Data protection declaration
We hereby inform you about the processing of your personal data by us and the claims and rights to which you are entitled under the data protection regulations.
Data controller for data processing
Herth+Buss Fahrzeugteile GmbH & Co. KG
Dieselstrasse 2-4
63150 Heusenstamm
Phone: +49 (0)6104 6080
Fax: +49 (0)6104 608 333
Email address: verwaltung@herthundbuss.com
Entered in the commercial register of Munich District Court: HRB 104599
Data protection officer:
We have appointed the following data protection officer for our company:
Contact:
Manfred Schlitt
CAS Datenschutz GmbH & Co. KG
Bürgermeister-Mahr-Str. 14
63179 Obertshausen
Phone: +49 (0)6104 6104 9808 0
Email: datenschutz@herthundbuss.com
Sources and data
We process personal data that we receive from you in the course of your internet or social media use or that you have transmitted to us via the contact form by registering in our database.
When you use the internet, data is stored in server log files that are collected and automatically stored by the provider and mostly transmitted to us by your browser. These include:
- Referrer URL
- Host name of the accessing computer
- Date and time of the server request
- Name of the requested file
- Page from which the file was requested
- Web browser and operating system used
- (Complete) IP address of the requesting computer
- Amount of data transferred
We collect the data listed above to ensure a smooth connection to the website and to facilitate convenient use of our website by users. In addition, the log file is used to evaluate system reliability and stability, as well as for administrative purposes. The legal basis for temporary storage of the data or the log files is our legitimate interest in accordance with Art. 6 (1) (f) GDPR.
We currently also offer the following social media channels:
In the context of such social media usage, we may retrieve statistics on usage from the respective social media company. This can be information about page views and activities; views of individual articles, videos, services (e.g. route planners) etc.; comments, shared content, responses, usage rates: men and women, origin in terms of country and city, language. The legal basis for retrieving the data when using social media for YouTube and Facebook is your consent in accordance with Art. 6 (1) (a) GDPR. For all other social media channels, the legal basis for retrieving the data is our legitimate interest in accordance with Art. 6 (1) (f) GDPR.
We recommend that you assert your rights as a data subject against the social media company in connection with your social media usage and use the settings options to protect your privacy.
For Facebook, you can find more information at: facebook.com/legal/terms/information_about_page_insights_data
For Xing and Kununu, you can find more information at: privacy.xing.com/de/datenschutzerklaerung/welche-rechte-koennen-sie-geltend-machen
For YouTube, you can find more information at: policies.google.com/privacy?hl=de#infocollect
Note: In the context of usage of the internet or social media, you are only obliged to provide the personal data required for usage or which we are obliged by law to collect. Without this data, meaningful use may be restricted or impossible.
If you send us an enquiry using the contact form or by email, your details from the enquiry form or email, including the contact details you provided there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up enquiries. Your name and email address must be entered. Under no circumstances will we pass on this data without your consent. The legal basis for the processing of the data is our legitimate interest in answering your request in accordance with Art. 6 (1) (f) GDPR and, where applicable, Art. 6 (1) (b) GDPR, provided that your enquiry is aimed at concluding a contract. Your data will be deleted after your enquiry has been processed, provided that there are no legal obligations to retain the data. In the case of Art. 6 (1) (f) GDPR, you may object to the processing of your personal data at any time.
If you register for our regular newsletter, your details from the enquiry form or your email, including the contact details you provided there, will be stored by us for the purposes of sending out the newsletter. Your name and email address must be entered. For handling the newsletter, we use a contract processor with whom we have concluded a contract for commissioned data processing. We will not pass on your data to other third parties without your consent. The legal basis for processing the data is your consent in accordance with Art. 6 (1) (a) GDPR. You can withdraw your consent at any time. You will find the link for this in the footer of the newsletter. Your details will then be deleted from the distribution list.
Purpose of processing and legal basis
We process personal data in conformity with the provisions of the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG):
Where necessary, we process your data beyond the purposes of fulfilling the contract in order to safeguard our legitimate interests or those of third parties (Art 6 (1) (f) GDPR). We collect the data listed above to ensure a smooth connection to the website and to facilitate convenient use of our website by users. In addition, the log file is used to evaluate system reliability and stability, as well as for administrative purposes. We also store your data for technical security reasons, particularly as a defence against attempted attacks on our web server.
Examples in this context:
- Checking and optimising procedures for requirements analysis and direct customer address;
- Advertising or market and opinion research, e.g. by using cookies unless you have objected to the usage of your data;
- Assertion of legal claims and defence in the event of legal disputes;
- Safeguarding of IT security and IT operations;
- Measures for business management and further development of services and products.
Social media companies, in particular, create so-called usage profiles based on your usage behaviour and use them for the placement of advertisements. This generally involves the storage of cookies on your computer. Depending on the social media channels, the legal basis for this is your consent (Art. 6 (1) (a) GDPR) or our legitimate interest (Art. 6 (1) (f) GDPR)
To the extent that you have provided us with consent for the processing of personal data for specific purposes (e.g. disclosure of data to third parties, evaluation of data for marketing purposes, social media applications), the lawfulness of this processing is based on your consent. Where consent has been given, it can be revoked at any time.
Please note that such revocation will only apply with effect for the future. Any processing performed prior to revocation will not be affected here.
If we process your personal data to fulfil a contract, the processing takes place on the basis of Art. 6 (1) (b) GDPR. This is the case, for example, for the delivery of goods or for the provision of services, or also for pre-contractual measures such as enquiries about our products.
If the processing of your personal data is required on the basis of a legal obligation such as the fulfilment of obligations under tax law, the processing is based on Art. 6 (1) (c) GDPR.
Disclosure of data
Within the company, departments that require your data to fulfil our contractual and legal obligations will be provided with such data. Data processors (Art. 28 GDPR) commissioned by us can also receive data for these above-mentioned purposes. These are companies operating in the following categories: IT services, telecommunications, advice and consulting, sales and marketing.
The following must be noted with regard to the transfer of data to recipients outside the company: we only pass on your data where legal provisions permit or command us to do so if you have consented to this or where we are authorised to provide the information in question. As defined by these prerequisites, recipients of personal data may include the following, among others:
- Public authorities and institutions (e.g. public prosecution offices, the police, supervisory authorities) where a legal or official obligation exists.
Further recipients of data may include parties for which you have consented to the transfer of data.
Duration of storage
Where permitted by law, we process and store your personal data, specifically for as long as necessary to fulfil the purposes in question.
Data transfer to third countries
A transfer of data to third countries (countries outside the European Economic Area – EEA) only takes place when this is required to provide our social media channels, where it is a legal requirement or where you have given us your consent to do so. We will inform you separately about the details provided this is required by law.
When you visit our social media channels, please note that data about you as a user may be processed outside the EU.
Use of cookies
Our website uses cookies that are stored on your device by the browser and contain certain settings for using the website (e.g. for the ongoing session). Cookies are used to make our website more user-friendly, more effective and secure. Cookies are small text files that are stored on your computer and which your browser stores. Most of the cookies we use are so-called session cookies, which are automatically deleted after the browser is closed. Other cookies remain stored on your device until you permanently delete them or the storage duration expires. These cookies enable us to recognise your browser on your next visit.
The cookies are used to simplify website processes by saving settings (e.g. retaining options that have already been selected). If personal data is also processed by individual cookies implemented by us, processing takes place on the basis of your consent in accordance with Art. 6 (1) (a) GDPR and to ensure the best possible functionality of the website, as well as a customer-friendly and efficient operation when visiting the site.
You can set your browser so that you are informed about the placement of cookies and only allow cookies in individual cases, to rule out the acceptance of cookies in certain cases or generally, and to activate automatic deletion of cookies when you close your browser. The functionality of this website may be restricted if cookies are deactivated.
You can declare your general objection to cookies used for online marketing purposes via the US website www.aboutads.info/choices or via the EU website www.youronlinechoices.com.
You can also deactivate the storage of cookies in the settings of your browser. Please note that, in this case, it may not be possible to use all functions of this website.
You can find the cookie policy here: https://herthundbuss.com/cookie-richtlinien/
Cavok database
Cavok is a browser-based digital-asset management system (DAM) from our service partner PEAK-14 (PEAK-14 GmbH, Otto-Röhm-Str. 69, 64293 Darmstadt), which deals with managing content and data. It is used as an image database on our homepage. You have the option of receiving access on request to download image material for our products.
The following data is stored in this access:
- Complete company name
- Complete contact name
- Email address
- Login name (consisting of customer number_last name, e.g. 1234567_smith)
Your name and email address must be entered. Under no circumstances will we pass on this data without your consent. The legal basis for the processing of the data is our legitimate interest in answering your request in accordance with Art. 6 (1) (f) GDPR and, where applicable, Art. 6 (1) (b) GDPR, provided that your enquiry is aimed at concluding a contract.
Further information on the data processing at our service partner can be found at: www.cavok.pro/de/datenschutz
Google Analytics
On our homepage, we use the web analysis service Google Analytics of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States, to analyse the use of our website, to compile reports on website activities and to provide further services connected with the use of the website and the internet. The legal basis is the consent you have given pursuant to Art. 6 (1) (a) GDPR or Art. 49 (1) (a) GDPR.
For this service, a cookie is placed on your computer and the user data stored in the process is forwarded to Google and transferred to a server that is generally located in the US and stored there.
Google uses this information to analyse the use of our online services and in particular to create user statistics with plausible usage profiles. Google Analytics is only used with activated IP anonymisation, which means that the IP address of Google users is shortened within member states of the European Union or in other member states of the Agreement on the European Economic Area. However, transfer of the full IP address to a Google server in the US cannot be ruled out. Users can prevent the storage by cookies by denying their consent or by setting their browser software accordingly. Furthermore, you can prevent the data stored by the cookie from being transferred to Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: tools.google.com/dlpage/gaoptout?hl=de.
Further information can be found in Google’s privacy policy: policies.google.com/technologies/ads.
Google marketing services
On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our website within the scope of Art. 6 (1) (f) GDPR), we use marketing and remarketing services (“Google marketing services”) of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland), (“Google”).
The Google marketing services enable us to display advertisements for and on our website in a more targeted manner, in order to only present advertisements that could be of potential interest to the user. For this purpose, cookies can be set by various domains, including google.com or double-click.net. This file notes which websites the user is looking for, the content they are interested in and which services they have clicked on, as well as technical information on the browser and operating system, related websites, visit time and other information on the use of the website. The IP address of users is also recorded, whereby, within the framework of Google Analytics, the IP address is truncated within member states of the European Union or member states of the Agreement on the European Economic Area and is only transferred to a Google server in the USA and shortened there in exceptional cases.
Users’ data is processed pseudonymously as part of Google marketing services. In other words, Google does not store and processes the user’s name or email address, for example, but processes the relevant data in a cookie-based manner within pseudonymous user profiles. This does not apply if a user has expressly permitted Google to process the data without this pseudonymisation.
We can integrate advertisements from third parties on the basis of the Google marketing service “DoubleClick”. DoubleClick uses cookies that enable Google and its partner websites to be used to position advertisements based on users’ visits to this website or other websites on the internet.
Furthermore, we may use “Google Tag Manager” on the basis of your consent in accordance with Article 6 (1) (a) to integrate and manage the Google analysis and marketing services on our website.
For more information on Google’s use of data for marketing purposes, please visit the overview page: policies.google.com/technologies/ads
You can find Google’s privacy policy at policies.google.com/privacy
If you wish to opt out of interest-based advertising by Google marketing services, you can use the settings and opt-out options provided by Google: adssettings.google.com/authenticated
Google Maps
We use the Google Maps service on this website. This enables us to display interactive maps directly on the website and enable convenient use of the map function.
When you visit the website, Google receives information that you have called up the corresponding sub-page of our website. The data specified in this privacy policy is transmitted, regardless of whether you have a user account with Google that you are logged in with, or whether there is no user account. If you are logged in with Google, your data will be assigned directly to your account. If you do not wish the information to be assigned to your profile with Google, you must log out before activating the button. User profiles are stored by Google and used for the purposes of advertising, market research and/or demand-based design of the website. Such an evaluation will be used to provide tailored advertising and to inform other users of the social network about your activities on the website. You have the right to object to the formation of these user profiles and you must contact Google to log the objection.
Further information on the purpose and scope of data collection and processing by the plug-in provider can be found in the provider’s data privacy statements, where you will also receive further information on your rights and setting options for protecting your privacy:
google.de/intl/de/policies/privacy
Google also processes your personal data in the US and has subscribed to the EU-US Privacy Shield, privacyshield.gov/EU-US-Framework
You can opt out via the following link: adssettings.google.com/authenticated
Social plug-ins
We use social plug-ins on the basis of our legitimate interests, i.e. interest in the analysis, optimisation and efficient operation of our website, within the meaning of Art. 6 (1) (f) GDPR. When you visit our site, a direct connection is established between your browser and the Facebook server via the plug-in. Facebook receives information that you have visited our site with your IP address. If you click on Facebook while you are logged into your account, you can link the content of our pages on your Facebook profile. This enables the visit to our site to be assigned to your user profile. If you are not a member of Facebook, it is nevertheless possible for Facebook to obtain and store your IP address. According to Facebook, only an anonymized IP address is stored in Germany. If you do not want Facebook to collect data via this online service, you must log out on Facebook before using our website and delete your cookies.
As a provider of the website, we have no knowledge of the content of the transferred data and their use by Facebook. Further information can be found in Facebook’s privacy policy at de-de.facebook.com/policy.php.
In addition to Facebook plug-in, we also use plug-ins from Xing and Kununu. The above also applies here.
As a provider of the website, we have no knowledge of the content of the transferred data and their use by NEW WORK SE. For more information, please see the privacy policy of Xing and Kununu at
privacy.xing.com/de/datenschutzerklaerung
YouTube
Based on your consent in accordance with Art. 6 (1) (a) GDPR, we integrate YouTube videos into our online services. These videos are stored on YouTube and can be played directly from our homepage. The integration (plug-in) serves to make our websites appealing.
YouTube is a service provided by the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. If you call up the website provided with such a plug-in, a connection to the YouTube servers is established and the plug-in is displayed. This transmits to the YouTube server that you have visited our website. If you are a member of YouTube, YouTube assigns this information to your personal user account. When using the plug-in, e.g. clicking on the start button of a video, this information is also assigned to your user account. You can prevent this assignment if you log out of your YouTube user account and other user accounts of YouTube LLC and Google Inc. before using our website and delete the corresponding cookies of the companies.
The data collected by the cookies is usually sent to a server in the USA and stored there. In the event of transfer of data to the USA, data transmission is based on valid standard contractual clauses.
Further information on data processing and information on data protection by YouTube (Google) can be found at google.de/intl/de/policies/privacy.
Userlike Chat
Within the framework of your consent in accordance with Art. 6 (1) (a) GDPR, we use chat software from Userlike UG (limited liability), Probsteigasse 44- 46, 50670 Cologne, Germany.
You can use the chat like a contact form to chat with our staff in almost real time. When you start the chat, the following personal data is collected:
- Date and time of call,
- Browser type/version,
- IP address,
- Operating system used,
- URL of the website previously visited,
- Quantity of sent data.
- And if specified: First name, last name and email address.
Depending on the course of conversation with our employees, other personal data entered by you may be provided in the chat. The type of data is heavily dependent on your enquiry or the problem that you tell us about. Processing all of this data serves to provide you with a fast and efficient contact option and thus improve our customer service.
When our homepage is accessed, the chat widget is loaded in the form of an AWS Cloudfront JavaScript file. The chat widget is technically the source code that is run on your computer and enables the chat.
The purpose of saving the chat data is also to ensure the security of our information technology systems.
You can find more information here: userlike.com/terms#privacy-policy
External links
Where links are provided to other websites, we can neither influence nor control the linked content or the data protection provisions there. We recommend that you check the data protection declarations of linked websites when you access them in order to determine whether and to what extent personal data is collected, processed, used or made available to third parties.
Automated decision-making in individual cases
We do not carry out fully automated decision-making pursuant to Art. 22 GDPR. Should we make use of such procedures in individual cases, we will inform you of this separately where required to do so by law.
Use of data for profiling (scoring)
We do not process your data with the aim of evaluating certain personal characteristics (profiling). In the context of data collection by tracking services, your data will be used to evaluate your usage behaviour and possibly to create movement profiles.
What rights do you have with regard to your data?
You have the right to receive information about the origin, recipients, and purpose of your stored personal data free of charge at any time. You also have the right to request that your data be corrected, blocked, or erased, or that the processing of your data be restricted. You also have the right to data portability, insofar as this is technically feasible. If your data is processed on the basis of a legitimate interest, you have the right to object. If you have given your consent, you have the right to revoke it, but this will only take effect for the future. You can contact us at any time about this and other questions on the subject of data protection at the address given in the imprint. You also have the right to lodge a complaint with a supervisory authority.