Data protection

This Data Protection Declaration (version: DSGVO 1.0, dated 16/05/2018) was written by: Deutsche Datenschutzkanzlei Datenschutz-Office München - www.deutsche-datenschutzkanzlei.de

We, CMORE Automotive GmbH, are responsible for this website and as a provider of what is defined as 'teleservice' we are obliged to inform you about the type, extent and purpose of personal data collected and used in a form that its precise, transparent, intelligible and easy to comprehend and in clear and simple language when you first visit our website. The content of this information must be retrievable for you at any time. We are therefore obliged to inform you about the personal data that are collected and used. Personal data means any information which refers to an identified or identifiable natural person.

The safety of your data is important to us and so is complying with data protection regulations. Collecting, processing and using personal data is regulated by the current European and national laws. 

In the following data protection declaration we want to explain to you how we use your personal data and how you can contact us:

CMORE Automotive GmbH
Kemptener Straße 99
D-88131 Lindau
Germany
Email: info(at)cmore-automotive.com 
Telephone: +49 8382 30493-0
Commercial register number: HRB 11073
Managing Directors: Richard Woller, Gregor Matenaer

Our Data Protection Officer

If you have any questions, please contact our Data Protection Officer:

Maximilian Musch
Deutsche Datenschutzkanzlei
Office Bodensee
Germany
Email: musch(at)ddsk.de
Web: www.deutsche-datenschutzkanzlei.de

A. General aspects

To safeguard that our data protection declaration is easy to understand, we will not use gender-differentiated language. To safeguard gender equality, we would like to point out that any such wording applies to both genders. 

The meaning of the terms used, for example 'personal data' or the 'processing' of these data is explained in Article 4 of the EU General Data Protection Regulation (GDPR). 

The personal data of users that are processed in relation to this website are inventory data (e.g. names and addresses of customers), contract data (e.g. services used, names of contacts, payment information), usage data (e.g. which websites of our online offering were visited, interest in our products) and content data (e.g. entries in a contact form). 

In this context, 'user' applies to all categories of persons affected by data processing.  This includes our business partners, customers, interested persons or other visitors of our online offering.

B. Specific aspects

Data Protection Declaration
We safeguard that we will collect, process, store and use your respective data only for the purpose of dealing with your queries, for internal purposes or to provide the services you requested or provide specific content. 

Principles of data processing
We process personal data of users only in compliance with the respective data protection regulations. The user data are only processed if the following statutory permission requirements are met:

  • for the purposes of fulfilling our contractual obligations (e.g. fulfilling orders) or to provide online services
  • if processing is legally required
  • if you have given your permission
  • if based on our legitimate interests (e.g. interest in analysis, optimisation and the economic operation and safety of our online offering as specified in Art. 6 Section 1 lit. f. DSGVO, especially in terms of reach measurement, profiling for advertising and marketing purposes and collecting access data and usage of third party services).

We would like to inform you where the above legal obligations can be found in the GDPR:

Permission Art. 6 Section 1 lit. a. and Art. 7 GDPR

Processing to perform our contractual obligations and carrying out contractual measures Art. 6 Section 1 lit. b. GDPR

Processing to comply with our legal obligations Art. 6 Section 1 lit. c. GDPR

Processing to protect our legitimate interests Art. 6 Section 1 lit. f. GDPR

Data transfer to third parties

We would like to point out that as a result of using Google Analytics, data will be transferred when using our website.

The transfer of data to third parties complies with the legal regulations. We only pass on user data if it is necessary for contractual purposes or if there is a legitimate interest to safeguard the economic and effective operation of our business.

If we use subcontractors to supply our services, we will make sure that the relevant legal measures are in place and that the appropriate technical and organisational measures are implemented to safeguard the protection of your personal data to comply with the relevant legal requirements.

Data transfer to a third country or an international organisation

Third countries are countries where the GDPR is not immediately governing law. In principle, this applies to all countries outside the EU or the European Economic Area.

Without your consent or statutory basis, there will be no data transfer to a third country or international organisation. 

How long are your personal data saved?

We adhere to the principles of data minimisation and data prevention. This means that we will save your data only as long as we need them to fulfil the purposes described above or to comply with the multiple storage durations required by law. If the purpose is obsolete or after the required storage durations have expired, your data are routinely blocked or deleted in compliance with the legal requirements.

We have developed our own company-specific concept which will safeguard this approach.

Getting in touch with us

If you contact us by email or via the contact form, you agree with electronic communication. When contacting us, personal data are collected. If you contact us via contact form, you can see which data are collected on the contact form. Your data are transferred with SSL encryption. The information you give us is only stored for the purposes of being able to respond to your query and for any follow-up queries you might have.

Here is a list of the relevant legislation:

Processing to perform our contractual obligations and carrying out contractual measures

Art. 6 Section 1 lit. b. GDPR

Processing to protect our legitimate interests

Art. 6 Section 1 lit. f. GDPR

We use a software for customer data administration (CRM system) or a similar software based on our legitimate interests (efficient and fast response to user queries).

The system is managed in-house by ourselves. Therefore, there is no transfer of data to third parties.

We would like to point out that it is possible that emails are read or changed without authorisation and without noticing during transfer. Furthermore, we would like to inform you that we use a software to filter out unwanted emails (spam filter). A spam filter can block emails if they are identified as spam based on certain attributes.

What are your rights?

  1. Right to information
    You have the right to free of charge information about the data held about you. On request, we will tell you in written form as required by law which personal data we hold about you. This also includes where the data come from and who the recipients of your data are, as well as the purpose of the data processing. 

  2. Right to rectification
    You have the right to obtain the rectification of data we hold about you if these data are incorrect. You can demand the restriction of processing, for example if the accuracy of your personal data is contested by you.

  3. Right to block
    You can also have your data blocked. To be able to implement the blocking of your data at any time, these data have to be available in a lock file for control purposes. 

  4. Right to erasure
    You can also demand the erasure of your personal data, provided there are no legal obligations to store these data. If there is such an obligation, we can block your data upon request. If the legal regulations allow it, we will delete your personal data even without your request. 

  5. Right to data portability
    You have the right to demand the receipt of the personal data transmitted by us in a format which is easy to transfer to another location. 

  6. Right to lodge a complaint with a supervisory authority
    You have the option to lodge a complaint with one of the data protection supervisory authorities.

    Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
    Promenade 27, D-91522 Ansbach
    Telephone: +49 981 53-1300
    Fax: +49 981 53-981300

    You can open the complaints form of the 'Bayerisches Landesamt für Datenschutzaufsicht' via the following link: www.lda.bayern.de/de/beschwerde.html

  7. Right to object
    You can object to the use of your data for internal purposes at any time with future effect. You only need to send an email to info@cmore-automotive.com. However, your objection will not affect the lawfulness of any data processing by us before that point. Any data processed to assure compliance with other laws and regulations, for example relating to contract negotiations, are not affected (see above).

Protection of your personal data 

With contractual, organisational and technical safety measures meeting the newest technological standards, we ensure that we comply with the regulations of the data protection laws and protect the data processed by us from random or deliberate manipulation, loss, destruction or from any unauthorized access by third parties.

Such safety measures include the encrypted transfer of data between your browser and our server. To achieve this, we use a 256 bit SSL (AES 256) encryption technique. This includes your IP address. 

Your personal data will be protected in terms of the following aspects (among others): 

  1. Protection of the confidentiality of your personal data
    To ensure the protection of the personal data we save, we have implemented various measures to safeguard entry and access control. 

  2. Protection of the integrity of your personal data
    To ensure the integrity of the personal data we save, we have implemented various measures for transfer and entry control.

  3. Protection of the availability of your personal data
    To ensure the availability of the personal data we save, we have implemented various measures for contract and availability control.

The safety measures used are improved continuously to implement the newest technological developments. Despite these measures, we are unable to guarantee the security of your data transfers to our online offering due to the unsafe nature of the internet. Any data transfers between you and our internet offering are therefore at your own risk. 

Protection of minors

Minors below the age of 16 are only allowed to give us information if their parents or legal guardians have given their express consent. Such data are processed as described in this data protection declaration.

Cookies

We use cookies. Cookies are small text files which are saved locally in the cache of your internet browser. Cookies enable the recognition of the internet browser. The files are used to help the browser to navigate through the online offering and to use all functions fully.

Our online offering uses: browser cookies / flash cookies

How cookies can be controlled by the user

Browser cookies: You can set any browser so that cookies are only accepted upon request. There is also a setting which accepts cookies only for the pages which are currently visited. All browsers have functions which allow the user to selectively delete cookies. It is also possible to switch off the acceptance of cookies in principle, but this could mean that using this online offering is less user-friendly.

Flash cookies: Flash cookies are the (locally) saved settings of Flash Player. These cookies are not browser cookies which are administered through browser settings. Instead, they can be administered in the Settings Manager of Flash Player. External link: www.macromedia.com/support/documentation/de/flashplayer/help/settings_manager03.html 

Use of first party cookies (Google Analytics cookie)

Google Analytics cookies protocol the following:

  • Unique users – Google Analytics cookies collect and group your data. All activities during a visit are summarized. If Google Analytics cookies are in place, they differentiate between users and unique users.

  • User activity – Google Analytics cookies also store data about the start and end times of a visit on websites and how many pages you looked at. When the browser is closed or if the user has been inactive for a longer period of time (the standard is 30 minutes), the user session will be finished and the cookie records that the visit has ended. The date and time of the first visit are also recorded. The total number of visits by each unique user is also logged. External link: www.google.com/analytics/terms/de.html

You are able to prevent the collection of data by the cookie and the data related to the use of the website (including your IP address) by Google and the processing of these data by Google by downloading and installing a browser plug-in via the following link:

Further information can be found under 'Web Analysis Service Google Analytics / Universal Analytics'.

Use of third party cookies

On our online offering, third parties use [further] cookies (third-party cookies) when editorial text or adverts are shown. These third parties are also governed by strict data protection rules about collecting personal data.

Lifespan of the cookies used

Cookies are administered by the webserver of our online offering. This online offering uses:
Transient cookies/session cookies (one-off usage)
Lifespan: Until the respective online offering is closed

Persistent cookie (long-term browser recognition)
Lifespan: 30 days

Deactivating or deleting cookies (opt-out)

All web browsers offer options to limit cookies and to delete them. You can find further information on the following websites:

Web analysis service Google Analytics / Universal Analytics

We use Google Analytics, a web analysis service by Google Inc. ('Google'). Google Analytics uses 'cookies', text files, which are stored on your computer and which allow an analysis of the usage of the online offering. The information about the use of the online offering produced by cookies is usually transferred to a server in the USA and is stored there.  This means there is a data transfer to a third country. The transfer will only be made on the condition that there are adequate safeguards in place and that enforceable rights and effective legal remedies are provided to you.

You can find a copy of these safeguards if you click on the following links:

If IP anonymization is activated when using our online offering, Google shortens the IP address directly in the member country of the European Union or other contracting state of the agreement concerning the European Economic Area. 

Only in exceptional cases, the full IP address is transferred to a server of Google in the USA and is then shortened there. We have instructed Google to use this information to analyse the use of our online offering, to prepare reports about the activities relating to the online offering and to provide further services related to the use of the online offering and internet usage to us. The IP address transferred by your browser in relation to Google Analytics will not be combined with other data from Google. You can prevent that cookies are saved by using a specific setting in your browser software. However, we would like to point out that in this case not all functions in this online offering may be used fully. 

We want to make you aware that this online offering uses Google Analytics with the add-on '_anonymizeIp()' and therefore IP addresses are only processed in a shortened form so that a link to individual persons is impossible.

We also use Google Analytics reports to capture demographic attributes and interests.

The data sent by us which are linked to cookies, user recognition (e.g. user ID) or advertising IDs are automatically deleted after 14 months. The deletion of data at the end of their storage duration is carried out automatically once a month. You can find further information about the terms of use and data protection at www.google.com/analytics/terms/de.html or

You are also able to prevent the collection of data by the cookie and the data related to the use of the website (including your IP address) by Google and the processing of these data by Google by downloading and installing a browser plug-in via the following link: tools.google.com/dlpage/gaoptout.

As an alternative to the browser plug-in or for browsers on mobile devices there is another link to set an opt-out cookie which prevents the recognition by Google Analytics within this online offering in future (this opt-out cookie only works for this specific browser and only for this domain, deletes cookies in this browser, click on the link again):

Use of Google Maps

We use Google Maps to show maps and to create journey plans. Google Maps is provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. By using this online offering, you agree with the collection, processing and the use of the automatically collected data and the data entered by yourself (including your IP address) by Google, their agents or third parties. You can find the terms of use for Google Maps when you click on the following link:

www.google.de/intl/de/policies/terms/regional.html ;

Further details about transparency, selection options, and data protection regulations can be found in the data protection centre of google.de: www.google.de/intl/de/policies/privacy/;

Newsletter

If you subscribe to our email newsletter, personal data will be collected. These data will be used by us for our own advertising purposes, i.e. for your email newsletter, if you have given your explicit permission as described below:

'Yes, I want to subscribe to the newsletter! I accept the data protection declaration'

You can stop the newsletter at any time by using the respective link within the newsletter or by sending us a message by email to info@cmore-automotive.com. When you unsubscribe, your email address will be immediately deleted from the newsletter mailing list and included in a lock file to secure the cancellation.

Newsletter tracking: If you have given your prior explicit permission, newsletter tracking (also called web beacons or tracking pixels) is used. When sending the newsletter, the external server is able to collect certain data of the recipient, e.g. the time of retrieval, the IP address or information about the email programme (client) used. The name of the image file is individualized for every mail recipient by adding a unique ID. The mail sender memorizes which ID belongs to which email address and this allows the sender to know which newsletter recipient has just opened the email.

The newsletter tracking captures the user behaviour pseudonymized. The pseudonymized data are as follows: recipient, recipient minus bounces, recipient in cue, recipient skipped, unique unsubscribe rate, unique unsubscriptions, bounce rate, bounces (split into hard and soft bounces), unique opens rate, unique opens, opens rate, opens, unique click rate, unique clicks, click rate, clicks, effective unique click rate, clicks, to segment target groups.

Changes of our data protection declaration

We reserve the right to adapt our data protection declaration from time to time so that it always complies with the latest legal requirements or to adapt the data protection declaration to changes in our services. This might also include the introduction of new services. When you visit again, a new data protection declaration will apply. 

Protection of proprietary rights

Any company logo or trademark shown or mentioned here is owned by the respective company. Brands and names are mentioned only for information purposes.

C. Specific regulations for Russia

For users situated in the Russian Federation, the following applies:

The services of our online offering described above are not intended for the citizens of the Russian Federation who reside in Russia. 

If you are a Russian citizen living in Russia, we would like to explicitly inform you that any personal data which you give us via this online offering is provided at your own risk and on your own responsibility. You also agree that you will not hold us liable for any possible non-compliance with the laws of the Russian Federation.