We, HOERBIGER Automotive Komfortsysteme GmbH, are responsible for the collection, processing and storage of your data. Details about us can be found at any time in our imprint: xetto.com/en/impressum >.
The careful handling of your personal data is our highest priority. During processing, we comply with the statutory provisions, e.g. the German Data Protection Ordinance (DSGVO) and the associated national provisions.
This data protection declaration applies to the websites of our company that can be accessed under our domain (www.xetto.com). If you change to websites of other operators within the scope of our offer, there are valid own data protection regulations, for whose contents the respective operators of these websites are responsible.
Since we would like to give you a comprehensive overview of the processing of personal data in our group of companies, you will find below an overview of all our services in the context of which we collect and process personal data.
If separate or additional conditions apply to individual services or if we ask you for your consent, we will inform you separately before using the respective service (e.g. for newsletter subscription or when contacting us for a free test).
In addition, we take various security measures to protect your personal data. For example, the transmission between your web browser and our servers is always transport encrypted; in addition, we maintain a variety of technical and organizational measures to always protect your data.
In principle, you can use our website without disclosing your identity. If you would like to subscribe to our newsletter or get in touch with us, we will ask you for your name and other personal information. It is up to you to decide whether you want to enter this (extended) data or not. Data which we absolutely need from you in order to provide our services are marked as such.
Your personal data is collected and processed for the following purposes on the basis of the following legal bases:
Ensuring the proper operation of a data processing system pursuant to Art. 6 para. 1 lit. c) and f) DSGVO
We collect different categories of personal data from you. Personal information is any information relating to an identified or identifiable individual; an identifiable individual is one who can be identified directly or indirectly, particularly by association with an identifier such as a name. Personal data includes, for example, information such as your name, address and telephone number. Statistical information that cannot be directly or indirectly associated with you - such as the popularity of individual web pages on our site or the number of users of a page - is not personal data. There are direct and indirect data collected. In both cases, data is only collected to the extent necessary; the data is processed exclusively for the purposes mentioned under point 2. It is up to you to decide whether you wish to send us data that optimises the use of our services for you, but is not necessary for this. Corresponding data fields are marked as 'voluntary'.
The directly collected data includes:
In addition, data about you is collected indirectly when you use our services:
Our website is not intended for minors and we do not knowingly collect personally identifiable information from minors.
If persons under the age of 16 transmit personal data to us, this is only permitted if the parent or guardian has consented or the consent of the young person. In accordance with Art. 8 Para. 2 DSGVO, the contact data of the legal guardian must be communicated to us in order to convince us of the consent or consent of the legal guardian. This data and the data of the minor will then be processed in accordance with this data protection declaration.
If we discover that a minor under the age of 16 has sent personal data to us without the parent or legal guardian's consent or the consent of the minor, we will delete the data immediately.
Access to your personal data stored by us is limited to our employees and the service providers commissioned by us, who have to deal with this personal data due to their tasks.
If third parties gain access to your data, we have obtained your permission or there is a legal basis for this.
We also use service providers to provide services and process your data (e.g. for hosting, sending newsletters, sending letters or e-mails, maintaining and analysing databases, securing our web servers or website tracking). To the extent that these special provisions apply, we have listed them below under the respective service for you. The service providers process the data exclusively on our instructions and are obliged to comply with the applicable data protection regulations. All contract processors have been carefully selected and will only have access to your data to the extent and for the period required that is necessary for the provision of the services or to the extent to which you have consented to the processing and use of the data.
b) Data exchange within the group of companies
An exchange of data within the group of companies to which we belong takes place exclusively within the EU/EEA and serves only internal administrative purposes. By group of companies we mean affiliated companies in the sense of Art. 4 No. 19 DSGVO.
c) Transfer to third countries and legal basis
The servers of some of the service providers we use are located in the USA and other countries outside the European Union. Companies in these countries are subject to a data protection law that does not generally protect personal data to the same extent as is the case in the member states of the European Union. If your data is processed in a country which does not have a recognised high level of data protection such as the European Union, we ensure that your personal data is adequately protected by means of contractual regulations or other recognised instruments. We expressly point this out to you again within the scope of the individual services.
If personal data is transferred to third countries, this is done on the basis of the EU Commission's adequacy decision on the EU-U.S. Privacy Shield pursuant to Art. 45 DSGVO or the EU Standard Treaty 2010 pursuant to Art. 46 Para. 2 lit. c DSGVO in conjunction with the EU Commission's decision of 5 February 2010 (2010/87/EU) or on the basis of your consent pursuant to Art. 49 Para. 1 lit. a) DSGVO.
d) Transmission to prosecution and criminal investigation authorities
In exceptional cases, we transmit personal data to law enforcement and criminal investigation authorities. This happens due to corresponding legal obligations, e.g. from the criminal procedure code, the tax code, the money laundering law or national police laws.
We store personal data within the scope of the legal regulations or your consent.
We use the following criteria to determine the specific storage period:
We store the personal data until the purposes for which they were collected cease to apply (e.g. at the end of a contractual relationship or through last activity, if there is no continuing obligation, or in the case of a revocation of your consent for concrete data processing).
A storage beyond that takes place only, if
You are entitled to a number of legal rights to which we would like to draw your attention below. In addition, of course, our data protection officer is also available to answer any questions you may have about your personal data that we have collected and processed under the contact details given below.
a) Right to Information and Data Transferability
You have the right at any time to information about the personal data processed by us concerning you.
If the data processing is based on your consent or on a contract pursuant to Art. 6 Para. 1 b) DSGVO, you may also request, pursuant to Art. 20 Para. 1 DSGVO, that the personal data stored about you be preserved in a structured, common and machine-readable format. At your request, we will also forward the data directly to the recipient specified by you.
b) Right to correction, restriction and deletion
Furthermore, pursuant to Articles 16 to 18 DSGVO, you may request us to correct, restrict (block) or delete your personal data if the data has been incorrectly processed by us, if there is a reason for restricting further data processing, or if the data processing has become illegal for various reasons, or if its storage is inadmissible for other legal reasons. We would like to point out that your right to
deletion may be limited by legal retention periods.
c) Rights of objection
If our data processing is based exclusively on our legitimate interest pursuant to Art. 6 para. 1 f) DSGVO, you may object to this processing pursuant to Art. 21 para. 1 DSGVO. We will then cease processing your data unless we can prove that there are legitimate reasons for the processing which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend a legal claim. Furthermore, you always have the right to object to the use of your data for the purpose of direct marketing with effect for the future pursuant to Art. 21 para. 2 DSGVO.
d) Right of withdrawal
If you have permitted us to process your personal data by giving your consent, you have a right of revocation with effect for the future pursuant to Art. 7 para. 3 DSGVO.
e) Right of complaint to the supervisory authority
You are free to file a complaint with a supervisory authority if you believe that our processing of your personal data violates the European Basic Data Protection Regulation or other national and international data protection laws.
The contact details of the supervisory authority responsible for us are as follows:
Bavarian State Office for Data Protection Supervision
Promenade 27 (Castle)
91522 Ansbach, Germany
f) Contact details
To exercise your rights you can send us an informal message to the following contact details. Please also address the revocation of your consent, stating which declaration of consent you wish to revoke, to the following contact details:
|Data protection officer|
HOERBIGER Automotive Komfortsysteme GmbH
Telefon: +49 8861 210 30 30
it.sec GmbH & Co. KG
Telefon: +49 731 20589-24
a) Principles on cookies and opt-out options
We use so-called cookies in some areas of our website, e.g. in order to recognise visitor preferences and to be able to design the website accordingly. This makes navigation easier and provides a high degree of user-friendliness. Cookies also help us to identify particularly popular areas of our website. Cookies are small files that are stored on a visitor's hard drive. They make it possible to store information over a certain period of time and to identify the visitor's computer. We use permanent cookies for better user guidance and individual performance presentation.
Cookies that are not technically necessary will only be set after your express consent, which you can of course revoke at any time.
Within the framework of our cookie information on our website, you have agreed to the following declaration in this regard:
This website uses tracking cookies or tracking software to provide you with the full functionality of our website and thus a better online experience. You can find more information about the cookies and web tracking procedures we use and the consents you have given to them in our data protection declaration at [https://xetto.com/de/datenschutz]. However, technically unnecessary cookies or our tracking software are only activated after you have given us your consent. Agreed]
Please also keep in mind that deleting all cookies will also delete opt-out cookies. You may therefore have to reset them. Cookies are also browser-bound, i.e. they must always be set separately for each browser you use on each device you use. You will find the links required for this in the following under the description of the respective service.
The following cookies are used by us - provided you allow this and have not set one or more opt-out cookies - for the purpose described in more detail:
|Name of the cookie||purpose of use||Storage time||Technically necessary||Possibility of revoking consent (if cookie is not technically necessary)|
|This cookie is used by Google Analytics to control the frequency of queries.|
|This cookie is used by Google Analytics to distinguish between users.|
|This cookie is used by Google Analytics to distinguish between users.|
b) Google Analytics
This website uses Google Analytics, a web analysis service provided by Google LLC ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website will generally be transmitted to and stored by Google on servers in the United States. If IP anonymisation is activated on this website, however, Google will shorten your IP address beforehand within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA where it will be shortened. On our behalf, Google will use this information to evaluate your use of the website, compile reports on website activity and provide other services relating to website activity and internet usage.
c) Google Maps
Our website uses the service 'Google Maps' of Google, e.g. to enable you to find a dealer near you.
You can prevent the execution of Google Maps by selectively preventing the execution of the Java-Script code used by using a Java-Script blocker; alternatively, you can also completely deactivate the execution of Java-Script in your browser settings.
Recipient of the data: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, Privacy-Shield: www.privacyshield.gov/participant
d) Youtube video, embedded via iFrame in advanced data protection mode
We use Youtube, a service from Google, to show you video content. To protect your privacy, we have enabled advanced privacy mode.
By pressing the start button on the video, you consent to the transmission of the data to Youtube LLC:
You can find more information about YouTube's privacy practices in their privacy statement (http://www.youtube.com/t/privacy_at_youtube).
Recipient of the data: Youtube LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
e) Google Web Fonts
This page uses so-called web fonts provided by Google for the uniform display of fonts. These fonts are stored locally on our server and are integrated accordingly when the page is accessed. An exchange of data with Google therefore does not take place.
f) DoubleClick by Google
If you do not agree with this form of processing, you can prevent the storage of cookies by adjusting your browser settings accordingly. In addition, you can prevent Google from collecting the data generated by the cookies and related to your use of the websites and Google from processing this data by downloading and installing the browser plugin available here <https://support.google.com/ads/answer/7395996?hl=en>. Alternatively, you can also deactivate the double-click cookies on this page < www.google.com/ads/preferences/html/opt-out.html>.
Recipient of the data: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
g) Social Media Buttons
Our website uses social media buttons (Facebook, YouTube) to enable you to interact with third parties.
These social media buttons are not integrated as plug-ins via a so-called iFrame, but are stored as links. By pressing the social media buttons, you will be forwarded directly to the page of the corresponding provider. The respective provider is then responsible in the sense of Art. 4 No. 17 DSGVO for compliance with the data protection regulations and for the correctness, up-to-dateness and completeness of the information provided there for data processing.
a) Contact form
Data that you send us via our contact form will be processed for the purpose of communication and data exchange, i.e. to respond to your specific enquiry. These data are stored as long as their processing is necessary for these purposes or until the expiry of any subsequent storage periods.
You can call our hotline to request help or contact us in the event of a malfunction. Data that you provide to us in this context will be stored if this is necessary to process your request. These data are stored as long as their processing is necessary for these purposes or until the expiry of any subsequent storage periods.
c) Dealer search
If you are looking for a dealer near you, please enter your postcode. The purpose of the processing is to compare it with our dealer list in order to show you the nearest dealer(s). A storage or evaluation does not take place.
d) Testing xetto
You can use a form to inform us that you would like to test our xetto® free of charge. We ask you for your name, e-mail address and postal code. We need the postcode in order to send you a list of dealers in your area. Your data can only be accessed by those of our employees who need it to fulfil their tasks. They will then contact you regarding the test. If you have agreed to this separately, we will forward the data to a dealer in your area for the purpose of contacting you.
You have agreed to the following:
I agree that my data given here may be passed on to a dealer near me for the purpose of contacting you regarding the testing of a xetto ®.
The data will be stored by us as long as it is needed to process your request and will be deleted after the legal storage periods.
e) Data processing for direct marketing purposes
To the extent permitted by law, we may also use your name and the postal address known to us to send advertising for our own offers. The legal basis is
Art. 6 para. 1 lit. f) in connection with Recital 47 DSGVO. Our legitimate interest is to promote sales or demand among our existing customers. Of course, you can object to the processing of your data for advertising purposes at any time for the future. A text message to the contact data mentioned above is sufficient. We will then delete your data from our mailing list. The data which prove your objection will then be kept for 6 years in accordance with Art. 17 Para. 3 lit. e) DSGVO. During this period, however, your personal data will be blocked from further processing.
To the extent permitted by law, we may also use your name, affiliation and telephone number for business customers in order to inform them about our own offers, assuming your presumed interest. The legal basis is Art. 6 para. 1 lit. f) i.V.m. Recital 47 DSGVO, § 7 Abs. 2 Nr. 2 UWG. Our legitimate interest is to promote sales or demand among our existing business customers. Of course, you can object to the processing of your data for advertising purposes at any time for the future. A communication in text form to the contact data mentioned above is sufficient. We will then delete your data from our mailing list. The data which prove your objection will then be kept for 6 years in accordance with Art. 17 Para. 3 lit. e) DSGVO. During this period, however, your personal data will be blocked from further processing.