Data Privacy

Welcome to our website!

General Information

We value your privacy and are committed to protecting your personal data. With the following information (in accordance with Articles 13 and 14 of the General Data Protection Regulation) we give you a simple overview of what kind of data is collected, what happens to your personal data and explain your rights with regard to your personal data.

As a precaution, we would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) may have security gaps. A complete protection of the data against access by third parties is not possible.

What does personal data mean?
Personal data is information that can be used on its own or with other information to identify an individual. These include e.g. name, address, phone number, license plate number, date of birth or the IP address.
With this privacy policy information we explain what data we collect, how we collect it and for what purpose your data is used.

Responsible according to the GDPR is:
Steenbuck AUTOMOBILES GmbH
Reinhard Sachse
Hainholzweg 1
D-21376 Gödenstorf-Lübberstedt
+49 (0) 4175 – 80 20 20
info@steenbuck-automobiles.de

Data collection on our website

Basically you can visit our website without providing your personal data. Other data that your browser transmits (so-called server log files) is automatically saved by the website provider when you visit the website. This data may include:

• IP address
• Time and date of your visit
• Time zone deviation from Greenwich MeanTime (GMT)
• Operating system
• Operating system version
• Browser type
• Browser language
• Geographic location
• Device information

This data is not combined with other data sources.

This data collection is based on Art. 6, Para. 1, Pt. f, GDPR. As a website operator, we have a legitimate interest in a technically flawless presentation and optimization of our website. For security reasons (e.g. to investigate misuse or fraud), the log file information is stored for a maximum of 7 days before it is deleted. If the further storage of data is necessary for evidence purposes, the deletion is excluded until the respective incident has been finally clarified. We have established a contractual agreement with the website provider regarding order processing as required by the GDPR.

Cookies
Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your web browser (if you allow) that enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information. Cookies do not harm your computer and do not contain viruses. We only use technically necessary cookies on our website, which are automatically deleted as soon as you close your browser (session cookies).>

SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http: //” to “https: //” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.

Contact form
If you send us inquiries using the contact form, the data provided within the form will be stored by us for the purpose of processing the request and in case of follow-up questions. We do not pass on this data without your consent. The processing of the data entered in the contact form is based on our legitimate interest (Art. 6, Para. 1, Pt. f, GDPR) or to fulfill pre-contractual measures (Art. 6, Para. 1, Pt. b, GDPR). We will store this data until you request deletion, revoke your consent to storage, or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.

Newsletter
We offer the opportunity to register for our newsletter on our website. For this we use the mailing service MailPoet provided by Wysija SARL, 6 Rue Dieudé 13006, Marseille, France. Mailpoet helps us to analyze our newsletter campaigns. E.g. we can see whether a newsletter message has been opened and which links have been clicked and we can determine which links were clicked particularly often. The data used for this purpose (email address, IP address) will not be passed on to third parties. For more details please visit the MailPoet privacy notice.
We use the so-called “double opt-in procedure” for the registration process: You register for our free newsletter by entering your email address. You will then receive an email from us with a confirmation link. You will only be activated for receiving the newsletter after clicking on this link. This procedure ensures that nobody registers you for our newsletter without authorization. Every newsletter contains an opt-out link with which you can easily unsubscribe from the newsletter at any time. After unsubscribing, we will delete your email address.

Plugins, tools and social media

1. YouTube videos
We use videos on our website to show you our vehicles in action. These videos are hosted on our own server. This ensures that there is no data transfer to third parties and no connection to Google servers is established.

2. trackboxx
On our website we use the web analysis service trackboxx provided by trackboxx, Dorfstr. 12, D-22956 Grönwohld. The tool enables us to statistically evaluate visitor access and to analyze the use of our website anonymously. The data is anonymized and stored on a server in Germany for the stated purpose and is subject to the provisions of the GDPR.
We do not use any cookies or store personal data for the analysis. Instead your IP address is used to generate a code, which is then assigned to an anonymous user ID as long as you are on our website. This data cannot be assigned to a specific individual and is encrypted with a code that changes daily. It is therefore not possible to “recognize” you when you visit our website again. Cross-page tracking, linking of the data with other sources or transfer of information to third parties does not take place. The legal basis for processing is Art. 6, Para. 1, Pt. f, GDPR. Our legitimate interest lies in the needs-based design and optimization of our website. If you still want to prevent your page visit from being included in the evaluation, you can control this at any time by activating the “Do-Not-Track-function” in your browser. You can find information on how this works with the most common browser types under the following links:
Internet Explorer 11
Mozilla Firefox
Google Chrome
For more details visit the trackboxx privacy policy site.

3. Social media platforms
We offer you the opportunity of visiting our presences on Facebook, Instagram, Twitter and Pinterest by following the respective link. We integrated graphic buttons, under which a link to the respective network is stored. This prevents establishing a connection to the respective server of the social network automatically just by visiting our website. After you click on the graphic and thus follow the associated link you will be forwarded to the service of the respective social network, only then your information will be registered by the respective network. If you operate a user account with the respective service and want to prevent the information collected from being associated with your user account, you must log out of the respective service before clicking the graphic button. It is also possible to configure the respective user account accordingly. If you visit the platforms, a transmission of your data to a server in the USA cannot be ruled out. We would therefore like to point out that the USA – according to current case law of the ECJ – is considered a country with a lower level of data protection standards than the countries of the European Union.

3a. Facebook
Facebook is an internet-based social network operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland. More information about the data processing activities, prevention thereof and the deletion of the data processed by Facebook can be found in Facebook´s data policy.

3b. Instagram
Instagram is an internet-based social network operated by the operating company Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland, for sharing photos and videos. For more details please visit the Instagram privacy policy site.

3c. Twitter
Twitter is an internet-based social network and short message service provided by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. For more details please visit the Twitter privacy policy site.

3d. Pinterest
Pinterest is an internet-based social network of Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland. For more details please visit the Pinterest privacy policy information.

How your personal data is used.

Processing of inquiries
If you contact us by e-mail, contact form, telephone, by post or fax, your request, including all personal data derived from it (e.g. name, telephone number, e-mail address) will be stored and processed for the purpose of processing your request. We do not pass on this data without your consent. The data transmitted by you will be deleted after processing your request or processing will be restricted (Art. 17 and 18, GDPR), provided that the deletion does not conflict with any statutory retention requirements (e.g. when the contract is subsequently concluded). If your personal data is no longer required for any legitimate reason to be retained, we will delete, securely destroy or erase it.

Contract processing
The data transmitted by you to use our goods and services (e.g. name, telephone number, e-mail address, bank details) is subject to the statutory retention periods and will be deleted once they expire.

Purposes of processing

• Processing inquiries and preparing offers
• Mediation of sales contracts
• Provision of contractual services and service
• Order and order processing
• Information about products, services and events
• Sending congratulations (holidays, birthdays, anniversaries)

If you do not want us to send you congratulations on public holidays, birthdays or anniversaries, please let us know.

Legal bases
Your data is processed on the basis of the General Data Protection Regulation (GDPR) and the national regulations of the Federal Data Protection Act. The following legal bases of the GDPR are relevant for us:
Art. 6, Para. 1, Pt. b
To fulfill a contract or to carry out pre-contractual measures.
Art. 6, Para. 1, Pt. c
To fulfill a legal obligation.
Art. 6, Para. 1, Pt. f
To protect our legitimate interests. We have a legitimate interest in offering our goods and services and in offering you the best possible service.

Data transfer to third parties or processors
If we pass on data to other persons or companies as part of our processing, this is only done on the basis of a legal obligation (e.g. to fulfill a contract), with your consent or on the basis of legitimate interests (e.g. suppliers, subcontractors, tax advisors, experts).

What are your rights in respect of your data?

You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge.
You also have the right to request the rectification of inaccurate personal data, blocking or deletion of your data and – under certain circumstances – the restriction of the processing of your personal data. This might e.g. be the case if you dispute the accuracy of your stored personal data. For the time required to review your complaint, you have the right to request that the processing of your personal data be restricted.
In addition, you have the right to receive your personal data we process automatically based on your consent or in fulfillment of a contract in a structured, commonly used and machine-readable format. If you request to have your personal data transmitted directly to another controller, this will only be done where technically feasible (right to data portability).
Withdrawal of your consent to data processing
Many data processing operations are only possible with your expressed consent. You can revoke your consent at any time. All you need to do is send us an informal email. The legality of the data processing carried out before the revocation remains unaffected by the revocation.

Right to object (Art. 21, GDPR)
If the data processing is based on Art. 6, Para. 1, Pt. f, GDPR, you have the right to object to the processing of your personal data at any time on grounds relating to your particular situation. Circumstances such as illness, other strokes of fate, a particularly high level of confidentiality and/or protection interests of people with a high protection classification are taken into account. If you file an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing is required for the establishment, exercise or defence of legal claims.
In particular, an objection to data processing for the purpose of direct marketing is permitted. If you object, your personal data will no longer be used for direct marketing purposes.

Automated individual decision-making, including profiling
As a responsible company, we do not use automatic decision-making or profiling.

Right to lodge a complaint with a supervisory authority
In the event of violations of the GDPR, you have the right to lodge a complaint with a supervisory authority. The right is without prejudice to other administrative or judicial remedies. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

We are here for you.

Do you have any further questions about your rights as a data subject or other issues relating to data protection? Please don’t hesitate to contact us at info@steenbuck-automobiles.de.