sing we comply with the requi­re­ments of priva­cy legis­la­ti­on. That means, among other things, that:

  • we clear­ly state the purpo­ses for which we process perso­nal data. We do this by means of this priva­cy statement;
  • we aim to limit our collec­tion of perso­nal data to only the perso­nal data requi­red for legiti­ma­te purposes;
  • we first request your expli­cit consent to process your perso­nal data in cases requi­ring your consent;
  • we take appro­pria­te securi­ty measu­res to protect your perso­nal data and also requi­re this from parties that process perso­nal data on our behalf;
  • we respect your right to access your perso­nal data or have it correc­ted or deleted, at your request.

If you have any questi­ons, or want to know exact­ly what data we keep of you, please contact us.

1. cookies

Our website uses cookies. For more infor­ma­ti­on about cookies, please refer to our Cookie Policy

2. disclo­sure practices

We disclo­se perso­nal infor­ma­ti­on if we are requi­red by law or by a court order, in respon­se to a law enforce­ment agency, to the extent permit­ted under other provi­si­ons of law, to provi­de infor­ma­ti­on, or for an inves­ti­ga­ti­on on a matter related to public safety.

If our website or organi­sa­ti­on is taken over, sold, or invol­ved in a merger or acqui­si­ti­on, your details may be disclo­sed to our advisers and any prospec­ti­ve purcha­sers and will be passed on to the new owners.

We have concluded a data Proces­sing Agree­ment with Google.

Google may not use the data for any other Google services.

The inclu­si­on of full IP addres­ses is blocked by us.

3. securi­ty

We are commit­ted to the securi­ty of perso­nal data. We take appro­pria­te securi­ty measu­res to limit abuse of and unaut­ho­ri­sed access to perso­nal data. This ensures that only the neces­sa­ry persons have access to your data, that access to the data is protec­ted, and that our securi­ty measu­res are regular­ly reviewed.

4. third-party websites

This priva­cy state­ment does not apply to third-party websites connec­ted by links on our website. We cannot guaran­tee that these third parties handle your perso­nal data in a relia­ble or secure manner. We recom­mend you read the priva­cy state­ments of these websites prior to making use of these websites.

5 Amend­ments to this priva­cy statement

We reser­ve the right to make amend­ments to this priva­cy state­ment. It is recom­men­ded that you consult this priva­cy state­ment regular­ly in order to be aware of any changes. In additi­on, we will actively inform you where­ver possible.

6 Acces­sing and modify­ing your data

If you have any questi­ons or want to know which perso­nal data we have about you, please contact us. You can contact us by using the infor­ma­ti­on below. You have the follo­wing rights:

  • You have the right to know why your perso­nal data is needed, what will happen to it, and how long it will be retai­ned for.
  • Right of access: You have the right to access your perso­nal data that is known to us.
  • Right to recti­fi­ca­ti­on: you have the right to supple­ment, correct, have deleted or blocked your perso­nal data whenever you wish.
  • If you give us your consent to process your data, you have the right to revoke that consent and to have your perso­nal data deleted.
  • Right to trans­fer your data: you have the right to request all your perso­nal data from the control­ler and trans­fer it in its entire­ty to another controller.
  • Right to object: you may object to the proces­sing of your data. We comply with this, unless there are justi­fied grounds for processing.

Please make sure to always clear­ly state who you are, so that we can be certain that we do not modify or delete any data of the wrong person.

7. submit­ting a complaint

If you are not satis­fied with the way in which we handle (a complaint about) the proces­sing of your perso­nal data, you have the right to submit a complaint to the Data Protec­tion Authority.

8. data protec­tion officer

Our Data Protec­tion Officer has been regis­tered with the data protec­tion autho­ri­ty in an EU Member State. If you have any questi­ons or requests with respect to this priva­cy state­ment or for the Data Protec­tion Officer, you may contact Ralf Lohmann (exter­nal data protec­tion officer), HUBIT Daten­schutz GmbH & Co. KG, Lise-Meitner-Str. 2, 28359 Bremen, via www.hubit-datenschutz.de or info@hubit.de or by telepho­ne on +49 421 3311 4300

9 Contact details

KERN System GmbH
Heinrich-Heine-Str. 111
28211 Bremen
Germany
Website: https://www.kern-unternehmensnachfolge.com/en
Email: info@ex.comcore-company-succession.com
Phone number: +49 421 69208840

Annex

Leadin­fo

We use the lead genera­ti­on service of Leadin­fo B.V., Rotter­dam, Nether­lands. This recog­ni­s­es visits from compa­nies to our website based on IP addres­ses and shows us publicly available infor­ma­ti­on, such as compa­ny names or addresses. 

In additi­on, Leadin­fo sets two first-party cookies to analy­se user behaviour on our website and proces­ses domains from form entries (e.g. ?leadinfo.com?) in order to corre­la­te IP addres­ses with compa­nies and impro­ve the services. 

Further infor­ma­ti­on can be found at www.leadinfo.com. On this page: www.leadinfo.com/en/opt-out you have an opt-out option. In the event of an opt-out, your data will no longer be collec­ted by Leadinfo.

 

MS-365 (Micro­soft)

This infor­ma­ti­on appli­es if you use Micro­soft 365 appli­ca­ti­ons together with us. This appli­es in parti­cu­lar to the use of a Micro­soft Office appli­ca­ti­on such as Teams, Share­Point, Stream, Forms or similar, to which you will usual­ly recei­ve an invita­ti­on from us. MS365, for examp­le, is a produc­ti­vi­ty, colla­bo­ra­ti­on and exchan­ge platform for indivi­du­al users, teams, commu­ni­ties and networks that can be used across organi­sa­tio­nal units. Perso­nal data about you is proces­sed when you use it. Please note that this data protec­tion notice only informs you about the proces­sing of your perso­nal data by us if you use Micro­soft appli­ca­ti­ons together with us. If you requi­re infor­ma­ti­on about the proces­sing by Micro­soft, please refer to the corre­spon­ding decla­ra­ti­on under the follo­wing link: https://privacy.microsoft.com/de-de/privacystatement .

When using MS appli­ca­ti­ons (MS=Microsoft), various types of data are proces­sed. The scope of this data depends, among other things, on which appli­ca­ti­on is used and what data you provi­de. Certain infor­ma­ti­on is alrea­dy proces­sed automa­ti­cal­ly as soon as you use MS365.

The follo­wing perso­nal data may be subject to processing:

Identi­fi­ca­ti­on data (e.g., names, addres­ses, e-mail, telepho­ne numbers, profi­le pictu­re (optio­nal), user name).

Content data (e.g. text input, audio data, videos, documents)
Usage data (e.g. websites visited, time of access, date, type of access, infor­ma­ti­on on the data/files/documents acces­sed and all activi­ties in connec­tion with the use, such as creating, changing, deleting a document, setting up a team (and channels in teams), making notes in the notebook, start­ing a chat, reply­ing in the chat)

Meta/communication data (e.g. IP addres­ses, device/hardware infor­ma­ti­on, locati­on data if autho­ri­sed by the user, live trans­mis­si­on of sound and images)

Where neces­sa­ry, we process your perso­nal data exclu­si­ve­ly to ensure an effec­ti­ve custo­mer or suppli­er relati­onship with you. Your data will be proces­sed in order to be able to use the tool in questi­on for the purpo­se of commu­ni­ca­ti­on and colla­bo­ra­ti­on. Your data may also be proces­sed for infor­ma­ti­on securi­ty purpo­ses and to ensure the function­al securi­ty and stabi­li­ty of the IT systems.

The legal basis depends on the reason for your coope­ra­ti­on with us. Below you will find a descrip­ti­on of the legal bases on which we process your perso­nal data when you use MS365 appli­ca­ti­ons. Please note that these details are only examp­les and not a comple­te or exhaus­ti­ve list of the possi­ble legal bases for data processing.

Consent (Art. 6 para. 1 lit. a GDPR)
We only process certain perso­nal data with your prior, expli­cit and free consent, e.g. if you take part in a survey via Micro­soft Forms. The recor­ding of Teams meetings for use outside the livestream is also exclu­si­ve­ly based on your consent. Consent is given when you accept the invita­ti­on to the meeting and then take part in the meeting. There is neither a contrac­tu­al nor a legal obliga­ti­on to provi­de the data. Consent is volun­t­a­ry and can be revoked in whole or in part at any time with effect for the future. The legali­ty of the proces­sing remains unaffec­ted until consent is withdrawn.

Fulfilm­ent of a contract with you (Art. 6 para. 1 lit.b GDPR)
Your data will be proces­sed on the basis of Art. 6 para. 1 lit. b GDPR if the use is based on a contract.

Fulfilm­ent of a legal obliga­ti­on (Art. 6 para. 1 lit.c GDPR)
We are subject to a number of legal requi­re­ments and may process your perso­nal data to fulfil our legal obliga­ti­ons. For examp­le, we are requi­red by law to provi­de infor­ma­ti­on to certain public autho­ri­ties (inclu­ding law enforce­ment agenci­es) upon request.

Protec­tion of our legiti­ma­te interests or those of a third party (Art. 6 para. 1 lit.f GDPR)
We process your perso­nal data to protect our legiti­ma­te interests or the interests of third parties on the basis of Art. 6 para. 1 lit. f GDPR. However, this only takes place if your interests as the data subject do not take prece­dence over our interests in indivi­du­al cases. Legiti­ma­te interests that are pursued when using MS365 are: effec­ti­ve conduct of meetings, optimi­sa­ti­on of business proces­ses, protec­tion of the vital interests of our partners and employees and thus the fulfilm­ent of our duty of care as an employ­er or franch­isor by reducing the number of face-to-face meetings during a possi­ble pandemic.

Recipi­ents or catego­ries of recipi­ents of the perso­nal data
We always ensure that your perso­nal data is only acces­si­ble to a limit­ed number of autho­ri­sed persons who need to know this data for the provi­si­on of the above-mentio­ned proces­sing purposes.

If neces­sa­ry, your data may be passed on to other compa­nies in the KERN Group or KERN-System GmbH and their franchise licen­cees, payment service provi­ders or other compa­nies used to provi­de the service or process the contract.

As part of the proces­sing of your enqui­ries and your use of our services, we also commis­si­on exter­nal data proces­sing and IT contrac­tors. These service provi­ders are contrac­tual­ly obliged to comply with data protec­tion regula­ti­ons and only process perso­nal data in accordance with our instructions.

The perso­nal data that we collect or process about you may be trans­fer­red to recipi­ents who may be located inside or outside the European Econo­mic Area (?EEA?) (e.g. Switz­er­land). For recipi­ents located outside the EEA, we have taken appro­pria­te measu­res to ensure compli­ance with the requi­re­ments of data protec­tion law, e.g. the conclu­si­on of suita­ble model contract clauses of the EU Commis­si­on, recog­nis­ed codes of conduct or recog­nis­ed certi­fi­ca­ti­on mecha­nisms (Artic­le 42 et seq. GDPR). Further­mo­re, where neces­sa­ry, we carry out careful assess­ments of the legal systems of the third count­ries concer­ned and take additio­nal measu­res in accordance with the ECJ judge­ment on the trans­fer of perso­nal data to third count­ries (?Schrems II?).

Micro­soft Corpo­ra­ti­on is the proces­sor respon­si­ble for provi­ding the service and the associa­ted data proces­sing. If indivi­du­al data is proces­sed outside the EU, Micro­soft ensures data protec­tion compli­ance by agree­ing the EU standard contrac­tu­al clauses. Further infor­ma­ti­on on data proces­sing by Micro­soft can be found in the MS Trust Centre and the MS Priva­cy Policy.

Durati­on of data storage
We delete or anony­mi­se your perso­nal data as soon as it is no longer requi­red for the purpo­ses for which we collec­ted or used it in accordance with the above paragraphs, or is no longer requi­red to be retai­ned due to a statu­to­ry reten­ti­on period. As a rule, we store your perso­nal data for the durati­on of the contrac­tu­al relati­onship with you. Log files are deleted after 90 days at the latest, unless we are autho­ri­sed or obliged to store them for longer.

Automa­ted decis­i­on making
In princi­ple, we do not use automa­ted decis­i­on-making in accordance with Art. 22 GDPR to organi­se meetings via Teams. Should we use these proce­du­res in indivi­du­al cases, we will inform you of this separa­te­ly in advan­ce if this is requi­red by law.

Data securi­ty
We have imple­men­ted appro­pria­te techni­cal and organi­sa­tio­nal measu­res to prevent unaut­ho­ri­sed or unlawful disclo­sure of your perso­nal data, unaut­ho­ri­sed or unlawful access to your perso­nal data or loss, destruc­tion, altera­ti­on or damage to your perso­nal data, whether acciden­tal or unlawful. These measu­res ensure a level of securi­ty appro­pria­te to the risks presen­ted by the proces­sing and the nature of the perso­nal data to be protec­ted. Our securi­ty measu­res are conti­nuous­ly impro­ved in line with techno­lo­gi­cal developments.

 

Typeform

This page integra­tes services of the compa­ny Typeform for contact form[s]. Typeform by TYPEFORM SL, C/Bac de Roda, 163 (Local), 08018 Barce­lo­na Spain (Typeform). This enables us to provi­de you with an easy way to contact us. For this purpo­se, we pass on the follo­wing perso­nal data to Typeform:

[e-mail address]*
[First name]
[Surna­me]
[Telepho­ne number]
[Compa­ny]

Manda­to­ry infor­ma­ti­on is marked with an *.

Typeform is the recipi­ent of your perso­nal data and acts as a proces­sor for us. The proces­sing of the data speci­fied in this section is neither legal­ly nor contrac­tual­ly requi­red. Without your consent and the trans­mis­si­on of your perso­nal data, we cannot provi­de you with a contact form. However, you can contact us at the follo­wing e-mail address: info@kern-unternehmensnachfolge.de. The data will be stored exclu­si­ve­ly for the purpo­se of sending enqui­ries and respon­ding to them. The manda­to­ry infor­ma­ti­on is used to alloca­te and respond to your enquiry.

In additi­on, Typeform collects the follo­wing perso­nal data with the help of cookies: Infor­ma­ti­on about your end device (IP address, device infor­ma­ti­on, opera­ting system, browser settings). Further­mo­re, usage data such as the date and time when you used the contact form is collec­ted. Typeform requi­res this data to ensure that the contact form is display­ed and functions proper­ly. This corre­sponds to Typeform’s legiti­ma­te interest (pursu­ant to Art. 6 para. 1 lit. f GDPR) and serves the fulfilm­ent of the contract (pursu­ant to Art. 6 para. 1 lit. b GDPR). Further infor­ma­ti­on can be found at: https://help.typeform.com/hc/en-us/articles/360029581691-What-happens-to-my-data

Further infor­ma­ti­on on objec­tion and removal options vis-à-vis Typeform can be found at https://admin.typeform.com/to/dwk6gt

The legal basis for this proces­sing is your consent in accordance with Art. 6 para. 1 lit. a GDPR. You can withdraw your consent to the proces­sing of your perso­nal data at any time. The revoca­ti­on can be made via the contact options provi­ded. Your data will be proces­sed for as long as the corre­spon­ding consent is available. The decla­ra­ti­on of revoca­ti­on does not affect the legali­ty of the proces­sing carri­ed out so far.

Your data will be deleted after proces­sing has been comple­ted. Apart from this, they will be deleted after the contract between us and Typeform has ended, unless legal requi­re­ments make further storage necessary.