Kadmos GmbH
Rosenthalerstraße 13
10119 Berlin, Germany
Email: privacy@kadmos.io
Kadmos GmbH (“Kadmos”, “we”, “us”) operates the website www.kadmos.io.
For certain services provided in the United Kingdom, KDMS UK Ltd (authorised by the Financial Conduct Authority as an Electronic Money Institution) may act as the data controller.
This Privacy Notice applies to the processing of personal data when you:
· visit our website
· interact with us via contact forms or email
· consent to cookies or analytics
For users of our platform (KCP) or financial services, separate privacy notices apply.
We may collect the following categories of personal data:
3.1 Technical data
· IP address
· browser type and version
· operating system
· device information
· access time and date
3.2 Usage data
· pages visited
· time spent on website
· interaction behaviour
3.3 Contact data
· name
· email address
· any information you provide in communications
We process your personal data for the following purposes:
4.1 Website provision
· ensuring functionality and security
· delivering website content
Legal basis: Art. 6(1)(f) GDPR (legitimate interests)
4.2 Communication
· responding to enquiries
Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures) or Art. 6(1)(f)
4.3 Analytics and improvement
· analysing usage of our website
· improving performance and user experience
Legal basis: Art. 6(1)(a) GDPR (consent)
We use cookies and similar technologies in accordance with EU ePrivacy rules and UK PECR.
5.1 Types of cookies
· Strictly necessary cookies: required for website functionality
· Analytics cookies: help us understand website usage
· Marketing cookies: used for advertising and tracking
5.2 Consent
Non-essential cookies are only used with your prior consent via our cookie banner. You can withdraw or change your consent at any time.
We use Google Analytics, provided by Google Ireland Limited.
Data processed
· IP address (anonymised)
· device and browser information
· usage behaviour
Purpose
· analyse website usage
· improve services
Legal basis
· Art. 6(1)(a) GDPR (consent)
Data transfers
Data may be transferred to the United States. Transfers are safeguarded by:
· EU–US Data Privacy Framework
· UK Extension to the EU–US Data Privacy Framework
· Standard Contractual Clauses where required
Retention
Analytics data is retained for up to 12 months.
We use service providers who process data on our behalf, including:
· hosting providers (e.g. Google Cloud)
· analytics providers (e.g. Google)
· communication tools
All processors are bound by contracts under Art. 28 GDPR.
Where personal data is transferred outside the EU/EEA or UK, we ensure appropriate safeguards, including:
· adequacy decisions
· EU–US Data Privacy Framework
· UK Extension to the DPF
· Standard Contractual Clauses (SCCs)
· UK International Data Transfer Agreement (IDTA)
We retain personal data only as long as necessary:
· technical logs: up to 30 days
· communication data: until request is resolved
· analytics data: up to 12 months
Legal retention obligations may require longer storage.
You have the following rights under GDPR:
· right of access (Art. 15)
· right to rectification (Art. 16)
· right to erasure (Art. 17)
· right to restriction (Art. 18)
· right to data portability (Art. 20)
· right to object (Art. 21)
· right to withdraw consent at any time
You also have the right to lodge a complaint with a supervisory authority.
If you have any questions about this Privacy Notice or data protection at Kadmos, please contact privacy@kadmos.io.
We may update this Privacy Notice from time to time. The latest version will always be available on our website.
Below is an overview of the cookies and similar technologies used on our website. The exact list may vary depending on your consent choices. You can view and manage cookies at any time via our consent tool.
Purpose
Retention
Type
CookieConsent
kadmos.io
Stores cookie preferences
12 months
Strictly necessary cookies
_ga
Distinguishes users for analytics
12 months
Analytics cookies (only with consent)
Session tracking
24 hours
Analytics cookies (only with consent)
_gid
_gat
Throttle request rate
Session
Analytics cookies (only with consent)
ads/ga-audiences
YSC
Marketing cookies (only with consent)
Session
Ad targeting
YouTube
Marketing cookies (only with consent)
YouTube
Session
Marketing cookies (only with consent)
Video tracking
Bandwidth estimation
6 months
Name
Provider
VISITOR_INFO1_LIVE
We use Cookiebot (Usercentrics A/S) as our consent management platform.
Cookiebot:
· records and stores your consent decisions
· enables granular control over cookie categories
· ensures compliance with GDPR and ePrivacy/PECR requirements
You can update your preferences at any time via the cookie settings link on our website.
This Privacy Notice should be read together with our Terms & Conditions.
Where we process personal data in the context of providing services, the Terms & Conditions and any applicable agreements (including Data Processing Agreements) further define:
· roles (controller, processor, joint controller)
· responsibilities between parties
· liability and compliance obligations
We enter into Data Processing Agreements (DPAs) with all processors in accordance with Art. 28 GDPR.
Where personal data is transferred internationally, we implement:
· Standard Contractual Clauses (SCCs)
· UK International Data Transfer Agreement (IDTA) or UK Addendum
· Additional technical and organisational safeguards where required
We also assess transfers through Transfer Impact Assessments (TIAs) where applicable.
Where processing is based on Art. 6(1)(f) GDPR, we conduct balancing tests to ensure that our interests do not override your fundamental rights.
Our legitimate interests may include:
· maintaining website security
· preventing fraud and abuse
· improving our services
You may object to such processing at any time.
We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects.
You have the right to lodge a complaint with a supervisory authority.
For Germany: Berliner Beauftragte für Datenschutz und Informationsfreiheit
For the United Kingdom: Information Commissioner’s Office (ICO)
