Data protection
1 GENERAL INFORMATION
1.1 OBJECTIVE AND ACCOUNTABILITY
1. This privacy statement informs you about how and why personal data are processed, and to what extent, in relation to our online services and their related Internet pages, functions and content (hereinafter collectively referred to as “online services” or “website”).
2. The provider of our online services and the controller responsible under data protection law is Moetefindt Fahrzeugbau GmbH (Brauerstraße 40, 21244 Buchholz) – hereinafter referred to as the “provider”, “we” or “us”.
3. Our online services are offered by 1&1 Internet SE, Elgendorfer Str. 57, 56410 Montabaur, Germany.
4. Our data protection officer can be contacted via the email address info@moetefindt.de.
5. The term “user” relates to all customers and visitors to our online services.
1.2 LEGAL BASIS
We collect and process personal data on the following legal basis:
a. Consent pursuant to Article 6(1)a of the General Data Protection Regulation (GDPR). “Consent” means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
b. Processing being necessary for the performance of a contract or in order to take steps prior to entering a contract, pursuant to Article 6(1)b of the GDPR, i.e. the data are required for us to fulfil our contractual obligations towards you or we need the data to prepare to enter into a contract with you.
c. Processing being necessary for compliance with a legal obligation pursuant to Article 6(1)c of the GDPR, i.e. a law or other regulation stipulates that the data must be processed, for instance.
d. Processing being necessary for the purposes of legitimate interests pursuant to Article 6(1)f of the GDPR, i.e. the processing is required to protect legitimate interests pursued by us or third parties, except where such interests are overridden by your interests or fundamental rights which require protection of personal data.
1.3 RIGHTS OF THE DATA SUBJECT
You have the following rights with regard to data processing by us:
a. Right of access pursuant to Article 15 of the GDPR
b. Right to rectification pursuant to Article 16 of the GDPR
c. Right to erasure (“right to be forgotten”) pursuant to Article 17 of the GDPR
d. Right to restriction of processing pursuant to Article 18 of the GDPR
e. Right to data portability pursuant to Article 20 of the GDPR
f. Right to object pursuant to Article 21 of the GDPR
Please note: in accordance with legal requirements, users may object to the processing of their personal data at any time with future effect. Inter alia, they may object to processing for direct marketing purposes.
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, including, without limitation, in the member state of your place of abode, your place of work or the place of the alleged infringement, if you believe that the processing of your personal data infringes the GDPR.
1.4 ERASURE OF DATA AND STORAGE PERIOD
The data subject’s personal data shall be erased or made unavailable as soon as the purpose of their storage no longer applies. They may be stored beyond that period if this is envisaged by European or national legislators in EU regulations, laws or other regulations to which the controller is subject. The data shall also be made unavailable or erased if a storage period set down in the above regulations comes to an end, unless the further storage of the data is required to enter into or fulfil a contract.
1.5 SECURITY OF THE PROCESSING
1. We have implemented state-of-the-art technical and organisational security measures (TOMs). By this means, the data we process are protected against accidental or intentional manipulation, loss or destruction, and against unauthorised access.
2. The security measures include, but are not limited to, the encrypted transmission of data between your browser and our server.
1.6 DATA TRANMISSION TO THIRD PARTIES, SUBCONTRACTORS AND THIRD-PARTY SUPPLIERS
1. Personal data shall only be passed on to third parties within the bounds of legal stipulations. We shall only pass on users’ data to third parties if, for example, this is necessary for the purpose of billing, or other purposes, if they need to be passed on in order to fulfil contractual obligations towards the users.
2. To the extent that we use subcontractors for our online services, we have taken appropriate contractual precautions and corresponding technical and organisational measures with regard to those enterprises.
3. To the extent that we use content, tools or other resources supplied by other companies (hereinafter jointly referred to as “third-party suppliers”) whose registered office is in a third country, data can be assumed to be transferred into the states where the headquarters of those third-party suppliers are located. We shall only transfer personal data to third countries if the data are subject to a suitable level of protection, the users have consented thereto, or another type of legislative permission applies.
2 SPECIFIC DATA PROCESSING
2.1 COLLECTION OF INFORMATION ON THE USE OF THE ONLINE SERVICES
1. When our online services are used, information is automatically transmitted to us from the user’s browser; this includes the name of the website accessed, the files accessed, the date and time they were accessed, the amount of data transferred, notification of whether they were successfully accessed, the browser type and version, the user’s operating system, the referrer URL (the previously visited page), the IP address and the provider making the request.
2. This information is processed on the basis of our legitimate interests pursuant to Article 6(1)f GDPR (e.g. optimising our online services) and the need to guarantee the security of the data pursuant to Article 5(1)f of the GDPR (e.g. to prevent and investigate cyber attacks).
3. The information shall be erased automatically 6 weeks after the end of the access – i.e. the use of the online services – as long as no other retention periods stand in the way of this.
4. The data must necessarily be collected and stored in log files in order to provide the online services. For that reason, the user has no opportunity to object to this, or to have them erased or rectified.
2.2 CONTACT FORM AND CONTACT BY E-MAIL
1. When users contact us (via the online form or e-mail), the data they provide shall be used only to process and deal with their enquiry.
2. The data shall only be used for other purposes if the user consents thereto.
3. The user’s data shall be stored in our Customer Relationship Management System (“CRM system”) or a comparable database or item of software. The retention periods applied shall be those for business correspondence.
2.3 GOOGLE TAG MANAGER
This website uses Google Tag Manager. This service enables website tags to be managed via an interface. Google Tag Manager only implements tags; it does not place any cookies or collect any personal data. Google Tag Manager triggers other tags that may collect personal data. However, Google Tag Manager does not access those data.
If tracking has been deactivated at cookie or domain level, this applies to all tracking tags deployed using Google Tag Manager.
2.4 GOOGLE ANALYTICS
1. This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”).
2. Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how you use the site. The information generated by the cookie about your use of the website is generally transmitted to and stored by Google on servers in the USA. If IP anonymization has been activated on this website Google will, however, previously truncate your IP address within member states of the European Union or other states party to the Agreement on the European Economic Area. In exceptional cases only, the full IP address will be transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing the website operator with other services relating to website activity and Internet usage. Your browser IP address as ascertained for the purposes of Google Analytics will not be brought together with other data gathered by Google. You may refuse the storage of cookies by selecting the appropriate settings on your browser; however, please note that if you do this you may not be able to use the full functionality of this website. Moreover, you may prevent Google from gathering the data (including your IP address) collected using the cookie and regarding your use of the website, and prevent Google from processing this data, by downloading and installing the browser plugin available from the following link: http://tools.google.com/dlpage/gaoptout?hl=en
3. In addition, you have the option of using the following cookie to prevent your data from being collected by this website in future: Deactivate Google Analytics.
2.5 YOUTUBE
1. We use the provider YouTube to embed videos. Those videos are embedded in privacy-enhanced mode.
2. The Youtube website uses cookies to collect information about the users of that website. Among other things, Youtube uses those cookies to collect video statistics, prevent fraud and improve user-friendliness.
3. When you use Youtube, you are connected to the Google DoubleClick network. When you start watching the video, that can trigger further data processing operations. We do not have any influence on this.
4. For further information on privacy at Youtube, see the privacy notice at http://www.youtube.com/t/privacy_at_youtube
2.6 DOUBLECLICK
1. DoubleClick by Google is a service provided by Google, Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
2. DoubleClick by Google uses cookies to show you ads that are relevant to you. In this process, your browser is assigned a pseudonymous identification (ID) number to check which ads have been displayed in your browser and which ads have been accessed. These cookies do not contain any personal information. Using the DoubleClick cookies only enables Google and its partner websites to place ads based on previous visits to our website or other websites on the Internet. The information gathered by the cookies is sent for evaluation to a Google server in the USA and stored there. Under no circumstances will Google connect your data with other data collected by Google.
3. By using this website, you consent to Google processing data it collects about you in the manner and for the purposes set out above.
4. You can prevent the cookies from being stored by adjusting your browser software accordingly. Moreover, you may prevent Google from collecting the data gathered using the cookie and regarding your use of the website, and prevent Google from processing this data, by downloading and installing the browser plugin available via the following link under “Extension to deactivate DoubleClick”.
5. For more information about DoubleClick by Google, and about data protection, see: https://policies.google.com/technologies/ads?hl=en
2.7 GOOGLE MAPS
1. This website uses Google Maps to show maps and provide directions. Google Maps is run by Google, Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
2. By using this website, you are declaring your consent for automatically gathered data and data you enter to be collected, processed and used by Google Inc., a representative thereof or third parties.
3. The terms of use for Google Maps can be found at https://policies.google.com/privacy?hl=en&gl=de.
Detailed information can be found at the google.de privacy centre at https://policies.google.com/privacy?hl=en&gl=de.
2.8 GOOGLE FONTS
1. Our website uses Google Fonts, provided by Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA).
2.Google Fonts are used without authentication and no cookies are sent to the Google Fonts API. If you have a Google account, none of your Google account data will be sent to Google while Google Fonts are being used. Google simply records the use of CSS and the fonts used, and stores those data securely.
3.To find out more about this and other issues, go to https://developers.google.com/fonts/faq.
4.To discover what data Google records and the purpose for which those data are used, see https://www.google.com/intl/de/policies/privacy/.
2.9 JOB POSTINGS
1. In the jobs section, you will find our current job postings.
2. When you contact us, this takes place via the mailto function on your device. Your local e-mail client sends an e-mail to our recruitment staff (karriere@moetefindt.de).
3. Please note that data transfer on the Internet (e.g. when communicating by e-mail) may involve lapses in security. It is not possible to protect the data entirely against third-party attacks.
4. You can withdraw the use of your personal data at any time with future effect, free of charge.
2.10 WIREDMINDS / LEADLAB
1. For marketing and optimisation purposes, products and services provided by wiredminds GmbH (www.wiredminds.de) are used on this website. This involves data being collected, processed and stored to create user profiles under a pseudonym. Where possible and useful, the user profiles are completely anonymous.
2. Cookies may be used for this purpose. Cookies are small text files that are stored in the user’s Internet browser and are used to recognise it. The data collected, which may also include personal data, are sent to wiredminds or gathered by wiredminds itself. wiredminds is entitled to use information gathered during visits to the website to create anonymous usage profiles. Without the data subject’s specifically granted consent, the data thus gathered shall not be used to identify users to this website personally, neither shall such data be combined with personal data relating to the bearer of the pseudonym. If data are gathered on IP addresses, they shall be anonymised immediately afterwards by deleting the final octet.
3. The data collection, processing and storage may be refused at any time with future effect (deactivation).
2.11 LEADINGREPORTS
2.12 FACEBOOK PIXEL
Facebook pixel for creating custom audiences (with the cookie consent tool)
Our online services use the “Facebook pixel”, provided by the social network Facebook, which is run by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (“Facebook”).
If a user clicks on an ad that is placed by us and played on Facebook, the Facebook pixel adds extra information to the URL of our page accessed via the link. If our page allows data to be shared with Facebook using pixels, then that URL parameter is added to the user’s browser via a cookie placed directly by our linked page. That cookie is then read by the Facebook pixel and enables the data to be passed on to Facebook.
On one hand, the Facebook pixel enables Facebook to identify visitors to our online services as a target group to whom Facebook ads can be shown. Accordingly, we use the Facebook pixel to ensure that the Facebook ads we place are only shown to Facebook users who have actually shown an interest in our online services, or who have certain characteristics (e.g. interest in specific themes or products, determined based on their visited websites), of which we inform Facebook (“custom audiences”). On the other hand, we also use the Facebook pixel to ensure that our Facebook ads correspond to the user’s potential interest, and are not annoying. By this means, we can also evaluate the effectiveness of Facebook ads for statistical and market research purposes by analysing whether users are sent to our website after they click on a Facebook ad (what is known as “conversion”).
The data gathered are anonymous to us, i.e. they do not allow us to reach any conclusions about the identity of the users. However, the data are stored and processed by Facebook, meaning that they can potentially be connected to the relevant user profile and Facebook can use the data for its own advertising purposes in accordance with the Facebook privacy policy (https://www.facebook.com/about/privacy/). These data can enable Facebook and its partners to place ads on and outside Facebook.
The data processing involved in the use of the Facebook pixel is only carried out if you have expressly granted your consent thereto pursuant to Article 6(1)a of the GDPR. After you have given your permission, you can withdraw it at any time with future effect. To withdraw your consent, remove the tick next to the setting for the “Facebook pixel” in the cookie consent tool on the website.
3 COOKIE POLICY
3.1 GENERAL INFORMATION
1. Cookies are pieces of information that are transmitted from our web server or third-party web servers to users’ web browsers and saved there to be called up later. Cookies may be small files or other types of stored information.
2. If users do not want cookies to be stored on their computer, they are requested to deactivate the relevant option in their browser settings. Cookies that have already been stored can be deleted in their browser settings. Refusing cookies may restrict the functions of these online services.
3.2 WAYS TO REFUSE COOKIES
You can refuse the use of cookies used to measure coverage and for advertising purposes via:
a. the deactivation page of the Network Advertising Initiative http://optout.networkadvertising.org/
b. the US website http://www.aboutads.info/choices
c. the UK/European website http://www.youronlinechoices.com/uk/your-ad-choices/
4 CHANGES TO THE PRIVACY STATEMENT
1. We reserve the right to change this privacy statement with regard to data processing in order to adapt it to changes in the legal situation, our online services or data processing.
2. If users’ consent is required or elements of the privacy statement contain stipulations regarding the contractual relationship with users, then those changes shall only be made with the users’ consent.
3. Users are requested to regularly acquaint themselves with the contents of this privacy statement.
Revised: 23 August 2022