Data privacy statement
The data controller is DOLL Fahrzeugbau GmbH,
Industriestr. 13, 77728 Oppenau, Germany. This is the company being referred to when the terms “we” or “us” are used in the following.
You can contact our data protection officer at the address provided above or by e-mailing email@example.com.
1. Which personal data we process and where it originates:
When we make our website available to you, we process personal data from various sources. This may be data that we process automatically for every visitor to our website. This may also be data that you have voluntarily provided.
Data that we collect automatically when you use our website:
As soon as you visit the website, you send technical information to our web server that we store in server log files. This happens regardless of whether or not you then decide to contact us (for example, using the contact form). We always collect the following access and web access data (which we call “usage data”):
- The date and time of the visit and the duration of website usage
- The IP address of your device
- The referral URL (the website from which you accessed our website)
- The subpages visited on the website or app
- Other information about your device (device type, browser type and version, settings, installed plug-ins, operating system)Personal data protection
We process usage data to enable use of the website and to ensure website functionality. We also process usage data to analyse website performance, to continuously improve the website and to rectify errors or personalise the content you see on the website. We also process usage data to guarantee IT security and system operation as well as to prevent or detect misuse, particularly fraud. These server log files are deleted after a maximum of 28 days.
Cookies and other tracking tools:
Data that you send to us:
Alongside the data that we receive from all visitors, we also process other data when you use our contact or application form. In this case, we store your title, company, name, street, postcode and city, telephone number, e-mail address and the content of your request (you can find the details on the relevant contact form).
We process this data in order to handle your request and delete the data once your request has been completed. If you have applied for a vacancy with us using the application form and we were unable to offer you the position at the time of your application, we will only continue to store your data after the application to make it easier for you to apply again. We will only do this if you have given us your consent beforehand.
Newsletter2Go is used as the newsletter software. This involves your data being sent to Newsletter2Go GmbH. As part of this arrangement, Newsletter2Go is not permitted to sell your data or to use it for any purposes other than sending newsletters. Newsletter2Go is a certified German provider which processes data exclusively as defined in the order processing agreement in our contract.
You can find further information here: https://www.newsletter2go.de/informationen-newsletter-empfaenger/
The consent you have given to store data and your e-mail address and for its use in order to send you the newsletter can be revoked at any time, for example via the “Unsubscribe” link in the newsletter.
2. Other purposes for which we process your data:
We have already outlined the purposes for which we process your data in individual cases above. We may also process your data for other purposes.
3. The legal basis for data processing:
When processing your personal data, we rely on various legal bases in accordance with the General Data Protection Regulation (GDPR), an EU-wide legal framework intended to standardise data protection law. It specifically covers:
Your consent (Article 6 Paragraph 1 a) GDPR)
Fulfilling our contractual obligations to you (Article 6 Paragraph 1 b) GDPR)
Our legitimate interests (Article 6 Paragraph 1 f) GDPR)
There are also cases where we are entitled to process your data without your consent because it is necessary to protect our legitimate interests (or the interests of third parties).
Legal obligations (Article 6 Paragraph 1 c) GDPR)
We are also legally obliged to process specific data in individual cases in order to provide information to prosecution authorities or tax authorities.
4. To whom we disclose your data:
We transfer your data to our hosting provider (https://www.leitwerk.de/), which enables the provision of the website. Providers listed in our information about cookies and tracking tools are only sent pseudonymised data, as further explained in that section.
5. Data processing outside of the EEA:
We do not transfer your access and account data to countries outside of the EEA (known as third countries) as a matter of principle. We do not host your data in third countries and all your data is located on our hosting provider's servers situated in Germany.
This relates in particular to cookies provided by third-party companies based in the United States. We will, however, ensure that appropriate data protection is guaranteed at all times. We do this by ensuring that the data recipients include the EU standard contractual clauses in our contracts with these providers to guarantee secure processing and appropriate data protection (which might also include suitable measures that are necessary to ensure appropriate data protection).
6. Storage period:
We process and store your personal data as required for the fulfilment of our contractual or legal obligations. We therefore store your data for as long as we have a contractual relationship with you, and once this has ended, only to the extent and for the length of time required by German law. For example, if you have given us consent (to receive the newsletter, for example), we are required to retain your IP address and the precise time consent was given in order to preserve evidence.
7. Automated individual decisions:
We will not use your data to make fully automated individual decisions that have legal effect or may impact you significantly in similar ways, or to create an associated user profile.
8. Your legal rights in accordance with the GDPR:
You can assert the following rights against us with regard to your personal data within the framework of the GDPR:
- Your right to information and access in accordance with Article 15 GDPR
- Your right to rectification in accordance with Article 16 GDPR
- Your right to erasure in accordance with Article 17 GDPR
- Your right to restriction of processing in accordance with Article 18 GDPR
- Your right to data portability in accordance with Article 20 GDPR
You can also revoke your consent for processing of your personal data at any time.
Cookies, web tracking tools and remarketing on the website
The following is an overview of all cookies and other web-tracking tools on our website that are either provided by us or by third parties.
1. Our own cookies (known as first-party cookies):
We use these cookies to analyse web traffic, to tailor our services, content and ads, to measure the effectiveness of ad campaigns and to promote trust in and the security of the website. We also use first-party cookies to differentiate one user from another and to calculate the total number of visitors to the website in conjunction with the log files on our web server. The data collected in this way helps us to receive the feedback required to continuously improve the website and offer users a better service. We only use session cookies which expire shortly after you have visited our website. We do not use any permanent first-party cookies that remain on your device for an extended period. The legal basis is Article 6 Paragraph 1 f) GDPR.
Users can stop accepting first-party cookies by configuring their browser settings so that they do not accept any cookies. However, once these settings have been made, you may not be able to use certain current or future elements of our website.
2. Cookies and plug-ins on our website that send data to third parties (known as third-party cookies):
In addition to first-party cookies we also use – exclusively based on your consent in accordance with Article 6 Paragraph 1 a) GDPR – the following third-party cookies and plug-ins that are provided to us by the following parties and for the following purposes:
The information about your usage of our website generated by the cookie (identifier, browser type/version, operating system used, referrer URL, truncated IP address, time of server request) is usually transferred to a Google server in the USA and stored there. However, in the member states of the European Union or in other signatory states to the Agreement on the European Economic Area, your IP address is truncated by Google on our website first. For this purpose, we have implemented the code “gat._anonymizeIp() ;” to guarantee anonymous collection of IP addresses (known as IP masking).
Only in exceptional circumstances is the full IP address sent to a Google server in the USA and truncated there. If in exceptional circumstances personal data is sent to the USA, the certification of Google in accordance with the “Privacy Shield Agreement” between the EU and the USA (https://www.privacyshield.gov/participant?id=a2zt00000000001L5AAI&status=Active) ensures a level of data protection that corresponds to the level in the EU.
Google will use the information about your usage of the website on our behalf within the framework of Google Analytics to assess your usage of the website, to compile reports about website activities and to provide other services related to website and internet usage. The IP address sent from your browser within the framework of Google Analytics and Google Tap Manager is not combined with other data by Google.
You can prevent storage of cookies by making the relevant settings on your browser software or the operating system on your mobile terminal device; however, please note that in this case, you may not be able to use all of the functions on our website to their full extent. You can also prevent collection of data about your usage of our website (including the IP address) by Google and its processing by Google by downloading and installing the browser plug-in at the following link: http://tools.google.com/dlpage/gaoptout
Use of the Facebook pixel
The Facebook pixel is installed on our website. You can find an overview of the Facebook plug-ins here: developers.facebook.com/docs/plugins/. These are services provided by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook EU”), which also transfer data to Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA (“Facebook USA”; “Facebook” as a whole together with Facebook EU). As is the case with Google, Facebook USA is also certified in accordance with the Privacy Shield Agreement and therefore provides appropriate data protection outside the EU (https://www.privacyshield.gov/participant?id=a2zt000000000GnywAAC&status=Active).
When you visit our website, a direct link is established between your device and the Facebook server. Facebook receives the information that you have visited our website together with your IP address. If you click on the “Like” button in your Facebook account, you can link the content on our website to your Facebook profile. This means that Facebook can link the visit to a visitor.
Please note that we, as the provider of the website, do not receive any information about the content of the data sent or how it is used by Facebook. If you are not a member of Facebook, Facebook still receives and stores your IP address and receives information when you visit these websites and applications, including device information (operating system, hardware version, device settings, file and software names and types, battery and signal strength), device identifiers, device locations, including certain geographical locations such as GPS, Bluetooth or WiFi signals, connection information such as the name of your mobile phone provider or ISP, browser type, language and time zone, mobile telephone number, and information about your activities. According to Facebook, only one anonymised IP address is processed.
You can find more information in Facebook's data protection guidelines at https://www.facebook.com/policy.php or https://www.facebook.com/business/help/651294705016616https://www.facebook.com/ads/webseite_custom_audiences/. If you do not want Facebook to link your visit to our website to your Facebook account, please sign out of your Facebook account. Other settings and objections to usage of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads.