Privacy Policy

The processing of personal data, such as the name, address, email address, or telephone number of a data subject, always takes place in accordance with the General Data Protection Regulation and in accordance with the country-specific data protection regulations applicable to Auto-Feyrer Classic. With this privacy policy, our company aims to inform the public about the nature, scope, and purpose of the personal data we collect, use, and process. Furthermore, this privacy policy informs data subjects about their rights.

As the data controller, Auto-Feyrer Classic has implemented numerous technical and organizational measures to ensure the most complete protection possible for personal data processed through this website. Nevertheless, internet-based data transmissions can fundamentally have security gaps, so that absolute protection cannot be guaranteed. For this reason, any data subject is free to transmit personal data to us by alternative means, for example, by telephone.

 

1. Definitions

The privacy policy of Auto-Feyrer Classic is based on the terminology used by the European legislator in the enactment of the General Data Protection Regulation (GDPR). Our privacy policy aims to be easily readable and understandable for both the public and our customers and business partners. To ensure this, we would like to explain the terms used in advance. In this privacy policy, we use the following terms among others:

a) Personal Data

Personal data refers to any information relating to an identified or identifiable natural person (hereinafter referred to as "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or to one or more specific characteristics that express the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

b) Data Subject

A data subject is any identified or identifiable natural person whose personal data is processed by the controller.

c) Processing

Processing means any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.

d) Restriction of Processing

Restriction of processing means marking stored personal data with the aim of limiting their processing in the future.

e) Profiling

Profiling means any form of automated processing of personal data that consists of using personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

f) Pseudonymization

Pseudonymization is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures that ensure that the personal data is not attributed to an identified or identifiable natural person.

g) Controller or processor responsible for processing

Controller is the natural or legal person, public authority, agency, or other body that alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union law or the law of Member States, the controller or the specific criteria for its designation may be provided for by Union law or the law of Member States.

h) Processor

Processor is a natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller.

i) Recipient

Recipient is a natural or legal person, public authority, agency, or another body to whom personal data are disclosed, regardless of whether they are a third party or not. However, authorities that may receive personal data in the course of a particular inquiry in accordance with Union law or the law of Member States are not considered recipients.

j) Third Party

Third party means a natural or legal person, public authority, agency, or other body other than the data subject, the controller, the processor, and the persons who, under the direct authority of the controller or the processor, are authorized to process personal data.

k) Consent

Consent means any freely given, specific, informed, and unambiguous indication of the data subject's wishes, by which they signify agreement to the processing of personal data relating to them, in the form of a statement or a clear affirmative action.

 

2. Name and Address of the Data Controller

The data controller in accordance with the General Data Protection Regulation, other applicable data protection laws in the member states of the European Union, and other provisions with data protection legal character is:

Auto-Feyrer Classic
Manfred Feyrer
Riederstrasse 30
82211 Herrsching

Telefon: +49 8152 / 10 81
Fax: +49 8152 / 36 55
E-Mail: m.feyrer@web.de

 

3. Cookies

The websites of Auto-Feyrer Classic use cookies. Cookies are text files that are stored and saved on a computer system via an internet browser.
Numerous websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier for the cookie. It consists of a string of characters that allows websites and servers to be assigned to the specific internet browser in which the cookie is stored. This enables the visited websites and servers to distinguish the individual browser of the affected person from other internet browsers that contain different cookies. A specific internet browser can be recognized and identified through its unique cookie ID. By using cookies, Auto-Feyrer Classic can provide users of this website with more user-friendly services that would not be possible without setting cookies. Through a cookie, the information and offerings on our website can be optimized for the user. Cookies allow us, as previously mentioned, to recognize the users of our website. The purpose of this recognition is to make it easier for users to utilize our website. For example, a user of a website that uses cookies does not have to enter their access data again each time they visit the website, because this is taken over by the website and the cookie stored on the user’s computer system. Another example is the cookie of a shopping cart in an online shop. The online shop remembers the items a customer has placed in the virtual shopping cart via a cookie. The affected person can prevent the setting of cookies by our website at any time by making the appropriate setting in the internet browser used, thereby permanently objecting to the setting of cookies. Furthermore, already set cookies can be deleted at any time via an internet browser or other software programs. This is possible in all common internet browsers. If the affected person disables the setting of cookies in the internet browser used, it is possible that not all functions of our website will be fully usable.

 

4. Collection of General Data and Information

The website of Auto-Feyrer Classic collects a series of general data and information with each call to the website by an affected person or an automated system. This general data and information is stored in the server log files. The following may be collected: (a) the types and versions of the browsers used, (b) the operating system used by the accessing system, (c) the website from which an accessing system arrives at our website (so-called referrer), (d) the subpages that are accessed via an accessing system on our website, (e) the date and time of access to the website, (f) an internet protocol address (IP address), (g) the internet service provider of the accessing system, and (h) other similar data and information that serves to avert dangers in the event of attacks on our information technology systems. When using this general data and information, Auto-Feyrer Classic does not draw any conclusions about the affected person. This information is rather needed to (1) correctly deliver the content of our website, (2) optimize the content of our website and the advertising for it, (3) ensure the permanent functionality of our information technology systems and the technology of our website, and (4) provide law enforcement authorities with the information necessary for prosecution in the event of a cyberattack. Therefore, these anonymously collected data and information are evaluated by Auto-Feyrer Classic both statistically and with the aim of increasing data protection and data security in our company to ultimately ensure an optimal level of protection for the personal data processed by us. The anonymous data from the server log files is stored separately from all personal data provided by an affected person.

 

5. Routine Deletion and Blocking of Personal Data

The controller processes and stores personal data of the data subject only for the period necessary to achieve the storage purpose, or as provided by the European legislator or another legislator in laws or regulations to which the controller is subject. If the storage purpose ceases to exist or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data will be routinely blocked or deleted in accordance with legal requirements.

 

6. Rights of the Data Subject

a) Right to Confirmation

Every data subject has the right granted by the European legislator to request confirmation from the controller as to whether personal data concerning them is being processed. If a data subject wishes to exercise this right to confirmation, they can contact an employee of the controller at any time.

b) Right to Information

Every data subject affected by the processing of personal data has the right granted by the European legislator to obtain, at any time and free of charge, information from the controller about the personal data stored concerning them and a copy of this information. Furthermore, the European legislator has granted the data subject the right to information about the following: the purposes of processing the categories of personal data being processed the recipients or categories of recipients to whom the personal data has been disclosed or will be disclosed, especially in the case of recipients in third countries or international organizations if possible, the planned duration for which the personal data will be stored, or, if not possible, the criteria for determining this duration the existence of a right to rectification or deletion of personal data concerning them or to restriction of processing by the controller, or a right to object to such processing the existence of a right to lodge a complaint with a supervisory authority if the personal data is not collected from the data subject: all available information about the source of the data the existence of automated decision-making, including profiling, in accordance with Article 22(1) and (4) of the GDPR, and — at least in these cases — meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject Furthermore, the data subject has the right to know whether personal data has been transferred to a third country or an international organization. If this is the case, the data subject also has the right to obtain information about the appropriate safeguards in connection with the transfer. If a data subject wishes to exercise this right to information, they can contact an employee of the controller at any time.

c) Right to Rectification

Every person affected by the processing of personal data has the right granted by the European legislator to request the immediate rectification of inaccurate personal data concerning them. Furthermore, the affected person has the right, taking into account the purposes of the processing, to request the completion of incomplete personal data - also by means of a supplementary statement. If an affected person wishes to exercise this right to rectification, they may contact any employee of the data controller at any time.

d) Right to Erasure (Right to be Forgotten)

Every person affected by the processing of personal data has the right granted by the European legislator to request the data controller to erase personal data concerning them immediately, provided that one of the following reasons applies and as long as the processing is not necessary: The personal data have been collected or otherwise processed for purposes that are no longer necessary. The affected person withdraws their consent on which the processing is based according to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR, and there is no other legal basis for the processing. The affected person objects to the processing according to Article 21(1) GDPR, and there are no overriding legitimate grounds for the processing, or the affected person objects to the processing according to Article 21(2) GDPR. The personal data have been unlawfully processed. The erasure of personal data is necessary for compliance with a legal obligation under Union law or the law of the Member States to which the controller is subject. The personal data were collected in relation to the offer of information society services according to Article 8(1) GDPR. If one of the aforementioned reasons applies and an affected person wishes to request the erasure of personal data stored by Auto-Feyrer Classic, they may contact any employee of the data controller at any time. The employee of Auto-Feyrer Classic will ensure that the erasure request is complied with immediately. If personal data has been made public by Auto-Feyrer Classic and our company is obliged as the controller according to Article 17(1) GDPR to erase the personal data, Auto-Feyrer Classic shall take reasonable steps, taking into account available technology and the implementation costs, including technical measures, to inform other controllers that process the published personal data that the affected person has requested the erasure of all links to this personal data or copies or replications of this personal data, as long as the processing is not necessary. The employee of Auto-Feyrer Classic will take necessary actions on a case-by-case basis.

e) Right to Restriction of Processing

Every person affected by the processing of personal data has the right granted by the European legislator to request the restriction of processing from the controller if one of the following conditions is met: The accuracy of the personal data is contested by the affected person, for a period that enables the controller to verify the accuracy of the personal data. The processing is unlawful, the affected person opposes the erasure of the personal data and instead requests the restriction of their use. The controller no longer needs the personal data for the purposes of processing, but the affected person requires them for the establishment, exercise, or defense of legal claims. The affected person has objected to the processing according to Article 21(1) GDPR and it is not yet clear whether the legitimate grounds of the controller outweigh those of the affected person. If one of the above conditions is met and an affected person wishes to request the restriction of personal data stored by Auto-Feyrer Classic, they may contact any employee of the data controller at any time. The employee of Auto-Feyrer Classic will initiate the restriction of processing.

f) Right to Data Portability

Every person affected by the processing of personal data has the right granted by the European legislator to receive the personal data concerning them, which they have provided to a controller, in a structured, commonly used, and machine-readable format. They also have the right to transmit these data to another controller without hindrance from the controller to whom the personal data has been provided, provided that the processing is based on consent according to Article 6(1)(a) GDPR or Article 9(2)(a) GDPR or on a contract according to Article 6(1)(b) GDPR, and the processing is carried out by automated means, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller. Furthermore, the affected person has the right, when exercising their right to data portability according to Article 20(1) GDPR, to obtain the direct transmission of personal data from one controller to another, where technically feasible, and provided that this does not adversely affect the rights and freedoms of others. To assert the right to data portability, the affected person may contact any employee of Auto-Feyrer Classic at any time.

g) Right to Object

Every individual affected by the processing of personal data has the right granted by the European directive and regulation maker to object at any time to the processing of personal data concerning them, based on reasons relating to their particular situation, if the processing is carried out under Article 6(1)(e) or (f) of the GDPR. This also applies to profiling based on these provisions. Auto-Feyrer Classic will no longer process the personal data in the event of an objection unless we can demonstrate compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the data subject, or the processing is necessary for the establishment, exercise, or defense of legal claims. If Auto-Feyrer Classic processes personal data for direct marketing purposes, the data subject has the right to object at any time to the processing of their personal data for such marketing purposes. This also applies to profiling insofar as it is related to such direct marketing. If the data subject objects to the processing for direct marketing purposes, Auto-Feyrer Classic will no longer process the personal data for these purposes. Furthermore, the data subject has the right to object, on grounds relating to their particular situation, to the processing of personal data concerning them that is conducted by Auto-Feyrer Classic for scientific or historical research purposes or for statistical purposes under Article 89(1) of the GDPR, unless such processing is necessary for the performance of a task carried out in the public interest. To exercise the right to object, the data subject may contact any employee of Auto-Feyrer Classic directly. The data subject is also free to exercise their right to object in connection with the use of information society services, regardless of Directive 2002/58/EC, by automated means using technical specifications.

h) Automated Decisions in Individual Cases Including Profiling

Every individual affected by the processing of personal data has the right granted by the European directive and regulation maker not to be subject to a decision based solely on automated processing—including profiling—that produces legal effects concerning them or similarly significantly affects them, unless the decision: (a) is necessary for entering into or the performance of a contract between the data subject and the controller, or (b) is authorized by Union or Member State legislation to which the controller is subject, and that legislation provides for appropriate measures to safeguard the rights and freedoms as well as the legitimate interests of the data subject, or (c) is based on the explicit consent of the data subject. If the decision: (a) is necessary for entering into or the performance of a contract between the data subject and the controller, or (b) is based on the explicit consent of the data subject, Auto-Feyrer Classic takes appropriate measures to safeguard the rights and freedoms as well as the legitimate interests of the data subject, which includes at least the right to obtain intervention from a person on the part of the controller, to express their point of view, and to contest the decision. If the data subject wishes to assert rights regarding automated decisions, they can contact an employee of the controller responsible for the processing at any time.

i) Right to Withdraw Data Protection Consent

Every individual affected by the processing of personal data has the right granted by the European directive and regulation maker to withdraw consent to the processing of personal data at any time. If the data subject wishes to exercise their right to withdraw consent, they can contact an employee of the controller responsible for the processing at any time.

 

7. Legal Basis for Processing

Art. 6 I lit. a of the GDPR serves as the legal basis for processing activities in which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the fulfillment of a contract to which the data subject is a party, as is the case with processing activities required for the delivery of goods or the provision of other services or considerations, the processing is based on Art. 6 I lit. b of the GDPR. The same applies to processing activities necessary for the execution of pre-contractual measures, for example, in cases of inquiries about our products or services. If our company is subject to a legal obligation that requires the processing of personal data, such as fulfilling tax obligations, the processing is based on Art. 6 I lit. c of the GDPR. In rare cases, the processing of personal data may be necessary to protect vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were to be injured at our facility, requiring their name, age, health insurance information, or other vital information to be shared with a doctor, hospital, or other third parties. In this case, the processing would be based on Art. 6 I lit. d of the GDPR. Ultimately, processing activities could be based on Art. 6 I lit. f of the GDPR. This legal basis applies to processing activities that are not covered by any of the aforementioned legal bases when the processing is necessary for the safeguarding of a legitimate interest of our company or a third party, provided that the interests, fundamental rights, and freedoms of the data subject do not outweigh that interest. Such processing activities are particularly permitted because they were specifically mentioned by the European legislator. He held the view that a legitimate interest could be assumed if the data subject is a customer of the controller (Recital 47, Sentence 2 of the GDPR).

 

8. Legitimate Interests in Processing Pursued by the Controller or a Third Party

If the processing of personal data is based on Article 6 I lit. f of the GDPR, our legitimate interest is the conduct of our business activities for the benefit of the well-being of all our employees and stakeholders.

 

9. Duration of Storage of Personal Data

The criterion for the duration of storage of personal data is the respective statutory retention period. Upon expiration of this period, the corresponding data is routinely deleted, provided it is no longer necessary for contract fulfillment or pre-contractual measures.

 

10. Legal or Contractual Provisions for Providing Personal Data; Necessity for Contract Conclusion; Obligation of the Data Subject to Provide Personal Data; Possible Consequences of Non-Provision

We inform you that the provision of personal data is partly legally required (e.g., tax regulations) or may also arise from contractual arrangements (e.g., information about the contracting party). In some cases, it may be necessary for the conclusion of a contract that a data subject provides us with personal data, which must subsequently be processed by us. The data subject is obliged to provide us with personal data when our company concludes a contract with them. A failure to provide personal data would result in the inability to conclude the contract with the data subject. Before providing personal data, the data subject must contact one of our employees. Our employee will inform the data subject on a case-by-case basis whether the provision of personal data is legally or contractually required or necessary for the conclusion of the contract, whether there is an obligation to provide the personal data, and what the consequences of not providing the personal data would be.

 

11. Existence of Automated Decision-Making

As a responsible company, we refrain from automated decision-making or profiling.

 

12. Plugins and Tools

YouTube

Our website uses plugins from the YouTube page operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit one of our pages equipped with a YouTube plugin, a connection to the servers of YouTube is established. In this process, the YouTube server is informed about which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to directly associate your surfing behavior with your personal profile. You can prevent this by logging out of your YouTube account. The use of YouTube is in the interest of an appealing presentation of our online offerings. This constitutes a legitimate interest within the meaning of Art. 6 I lit. f of the GDPR. Further information on the handling of user data can be found in YouTube's privacy policy at: https://www.google.de/intl/de/policies/privacy.

Google Web Fonts

This page uses so-called web fonts provided by Google to ensure a uniform display of fonts. When you access a page, your browser loads the required web fonts into its browser cache to correctly display texts and fonts. To this end, the browser you use must connect to Google's servers. This enables Google to become aware that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online offerings. This constitutes a legitimate interest within the meaning of Art. 6 (1) (f) GDPR. If your browser does not support web fonts, a standard font from your computer will be used. For more information on Google Web Fonts, please visit Google Fonts FAQ and Google’s privacy policy: Google Privacy Policy.

Google Maps

This page uses the mapping service Google Maps via an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. To use the features of Google Maps, it is necessary to store your IP address. This information is usually transmitted to a Google server in the USA and stored there. The provider of this page has no influence on this data transmission. The use of Google Maps is in the interest of an appealing presentation of our online offerings and to facilitate the findability of the locations we have listed on the website. This constitutes a legitimate interest within the meaning of Art. 6 (1) (f) GDPR. For more information on the handling of user data, please refer to Google's privacy policy: Google Privacy Policy.