Features

Anonymization

Anonymize data using state-of-the-art techniques.

Pseudonymization

Pseudonymize data using modern cryptographic techniques.

Privacy By Design

Easily design & discuss your privacy-enhancing data workflows.

Federation

Keep data under your control and process it close to its source.

Observability

Trace every transformed data point back to the configuration that it was created with.

Role Based Access

Grant specific access to your CISO, DPO, data engineers etc.

Powerful Integrations

Easily integrate Kodex with your data infrastructure.

Parameter Management

Easily manage transformation configuration and rotate relevant parameters.
Pricing
Resources

Terms & Conditions (SaaS)

Information about our terms and conditions for the Kodex SaaS version.

Terms & Conditions (Enterprise Edition)

Information about our terms and conditions for the downloadable Kodex EE version.

Privacy

Information about data protection and your privacy.

Documentation

Official Kodex CE & Kodex EE documentation.

Github

Official Kodex CE source code on Github (external link)
About Us
en
English Deutsch

  • Features
    • Anonymization
    • Pseudonymization
    • Privacy By Design
    • Federation
    • Observability
    • Role Based Access
    • Powerful Integrations
    • Parameter Management
  • Pricing
  • Resources
    • Documentation
    • Github
  • About Us
  •  
  • Try It
  •  
  • English
  • Deutsch

Privacy Notice

The protection of your data is of paramount importance to us. In the following sections we explain the measures that we take to protect your data as well as the type of data that we might collect and process. This privacy policy relates to the personal data that we (KIProtect GmbH) process as a data controller. The processing of personal data that we perform as a data processor is governed by a separate data processing agreement (DPA).

Data Controller

The data controller is KIProtect GmbH, Bismarckstr. 10-12, 10625 Berlin.

Purpose of Processing

We process your personal data for the following purposes:

  1. Providing software services to you as a customer.
  2. Gathering insights to improve our services and their marketing.
  3. Ensuring the security of our services.
  4. Invoicing you as a customer and fulfilling our legal requirements.

Legal Basis for Processing

We process your data if it is necessary for the performance of a contract that we entered with you. Notably, we process your personal data to provide access to our online services and downloadable software. We also process your personal data to pursue legitimate interests such as gathering insights to improve our services and their marketing.

Types of Persona Data Processed

We might process the following personal data from you:

  • Your name, legal address and contact information, notably your e-mail address(es), phone number and other contact data, as you provided them to us. We use this data to grant access to our services (e.g. by enabling login and password reset using your e-mail address), send you important information (e.g. about security-related activities such as password changes or failed login attempts and about service updates or downtime), reply to contact requests, answer support requests and generate invoices for our services. We delete this data as soon as it is no longer required: If you delete your account, we immediately remove your data from our backend infrastructure. Copies of your data that might remain in database backups will be erased within 30 days. We regularly delete old support e-mails, typically after 3 months. We retain invoices for 10 years, as legally required.
  • IP address(es) from which you use to connect to our service, as well as additional information about the device used (e.g. “user agent” strings or information about the underlying hardware or software architecture). We use this data to generate security alerts and detect anomalous account activity. We retain this data at most for 12 months and pseudonymize it whenever possible.
  • Device identifiers of two-factor devices you might use to sign into our service.
  • Usage data that we collect from our websites, APIs, apps, and services, such as the number of API requests over a given time, visited pages on our websites or usage of specific features in our web application. We use this data to learn how we can improve our services. We anonymize this data in real-time using our own analytics solution.

Third Parties

In general we try to avoid using third-parties to process your personal data. For some services like server hosting, e-mails or payment processing we have to rely on external providers as we cannot realistically provide these services ourselves. When choosing a provider we evaluate it for privacy & security practices as well as sustainability.

  • We use Hetzner Online GmbH to host our server infrastructure.
  • We use Mailbox.org (Heinlein GmbH) to send transactional e-mails.
  • We use Stripe Inc. for payment processing and billing (only if you choose to pay by credit card though).

Where applicable we have entered data processing agreements with these third parties.

Data Protection Measures

We take a multitude of technical and organizational measures to protect your personal data:

  • We encrypt personal data whenever possible.
  • We only collect the minimum amount of data that is required for a task.
  • We limit the number of people that have access to personal data.
  • We automate server provisioning and security updates.
  • We protect our server infrastructure using several layers of individual protection measures.
  • We regularly audit and analyse our infrastructure and software stack.
  • We employ software security best-practices like automated testing, static analysis, code reviews and dependency management.
  • We do not rely on third parties for data processing unless strictly necessary.
  • We open-source or software to make it publicly auditable.

Website Cookies

You can manage the use of cookies as well as optional services on our website by clicking here. We use our own consent management tool (Klaro) to manage your consent choices.

Your Rights

You have the following rights in relation to your personal data that we process:

  • Access, rectification, and erasure of the data.
  • Restriction of the processing of the data.
  • Objecting to the processing of the data.
  • Lodging a complaint with a supervisory authority.

To exercise these rights to access, rectify, erase, restrict or objcet to the processing of your data, please contact us at privacy@kiprotect.com.