Data protection notice

Data protection notice for Christophorus

We, Dr. Ing. h.c. F. Porsche AG (hereinafter referred to as "we" or "Porsche AG") are pleased about your visit to our Christophorus as well as your interest in our company. Your privacy is important to us. We take the protection of your personal data and their confidential treatment very seriously. The processing of your personal data takes place exclusively within the framework of the statutory provisions of the data protection law of the European Union, in particular the General Data Protection Regulation (hereinafter "GDPR"). With this privacy policy we inform you about the processing of your personal data and your privacy rights in the context of the use of Christophorus. For information on other services as well as offers from other companies of the Porsche Group, please refer to the respective privacy policy of these services or companies.

 

1. Data Controller and Data Protection Officer; Contact

Responsible for the data processing within the meaning of the data protection laws is the:

Dr. Ing. h.c. F. Porsche AG
Porscheplatz 1
70435 Stuttgart
Germany
Tel: (+49) 0711 911-0
E-Mail: christophorus@porsche.de

If you have any questions or comments about privacy, please feel free to contact us.

Our data protection officer can be reached as follows:

Dr. Ing. h.c. F. Porsche AG
Data Protection Officer
Porscheplatz 1
70435 Stuttgart
Germany
Contact: https://www.porsche.com/germany/privacy/contact

 

2. Subject of data protection

The subject of data protection is personal data. This is all information that relates to an identified or identifiable natural person (so-called affected person). These include e.g. Information such as name, postal address, e-mail address or telephone number, but also information that necessarily arises during the use of Christophorus, such as information on the beginning, end and extent of use and the transmission of your IP address.

 

3. Type, scope, purpose and legal basis of automated data processing

The use of Christophorus is generally possible without registration. Even if you use Christophorus without registration, personal data can be processed.

Below you will find an overview of the type, scope, purposes and legal basis of the data processing of Christophorus.

 

3.1 Provision of our online service

When accessing Christophorus through your device, we automatically process the following data:

- date and time of access,

- duration of the visit,

- user devices,

- used operating system,

- the features you use

- amount of sent data,

- type of event,

- IP address,

- referrer URL

- domain name

These data are processed on the basis of Article 6 (1) (f) of the GDPR to provide the service, to ensure the technical operation and to detect and eliminate interference. We are pursuing the interest of enabling and permanently securing the use of Christophorus and its technical functionality. When Christophorus is accessed, this data is processed automatically. Without this provision, you will not be able to use our services. We do not use this data for the purpose of drawing any conclusions about you or your identity.

We usually delete this data after 90 days, unless we exceptionally need it for the purposes mentioned above. In such a case, we will delete the data immediately after use.

 

3.2 Cookies

When you visit Christophorus, so-called "cookies", ie small files, can be stored on your device in order to offer you a comprehensive range of functions, to make your usage more comfortable and to optimize our offers. If you do not want to use cookies, you can prevent the storage of cookies on your device by by adjusting the settings of your internet browser or use of the separate contradiction option. Please note that the functionality of our offer may be limited. For detailed information on the nature, extent, purposes, legal bases and possibilities of contradicting the processing of cookies, please refer to our Cookie Policy.

 

 

3.3 Social Plugins

Some sections of our website use so-called social plug-ins of social networks, such as Facebook, Twitter, Google+ or LinkedIn. The plugins are recognizable by the logo of the respective social network and serve primarily to "share" our contents.

As soon as you visit a website with an activated social plugin, your browser uses the social plugin to establish a direct connection to the servers of the respective social network and transmit data about your visit to the social network. Even if you are not a member of one of the social networks, there is a possibility that they will use the social plugin to learn and save data such as your IP address.

The social plugins on our website are disabled by default. To use the social plugins you have to activate them by clicking on the corresponding button, for example to share a page on a social network.

If you have activated the use of the respective social plugin, we process the following data and transmit it to providers of the respective social network:

- date and time of access,

- visited page of Christophorus,

- IP address

Your data will be processed to enable you to share certain articles of Christophorus within the social networks based on Article 6 (1) (f) GDPR.

As long as the social plugin is not activated, no data will be sent to the social network. Once activated, the social plugin connects to the social network servers and remains active until you disable it or delete your cookies.

Activation establishes a direct connection to the server of the respective social network. The content of the social plugin is transmitted by the social network directly to your browser, which integrates it into the visited website. Therefore we have no influence on the amount of data collected by the social plugin.

For more information on the purpose and scope of the data collection, as well as the further processing and use of the data by the respective social networks, your rights in this regard as well as setting options for the protection of your privacy, please refer to the privacy policy of the social networks.

 

4. Recipient of personal data

Internal recipients: Within Porsche AG, only those persons have access who need this for the purposes mentioned in sections 3 and 4 above.

External recipients: We only pass on your personal data to external recipients outside of Porsche AG, if this is necessary for processing your request, if another legal authorization exists or if your consent is available.

External recipients can be:

a) Processor
Group companies of Porsche AG or external service providers that we use for the provision of services, for example in the areas of technical infrastructure and maintenance for Porsche AG's offer or the provision of content. These processors are carefully selected and regularly reviewed by us to ensure your privacy is maintained. The service providers may only use the data for the purposes specified by us and according to our instructions.

 

b) Public bodies
Authorities and government institutions, such as Prosecutors, courts or tax authorities to whom we must transfer personal data for legally binding reasons. The transmission then takes place on the basis of Article 6 (1) (c) GDPR.

 

c) Private offices
Dealers, cooperation partners or auxiliary persons to whom data are transmitted on the basis of a consent, for the execution of a contract with you or for the protection of legitimate interests, such as Porsche centers, financing banks, providers of other services or transport service providers. The transmission then takes place on the basis of Article 6 (1) (a), (b) and / or (f) GDPR.

 

5. Data processing in third countries

If a data transmission takes place in locations whose origin or place of data processing is not located in a Member State of the European Union or in another Contracting State to the Agreement on the European Economic Area, we ensure before the transfer, except in the case of exceptionally permitted by law, to the recipient either an adequate level of data protection exists (eg through a European Commission adequacy decision, through appropriate safeguards such as self-certification of the EU-US Privacy Shield beneficiary or agreement of so-called EU standard contractual clauses with the beneficiary) or you give your sufficient consent to the transfer of data.

You can obtain from us an overview of the recipients in third countries and a copy of the specific arrangements agreed to ensure the appropriate level of data protection. Please use the information in section 1.

 

6. Storage duration

The storage period for personal data can be found in the respective chapter on data processing in relation to certain services and functions in Section 3 and Section 4. In addition, we generally retain your personal data only as long as this is necessary for the fulfillment of the purpose or - case of consent - as long as you have not revoked the consent. In the event of an objection, we will delete your personal data, unless its further processing is permitted in accordance with the relevant statutory provisions. We delete your personal data even if we are obliged to do so for legal reasons.

 

7. Affected rights

As a data-processing person, you have many rights. In detail:

Right to information: You have the right to obtain information about the data we have stored about you.

Right of rectification and cancellation: You may demand the correction of incorrect data and - insofar as the legal requirements are met - the deletion of your data.

Restriction of processing: As far as the legal requirements are met, you can demand that we restrict the processing of your data.

Data portability: If you have provided us with data based on a contract or consent, you may, subject to the legal requirements, require that you receive the data you provide in a structured, common and machine-readable format, or that we transfer it to another person in charge to transfer.

Objection to data processing in the case of legal basis "legitimate interest": You have the right, for reasons arising from your particular situation, to object at any time to the processing of data by us, insofar as this is based on the legal basis "legitimate interest". If you make use of your right of objection, we will stop the processing of your data, unless we can - in accordance with the legal requirements - prove compelling legitimate reasons for further processing that outweigh your rights.

Opposition to cookies: You may also object to the use of cookies at any time. Details can be found in our Cookie Policy.

Revocation of consent: If you have given us consent to the processing of your data, you can revoke it at any time with effect for the future. The lawfulness of the processing of your data until the revocation remains unaffected.

Complaints to the supervisory authority: You can also file a complaint with the competent supervisory authority if you believe that the processing of your data violates applicable law. You can contact the data protection authority, which is responsible for your place of residence or your country, or the data protection authority responsible for us.

Your contact to us: Furthermore, if you have any questions about the processing of your personal data, your data subject rights and any consent given, you can contact us free of charge. To exercise all of your aforementioned rights, please contact us at https://www.porsche.com/germany/privacy/contact or by mail to the address indicated in 1. above. Please make sure that we can clearly identify you.

 

8. Links to offers from third parties

Websites and services of other providers to which Christophorus links are and have been designed and provided by third parties. We have no influence on the design, content and function of these third party services. We expressly dissociate ourselves from all contents of all linked offers of third parties. Please note that the offers of third parties linked from Christophorus may install own personal cookies on your device or collect personal data. We have no influence on this. If necessary, please inform yourself directly to the providers of these linked third-party offers.

 

9. Webtrekk

In some areas of our website the services of the company Webtrekk GmbH are used to collect statistical data on the use of our website and to optimize our offer accordingly. As part of your website visit, we collect and evaluate some of the information that your browser transmits. The survey is done by a pixel, which is integrated on every website. The following data is collected:

- Request (file name of the requested file)

- Browser Type / Version (Eg .: Internet Explorer 6.0)

- Browser language (eg German)

- used operating system (Eg.: Windows XP)

- internal resolution of the browser window

- Screen resolution

- Javascript activation

- Java On / Off

- Cookies On / Off

- Referrer URL (the previously visited page)

- IP address (will be anonymized immediately and deleted after processing)

- Time of access

- clicks

You may object to Webtrekk's data collection and storage at any time with future effect. For the exclusion of the Webtrekk tracking on this page a cookie with the name "WebtrekkOptOut" is stored on your computer. This disclaimer applies as long as you do not delete this cookie.

To complete the objection, please click on the following link:

http://christophorus.porsche.com/en/data-protection.html?disableWebtrekk=true

 

10. Latest version

The latest version of this privacy policy applies. Date: 18/05/18