Privacy Statement

NOTE: All displayed content within Kia Studio Europe is highly confidential, strictly for registered users only.

1. Introduction

This Privacy Notice applies to the use of the websites of studio-europe.kia.com and studio-europe.frontify.com

2. Data Controller

The data controller responsible for any personal data processed in connection with the use of the website studio-europe.kia.com and studio-europe.frontify.com is Kia Europe GmbH ("KIA", "we" or "us")

Kia Europe GmbH
Theodor-Heuss-Allee 11
60486 Frankfurt, Germany
E-Mail: dpo@kia-europe.com

3. Contact Details and Data Protection Officer

3.1 If you have any questions about or in connection with this Privacy Notice or would like to complain about our handling of your personal data or exercise any of your rights (see Appendix Your Rights below), please contact us by using one of the following contact details:

Kia Europe GmbH
Theodor-Heuss-Allee 11
60486 Frankfurt, Germany
E-Mail: studio@kia-europe.com

3.2 You may also contact our data protection officer:

E-Mail: DPO@kia-europe.com

4. Data Subjects

The data subjects are all users of the website studio-europe.kia.com and studio-europe.frontify.com

5. Categories of Data, Purposes of the Processing and Legal Basis

The Appendix Website Data and Cookies contains detailed information on:

  • The categories of personal data we collect from you in addition to other personal data that you actively provide to us (e.g., when you send an E-Mail to us)
  • The purposes for which we process the personal data 

The legal basis for the processing of your personal data is your consent according to Art. 6 I 1 lit. a) GDPR. 

We process your personal data only for the purposes as given in the Declaration of Consent. Please note that we will process the data otherwise only if we are obligated to do so on the basis of a legal requirement (e.g., transfer to courts or criminal prosecution authorities) or if the processing is otherwise lawful. If processing for another purpose takes place, we may provide you with additional information.

6. Recipients and Categories of Recipients

Any access to your personal data at KIA is restricted to those individuals that have a need to know in order to fulfill their job responsibilities.

KIA may transfer your personal data for the respective purposes to the recipients and categories of recipients listed below.

6.1 Data processors – Certain third parties, whether affiliated or unaffiliated, may receive your personal data to process such data on behalf of KIA under appropriate instructions as necessary for the respective processing purposes. The data processors will be subject to contractual obligations to implement appropriate technical and organizational security measures to safeguard the personal data, and to process the personal data only as instructed.

6.2 Governmental authorities, courts, external advisors, and similar third parties that are public bodies as required or permitted by applicable law.

7. Storage Period 

Your personal data is stored by KIA and / or our service providers, strictly to the extent necessary for the performance of our obligations and strictly for the time necessary to achieve the purposes for which the personal data is collected, in accordance with applicable data protection laws. When KIA no longer needs to process your personal data, we will erase it from our systems and / or records and / or take steps to properly anonymize it so that you can no longer be identified from it (unless we need to keep your information to comply with legal or regulatory obligations to which KIA is subject. For example, personal data contained in contracts, communications, and business letters may be subject to statutory retention requirements, which may require retention of up to 10 years. If applicable, any other personal data will in principle be deleted 5 years after the termination of the respective related contractual relationship between you and KIA, if applicable).

8. Your Rights

You can withdraw your consent for any personal data processing activities at any time with future effect. Such a withdrawal will not affect the lawfulness of the processing prior to the consent withdrawal.

Pursuant to applicable data protection law you may have the right to: request access to your personal data, request rectification of your personal data; request erasure of your personal data, request restriction of processing of your personal data; request data portability, and object to the processing of your personal data. Please note that these aforementioned rights might be limited under the applicable data protection law. You also have the right to lodge a complaint with the competent data protection supervisory authority.

To exercise your rights please contact us as stated in section (3.) above. For further information on these rights please refer to Appendix Your Rights.

9. Changes to the Website Privacy Notice

This privacy notice may require an update from time to time – for example due to the implementation of new technologies or the introduction of new services, or to changes of applicable law. We reserve the right to change or supplement this Website Privacy Notice at any time. We will publish the changes on studio-europe.kia.com and studio-europe.frontify.com

Appendix Your Rights

(a) Right of access: You may have the right to obtain from us confirmation as to whether or not personal data concerning you is processed, and, where that is the case, to request access to the personal data. The access information includes – inter alia – the purposes of the processing, the categories of personal data concerned, and the recipients or categories of recipients to whom the personal data have been or will be disclosed. However, this is not an absolute right and the interests of other individuals may restrict your right of access. 

(b) Right to rectification: You may have the right to obtain from us the rectification of inaccurate personal data concerning you. Depending on the purposes of the processing, you may have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

(c) Right to erasure ("right to be forgotten"): Under certain circumstances, you may have the right to obtain from us the erasure of personal data concerning you and we may be obliged to erase such personal data.

(d) Right to restriction of processing: Under certain circumstances, you may have the right to obtain from us restriction of processing your personal data. In this case, the respective data will be marked and may only be processed by us for certain purposes.

(e) Right to data portability: Under certain circumstances, you may have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and you may have the right to transmit those data to another entity without hindrance from us.

(f) Right to object: Under certain circumstances, you may have the right to object, on grounds relating to your particular situation, or where personal data are processed for direct marketing purposes at any time to the processing of your personal data by us and we can be required to no longer process your personal data.

Appendix Website Data and Cookies
1. The following personal data is collected:
  • Name (as provided by you through the registration form)
  • E-mail address (as provided by you through the registration form)
  • Company (as provided by you through the registration form)
  • IP address
  • Visits (anonymized)
  • Repeat visits (anonymized)
  • Browser type (anonymized)
  • Cookies as set out below 
2. The following cookies and similar technologies are used at studio-europe.kia.com and studio-europe.frontify.com:

Cookies at Brand Home (studio-europe.kia.com)

A session cookie is technically necessary for visiting the website and does not contain any personal data, it is a pure login-cookie. The cookie consent  will be managed via One Trust.

One Trust provides website owners with a transparent mechanism for obtaining required cookie consent from website visitors and respecting Do Not Track requests, helping organizations comply with EU Cookie Laws. Functionalities provided by One Trust:

  1. Website Scanning: Identify which cookies are present on the website.
  2. Cookie Consent: Obtaining Visitor consent for cookies.
  3. Preference Management: Ability to change cookie consent any time.
  4. Localized Content: Configuration of tool according to local policies and language.
Additional Cookies at Frontify (studio-europe.frontify.com):

Identification cookies:
These cookies can not be shut down, otherwise the platform is not anymore operational. 

1. PHPSESSID - Own cookie to identify the user session (ID): Retains the user's states for all page requests.

  • Country data processing: Germany (GDPR EU)
  • Subprocessor: Frontify AG (own cookie) 
  • Service: Frontify application
  • Data: IP and Email
  • Lifetime: 7 days
  • Internal 

2. AWSALB - Registers which server cluster is serving the visitor. This is used in connection with load balancing to optimize the user experience.

  • Country data processing: Germany (GDPR EU)
  • Subprocessor: Amazon Web Services (AWS)
  • Service: Data processing and hosting
  • Data: IP, Email, Name (+ additional personal data - see above)
  • Lifetime: 7 days
  • External

3. Pusher cookies, an integrated external service for real-time communication in the workspace area

  • Country data processing: Germany (GDPR EU)
  • Subprocessor: couldn't find that information yet!
  • Service: real-time communication in workspace (feedback and commenting functionality)
  • Data: Email, Name (+ additional personal data - see above)
  • Lifetime: 7 days
  • External

Analysis cookies:

1. Amplitude - Registers data on the application behavior of visitors.This is used for internal analysis and application optimization

  • Country data processing: USA, San Francisco
  • Subprocessor: Amplitude
  • Service: Traceability of product usage (anonym)
  • Data: IP address
  • Lifetime: 30 days
  • External

2. Intercom - an integrated external service for user communication and support. We also use the analysis function to analyze and improve our product

  • Country data processing: USA, San Francisco
  • Subprocessor: Intercom
  • Service: In-App support / Chat system
  • Data: Company, Email, Name
  • Lifetime: 7 days
  • External 

3. Bugsnag - Error Handling

  • This is not a cookie, but simply a randomly generated value in the browser's local storage. This is used to determine the browser and all possible error messages together. A cookie itself is not set by Bugsnag.