Privacy policy

Responsible for data processing is:

Procar Automobile Wuppertal GmbH & Co. KG

Friedrich-Ebert-Straße 105

Wuppertal

Email: info@procar-automobile.de

Phone: +49 202 25270

We appreciate your interest in our website. Protecting your privacy is very important to us. Below, we provide detailed information on how we handle your data.

1. Access data and hosting

You can visit our website without providing any personal information. When you access a webpage, the web server automatically stores a so-called server log file, which includes the name of the requested file, your IP address, the date and time of the access, the data volume transferred, and the requesting provider (access data) to document the access. These access data are evaluated exclusively for the purpose of ensuring the smooth operation of the site and improving our services. This serves to protect our legitimate interests in accordance with Article 6(1)(f) of the GDPR. All access data are deleted no later than seven days after the end of your visit to the site. All access data are processed only as long as necessary for achieving the aforementioned purposes.

2. Data processing for contract execution and contact

Data processing for contract execution

We collect personal data when you voluntarily provide it to us during your order or when contacting us (e.g., via contact form or email). Mandatory fields are marked as such because we require these data for processing your order or contact request, and without them, you cannot complete the order or send the request. The data collected is indicated in the respective input forms.
We use the data provided by you for contract execution and processing your inquiries (including inquiries about and processing any warranty claims and legal update obligations) in accordance with Article 6(1)(b) of the GDPR. Further information regarding the processing of your data, especially the transfer to our service providers for order, payment, and shipping execution, can be found in the following sections of this privacy policy. After the full execution of the contract, your data will be restricted for further processing and deleted after expiration of any tax and commercial retention periods in accordance with Article 6(1)(c) of the GDPR, unless you have expressly consented to further use of your data in accordance with Article 6(1)(a) of the GDPR or we reserve a further use of the data that is legally permitted and about which we inform you in this declaration.

Contact

In the course of customer communication, we collect personal data for processing your inquiries in accordance with Article 6(1)(b) of the GDPR when you voluntarily provide it to us during contact (e.g., via contact form, live chat, or email). Mandatory fields are marked as such because we require this data to process your contact request. The data collected is indicated in the respective input forms. After processing your request, your data will be deleted unless you have expressly consented to further use of your data in accordance with Article 6(1)(a) of the GDPR or we reserve further use of the data that is legally permitted and about which we inform you in this declaration.

3. Data processing for shipping execution

For the fulfillment of the contract in accordance with Article 6(1)(b) of the GDPR, we transfer your data to the shipping service provider responsible for delivery, as far as necessary for the delivery of the ordered goods. For questions about our service providers and the basis of our cooperation with them, please contact the contact option described in this privacy policy.

Data transfer to shipping service providers for delivery notification

If you have expressly consented to this during or after your order, we will transfer your email address and phone number to the selected shipping service provider so that they can contact you before delivery for delivery notification or coordination.
You can revoke your consent at any time by sending a message to the contact option described in this privacy policy or directly to the shipping service provider at the contact address provided below. After revocation, we will delete your data provided for this purpose unless you have expressly consented to further use of your data or we reserve further use of the data that is legally permitted and about which we inform you in this declaration. If you have questions about our service providers and the basis of our cooperation with them, please contact the contact option described in this privacy policy.

4. Data processing for payment processing

For payment processing in our online shop, we work with the following partners: technical service providers, credit institutions, payment service providers.

4.1 Data processing for transaction processing

Depending on the selected payment method, we will forward the necessary data to our technical service providers or the commissioned credit institutions or the selected payment service provider to process the payment transaction, as far as necessary for the execution of the payment. This serves the fulfillment of the contract in accordance with Article 6(1)(b) of the GDPR. In some cases, the payment service providers collect the data necessary for the payment transaction themselves, e.g., on their own website or through technical integration in the ordering process. In this case, the privacy policy of the respective payment service provider applies.

Depending on the selected payment method, data transfers to third countries outside the EU/EEA may occur, for which the European Commission has determined an adequate level of data protection through a decision. If a data transfer to third countries outside the EU/EEA takes place, for which the European Commission has not issued a decision on an adequate level of data protection, the cooperation is based on the standard contractual clauses of the European Commission.

If you have any questions about our payment processing partners or the basis of our cooperation with them, please contact the contact option described in this privacy policy.

4.2 Data processing for fraud prevention and optimization of our payment processes

If necessary, we will provide the aforementioned service providers with additional data that they will use, along with the data necessary for processing the payment, for fraud prevention and the optimization of our payment processes (e.g., invoicing, processing disputed payments, supporting accounting). This serves to protect our legitimate interests in accordance with Article 6(1)(f) of the GDPR, in order to secure ourselves against fraud and manage payments efficiently.

5. Advertising via email

E-mail newsletter subscription

If you subscribe to our newsletter, we will use the data required for this or separately provided by you to regularly send you our email newsletter based on your consent in accordance with Article 6(1)(a) of the GDPR. You can unsubscribe from the newsletter at any time, either by sending a message to the contact option described below or via a link in the newsletter. After unsubscribing, we will delete your email address from the recipient list unless you have expressly consented to further use of your data in accordance with Article 6(1)(a) of the GDPR or we reserve further use of the data that is legally permitted and about which we inform you in this declaration.

6. Cookies and other technologies

General information

In order to make our website attractive to visitors and enable the use of certain features, we use technologies including so-called cookies on various pages. Cookies are small text files that are automatically stored on your device. Some of the cookies we use are deleted at the end of your browser session (so-called session cookies). Other cookies remain on your device and allow us to recognize your browser when you visit again (persistent cookies). You can check the duration of storage in the cookie settings of your web browser.

Privacy protection on devices

When using our online offer, we use technologies that are strictly necessary to provide the requested telemedia service. Storing information on your device or accessing information already stored on your device does not require consent in this case.

For non-essential features, storing information on your device or accessing information already stored requires your consent. Please note that some parts of the website may not be fully functional without granting consent. Any consents you have given will remain valid until you adjust or reset the settings on your device.

Subsequent data processing by cookies and other technologies

We use such technologies that are strictly necessary for the use of specific features of our website. These technologies collect and process data such as IP address, time of visit, device and browser information, and information about your use of our website. This serves our legitimate interests in accordance with Article 6(1)(f) of the GDPR for the optimized presentation of our offer.

We also use technologies to fulfill legal obligations to which we are subject (e.g., to document consent to process your personal data) and for web analysis and online marketing. Further information on this, including the respective legal basis for data processing, can be found in the following sections of this privacy policy.

Cookie settings

You can find the cookie settings for your browser under the following links: Microsoft Edge™ / Safari™ / Chrome™ / Firefox™ / Opera™

If you have given your consent to the use of technologies in accordance with Article 6(1)(a) of the GDPR, you can withdraw your consent at any time by sending a message to the contact option described in the privacy policy.

We use the following cookies and other technologies from third-party providers on our website. Unless otherwise specified for individual technologies, this is done based on your consent in accordance with Article 6(1)(a) of the GDPR. After the purpose is fulfilled and the respective technology is no longer in use by us, the data collected in this context will be deleted. You can withdraw your consent at any time with effect for the future. Further information about your withdrawal options can be found in the section "Cookies and other technologies." For more information, including the basis of our collaboration with the individual providers, please refer to the respective technologies. If you have any questions regarding the providers and the basis of our collaboration with them, please contact the contact option described in this privacy policy.

7.1 Use of Google Services

We use the following technologies from Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). The information automatically collected by the Google technologies regarding your use of our website is typically transferred to a server of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, and stored there. Unless otherwise specified for individual technologies, data processing is carried out based on an agreement between joint controllers according to Article 26 of the GDPR. Further information about data processing by Google can be found in the Google Privacy Policy.

Our service providers are located and/or use servers in countries outside the EU and EEA, for which the European Commission has determined an adequate level of data protection by decision.

Our service providers are located and/or use servers in countries outside the EU and EEA. For these countries, there is no adequacy decision by the European Commission. Our collaboration with them is based on the Standard Contractual Clauses of the European Commission. 

Google Analytics

For website analysis purposes, Google Analytics automatically collects and stores data (IP address, time of visit, device and browser information, and information about your use of our website), from which usage profiles are created using pseudonyms. Cookies may be used for this purpose. If you visit our website from the EU, your IP address is stored on a server located in the EU for location data deduction and then immediately deleted before the traffic is forwarded for processing on other Google servers. Data processing takes place based on a data processing agreement with Google.

For the purpose of optimizing the marketing of our website, we have activated the Data sharing settings for "Google products and services". This allows Google to access the data collected and processed by Google Analytics and subsequently use it to improve Google services. The data sharing with Google under this data sharing setting is based on an additional agreement between controllers. We have no influence over the subsequent data processing by Google.

For the purpose of optimizing the marketing of our website, we use the so-called User-ID function. With this function, we can assign a unique, permanent ID to your interaction data from one or more sessions on our online presence, thus analyzing your user behavior across devices and sessions.

For web analysis purposes, the Google Analytics extension feature Google Signals enables so-called "Cross-Device Tracking." If your internet-enabled devices are linked to your Google account and you have activated the "personalized ads" setting in your Google account, Google can create reports about your usage behavior (especially cross-device user numbers), even if you switch devices. No processing of personal data occurs on our part in this context; we only receive statistics created based on Google Signals.

For web analysis and advertising purposes, the Google Analytics extension feature uses the so-called DoubleClick cookie, which allows recognition of your browser when visiting other websites. Google will use this information to compile reports about website activity and provide other services related to website usage.

If you do not give consent in accordance with Article 6(1)(a) of the GDPR for the use of Google Analytics, no cookies will be stored or read on your device. The data processing described in the previous paragraphs will not take place. To close gaps in web analysis by behavior and conversion modeling, pings with data (User-Agent, information about your consent behavior, screen resolution, IP address) will be sent to Google.

Google AdSense

Our website markets space for third-party advertisements via Google AdSense. These ads are displayed to you at various locations on this website. Through the so-called DoubleClick cookie, the display of interest-based advertising is made possible by collecting and processing data (IP address, time of visit, device and browser information, and information about your use of our website), as well as the automatic assignment of a pseudonymous UserID, which helps determine interests based on visits to this and other websites.

Google Ads

For advertising purposes in Google search results and on third-party websites, the so-called Google Remarketing cookie is set when you visit our website. This automatically allows for the collection and processing of data (IP address, time of visit, device and browser information, and information about your use of our website) using a pseudonymous cookie ID and based on the pages you have visited, enabling interest-based advertising. Further data processing will only take place if you have activated the "personalized ads" setting in your Google account. If you are logged into Google during your visit to our website, Google uses your data together with Google Analytics data to create and define audience lists for cross-device remarketing.

For website analysis and event tracking, we measure your subsequent behavior after you have arrived at our website via a Google Ads advertisement through Google Ads Conversion Tracking. For this purpose, cookies may be used, and data (IP address, time of visit, device and browser information, and information about your use of our website based on predefined events such as visiting a page or subscribing to a newsletter) may be collected, from which pseudonymized usage profiles are created.

If you do not give consent in accordance with Article 6(1)(a) of the GDPR for the use of Google Ads, no cookies will be stored or read on your device. The data processing described in the previous paragraphs will not take place. To close gaps in web analysis through behavior and conversion modeling, pings with data (User-Agent, information about your consent behavior, screen resolution, IP address, page URL, information about ad clicks in URL parameters) will be sent to Google. Your IP address will be used to deduce the IP country.

Google Maps

For the visual representation of geographical information, Google Maps collects data about your use of the Maps functions, especially IP address and location data, which is transmitted to Google and processed by Google. We have no influence over this subsequent data processing.

Google reCAPTCHA

To protect against misuse of our web forms and spam by automated software (so-called bots), Google reCAPTCHA collects data (IP address, time of visit, browser information, and information about your use of our website) and analyzes your use of our website through a so-called JavaScript and cookies. Additionally, other cookies stored by Google services in your browser are evaluated. No reading or storing of personal data from the input fields of the respective form takes place.

Google Tag Manager

With the Google Tag Manager, we can manage various codes and services on our website. When implementing the individual tags, Google may also process personal data (e.g., IP address, online identifiers (including cookies)). Data processing is based on an agreement for data processing by Google.

By using the Google Tag Manager, the integration of various services/technologies can be achieved.
If you do not wish to use individual tracking services and have disabled them, the deactivation remains in effect for all affected tracking tags integrated by the Google Tag Manager.

YouTube Video Plugin

To embed third-party content, data (IP address, time of visit, device and browser information) is collected via the YouTube video plugin in the extended privacy mode we use, transmitted to Google, and subsequently processed by Google, but only when you play a video.

7.2 Use of Microsoft Services

We use the following technologies from Microsoft Ireland Operations Ltd., One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland (“Microsoft”). Data processing takes place based on an agreement between joint controllers according to Article 26 of the GDPR. The information automatically collected by Microsoft technologies about your use of our website is typically transferred to a server of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA, and stored there. Further information about data processing by Microsoft can be found in the Microsoft Privacy Policy.

Our service providers are located and/or use servers in countries outside the EU and EEA, for which the European Commission has determined an adequate level of data protection by decision.

Our service providers are located and/or use servers in countries outside the EU and EEA. For these countries, there is no adequacy decision by the European Commission. Our collaboration with them is based on the Standard Contractual Clauses of the European Commission. 

For website analysis and event tracking, we measure your subsequent behavior through Microsoft Advertising Universal Event Tracking (UET) when you have arrived at our website via a Microsoft Advertising advertisement. Cookies may be used, and data (IP address, time of visit, device and browser information, and information about your use of our website based on predefined events such as visiting a page or subscribing to a newsletter) may be collected, from which pseudonymized usage profiles are created. If your internet-enabled devices are linked to your Microsoft account and you have not disabled the “interest-based advertising” setting in your Microsoft account, Microsoft can create reports about your usage behavior (especially cross-device user numbers), even if you switch devices, known as “Cross-Device Tracking.” No processing of personal data occurs by us in this context; we only receive statistics created based on Microsoft UET.

7.3 Use of Facebook Services

Use of Facebook Pixel

We use the Facebook Pixel as part of the following technologies from Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland (“Facebook (by Meta)” or “Meta Platforms Ireland”). The Facebook Pixel automatically collects data (IP address, time of visit, device and browser information, and information about your use of our website based on predefined events such as visiting a page or subscribing to a newsletter), from which pseudonymized usage profiles are created. When visiting our website, the Facebook Pixel automatically sets a cookie that allows recognition of your browser when visiting other websites using a pseudonymous cookie ID. Facebook (by Meta) will combine this information with other data from your Facebook account and use it to compile reports about website activity and provide additional services related to website usage, especially personalized and group-based advertising.
The information automatically collected by Facebook (by Meta) about your use of our website is typically transferred to a server of Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025, USA, and stored there. Further information about data processing by Facebook can be found in the Facebook (by Meta) Privacy Policy.

Our service providers are located and/or use servers in the following countries, for which the European Commission has determined an adequate level of data protection by decision: USA, Canada, Japan, South Korea, New Zealand, United Kingdom, Argentina.

The adequacy decision for the USA applies as the basis for the transfer to third countries, provided the respective service provider is certified. Certification is in place.

Our service providers are located and/or use servers in these countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, Mexico. For these countries, there is no adequacy decision by the European Commission. Our collaboration with them is based on these guarantees: Standard Contractual Clauses of the European Commission.

7.4 Other providers of web analytics and online marketing services

Use of Hotjar for web analysis

For the purpose of website analysis, data (IP address, time of visit, device and browser information, and information about your use of our website) is automatically collected and stored by technologies from Hotjar Ltd., Dragonara Business Centre 5th Floor, Dragonara Road, Paceville St Julian's STJ 3141, Malta (“Hotjar”), from which usage profiles are created using pseudonyms. Cookies may be used for this purpose. The pseudonymized usage profiles will not be merged with personal data about the holder of the pseudonym without explicit consent. Hotjar acts on our behalf.

Our service providers are located and/or use servers in countries outside the EU and EEA, for which the European Commission has determined an adequate level of data protection by decision.

Our service providers are located and/or use servers in countries outside the EU and EEA. For these countries, there is no adequacy decision by the European Commission. Our cooperation with them is based on Standard Contractual Clauses of the European Commission. 

8. Integration of Trusted Shops Trustbadge/ other widgets

If you have given your consent in accordance with Article 6(1)(a) of the GDPR, Trusted Shops widgets are embedded on this website to display Trusted Shops services (e.g., quality seal, collected reviews) as well as to offer Trusted Shops products for buyers after an order.

The Trustbadge and the services it advertises are provided by Trusted Shops SE, Subbelrather Str. 15C, 50823 Cologne (“Trusted Shops”), with whom we are jointly responsible for data protection under Article 26 of the GDPR. We inform you in this privacy policy about the essential contract contents according to Article 26(2) of the GDPR.

Within the joint responsibility between us and Trusted Shops SE, please contact Trusted Shops for data protection questions and to assert your rights, using the contact options provided in the data protection information. Regardless of that, you may always contact the responsible party of your choice. Your request will then be forwarded to the other responsible party for answering if necessary.

Data processing when embedding the Trustbadge/ other widgets

The Trustbadge is provided by a U.S.-based CDN provider (Content Delivery Network). An adequate level of data protection is ensured by a European Commission adequacy decision, which for the USA is available here. Service providers from the U.S. are usually certified under the EU-U.S. Data Privacy Framework (DPF). For more information, you can visit here. If service providers are not certified under the DPF, Standard Contractual Clauses have been concluded as suitable guarantees.

When the Trustbadge is called, the web server automatically stores a so-called server log file, which includes your IP address, the date and time of the call, the amount of data transferred, and the requesting provider (access data) and documents the retrieval. The IP address is anonymized immediately after collection, so the stored data cannot be assigned to you. The anonymized data is primarily used for statistical purposes and error analysis.

Data processing after order completion

If you have given your consent, after order completion, the Trustbadge accesses order information (order amount, order number, possibly purchased product) stored in your device and hashes your email address using a cryptographic one-way function. The hash value is then transmitted with the order information according to Article 6(1)(a) of the GDPR to Trusted Shops.
This serves to verify whether you are already registered for services of Trusted Shops. If so, further processing takes place according to the agreement between you and Trusted Shops contractual agreement. If you are not yet registered for the services or do not give consent to automatic detection via the Trustbadge, you will then have the opportunity to manually register for the services or complete the protection within your possibly existing user contract.

For this purpose, after your order, the Trustbadge accesses the following information stored in the device you are using: order amount, order number, and email address. This is necessary for us to offer you buyer protection. Data is only transmitted to Trusted Shops when you actively choose to finalize the buyer protection by clicking on the appropriately labeled button in the so-called Trustcard. If you decide to use the services, further processing is based on the contractual agreement with Trusted Shops in accordance with Article 6(1)(b) of the GDPR, to complete your registration for buyer protection and secure the order, and possibly send review invitations via email afterwards.

Trusted Shops uses service providers in the areas of hosting, monitoring, and logging. The legal basis is Article 6(1)(f) of the GDPR for ensuring smooth operation. Processing may take place in third countries (USA, UK, and Israel). An adequate level of data protection is ensured by an adequacy decision by the European Commission, which for the USA is available here, for the UK here, and for Israel here. Service providers from the USA are generally certified under the EU-U.S. Data Privacy Framework (DPF). For more information, you can visit here. If service providers are not certified under the DPF, Standard Contractual Clauses have been concluded as suitable guarantees.

9. Social Media

Our online presence on Facebook (by Meta), Instagram (by Meta), YouTube, LinkedIn, Xing

If you have given your consent in accordance with Article 6(1)(a) of the GDPR to the respective social media operator, your data will be automatically collected and stored when visiting our online presence on the mentioned social media platforms for market research and advertising purposes, from which usage profiles will be created using pseudonyms. These can be used to display ads on and off the platforms that presumably match your interests. In most cases, cookies are used for this purpose. The detailed information on processing and using data by the respective social media operator, as well as contact options and your related rights and settings for protecting your privacy, can be found in the privacy policies of the providers linked below. If you need help with this, you can contact us.

Facebook (by Meta) is an offering from Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland (“Meta Platforms Ireland”). The information automatically collected by Meta Platforms Ireland about your use of our online presence on Facebook (by Meta) is typically transferred to a server of Meta Platforms, Inc., 1601 Willow Road, Menlo Park, California 94025, USA, and stored there. Data processing within the context of visiting a Facebook (by Meta) fan page is based on an agreement between joint controllers in accordance with Article 26 of the GDPR. For further information (including insights data), please refer to the privacy policy of Facebook (by Meta).

Our service providers are located and/or use servers in the following countries, for which the European Commission has determined an adequate level of data protection by decision: USA, Canada, Japan, South Korea, New Zealand, United Kingdom, Argentina.

The adequacy decision for the USA serves as the basis for the third-country transfer, provided the respective service provider is certified. Certification is in place.

Our service providers are located and/or use servers in these countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, Mexico. For these countries, there is no adequacy decision by the European Commission. Our collaboration with them is based on these guarantees: Standard Contractual Clauses of the European Commission.

Instagram (by Meta) is an offering from Meta Platforms Ireland Ltd., Block J, Serpentine Avenue, Dublin 4, Ireland (“Meta Platforms Ireland”). The information automatically collected by Meta Platforms Ireland about your use of our online presence on Instagram is typically transferred to a server of Meta Platforms, Inc., 1601 Willow Road, Menlo Park, CA 94025, USA, and stored there. Data processing within the context of visiting an Instagram (by Meta) fan page is based on an agreement between joint controllers in accordance with Article 26 of the GDPR. For further information (including insights data), please refer to the privacy policy of Instagram (by Meta).

Our service providers are located and/or use servers in the following countries, for which the European Commission has determined an adequate level of data protection by decision: USA, Canada, Japan, South Korea, New Zealand, United Kingdom, Argentina.

The adequacy decision for the USA serves as the basis for the third-country transfer, provided the respective service provider is certified. Certification is in place.

Our service providers are located and/or use servers in these countries: Australia, Hong Kong, India, Indonesia, Malaysia, Singapore, Thailand, Taiwan, Brazil, Mexico.
For these countries, there is no adequacy decision by the European Commission. Our collaboration with you is based on these guarantees: Standard Contractual Clauses of the European Commission.

YouTube is an offering from Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). The information automatically collected by Google about your use of our online presence on YouTube is typically transferred to a server of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, and stored there.

Our service providers are located and/or use servers in countries outside the EU and EEA, for which the European Commission has determined an adequate level of data protection by decision.

Our service providers are located and/or use servers in countries outside the EU and EEA. For these countries, there is no adequacy decision by the European Commission. Our collaboration with them is based on Standard Contractual Clauses of the European Commission. 

LinkedIn is an offering from LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (“LinkedIn”). The information automatically collected by LinkedIn about your use of our online presence on LinkedIn is typically transferred to a server of LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA, and stored there.

Our service providers are located and/or use servers in the following countries, for which the European Commission has determined an adequate level of data protection by decision: USA.

The adequacy decision for the USA serves as the basis for the third-country transfer, provided the respective service provider is certified. Certification is in place.

Xing is an offering from New Work SE, Am Strandkai 1, 20457 Hamburg, Germany.

Our service providers are located and/or use servers in countries outside the EU and EEA, for which the European Commission has determined an adequate level of data protection by decision.

Our service providers are located and/or use servers in countries outside the EU and EEA. For these countries, there is no adequacy decision by the European Commission. Our collaboration with them is based on Standard Contractual Clauses of the European Commission. 

10. Contact options and your rights

10.1 Your rights

As a data subject, you have the following rights:

• According to Article 15 of the GDPR, the right to request information about your personal data processed by us to the extent specified there;
• According to Article 16 of the GDPR, the right to request the immediate correction of incorrect or completion of your personal data stored by us;
• According to Article 17 of the GDPR, the right to request the deletion of your personal data stored by us, unless the further processing is
  • for the exercise of the right to freedom of expression and information;
  • to fulfill a legal obligation;
  • for reasons of public interest or
  • for the assertion, exercise, or defense of legal claims;
• According to Article 18 of the GDPR, the right to request the restriction of the processing of your personal data, if
  • the accuracy of the data is contested by you;
  • the processing is unlawful, but you oppose its deletion;
  • we no longer need the data, but you need it for the assertion, exercise, or defense of legal claims or
  • you have objected to the processing in accordance with Article 21 of the GDPR;
• According to Article 20 of the GDPR, the right to receive your personal data provided to us in a structured, commonly used, and machine-readable format or to request the transmission to another controller;
• According to Article 77 of the GDPR, the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or the place of our company headquarters.

Right to object If we process personal data as described above to protect our legitimate interests, you may object to this processing with effect for the future. If the processing is for direct marketing purposes, you can exercise this right at any time as described above. If the processing is for other purposes, the right to object is only available if there are reasons arising from your particular situation. After exercising your right to object, we will not process your personal data further for these purposes unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights, and freedoms, or if the processing serves the assertion, exercise, or defense of legal claims. This does not apply if the processing is for direct marketing purposes. In that case, we will not process your personal data for this purpose further.

10.2 Contact options

Data protection officer:
TÜV SÜD Pluspunkt GmbH
Wiesenring 2
04159 Leipzig
Germany
020519110-500
datenschutz@bmw-procar.de

If you have any questions regarding the collection, processing, or use of your personal data, requests for information, correction, restriction, or deletion of data, as well as withdrawal of any consents given or objection to specific data usage, please contact:

TÜV SÜD Pluspunkt GmbH
Wiesenring 2
04159 Leipzig
Germany
020519110-500
datenschutz@bmw-procar.de