Thank you for visiting our website. We would like to inform you below about the processing of your personal data on our website.
Erwin Hymer Group Services GmbH
Holzstraße 15, 88339 Bad Waldsee
Germany
Contact:
Phone: +49 (0) 7524 999 0
E-Mail: EHGS-info@erwinhymergroup.com
DDSK GmbH
Dr.-Klein-Str. 29, 88069 Tettnang
Germany
Contact:
Phone: +49 (0) 7542 949 21 00
E-Mail: datenschutz@erwinhymergroup.comn
The technical terms used in this privacy policy are to be understood as legally defined in Art. 4 GDPR.
The terms ‘user’ and ‘website visitor’ are used synonymously in our privacy policy.
Recipients of data are named in our privacy policy under the respective category/heading.
The categories of data subjects are website visitors and other users of online services.
Our website can be visited without the user actively providing any personal details. However, we automatically store access data (server log files) such as the name of the Internet service provider, the operating system used, the website from which the user visits us, the date and duration of the visit or the name of the requested file, as well as the IP address of the end device used for a period of 7 days for security reasons, e.g. to recognise attacks on our website. This data is not merged with other data sources. We process and use the data for the following purposes: provision of the website, prevention and detection of errors/malfunctions, and misuse of the website.
Data categories: Meta and communication data (e.g. IP address, date and time of access, time, type of HTTP request, website from which access is made (referrer URL), browser used and, if applicable, operating system of the accessing computer (user agent))
Purpose of the processing: Prevention and detection of errors/malfunctions, detection of misuse of the website
Legal basis: Legitimate interest pursuant to Art. 6 para. 1 lit. f) GDPR
Legitimate interests: Fraud prevention to detect misuse of the website
In order to enable the use of the basic functions on our website and to provide the service requested by the user, we use so-called cookies on our website. Cookies are a standard internet technology for storing and retrieving information for website users. Cookies represent information and/or data that can be stored on the user's end device, for example. With classic cookie technology, the user's browser is instructed to store certain information on the user's end device when a specific website is accessed.
Strictly necessary cookies are used to provide a digital service expressly requested by the user, e.g:
- Cookies for error analysis and security purposes
- Cookies for storing logins
- Cookies for storing data in online forms if the form extends over several pages
- Cookies for saving (language) settings
- Cookies for storing items placed in the shopping basket by users in order to complete the purchase
- Cookies for storing consent or revocation (opt-in, opt-out)
Some of the cookies used (so-called session cookies) are deleted after the end of the browser session, i.e. after closing the browser.
Cookies can be subsequently deleted by users in order to remove data that the website has stored on the user's computer.
The data processing described above may also relate to information that is not personal but constitutes information within the meaning of the TDDDG. Also in these cases, it may be that this information is necessary for the use of an expressly requested service and for this reason is stored in accordance with § 25 TDDDG.
Opt-Out: Firefox:
https://support.mozilla.org/de/kb/wie-verhindere-ich-dass-websites-mich-verfolgen
Google Chrome:
https://support.google.com/chrome/answer/95647?hl=de
Microsoft Edge:
Opera:
https://help.opera.com/en/latest/security-and-privacy/
Safari
https://support.apple.com/de-de/HT201265
Legal basis: Legitimate interests (Art. 6 para. 1 lit. f) GDPR in conjunction with § 25 para. 2 no. 2 TDDDG), consent (Art. 6 para. 1 lit. a) GDPR in conjunction with § 25 para. 1 TDDDG)
Legitimate interests: Storage of opt-in preferences, ensuring the functionality of the website, maintaining user status across the entire website
Beyond the required scope, user data may be processed by means of cookies, similar technologies or application-related technologies, e.g. for the purpose of (cross-website) tracking or personalised advertising, etc. This may involve the transfer of data to third-party providers. Data may be transferred to third-party providers. The storage and further processing of user data that is not absolutely necessary to provide the digital service is then carried out on the basis of consent within the meaning of Art. 6 para. 1 lit. a) GDPR (if applicable in conjunction with § 25 para. 2 no. 1 TDDDG).
We use a consent management procedure on our website in order to be able to store and manage the consent given by website visitors in a verifiable manner in accordance with data protection requirements.
The consent management platform we use helps us to recognise all cookies and tracking technologies and manage them on the basis of consent status. At the same time, visitors to our website can use the consent management service we have integrated to manage the consents and preferences given (optional setting of cookies and other technologies that are not required) or revoke consent at any time using the button.
The status of the consent is stored on the server and/or in a cookie (so-called opt-in cookie) or a comparable technology in order to be able to assign the consent to a user or their device. The time of the declaration of consent is also recorded.
Data categories: Consent data (consent ID and number, time consent was given, opt-in or opt-out), meta and communication data (e.g. device information, IP addresses)
Purposes of processing: Fulfilment of accountability, consent management
Legal basis: Legal obligation (Art. 6 para. 1 lit. c) GDPR in conjunction with Art. 7 GDPR)
Recipient: Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark
Third country transfer: Does not take place.
Privacy policy: https://www.cookiebot.com/de/privacy-policy/
Our website is hosted within our group of companies. Data of visitors to our website, in particular so-called log files, are stored on the servers. The hosting provider we use does not process the data for its own purposes.
Categories Data: User data (e.g. websites visited, interest in content, access times), meta and communication data (e.g. device information, IP addresses)
Purposes of processing: Proper presentation and optimisation of the website, faster and location-independent accessibility of the website.
Legal basis: Legitimate interests (Art. 6 para. 1 lit. f) GDPR)
Legitimate interests: Avoidance of downtimes, high scalability, reduction of the bounce rate on the website
Receiver: Erwin Hymer Group SE,
Legal basis: Legitimate interests (Art. 6 para. 1 lit. f) GDPR)
Third country transfer: Does not take place.
Privacy policy: : https://www.erwinhymergroup.com/de/footer/datenschutz
We use procedures on our website to analyse user behaviour and measure reach. For this purpose, information about the behaviour, interests or demographic information of visitors is collected in order to determine whether and where our website needs to be optimised or adapted (e.g. forms on the website, improved placement of buttons or call-to-action buttons, etc.).
We can also measure the click and scroll behaviour of website visitors. Among other things, this helps us to recognise at what time our website, its functions or content are most heavily frequented.
The collection of this data is made possible by the use of certain technologies (e.g. cookies). These are stored on users' end devices as part of client-side tracking when they visit our website.
We take precautions to protect the identity of our website visitors. We do not process any clear data of website visitors for the purposes described.
Website visitors are assigned an ID (identification code) when they visit the website so that they can be recognised when they return. The IDs and associated information are stored in user profiles. In addition, the IP addresses of website visitors are anonymised and the storage duration of cookies is reduced.
Categories Data: Usage data (e.g. websites visited, interest in content, access times), demographic characteristics (age, gender), meta and communication data (e.g. device information, anonymised IP addresses, location data), contact data (e.g. email address), content data (e.g. text details)
Purposes of the processing: Checking the status of target achievement (success control) of all online activities: Analysis of user behaviour on the website (website interaction) for web optimisation and reach measurement, checking the utilisation of the website, lead evaluation, sales increase, budget control
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Recipient: Hotjar Ltd., Level 2, St. Julians Business Centre, 3 Elia Zammit Street, St. Julians STJ 1000, Malta
Opt-Out-Link: https://www.hotjar.com/legal/compliance/opt-out
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Third country transfer: Does not take place.
Privacy policy: https://www.hotjar.com/legal/policies/privacy
We use search engine marketing methods. Search engine marketing includes all measures that are suitable for improving the visibility of our website in the organic or non-organic search results of search engines, increasing our reach and thus increasing traffic (visitor traffic) to our website. We can also use search engine marketing to generate new leads. The search engine provider sells us advertising space on the search engine results page or on the websites of the search engine provider's partners.
The adverts can therefore be placed on various external platforms or websites. The adverts are displayed to users in the form of text, display or video ads.
Using our tracking tool, we first create a campaign for search engine advertising and store various dimensions there that are to be recorded by the search engine provider selected by us, e.g. user location, device information and target groups (demographic characteristics). This enables us to gain further insights into the interests in our content/products and, if necessary, to recognise trends.
The process is implemented using a cookie or similar technology. When a visitor visits our website or searches for a specific keyword within the search engine used (e.g. Google), a cookie or similar technology is set on the website visitor's end device. This data may include, for example, user locations and device information, which is transmitted to the search engine provider's server. The search engine provider aggregates this data and makes it available to us automatically in the form of a statistical analysis via a dashboard in our account with the search engine provider.
The statistics provide us with information about which of our adverts were clicked on, how often and at what prices, and whether our marketing measures led to a so-called event (e.g. downloading a PDF or playing a video) or a conversion (e.g. purchase of a product or registration on our website). The evaluation serves to analyse the success of our online activities. Because every click on an advert incurs costs for us, these clicks on external platforms and websites are recorded using our tracking tool. The recording is used to monitor the budget and success. We cannot identify individual users on the basis of this information.
Note:
Website visitor data (e.g. name and email address) can be directly assigned if they are logged into their account with the search engine provider. If assignment via the profile is not desired, the website visitor must log out of the search engine provider before visiting our website.
Categories Data: User and interaction data (e.g. websites visited, interest in content, access times), meta and communication data (e.g. device information, anonymised IP addresses), location data if applicable, contact data (e.g. email addresses)
Purposes of the processing: Increase in sales and reach, conversion measurement, target group formation, identification of trends for the development of marketing strategies
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Recipient:: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland
Third country transfer: Based on the adequacy decision of the European Commission
Privacy policy: https://policies.google.com/privacy?hl=en-US
Recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland
Third country transfer: Based on the Adequacy decision of the European Commission
Privacy policy: https://policies.google.com/privacy?hl=en-US
Recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland
Third country transfer: Based on the Adequacy decision of the European Commission
Privacy policy: https://policies.google.com/privacy?hl=en-US
We maintain a company profile on social networks in order to increase our visibility among potential customers and interested parties and to make our company visible to the public.
Social networks help us to increase our reach and actively promote interaction and communication with users. Activity and communication on social media plays an important role in attracting new customers and employees. Social media and the website can be used to share relevant information about our company, publicise events and communicate important short-term announcements and job vacancies. They also help us to get in touch with users quickly and easily.
Social media platform operators create so-called user profiles based on the usage behaviour of users, for example the indication of interests (likes, shares). These are used to adapt adverts to the interests of target groups. When users are active on social media channels, cookies or other technologies are regularly stored on users' end devices, in some cases regardless of whether they are registered users of the social network.
Insights (Statistics)
The data analysed by the social media platform operators is provided to us in the form of anonymised statistics, which means that it no longer contains any personal user data. We can use the statistics to recognise, for example, how often and at what time our social media profile was visited. It is currently not possible for fan page operators to switch off this function. We therefore have no influence on the extent to which data is processed by social media platforms.
Social Media Messenger
In connection with the use of social media, we may use the associated messengers to communicate easily with users. The security of individual services may depend on the user's account settings. Even in the case of end-to-end encryption, the social media platform operator can draw conclusions about the fact that and when users communicate with us. Location data can also be recorded.
Depending on where the social network is operated, user data may be processed outside the European Union or outside the European Economic Area. This may result in risks for users because it makes it more difficult to enforce their rights.
Data categories: User names (e.g. surname, first name), contact data (e.g. e-mail address), content data (e.g. text details, photographs, videos), usage and interaction data (e.g. websites visited, interests, likes, shares, access times), meta and communication data (e.g. device information, IP address, location data if applicable)
Purposes of the processing: Increasing reach, raising awareness, fast networking
Legal basis: Legitimate interests (Art. 6 para. 1 lit. f) GDPR), consent (Art. 6 para. 1 lit. a) GDPR)
Legitimate interests: Interaction and communication on social media presence, profit increase, insights into target groups
Receipient: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Irland
Opt-Out-Link: https://www.instagram.com/accounts/login/?next=/accounts/privacy_and_security/
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Third country transfer: Based on the Adequacy decision of the European Commission
Privacy policy: https://help.instagram.com/155833707900388
Recipient: Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Irland
Opt-Out-Link: https://www.facebook.com/policies/cookies/
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Third country transfer: Based on the Adequacy decision of the European Commission
Privacy policy: https://de-de.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=1
Recipient: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Third country transfer: Based on the Adequacy decision of the European Commission
Privacy policy: https://policies.google.com/privacy?hl=de&gl=de
Our website includes functions and elements that are obtained from third-party providers. These are, for example, videos, visualisations, buttons, map services (maps) or contributions (hereinafter referred to as content ). If this third-party content is accessed by website visitors (e.g. click, play, etc.), information and data are collected and linked to the website visitor's end device in the form of cookies or other technologies (e.g. pixels, Java Script commands or web assembly) and transmitted to the server of the third-party provider used. The third-party provider thereby receives usage and interaction data from the website visitor and makes this available to us in the form of statistics via a dashboard. The statistics we receive do not contain any clear user data.
It is not possible to load and display this third-party content without this processing operation.
In order to protect the personal data of website visitors, we have taken protective measures to prevent the automatic transmission of this data to the third-party provider. This data is only transmitted when users actively use the buttons and click on the third-party content.
Data categories: Usage data (e.g. websites visited, interests, access time), meta and communication data (e.g. device information, IP address)
Purposes of processing: Sharing posts and content, interest- and behaviour-based marketing, evaluation of statistics, cross-device tracking, increasing reach in social media
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR)
Recipient: Vimeo Inc., 555 West 18th Street New York, New York 10011, USA
Third country transfer: Based on the Adequacy decision of the European Commission
Privacy policy: https://vimeo.com/privacy
We offer website visitors the opportunity to contact us directly or to obtain information via various contact options. In order to have an overview of contacts made with us, we use our CRM system to process corresponding enquiries.
If you contact us, we process the data of the person making the enquiry to the extent necessary to answer or process the enquiry. The data processed may vary depending on how we are contacted..
Data categories: Master data (e.g. name, address), contact data (e.g. email address, telephone number), content data (e.g. text entries, photographs, videos), usage data (e.g. interests, access times), meta and communication data (e.g. device information, IP address).
Purposes of the processing: Processing of enquiries
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR), fulfilment or initiation of a contract (Art. 6 para. 1 lit. b) GDPR)
Recipient: Salesforce.com, Inc., Salesforce Tower, 415 Mission Street, 3rd Floor, San Francisco, CA 94105, USA
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR), fulfilment or initiation of a contract (Art. 6 para. 1 lit. b) GDPR)
Privacy policy: https://www.salesforce.com/de/company/privacy/
Recipient: Zendesk, Inc., 989 Market Street #300, San Francisco, CA 94102, USA
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR), fulfilment or initiation of a contract (Art. 6 para. 1 lit. b) GDPR)
Privacy policy: https://www.zendesk.de/company/customers-partners/privacy-policy/
We transfer the personal data of website visitors for internal purposes (e.g. for internal administration or to the HR department in order to fulfil legal or contractual obligations). The internal data transfer or disclosure of data takes place to the extent necessary in compliance with the relevant data protection regulations.
It may be necessary for us to disclose personal data for the performance of contracts or to fulfil a legal obligation. If we are not provided with the data required in this respect, it may not be possible to conclude the contract with the data subject.
If your data is processed outside the EU/EEA, in so-called third countries (e.g. USA), we ensure that this is done in accordance with the requirements of Art. 44 et seq. GDPR. We take additional measures to ensure the highest possible level of protection for the personal data of data subjects. The guarantee applicable to the transfer to third countries is specified in our privacy policy for the respective recipients.
Legal basis: Legitimate interests (Art. 6 para. 1 lit. f) GDPR)
Legitimate interests: So-called small group privilege, centralised management and administration within the company to exploit synergy effects, save costs, increase effectiveness
Recipient: https://www.erwinhymergroup.com/de/unternehmen/standorte
Recipients used may act for us as so-called processors. We have concluded so-called ‘order processing contracts’ with them in accordance with Art. 28 para. 3 GDPR. This means that the processors may only process your personal data in a way that we have explicitly instructed them to do so. Processors take appropriate technical and organisational measures to process your data securely and in accordance with our instructions.
We store the data of visitors for as long as this is necessary for the provision of our services or if this has been provided for by the European legislator or another legislator in laws or regulations to which we are subject. In all other cases, we delete the personal data after the purpose has been fulfilled, with the exception of data that we must continue to store in order to fulfil legal obligations (e.g. we are obliged to retain documents such as contracts and invoices for a certain period of time due to retention periods under tax and commercial law).
We do not use automated decision-making or profiling in accordance with Art. 22 GDPR.
The relevant legal bases are primarily derived from the GDPR. These are supplemented by national laws of the member states and may be applicable together with or in addition to the GDPR.
Consent: Art. 6 para. 1 lit. a) GDPR serves as the legal basis for processing operations for which we have obtained consent for a specific processing purpose.
Fulfilment of contract: Art. 6 para. 1 lit. b) GDPR serves as the legal basis for processing operations necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
Legal obligation: Art. 6 para. 1 lit. c) GDPR serves as the legal basis for processing operations that are necessary to fulfil a legal obligation.
Vital interests: Art. 6 para. 1 lit. d) GDPR serves as the legal basis if the processing is necessary to protect the vital interests of the data subject or another natural person.
Public interest: Art. 6 para. 1 lit. e) GDPR serves as the legal basis for processing operations necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Legitimate interest: Article 6(1)(f) GDPR serves as the legal basis for processing that is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
Right to information: Pursuant to Art. 15 GDPR, data subjects have the right to request confirmation as to whether we are processing data concerning them. They can request information about this data as well as the further information listed in Art. 15 para. 1 GDPR and a copy of their data.
Right to rectification: Pursuant to Art. 16 GDPR, data subjects have the right to request the rectification or completion of data concerning them and processed by us.
Right to erasure: Data subjects have the right under Art. 17 GDPR to demand the immediate erasure of data concerning them. Alternatively, they can request that we restrict the processing of their data in accordance with Art. 18 GDPR.
Right to data portability: Pursuant to Art. 20 GDPR, data subjects have the right to request the provision of the data they have provided to us and to request that it be transferred to another controller.
Right of complaint: Data subjects also have the right to lodge a complaint with the supervisory authority responsible for them in accordance with Art. 77 GDPR.
Right to object: If personal data is processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR, data subjects have the right to object to the processing of their personal data in accordance with Art. 21 GDPR if there are reasons for this arising from their particular situation or if the objection is directed against direct advertising. In the latter case, data subjects have a general right to object, which is implemented by us without specifying a particular situation.
Some data processing operations are only possible with the express consent of the data subject. You have the option to revoke any consent you have already given at any time without giving reasons. All you need to do is send an informal email to: datenschutz@erwinhymergroup.com. The legality of the data processing carried out until the revocation remains unaffected by the revocation.
Our website contains links to the online offers of other providers. We would like to point out that we have no influence on the content of the linked websites and the compliance with data protection regulations by their providers.
We reserve the right to adapt the data protection information on our website at any time in the event of changes and in compliance with the applicable data protection regulations so that it complies with data protection requirements..
This privacy policy was created by
DDSK GmbH