Privacy Policy pursuant to GDPR

Name and address of responsible party

The responsible party within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:

Hirschmann Automotive Freyung GmbH
Industriestrasse 2a
94078 Freyung, Germany
Phone +49(0)8551-916977-0
E-mail: info.freyung@hirschmann-automotive.com
www.hirschmann-automotive.de

Contact details of the data protection officer

The data protection officer of the responsible party can be reached via:

Hirschmann Automotive Freyung GmbH
Industriestrasse 2a
94078 Freyung, Germany
Phone +49(0)8551-916977-0
E-mail: datenschutz@hirschmann-automotive.com

Privacy Policy Hirschmann Automotive

Privacy Policy

pdf 78 KB

https://jquery.org/team/, https://js.foundation/contact

 

General information about data processing

1. Extent of processing of personal data

In principle, we process the personal data of our users only to the extent necessary for the provision of a functional website and our content and services. Regular processing of the personal data of our users takes place only with the consent of the user. An exception applies to cases in which prior consent is not possible for reasons of fact and to the extent that the processing of the data is permitted by law.

2. Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for the processing of personal data, Art.6 (1) letter (a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis. In the processing of personal data necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) letter (b) of the GDPR serves as the legal basis. This also applies to preparatory operations required to carry out pre-contractual measures. Insofar as the processing of personal data is required to fulfill a legal obligation to which our company is subject,  Art. 6 (1) letter (c) of the GDPR serves as the legal basis. In the event that vital interests of the data subject or any other natural person require the processing of personal data, Art. 6 (1) letter (d) of the GDPR serves as the legal basis. If the processing is necessary to safeguard the legitimate interests of our company or a third party, and the interests, fundamental rights and fundamental freedoms of the data subject do not outweigh the former interests, Art. 6 (1), letter (f) of the GDPR serves as the legal basis for processing.

3. Data deletion and duration of storage

The personal data of the data subject will be deleted or removed as soon as the purpose of storage is completed. In addition, the data may be stored if provided for by the European or national legislator in EU regulations, laws or other regulations to which the responsible party is subject. Removal or deletion of the data takes place once the storage period prescribed by the mentioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfillment of contractual obligations.

Website availability and creation of log files

1. Description and scope of data processing

Each time our website is accessed, our system automatically collects data and system information from the accessing computer.

The following data is collected in such instances:

  1. Information about the browser type and version used
  2. The user’s operating system
  3. Host name of the accessing computer
  4. The user’s IP address
  5. Date and time of access
  6. Websites from which the system of the user reaches our website (referrer URL)

This data is also stored in the log files of our system. This data is not stored in conjunction with other personal user data.

2. Legal basis for data processing

The legal basis for the temporary storage of data and log files is Art. 6 (1) letter (f) of the GDPR.

3. Purpose of data processing

Temporary storage of the IP address by the system is necessary to allow delivery of the website to the user’s computer. The user’s IP address must be stored for the duration of the session.

The information is stored in log files to ensure proper functioning of the website. In addition, the data is used to optimize the website and to ensure the security of our IT systems. An evaluation of the data for marketing purposes does not take place in this context.

For these purposes, our legitimate interest lies in the processing of data according to Art. 6 (1) letter (f) of the GDPR.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary for achieving the purpose of its collection. In the case of data collection for the purpose of providing the website, this is the case when the respective session is finished.

In the case of storing data in log files, this is the case after no more than seven days. Further storage is possible. In this case, the IP addresses of the users are deleted or anonymized, so that an assignment of the accessing client is no longer possible.

5. Possibility of objection and deletion

Collection of the data for the provision of the website and storage of the data in log files is essential for operating the website. There is consequently no right to objection on the part of the user.

Use of cookies

a) Description and scope of data processing

Our website uses cookies. Cookies are text files that are stored by or within the Internet browser on the user’s computer system. When a user visits a website, a cookie may be stored on the user’s operating system. This cookie contains a string of characters that allows the browser to be uniquely identified when the website is reopened.

We use cookies to make our website more user-friendly. Some elements of our website require that the accessing browser be identified even after it has left the site.

In addition, we use cookies on our website that allow an analysis of users’ browsing behavior.

The data of the users collected in this way is pseudonymized by means of technical precautions. Therefore, attribution of the data to a user accessing our site is not possible. Such data will not be stored together with other personal data of the user.

When accessing our website, users will be informed by a notice banner about the use of cookies for analysis purposes and referred to this privacy policy. In this context, there is also a notice as to how the storage of cookies can be prevented in the browser settings.

b) Legal basis for data processing

The legal basis for the processing of personal data using cookies is Art. 6 (1) letter (f) of the GDPR.

c) Purpose of data processing

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some features of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is identified even after it has left the site.

The user data collected by technically necessary cookies is not used to create user profiles.

Analysis cookies are used for the purpose of improving the quality of our website and its contents. Through the analysis cookies we are able to learn how the website is used, and we can thus constantly optimize our offer.

For these purposes, our legitimate interest lies in the processing of personal data in accordance with Art. 6 (1) letter (f) of the GDPR.

d) Duration of storage and options for objection and deletion

Cookies are stored on the computer of the user and transmit information from there to our site. Therefore, as a user, you have full control over the use of cookies. By changing the settings in your internet browser, you can disable or restrict the transmission of information by cookies. Previously saved cookies can be deleted at any time. This can also be done automatically. If cookies are disabled for our website, some of the functions of the website may be limited.

The following links will help you understand how to opt out of accepting and installing cookies for the most popular browsers:

 

Contact form and e-mail contact

1. Description and scope of data processing

A contact form is available on our website, which can be used for electronic contact. If a user utilizes this possibility, the data entered in the input field is transmitted to us and stored. This data is:

Mandatory fields: last name, firm/company, e-mail

Voluntary fields: first name, telephone number

At the time of transmission of the message, the following data is also stored:

  1. The user’s IP address
  2. Date and time of the registration

For the processing of data, your consent is obtained during the submission process, where reference is also made to this privacy policy.

Alternatively, contact via the email address provided is also possible. In this case, the user’s personal data transmitted by email will be stored.

There is no disclosure of data to third parties in this context. The data is used exclusively for processing the conversation.

2. Legal basis for data processing

The legal basis for the processing of data is the consent of the user in accordance with Art. 6 (1) letter (a) of the GDPR.

The legal basis for the processing of data transmitted by e-mail is Art. 6 (1) letter (f) of the GDPR. If the e-mail contact aims to conclude a contract, then there is additional legal basis for the processing in accordance with Art. 6 (1) letter (b) of the GDPR.

3. Purpose of data processing

The processing of personal data from the input field serves only for the purpose of processing the contact. In the case of contact via e-mail, this is also considered a necessary legitimate interest regarding the processing of data.

Other personal data processed during the transmission process serves to prevent misuse of the contact form and to ensure the security of our IT systems.

4. Duration of storage

The data will be deleted as soon as it is no longer necessary for achieving the purpose of its collection. For personal data from the input fields of the contact form and sent by e-mail, this is the case when the respective conversation with the user is concluded. The conversation is deemed to be concluded when it can be inferred from the circumstances that all issues have been definitively clarified.

The additional personal data collected during the transmission process will be deleted at the latest after a period of seven days.

5. Possibility of objection and deletion

The user has the opportunity to revoke their consent to the processing of personal data at any time. The user may object to the storage of their personal data by contacting us by email at any time. In such a circumstance, the conversation cannot be continued.

The revocation of consent to the storage of data can be rendered by contacting the responsible office in written form.

All personal data stored in the course of contact will be deleted in such an instance.

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses so-called “cookies,” text files that are stored on your computer and that allow an analysis of your use of the website. The information generated by the cookie about your use of this website is typically transferred to a Google server in the USA and stored there. However, if IP anonymization is enabled on this website, Google will truncate your IP address beforehand within member states of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide the website operator with other services related to website usage and Internet usage.

The IP address provided by your browser in the scope of Google Analytics will not be merged with other Google information.

You can prevent the storage of cookies through a corresponding setting in your browser software; however, we point out that if you choose to do so, you may not be able to use all the functions of this website in full. You may also prevent Google’s collection of the data generated by the cookie and related to your use of the website (including your IP address) as well as the processing of this data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

This website uses Google Analytics with the extension “_anonymizeIp().” As a result, IP addresses are processed in a shortened form, and thus attribution to an individual is excluded. As far as the data collected about you is personally identifiable, this is immediately excluded and the personally identifiable data immediately deleted.

We use Google Analytics to analyze and regularly improve the performance of our website. With the statistics obtained, we can improve our offer and make it more appealing for you as a user. For the exceptional cases in which personal information is transferred to the USA, Google is subjected to the EU-US Privacy Shield: https://www.privacyshield.gov/EU-US-Framework. The legal basis for the use of Google Analytics is Art. 6 (1) sentence (1) letter (f) of the GDPR.

Third party information: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. Terms of Use: https://marketingplatform.google.com/about/analytics/terms/de/, data protection overview: https://support.google.com/analytics/answer/6004245?hl=de, and also Privacy Policy: https://policies.google.com/privacy.

Integration of Google Maps

This website uses Google Maps. This allows us to show you interactive maps directly on the website and allows you to conveniently use the map feature.

When you visit the website, Google receives information that you have accessed the corresponding subpage of our website. In addition, the data mentioned in this policy are transmitted. This is done regardless of whether you are logged into a user account provided by Google, or if there is no user account. When you are logged into Google, your data will be assigned directly to your account. If you do not wish for data to be associated with your profile on Google, you must log out before engaging the button. Google stores your data as a usage profile and uses this for the purposes of advertising, market research and/or customized website appearance. Such an evaluation is carried out in particular (even for users who are not logged in) to provide appropriate advertising and to inform other users of social networks about their activities on our website. You have a right to object to the formation of these user profiles, for which purpose you must contact Google.

For more information on the purpose and scope of data collection and processing by the plug-in provider, please refer to the privacy policy of the provider. You can also find out more about your rights and privacy settings here: https://policies.google.com/privacy?hl=de. Google also processes your personal information in the USA and is subject to the EU-US Privacy Shield: https://www.privacyshield.gov/EU-US-Framework.

Integration of services and content of third parties

Within the online offer, based on our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of  Art. 6 (1) letter (f) of the GDPR), third-party content or service offers are used to provide content and services, such as videos or fonts (collectively referred to as “content”). This always presupposes that the third-party providers of this content are able to obtain the IP address of the user, since they could not transmit the content to their browser without the IP address. It is intended that this is only for the delivery of such content, and that the respective providers only use the IP address for the purposes of delivering this content. Third parties may also use so-called pixel tags (invisible graphics, also referred to as “web beacons”) for statistical or marketing purposes. These pixel tags can be used to evaluate information, such as visitor traffic, on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may include, but is not limited to, technical information about the browser and operating system, referring web pages, visit time, and other information regarding the use of our online offer.

The following presentation provides an overview of third-party providers and their content, as well as links to their data protection statements, which further clarifies their processing of data and, as already mentioned here, contain possibilities to object (so-called opt-outs):

  • External fonts from Google, LLC., https://www.google.com/fonts (“Google Fonts”). Google fonts are integrated by accessing a Google server (usually located in the USA). Data Protection Policy: https://policies.google.com/privacy?hl=de, Opt-Out: https://adssettings.google.com/authenticated.
  • Maps of the “Google Maps” service provided by the third-party provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy Policy: https://policies.google.com/privacy?hl=de, Opt-Out: https://www.google.com/settings/ads/.
  • JavaScript library “jQuery.” This library primarily enables the modern design of our websites. To increase the loading speed of our websites, we use jQuery’s CDN (Content Delivery Network) to load this library. It is likely that you have already downloaded jQuery by visiting another webpage employing jQuery CDN. If so, your browser can use the cached copy. If your browser does not have a cached copy or downloads the file from jQuery CDN for another reason, your IP address will be transmitted to StackPath LLC, jQuery.com’s CDN provider, during connection to the jQuery Server.

The developer of the jQuery JavaScript library is the jSource Foundation’s jQuery team:

https://jquery.org/team/, https://js.foundation/contact

jQuery is distributed to the JS Foundation through the StackPath CDN. The provider of CDN is StackPath LLC, 2021 McKinney Ave, Suite 1100, Dallas, TX 75201, USA. For more information about data protection at StackPath LLC, please visit: https://www.stackpath.com/privacy-statement/#Contact-Information

Rights of the data subject

If personal data pertaining to you is processed, you fall under the scope of the GDPR and are therefore afforded the following rights by the responsible party:

  1. Right of access

You may ask the responsible party to confirm if personal data concerning you is being processed.

If such processing is occurring, you can request information from the responsible party about the following:

(1) the purposes for which the personal data is processed;

(2) the categories of personal data that is processed;

(3) the recipients or the categories of recipients to whom the personal data relating to you has been or will be disclosed;

(4) the planned duration of the storage of your personal data or, if specific information is not available, criteria for determining the duration of storage;

(5) the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the responsible party, or a right to object to such processing;

(6) the existence of a right of appeal to a supervisory authority;

(7) all available information on the source of the data, in the event that the personal data has not been collected from the data subject;

(8) the existence of automated decision-making including profiling in accordance with Art. 22 (1) and (4) of the GDPR and – at least in these cases – meaningful information about the logic involved and the scope and intended impact of such processing on the data subject.

You have the right to request information about whether any personal data relating to you is transferred to a third country or an international organization. In this regard, you can request the appropriate guarantees relating to being informed of such transmission in accordance with Art. 46 of the GDPR.

2. Right to rectification

You have a right to rectification and/or completion by the responsible party if the personal data that they process is incorrect or incomplete. The responsible party must make the correction without delay.

3. Right to restriction of processing

You may request a restriction of processing of your personal data under the following conditions:

(1) if you contest the accuracy of your personal information, allowing a period of time that enables the responsible party to verify the accuracy of your personal information;

(2) if the processing is unlawful and you refuse the deletion of the personal data and instead demand the restriction of use of the personal data;

(3) if the responsible party no longer requires the personal data for the purposes of processing, but they are needed to assert, exercise or defend legal claims; or

(4) if you have objected to the processing pursuant to Art. 21 (1) of the GDPR and it is not yet certain whether the legitimate reasons of the responsible party prevail over your reasons.

If the processing of personal data concerning you has been restricted, this data may only be used with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of important public interest to the Union or a Member State.

If processing is restricted in accordance with the above-mentioned conditions, you will be informed by the responsible party prior to any such restriction being lifted.

4. Right to deletion

a) Deletion obligations

You may request that the responsible party delete your personal information without delay, and they are required to delete that information immediately if one of the following is true:

(1) Your personal data is no longer necessary for the purposes for which it was collected or otherwise processed.

(2) You revoke your consent to processing in accordance with Art. 6 (1) letter a or Art. 9 (2) letter (a) of the GDPR and there is no other legal basis for processing.

(3) You object to processing and there are no prior justifiable reason for processing in accordance with Art. 21 (1) of the GDPR, or you submit an objection to processing in accordance with Art. 21 (2) of the GDPR.

(4) Your personal data has been processed unlawfully.

(5) The deletion of personal data concerning you is required to fulfill a legal obligation under Union law or the law of the Member States to which the responsible party is subject.

(6)   The personal data relating to you was collected in relation to information society services offered pursuant to Art. 8 (1) of the GDPR.

b) Information to third parties

If the responsible party has made personal data relating to you public and this is in accordance with Art. 17 (1) of the GDPR, it shall take appropriate measures, including technical means, to inform data controllers who process the personal data, taking into account available technology and implementation costs, that you, the data subject, have requested that they delete any links to such personal information or copies or replications thereof.

c) Exceptions

The right to erasure does not exist if processing is necessary

(1) to exercise the right to freedom of expression and information;

(2) for fulfilling a legal obligation which requires processing under the law of the Union or of the Member States to which the controller is subject, or for performing a task which is in the public interest or in exercising an official authority delegated to the responsible party;

(3) for reasons of public interest in the field of public health in accordance with Art. 9 (2) letters (h) and (i) and also Art. 9 (3) of the GDPR;

(4) for archival purposes, scientific or historical research purposes or for statistical purposes deemed in the public interest in accordance with Art. 89 (1) of the GDPR, to the extent that the law referred to in a) is likely to render impossible or seriously affect the achievement of the objectives of that processing, or

(5) to assert, exercise or defend legal claims.

5. Right to information

If you have asserted your right of rectification, erasure or restriction of processing, the responsible party is obliged to notify all recipients that the personal data relating to you has been corrected or deleted or that processing has been restricted, unless this proves impossible or involves a disproportionate effort.

You have the right to be informed about these recipients.

6. Right to data portability

You have the right to receive personally identifiable information you have provided to the responsible party in a structured, accessible and machine-readable format. You also have the right to transfer this data to another person without hindrance from the responsible party for providing the personal data, provided that

(1) the processing is consensual in accordance with Art. 6 (1) letter (a) of the GDPR or Art. 9 (2) letter (a) of the GDPR or based on a contract in accordance with Art. 6 (1) letter (b) of the GDPR and

(2) the processing is performed by automated means.

In exercising this right, you also have the right to the guarantee that personal data relating to you be transmitted directly from one controller to another controller, as far as technically feasible. Freedoms and rights of other persons may not be affected.

The right to data portability does not apply to the processing of personal data necessary for the performance of a task in the public interest or to the exercise of an official authority delegated to the responsible party.

7. Right of revocation

You have the right at any time, for reasons that arise from your particular situation, to oppose the processing of your personal data, which occurs pursuant to Art. 6 (1) letters (e) or (f) of the GDPR; this also applies to profiling based on these provisions.

The responsible party will no longer process the personal data concerning you unless they are able to demonstrate compelling legitimate grounds for processing that outweigh your personal interests, rights and freedoms, or that the processing is for the purposes of asserting, exercising or defending legal claims.

If the personal data relating to you is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct mail.

If you object to processing for direct marketing purposes, your personal data will no longer be processed for such purposes.

Regardless of Directive 2002/58/EC, in connection with the use of information society services you have the right to exercise your right to object through automated procedures that employ technical specifications.

8. Right to revoke the data protection declaration of consent

You have the right to revoke your declaration of consent to the data protection policy at any time. The revocation of consent does not affect the legality of processing carried out on the basis of consent prior to revocation.

9. Automated decision on a case-by-case basis, including profiling

You have the right not to be subjected to a decision based solely on automated processing – including profiling – that could give rise to legal or similar effects. This does not apply if the decision

(1) is required for the conclusion or performance of a contract between you and the responsible party,

(2) is permitted under Union or Member State legislation to which the responsible party is subject, and where such legislation contains appropriate measures to safeguard your rights and freedoms and your legitimate interests, or

(3) takes place with your explicit consent.

However, these decisions must not be based on special categories of personal data according to Art. 9 (1) of the GDPR, unless Art. 9 (2) letters (a) or (g) of the GDPR apply, and reasonable measures have been taken to protect rights and freedoms, as well as your legitimate interests.

With regard to the cases mentioned in (1) and (3), the responsible party shall take appropriate measures to uphold the rights and freedoms and their legitimate interests, including at least the right to obtain the intervention of a person by the responsible party, to express their own position, and the right to challenge any such decision.

10. Right to complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy, you shall have the right to complain to a supervisory authority, in particular in the Member State of your place of residence, employment or occurrence of the alleged infringement, if you believe that the processing of the personal data concerning you is in violation of the GDPR.

The supervisory authority to which the complaint has been submitted shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy pursuant to Art.78 of the GDPR.

11. Asserting your rights before the responsible party

You may exercise your rights at any time in writing, by email or by telephone. Please contact the above-named responsible party.

12. Changes to our Privacy Policy

In order to ensure that our Privacy Policy always complies with current legal requirements, we reserve the right to make changes at any time. This also applies in the event that the Privacy Policy has to be adapted due to the provision of, for example, new or revised services. The updated Privacy Policy will then take effect as of your next visit to our offer.

Cookie Settings

We use cookies to provide an optimal website experience. This includes cookies that are necessary for the operation of the site and statistics cookies. You decide which categories you want to allow. Please note that based on your settings, not all functionalities may be available. Further information: Privacy policy & Imprint.