Privacy statement
The controller defined by the General Data Protection
Regulation (GDPR) is:
Mercedes-Benz AG („We“)
Mercedesstraße 120
70372 Stuttgart
Deutschland
E-Mail: mercedes-benz-sdb@mercedes-benz.com
Data Protection
Officer:
Data Protection Officer::
Mercedes-Benz AG
Corporate Data Protection Officer
HPC E600
D-70546
Stuttgart
Germany
E-Mail: data.protection@Mercedes-Benz.com
1.
Data Protection
We appreciate you visiting our website and your interest in the
products we offer. Protecting your personal data is very important to us. In
this Privacy Policy, we explain how we collect your personal information, what
we do with it, for what purposes and on what legal foundation we do so, and
what rights you have on that basis. We will also refer you to Daimler's Data
Protection Policy:
Mercedes-Benz Data
Protection Policy.
Our privacy statement on the use of our websites and the Daimler AG
Data Protection Policy do not apply to your activities on the websites of
social networks or other providers that can be accessed using the links on our
websites. Please read the data protection provisions on the websites of those
providers.
2.
Collecting and Processing Your Personal Information
a. Whenever you visit our websites, we store certain information about
the browser and operating system you are using; the date and time of your
visit; the status of the interaction (e.g. whether you were able to access the
website or received an error message); the usage of features on the website;
any search phrases you entered; how often you visit individual websites; the
names of the files you access; the amount of data transferred; the Web page
from which you accessed our website; and the Web page you visited after
visiting our website, whether by clicking links on our websites or entering a
domain directly into the input field of the same tab (or window) of the browser
in which you have our websites open. In addition, we store your IP address and
the name of your Internet service provider for seven days. This is for security
reasons; in particular, to prevent and detect attacks on our websites or
attempts at fraud.
b. We will store other personal information only if you share that
information; for instance, by filling out a registration form, contact form,
survey, contest entry or to execute a contract. In such cases, we will store
only the data we are allowed to keep based on consent given by you or in
accordance with applicable legal regulations (more information on this can be
found in the section titled "Legal Foundation for Processing").
c.
You are neither legally nor
contractually obligated to share your personal information. However, certain
features of our websites may depend on the sharing or personal information. If
you do not provide your personal information in such cases, you may not be able
to use those features, or they may be available with limited functionality.
3.
Purpose of Use
a. We use the
personal information collected during your visit to any of our websites to make
using them as convenient as possible for you and to protect our IT systems
against attacks and other unlawful activities.
b. If you share
additional information with us – for example, by filling out a registration
form, contact form, survey, contest entry or to execute a contract with you –
we will use that information for the designated purposes, purposes of customer
management and – if required – for purposes of processing and billing and
business transactions within the required scope in each instance.
4.
Use of service providers
We also use qualified service providers (IT service providers ) to operate, optimize and secure our websites. We only pass on personal data to third parties if and to the extent necessary for the provision and use of the websites and their functionalities, for the pursuit of legitimate interests or if you have consented to it (see section “Legal bases of processing” below). List of service providers thus receiving personal data: eska Ingenieurgesellschaft mbH
5.
Security
We take technical and organizational security measures in order to
protect your information managed by us from being tampered with, lost,
destroyed or accessed by authorized individuals. We are continuously improving
our security measures in line with technological advancements.
6.
Legal Foundations for Processing
a. If you have given us your consent to process your personal
information, then that is the legal foundation for processing it (Art. 6,
para. 1, letter a, of the EU's General Data Protection Regulation, or
GDPR).
b. Art. 6, para. 1, letter b, of the GDPR is the legal basis for
processing personal information for the purpose of entering into a contact or
performing a contract with you.
c.
If processing your personal information
is required to fulfill our legal obligations (e.g. data retention), we are
authorized to do so by Art. 6, para. 2, letter c, of the GDPR.
d.
Furthermore, we process
personal information for purposes of protecting our legitimate interests as
well as the interests of third parties in accordance with Art. 6, para. 1,
letter f of the GDPR. Examples of such legitimate interests include maintaining
the functionality of our IT systems as well as the (direct) marketing of our
products and services and those of third parties and the legally required
documentation of business contacts. As part of the consideration of interests
required in each case, we take into account various aspects, in particular the
type of personal information, the purpose of processing, the circumstances of
processing and your interest in the confidentiality of your personal
information.
7.
Deleting Your Personal Information
Your IP address and the name of your Internet service provider,
which we store for security reasons, are deleted after seven days. Moreover, we
delete your personal information as soon as the purpose for which it was
collected and processed has been fulfilled. Beyond this time period, data
storage only takes place to the extent made necessary by the legislation, regulations
or other legal provisions to which we are subject in the EU or by legal
provisions in third-party countries if these have an appropriate level of data
protection. Should it not be possible to delete data in individual cases, the
relevant personal data are flagged to restrict their further processing.
8.
Rights of Data Subjects
a.
As a data subject affected by
data processing, you have the right to information (Section 15 GDPR),
Correction (Section 16 GDPR), Deletion (Section 17 GDPR), Restricted processing
(Section18 GDPR) and Data Transferability (Section20 GDPR).
b.
If you have consented to the
processing of your personal information by us, you have the right to revoke
your consent at any time. Your revocation does not affect the legality of the
processing of your personal information that took place before your consent was
revoked. It also has no effect on the continued processing of the information
on another legal basis, such as to fulfill legal obligations (see section
titled "Legal Foundation of Processing").
c. Right to object
For reasons relating to your particular
situation, you have the right to file an objection at any time to the
processing of personal data pertaining to you that is collected under Section 6
Clause (1e) GDPR (data processing in the public interest) or Section 6 Clause 1
f) GDPR (data processing on the basis of a balance of interests). If you file
an objection, we will continue to process your personal data only if we can
document mandatory, legitimate reasons that outweigh your interests, rights and
freedoms, or if processing is for the assertion, exercise or defense of legal
claims.
d.
If possible, please direct your
claims or declarations to the following contact address: mercedes-benz-sdb@mercedes-benz.com
e.
If you feel that the processing
of your personal data is in breach of legal requirements, you have the right to
file a complaint with the responsible supervisory authority (Section
9.
Cookies
You can find information about the cookies we use and their functions in our Cookie Policy.
Cookie Policy
Last update: June, 2022