Collection and processing of personal data
In general, it is not necessary to provide personal data in order to use our website. However, we may require your personal data insofar as it is necessary for the performance of a contract with us or for the implementation of pre-contractual measures (see Art. 6 (1) (b) of the GDPR). All your personal data, specifically your email address, your name, your residential address, and your date of birth, are collected by us only when you provide this to us, for example, in performing a contract, processing an order, in the context of a competition, providing informational material or a survey, as well as registering for newsletters. Visitors can of course choose not to provide any data in order to use the website anonymously, but must then be aware that some functions may in certain circumstances only be available to a limited extent.
KTM recognizes and respects the importance of the responsible use of the data collected from visitors and customers. KTM will not use this data to contact you and inform you of product news, services and offers without your permission.
Transfer of personal data to third parties
If required by law or contract, or if we have a legal and legitimate interest, it may be necessary in an individual case to submit your data to our group companies or external business partners.
Your data will not be sold, leased, or otherwise transmitted to external third parties. This does not include: trustworthy partners who support us in operating the website, in the course of doing business, or in other services in which it is, of course, ensured that they are obligated to maintain confidentiality. Within the scope of processing your order or request, we sometimes commission external business partners, who are, however, contractually obliged to comply with the data protection regulations.
The transmission of the data to the group companies of KTM or other third parties shall only take place to the extent such recipients have provided KTM with an undertaking to observe the applicable data protection regulations.
Insofar as we involve external business partners in the context of data processing, we have ensured that these have been selected and are monitored in accordance with the relevant statutory provisions and are also obliged to comply with the data protection regulations and laws. Apart from this, your data is not transferred.
We also take in-house data protection within the group very seriously. Our employees and subcontracted business partners are obliged by us to maintain confidentiality and to adhere to the data protection regulations.
The respective KTM group company works with trustworthy partners.
Specifically, your personal data may be transmitted to the following group companies or business partners:
KTM group companies (a list of all group companies can be viewed here): http://www.ktmgroup.com/de/unternehmen/)
KTM dealers or service partners (a list can be viewed here):
Other business partners (a list can be viewed here):
Collection and storage of usage data
When accessing the website, the following electronic communication metadata are stored: IP address, date and time of access, name of the file called up, sub-page as well as anonymous username, city, user’s region and country, user’s operating system, user’s browser, user’s browser version, user’s interactions on the website, pages visited by the user, duration of the session and number of sessions of the user, date of the first visit to the website, date and time of each interaction of the user, time spent on the website, duration of requests by the user, user’s requests, exception errors of the website, date and time and duration of exception errors. The data can be evaluated anonymously for statistical purposes. This data is kept strictly confidential and not transferred outside the KTM system or made accessible to other third parties, unless this is necessary to fulfill legal or contractual obligations or to fulfill the legal and legitimate interests of KTM.
We delete or anonymize your data as soon as it is no longer needed for the transmission of a communication. If the processing of the electronic communications metadata is for billing purposes, we shall retain the relevant communication metadata up to the end of the period during which the invoice may be legally challenged or the claim for payment asserted. We store this electronic communications metadata for a period of three years from the conclusion of the contract because in terms of the Austrian General Civil Code (ABGB) a claim on the grounds of error must be asserted within three years from conclusion of the contract (see Art. 1487 of the ABGB) and claims for supplies of goods or services to a commercial business lapse after three years (see Art. 1486, para. 1, line 1 of the ABGB).
Cookies may be used on certain KTM websites. A cookie is a small data record that can be stored on your hard drive. This data record is generated and sent to you by the web server with which you are connected via your browser. The cookie enables you to be recognized when visiting the website without having to re-enter the data that you previously entered. The default setting of most browsers is to automatically accept cookies. You can, however, reset your browser to decline such cookies or display them in advance including the necessary requirements for acceptance. You can also delete cookies from your system at any time. Find out how to do this here:
To the extent that the collection and storage of data with cookies is lawful, this occurs exclusively in an anonymous form, so that it is not possible to draw any conclusion about you as a natural person.
The following cookies are currently used on KTM websites for the following purposes:
ai_user – Set by a third-party service of Microsoft Azure called Application Insights. The cookie is used to check performance, to log errors that arise for the client, and to track how the website is used.
.ASPXANONYMOUS – Unique and anonymous username used to collect information to personalize the website.
ASP.NET_SessionId – Unique and anonymous username used to collect information to personalize the website.
WishListAnonymousId – Unique and anonymous username used to store products in a wish list for the current visitor.
cookies-accepted – Used to identify whether the current user has removed the cookie notification on the website.
UserDetails – Used to store data on the user’s nationality and position (in latitude and longitude). Specifically for personalization and map-related services on the website (such as dealer search).
Redirector – Used to store data about the group of languages of the website that the user is visiting, and to redirect the user to the correct group of languages on returning to the website.
_gat – Set by a third-party service of Google called Google Analytics. Used to limit the number of requests being simultaneously sent to Google Analytics.
ai_session – Set by a third-party service of Microsoft Azure called Application Insights. The cookie is used to check performance, to log errors that arise for the client, and to track how the website is used.
_ga – Set by a third-party service of Google called Google Analytics. This is a unique and anonymous username that identifies the user on the website when tracking user interactions and page visits.
_gid – Set by a third-party service of Google called Google Analytics. This is a unique and anonymous username that identifies the user on the website when tracking user interactions and page visits.
VehicleProduct-******* - Used to store the user’s configuration code for the specific configuration of a model on the website by means of the configurator. The ******* part is the code of the vehicle variant for which the cookie was generated. Depending on the vehicle for which the user is using the configurator, several variants of this cookie can be generated.
Scope of data collection
The data that you submit to us will be processed by us for the purposes of implementing a contract (see Art. 6 (1) (b) of the GDPR), for processing your requests, and for compliance with legal obligations (see Art. 6 (1) (c) of the GDPR).
If we perform one of the actions described below, or other actions, or render services, we would like to collect and store your personal data and will request your express consent in each instance for the:
- Implementation of a competition, a promotion, a survey or other features of the website
- Notification of changes or improvements of products or services which could affect visitors and customers
- Sending information to visitors and existing customers on subjects that could be relevant to them and/or about goods and services related to previously purchased products
- Sending information about our products
Sending periodic emails, such as the newsletter
Insofar as customers/visitors opt to be included in our mailing list, they will receive periodic emails informing them of company news, product updates, related products, service information, etc. Customers/visitors can decide to opt out of this mailing list at any time and no longer receive further emails from KTM by notifying us in writing or electronically at the contact address referred to in point 13. The revocation of the consent shall not affect the legality of the processing carried out on the basis of the consent before the revocation.
Use of web analysis services
Storage and protection of personal data
We have taken a number of security measures to guarantee the safety of your personal data when you enter or place an order, or access your personal information. We adopt appropriate data collection, storage and processing practices, and security measures for protection against unauthorized access, changes, transfer, or destruction of personal data, user names, passwords, transactions, information and other data stored on our website. These processes can be maintained by our suppliers. The transfer of this data may include the processing and completion of orders on our website, as well as the provision of support services. We take all appropriate measures to ensure that personal data is handled securely and according to our data protection guidelines.
The information is protected in a secure environment by a combination of physical and technical measures. There is no public access to this information. All information provided can only be accessed by specially authorized persons with access rights to our system, who are obliged to treat the information as strictly confidential. In addition, national legislation might oblige us to store information for a certain period of time.
The personal information collected on KTM websites is stored in a secure operating environment that is not publicly accessible. Sometimes the personal data is also encrypted with suitable security systems prior to the transaction.
The exchange of sensitive and private data between KTM websites and visitors takes place via SSL secured communication channels, is encrypted and provided with digital signatures.
KTM conducts business in many countries of the world. To be able to offer our customers uniform services, regardless of their location, we maintain home pages and websites around the world. When you transfer personal information to KTM, you agree that this information may be transmitted across national borders and be stored and processed in each of the countries in which KTM and its group companies have offices. A list of all group companies can be viewed here:
The Internet is not secure. You should accordingly be careful of the information you disclose when you are online. We cannot guarantee the security of information that we have gathered electronically or by other means, we do, however, take all necessary steps to provide the best possible security. Consequently, visitors transfer information to us at their own risk.
The data protection laws are governed by the principle that personal data is only to be stored for as long as it is necessary for the purposes for which it is processed. Depending on the purpose for which your personal data is stored, we accordingly retain your data for different periods of time:
ai_user – 1 year from creation.
.ASPXANONYMOUS – 3 months from creation.
ASP.NET_SessionId – after closing the website.
WishListAnonymousId – 1 month from creation.
cookies-accepted – 10 years from creation.
UserDetails – 1 day from creation.
Redirector – 1 day from creation.
_gat – after closing the website.
ai_session – after closing the website.
_ga – 2 years from creation.
_gid – 24 hours from creation.
VehicleProduct-******* - 1 day from creation.
Digitally Charged provided platforms and services that make online advertising easier. Our cookies for the demand-side platform (DPS) are all in the pool.a8723.com domain.
Our DPS platform solution provided real-time bidding (RTB) capabilities, which allows our clients the ability to book and optimise advertising campaigns using a vast array of data points, and make buying decisions that efficiently spend the campaign’s budget. Cookies are the way the Digitally Charged DSP tracks the delivery, success and subsequent payment for advertising activity run through the platform.
Details of what cookies are used where are listed below:
tuuid - Ad Serving, Activity Pixels, Data, Partner Integrations
This cookie contains a randomly-generated value, that identifies a user’s browser/device. It is used to match against activity of that browser against client or third-party provided advertising segments, and previous advertising activity such as a banner shown or clicked. It is also used to tell us whether you’ve opted-out from advertising. This cookie is set to expire in 365 days (for normal UUIDs) or 5 years (for "opt-out").
tuuid_last_update - Ad Serving, Activity Pixels, DMP Integrations
Used in combination with the tuuid cookie to match user activity. This cookie is set at the same time as the “tuuid” cookie.
is - DMP Integrations
Used to identify whether a cookie ID is synced with our data partners. This cookie is set to expire in 30 days.
token - Advertising Opt-out
Used as support for industry standard advertising opt-out: http://www.youronlinechoices.com/uk/ This cookie is set to expire in 13 months.
pvc - Activity Pixels
Used to track performance of specific ads, for the purposes of billing and reporting. This cookie is set to expire in a maximum of 365 days.
pcc - Activity Pixels
Used to track performance of specific ads, for the purposes of billing and reporting. This cookie is set to expire in a maximum of 365 days.
pxhst - Ad Serving
Used to track whether specific ads have been viewed, for the purposes of billing and reporting. This cookie is set to expire in 365 days.
dmpsh - Activity Pixels, Ad Serving, DMP Integrations
Used to identify whether a cookie ID is synced with our data partners. This cookie is set to expire in 7 days.
Our advertising partners or other third party partners may use these types of cookies to deliver advertising that is relevant to your interests. These cookies can remember that your device has visited a site or service, and may also be able to track your device’s browsing activity on other sites or services other than KTM. This information may be shared with organizations outside KTM, such as advertisers and/or advertising networks to deliver targeted advertising away from KTM, and to help measure the effectiveness of an advertising campaign. These cookies hold no personal data.
To opt out please visit https://support.google.com/ads/answer/2662922?hl=en-GB or http://www.youronlinechoices.com/uk/your-ad-choices
Rights of the data subject
You have the right at any time and without providing reasons to obtain information in regard to your stored personal data, its origin and recipients, as well as the purpose of the storage (Art. 15 of the GDPR). In this regard, please use the contact address provided in point 13. In order to receive information, you must identify yourself as the person about which the information is to be provided or submit proof that you are authorized to receive information about a third party. Furthermore, we would also like to inform you that you have the right to have your data corrected or deleted (Art. 16 of the GDPR); have the right to request the processing of your data to be restricted (Art. 18 of the GDPR); have the right to object to data processing (Art. 21 of the GDPR) and the right to data portability (Art. 20 of the GDPR).
If, in spite of our obligation to process your data lawfully, your right to the legitimate processing of your data is infringed, contrary to expectation, you have the right to lodge a complaint with the regulatory authority or to apply to court for relief.
Links to external websites
The website may contain hyperlinks to external websites that do not belong to the KTM organization. If you visit such websites, KTM can no longer be responsible for the treatment of your data as confidential. The transmission of your data from the Internet occurs in part unencrypted. Consequently, unauthorized access by third parties cannot be entirely excluded.
KTM's commitment to protecting the privacy of children
The protection of children's data is important to us. For this reason we do not collect or maintain any data of children who are, to our knowledge, under 14 years of age without first obtaining the verifiable consent of the parents or guardian. In addition, we require only so much personal information from children as is absolutely necessary for their participation in activities.
KTM Sportmotorcycle GmbH
Stallhofner Straße 3
Registered company 295902 a, Ried regional court
Sales Tax No.: ATU 636 409 56
This policy was last updated in May 2018