Privacy Policy

Privacy Policy | KMB Creative Network GmbH

Version: November 7, 2025

Who we are

The controller pursuant to the General Data Protection Regulation (GDPR) and other applicable data protection laws is:

KMB Creative Network GmbH

Torstraße 140
10119 Berlin
Germany

+49 30 69597280

info@kmbcreative.de

https://kmbcreative.de/

Contacting the data protection officer

The data protection officer of the controller is:

DataCo GmbH
Nymphenburger Str. 86
80636 Munich

Germany
+49 89 7400 45840
www.dataguard.de

On this page, we inform you about the processing of your personal data on the website. How we collect and use your personal data depends on how you interact with us or which services you use. We only collect, use or share your personal data if we have a legitimate purpose and a legal basis for doing so.

What do we mean by legal basis?

Consent (Art. 6 para. 1 sentence 1 lit. a GDPR) – You have given us your consent to process your personal data for the specific purpose that we have explained to you. You have the right to withdraw your consent at any time. Further information on how to withdraw your consent can be found in the subsections “Exercising your rights” in the following sections of this privacy policy.

Contract (Art. 6 para. 1 sentence 1 lit. b GDPR) – We must use your data to perform a contract you have with us. Alternatively, it is necessary to use your data because you have asked us to do so or you yourself have taken certain steps prior to entering into this contract.

Legal obligation (Art. 6 para. 1 sentence 1 lit. c GDPR) – We must use your data to comply with the law.

Vital interests (Art. 6 para. 1 sentence 1 lit. d GDPR) – Processing your data is necessary to protect your vital interests or those of another person. For example, to protect you from serious bodily harm.

Public task (Art. 6 para. 1 sentence 1 lit. e GDPR) – Processing your data is necessary for the performance of a task that is in the public interest, or because it is covered by a legally prescribed task, e.g. a statutory function.

Legitimate interests (Art. 6 para. 1 sentence 1 lit. f GDPR) – Processing your data is required to support a legitimate interest that we or another party have, only if your own interests do not override it.

Please note that we may not be able to provide you with our website services if your data is processed for the fulfilment of a contract or legal obligation and you do not provide the requested data.

Data sharing and international transfers

As explained in this privacy policy, we use various service providers who assist us in providing our services and safeguarding your data. When we use these service providers, it is necessary to share your personal data with them.

We have entered into agreements with all service providers to whom we disclose your data that obligate them to protect your data.

If your personal data is transferred outside the EU, we ensure that your personal data receives an equivalent level of protection, either because the country to which your data is transferred has been deemed to provide an “adequate” level of data protection by the European Commission, or by applying another safeguard such as an enhanced contractual agreement – namely, the Standard Contractual Clauses (SCCs) adopted by the European Commission.

For example, when we use U.S. service providers, we rely on either the SCCs or the EU-U.S. Data Privacy Framework, depending on the provider. You can request a copy of the SCCs we have concluded with our service providers by emailing the address listed in this privacy policy.

Your rights

If your personal data is processed, you are a data subject as defined by the GDPR and you have the following rights with respect to the controller:

1. Right of access (Art. 15 GDPR)

You have the right to request confirmation from us as to whether personal data concerning you is being processed.
If this is the case, you have the right to access such data and the following information:

  • Purposes of processing

  • Categories of personal data

  • Recipients or categories of recipients

  • Intended storage period or the criteria used to determine that period

  • The existence of rights to rectification, erasure, restriction, or objection

  • The right to lodge a complaint with the relevant supervisory authority

  • Where applicable, the source of the data (if collected from a third party)

  • Where applicable, the existence of automated decision-making including profiling, along with meaningful information about the logic involved, as well as the significance and the envisaged consequences

  • Where applicable, whether personal data is transferred to a third country or an

    international organization

2. Right to rectification (Art. 16 GDPR)

If your personal data is inaccurate or incomplete, you have the right to request the immediate correction or completion of the data.

3. Right to restriction of processing (Art. 18 GDPR)

You have the right to request the restriction of the processing of your personal data where one of the following applies:

  • You contest the accuracy of your personal data, for a period enabling us to verify its accuracy.

  • The processing is unlawful and you oppose the erasure of the personal data and request restriction instead.

  • We no longer need your personal data for the purposes of processing, but you require it for the establishment, exercise, or defense of legal claims.

  • You have objected to processing, pending the verification of whether our legitimate grounds override yours.

4. Right to erasure (“right to be forgotten”) (Art. 17 GDPR)

You have the right to request the immediate deletion of your personal data where one of the following applies:

  • The data is no longer necessary for the purposes for which it was originally collected.

  • You withdraw your consent and there is no other legal basis for processing.

  • You object to the processing and there are no overriding legitimate grounds, or you

    object under Art. 21(2) GDPR.

  • Your personal data was unlawfully processed.

  • The erasure is required to fulfill a legal obligation under Union or Member State law.

  • The personal data was collected in relation to the offer of information society services as per Art. 8(1) GDPR.

Please note that the above reasons do not apply insofar as processing is necessary:

  • To exercise the right to freedom of expression and information

  • To comply with a legal obligation or for the performance of a task carried out in the public interest

  • For reasons of public interest in the area of public health

  • For archiving purposes in the public interest, scientific or historical research, or

    statistical purposes

  • For the establishment, exercise, or defense of legal claims

5. Right to data portability (Art. 20 GDPR)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format, or to have it transmitted to another controller.

6. Right to object to certain data processing (Art. 21 GDPR)

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Art. 6(1)(e) or (f) GDPR. This also applies to profiling based on these provisions.
Where personal data is processed for direct marketing purposes, you have the right to object at any time to such processing, including profiling to the extent that it is related to direct marketing.

7. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates the GDPR. The supervisory authority will inform the complainant of the status and outcome of the complaint, including the possibility of a judicial remedy under Art. 78 GDPR. A list of the competent data protection supervisory authorities in Germany can be found on the website of the Federal Commissioner for Data Protection at the following link: https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html

Provision of the website and creation of log files

1. Description and scope of data processing

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing device.

  • The following data is collected:

  • Information about the browser type and version used

  • The user’s operating system

  • The user’s internet service provider

  • Date and time of access

  • Websites from which the user’s system accesses our website

  • Websites accessed by the user’s system via our website

These data are stored in the log files of our system.
These data are not stored together with other personal data of the user.

2. Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user's computer. For this, the user's IP address must be stored for the duration of the session.

Storage in log files is done to ensure the functionality of the website. In addition, the data help us to optimize the website and ensure the security of our information technology systems. There is no evaluation of the data for marketing purposes in this context.

3. Legal basis for data processing

The legal basis for the temporary storage of data and log files is Art. 6 para. 1 sentence 1 lit. f GDPR.

4. Duration of storage

The data are deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. In the case of data collection for the provision of the website, this is the case when the respective session has ended.

In the case of storage in log files, this is the case after a maximum of seven days. Further storage is possible. In this case, the IP addresses of the users are deleted or anonymized so that an assignment to the accessing client is no longer possible.

5. Exercising your rights

The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. The user may object to this. Whether the objection is successful must be determined in the context of a balancing of interests.

Use of cookies

1. Description and scope of data processing

When you visit our website, we use technical tools for various functions, especially cookies that may be stored on your device. When accessing our website and at any time thereafter, you can choose whether you generally allow cookies to be set or which individual additional features you want to enable. You can make changes in your browser settings or via our consent manager.

Cookies are text files or pieces of information stored on your hard drive and associated with the browser you are using, allowing the entity setting the cookie to receive specific information. Below we describe which types of cookies we use:

We use technically necessary cookies that are required for the technical structure of the website. Without these cookies, our website cannot be displayed (completely or correctly), or support functions will not be available.

The following data are stored and transmitted via technically necessary cookies:

  • Language settings

  • Login information

  • Entered search terms

  • Frequency of page views

  • Use of website functions

We also use cookies on our website that are not technically necessary. Technically unnecessary cookies are those that do not solely serve the functionality of the website but also collect other data.

Through the use of technically unnecessary cookies, the following data are processed:

  • IP address

  • Location of the internet user

  • Date and time of the website visit

  • Customization of advertisements to the user

  • Tracking of surfing behavior

  • Linking of the website visit with other social media platforms


2. Purpose of data processing

The purpose of using technically necessary cookies is to ensure the functionality of our website. Some functions of our site cannot be offered without the use of cookies. For these, it is necessary for the browser to be recognized even after a page change.

We require technically necessary cookies for the following applications

  • Adoption of language settings

  • Remembering search terms

  • Functionality of the website

The use of technically unnecessary cookies aims to improve the quality of our website, its content, and thus our reach and economic efficiency. These cookies help us understand how the website is used so we can continuously optimize our offering.

3. Legal basis for data processing

For the storage of information in the end user’s device and/or access to information already stored in the end user’s device, the provisions of the Telecommunications and Telemedia Data Protection Act (TTDSG) apply.

If the setting and reading of cookies is technically necessary, this is done to ensure the functionality of our website. In such cases, the storage and access to cookies on your end device is based on § 25 para. 2 no. 2 TTDSG. This storage and access to information on your end device serves to facilitate your use of our website and to provide the services you desire. Some website features do not function without the use of these cookies and could therefore not be offered.

Cookies are generally deleted at the end of the session (e.g., logout or browser closure) or after a predefined period. Information on deviating storage periods for cookies can be found in the subsequent sections of this privacy policy.

If cookies are used that are not technically necessary, this is done on the basis of your express consent, which you can provide via the cookie banner. The legal basis for the storage and access to information in this case is § 25 para. 1 TTDSG in conjunction with Art. 6 para. 1 lit. a) and Art. 7 GDPR. You can withdraw your consent at any time with future effect or grant it again later by configuring your cookie settings accordingly.

Alternatively, you can prevent the storage of cookies by adjusting your browser settings. Please note that browser settings always apply only to the browser you are using.

If personal data are processed following the storage and access to information on your device, the provisions of the GDPR apply. Further information on this can be found in the following sections of this privacy policy.

4. Exercising your rights

You can withdraw your consent to the use of cookies at any time and manage your consent preferences at the following link:
There is a button named “Cookie Settings” in the footer of the website. After clicking this button, the cookie banner for managing cookie settings appears.

Newsletter

1. Description and scope of data processing

Our website offers the option to subscribe to a free newsletter. When registering for the newsletter, the data entered in the input form is transmitted to us.

To provide this service, we collect the following data from you: Email address

As part of the registration process, your consent is obtained for the processing of the data, and reference is made to this privacy policy.

No data will be passed on to third parties in connection with data processing for the purpose of sending newsletters. The data will be used exclusively for sending the newsletter.

2. Purpose of data processing

The user's email address is collected for the purpose of delivering the newsletter.
Other personal data collected during the registration process is used to prevent misuse of the services or the email address used.

3. Legal basis for data processing

The legal basis for processing the data after the user has subscribed to the newsletter is Art. 6 para. 1 sentence 1 lit. a GDPR, provided that the user has given their consent.

4. Duration of storage

The data will be deleted as soon as they are no longer necessary for achieving the purpose for which they were collected. The user’s email address will therefore be stored as long as the newsletter subscription is active.

The other personal data collected during the registration process is generally deleted after a period of seven days.

5. Exercising your rights

The newsletter subscription can be cancelled by the data subject at any time. A corresponding link is included in every newsletter.

This also enables the withdrawal of consent to store the personal data collected during the registration process.

Email contact

1. Description and scope of data processing

Our website provides the option to contact us via the provided email address. In this case, the personal data transmitted with the email will be stored.

The data is used exclusively for processing the conversation.

2. Purpose of data processing

If contact is made by email, this also constitutes the necessary legitimate interest in processing the data.

3. Legal basis for data processing

The legal basis for the processing of the data transmitted in the course of sending an email is Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in optimally responding to your inquiry submitted via email.

If the email contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b GDPR.

4. Duration of storage

The data will be deleted as soon as they are no longer necessary for achieving the purpose for which they were collected. For personal data sent by email, this is the case when the respective conversation with the user has ended. The conversation is considered ended when it can be inferred from the circumstances that the relevant matter has been conclusively resolved.

Any additional personal data collected during the sending process will be deleted at the latest after a period of seven days.

5. Exercising your rights

If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.

All personal data stored in the course of the contact will be deleted in this case.

Company profiles

Instagram:

Instagram, part of Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

On our company page, we provide information and offer Instagram users the opportunity to communicate with us.

If you perform an action on our Instagram company profile (e.g. comments, posts, likes, etc.), you may make personal data public (e.g. your real name or your profile photo).

However, since we generally have no influence over the processing of your personal data by Instagram, we cannot make binding statements about the purpose and scope of the processing of your data.

We use our company profile on social networks for communication and information exchange with (potential) customers. In particular, we use our Instagram profile for:

Use of our company profiles serves to market our services and increase brand awareness.

Publications via the company profile may contain the following content:

  • Information about services

  • Advertising

  • Customer interaction

Each user is free to publish personal data through their activity.

If we process your personal data to analyze your online behavior, run sweepstakes, or conduct lead campaigns, this is done on the basis of your explicit declaration of consent pursuant to Art. 6 para. 1 sentence 1 lit. a, Art. 7 GDPR.

The legal basis for processing personal data for the purpose of communication with customers and interested parties is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest is to respond to your inquiries optimally or to provide the requested information.

If the contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

Data generated via the company profile is not stored in our own systems.

For the processing of your personal data in third countries, we have implemented appropriate safeguards in the form of standard data protection clauses pursuant to Art. 46 para. 2 lit. c GDPR. A copy of the standard contractual clauses can be requested from us.

You may object to the processing of your personal data, which we collect during your use of our company profile, at any time and exercise your rights as a data subject as set out in the section "Your rights" in this privacy policy. To do so, please send an informal email to info@kmbcreative.de.

For more information on how Instagram processes your personal data and how you can object, see:

Instagram: https://help.instagram.com/519522125107875

Use of company profiles on professional networks

1. Scope of data processing

The company profile is used for recruiting, information/PR, and active sourcing. We do not have information about how your personal data is processed by the companies jointly responsible for the company profile. Further information can be found in the privacy policy of:

  • LinkedIn

On our page, we provide information and offer users the opportunity to communicate with us.

The company profile is used for recruiting, information/PR, and active sourcing.

We do not have information about how your personal data is processed by the companies jointly responsible for the company profile. For more information, please refer to the privacy policy of:

LinkedIn: https://www.linkedin.com/legal/privacy-policy

If you perform an action on our company profile (e.g. comments, posts, likes, etc.), you may

make personal data public (e.g. your real name or profile photo).

2. Legal basis for data processing

The legal basis for processing personal data for the purpose of communication with customers and interested parties is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest is to respond to your inquiries optimally or to provide the requested information.

If the contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

3. Purpose of data processing

Our company profile is used to inform users about our services. Each user is free to publish personal data through their activities.

4. Duration of storage

Data generated through the company profile is not stored in our own systems.

5. Exercising your rights

You may object to the processing of your personal data, which we collect during your use of our company profile, at any time and exercise your rights as a data subject as set out in the section "Your rights" in this privacy policy. To do so, please send an informal email to the email address listed in this privacy policy.

Further information on exercising your rights can be found here:
LinkedIn: https://www.linkedin.com/legal/privacy-policy

Hosting

The website is hosted on servers of a service provider contracted by us.

Our service provider is:
Framer, operated by Framer B.V., Rozengracht 207B, 1016 LZ, Amsterdam, Netherlands. For more information, please refer to the provider’s privacy policy: https://www.framer.com/legal/privacy-statement

The servers automatically collect and store information in so-called server log files, which your browser automatically transmits to us when visiting the website. The stored information includes:

  • Information about the browser type and version used

  • The user’s operating system

  • The user’s internet service provider

  • Date and time of access

  • Websites from which the user’s system accessed our website

  • Websites accessed by the user’s system via our website

This data is not merged with other data sources. The collection of this data is based on Art. 6 para. 1 lit. f GDPR. Our legitimate interest in processing this data lies in displaying our website without errors and optimizing its functionality.

The server location of the website is geographically within the European Union (EU) or the European Economic Area (EEA).

Integrated third-party services

We use various service providers to deliver the services offered on our website.

Generally, we have a legitimate interest in sharing your data with the relevant service providers when these services are essential for the provision of the core services offered on the website.

If such services are required for additional features, extended functionality, or additional purposes, your personal data will only be shared with service providers if you have given your consent.

You may withdraw your consent to the use of integrated third-party services at any time and manage your consent preferences here: There is a button named “Cookie Settings” in the footer of the website. After clicking this button, the cookie banner for managing cookie preferences will appear.

Use of Google Analytics 4 (GA4) / 1

1. Scope of the processing of personal data

We use Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google”)

Google Analytics analyzes, among other things, how website visitors use our site. Google places cookies on your end device. During the visit, user behavior is recorded in the form of “events.” This may result in the storage and evaluation of personal data, including:

  • First visit to the website

  • Interaction with the website, navigation path

  • Clicks on external links

  • Use of video content

  • File downloads

  • Ad impressions and clicks

  • Scroll behavior (when scrolling to the end of the page)

  • Searches performed on the website

  • Language selection

  • Page visits

  • Location (region)

  • Your IP address (in truncated form)

  • Technical information about your browser and devices (e.g. language setting, screen resolution)

  • Your internet service provider

  • Referrer URL

By default, IP anonymization is enabled in GA4. This means that your IP address is shortened by Google within the member states of the European Union or in other countries that are party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. Google states that the IP address transmitted by your browser as part of Google Analytics is not merged with other Google data.

Further information on Google’s data processing can be found here: https://policies.google.com/privacy

2. Purpose of data processing

We use GA4 to evaluate the usage of our online presence and to generate reports on website activity. These reports help us analyze the performance of our website and enable the targeted delivery of advertisements to individuals who have already shown an initial interest by visiting our website.

3. Legal basis for the processing of personal data

The legal basis for the processing of personal data is, in principle, the consent of the user pursuant to Art. 6 para. 1 sentence 1 lit. a) GDPR.

4. Duration of storage

Your personal data will be deleted after 2 months. This deletion takes place automatically once a month.

5. Exercising your rights

You have the right to withdraw your data protection consent declaration at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
You can withdraw your consent at any time via our cookie consent tool.

You can also prevent the collection and processing of your personal data by Google by:

  • Blocking third-party cookies in your browser

  • Enabling the "Do Not Track" function in a supported browser

  • Disabling the execution of script code in your browser

  • Installing a script blocker such as NoScript (https://noscript.net) or Ghostery (https://www.ghostery.com)

Further information on opt-out and removal options with regard to Google can be found at: https://policies.google.com/technologies/partner-sites

You can also prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en

Additionally, you can deactivate the use of your personal data by Google at: https://adssettings.google.com


This privacy policy was created with the support of DataGuard.

Sign up now for the KMB mailing list and stay up to date.

If you register for our newsletter, we will process your email address solely for the purpose of sending the newsletter. The processing is based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent at any time with effect for the future, e.g. via the unsubscribe link in each newsletter. You can find more information in our Privacy Policy.

©2025 KMB CREATIVE NETWORK GMBH, ALL RIGHTS RESERVED


IMPRINT

|

PRIVACY POLICY

|

|

AGB

|

CAREER

Instagram Logo
Tik Tok Logo
LinkedIn Logo

KMB Creative Network is a digital communications agency based in Berlin specializing in Influencer Marketing, Public Relations, and Social Media. Data-driven strategies meet creative storytelling to make brands culturally relevant. The focus is on TikTok campaigns, Instagram content, Twitch livestreams, YouTube collaborations, and curated relations for Gen Next (Generation Alpha, Generation Z & Millennials). The showroom in Berlin-Mitte provides space for seeding events, brand experiences, and creative partnerships.

Sign up now for the KMB mailing list and stay up to date.

If you register for our newsletter, we will process your email address solely for the purpose of sending the newsletter. The processing is based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent at any time with effect for the future, e.g. via the unsubscribe link in each newsletter. You can find more information in our Privacy Policy.

©2025 KMB CREATIVE NETWORK GMBH, ALL RIGHTS RESERVED

IMPRINT

PRIVACY POLICY

AGB

CAREER

Instagram Logo
Tik Tok Logo
LinkedIn Logo

KMB Creative Network is a digital communications agency based in Berlin specializing in Influencer Marketing, Public Relations, and Social Media. Data-driven strategies meet creative storytelling to make brands culturally relevant. The focus is on TikTok campaigns, Instagram content, Twitch livestreams, YouTube collaborations, and curated relations for Gen Next (Generation Alpha, Generation Z & Millennials). The showroom in Berlin-Mitte provides space for seeding events, brand experiences, and creative partnerships.

Sign up now for the KMB mailing list and stay up to date.

If you register for our newsletter, we will process your email address solely for the purpose of sending the newsletter. The processing is based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent at any time with effect for the future, e.g. via the unsubscribe link in each newsletter. You can find more information in our Privacy Policy.

©2025 KMB CREATIVE NETWORK GMBH, ALL RIGHTS RESERVED


IMPRINT

|

PRIVACY POLICY

|

|

AGB

|

CAREER

Instagram Logo
Tik Tok Logo
LinkedIn Logo

KMB Creative Network is a digital communications agency based in Berlin specializing in Influencer Marketing, Public Relations, and Social Media. Data-driven strategies meet creative storytelling to make brands culturally relevant. The focus is on TikTok campaigns, Instagram content, Twitch livestreams, YouTube collaborations, and curated relations for Gen Next (Generation Alpha, Generation Z & Millennials). The showroom in Berlin-Mitte provides space for seeding events, brand experiences, and creative partnerships.