Data Protection Declaration
We Liebherr-IT Services GmbH, are pleased that you are visiting our web pages (hereinafter also referred to collectively as “website”) and that you have thereby expressed an interest in the Liebherr Group.
We attach great importance to the protection and security of your personal data. Therefore, we consider it vital to inform you in the following about which of your personal data we process for what purpose and what rights you have in respect of your personal data.
Note: The following information relates to the web-based offers and modules provided by us, which you can access via a registered user account, i.e. a so-called Liebherr account, Liebherr business account or Liebherr business account, after successful registration (hereinafter “offers/modules” or “web offer”). For such offers/modules that you can also access via an aforementioned user account, depending on your respective authorisation, but which are not listed in the following information, the respective privacy policy of the respective providers of these offers/modules shall apply. Please refer to the terms of use for information on the functionality and scope of the offers/modules.
As of: October 2022
General information
“Personal data” (hereinafter also referred to as “data”) are all the details that make a statement about a natural person. Personal data are not just details that allow a direct conclusion to be drawn about a certain person (such as the name or e-mail address of a person), but also information with which with suitable additional knowledge a connection can be made with a certain person.
“Processing” means any action taken with your personal data (such as collection, recording, organisation, structuring, storage, use or erasure of data).
The controller for the processing of your data is:
Liebherr-IT Services GmbH
St. Vitus 1
88457 Kirchdorf an der Iller
Deutschland
Telefon: +49 7354 80-0
E-Mail: info.lis@liebherr.com
Our data protection officer can be reached at the following contact details:
Corporate Privacy
Liebherr-IT Services GmbH
St. Vitus 1
88457 Kirchdorf an der Iller
Germany
E-Mail: datenschutz@liebherr.com
As a data subject, you have the right, within the legal scope, to:
– Information about your data;
– Rectification of inaccurate data and completion of incomplete data;
– Erasure of your data, particularly if (1) they are no longer necessary for the purposes stated in this Data Protection Declaration, (2) you have withdrawn your consent and there is no other legal ground for the processing, (3) your data have been unlawfully processed, or (4) you have objected to the processing and there are no overriding legitimate grounds for the processing;
– Restriction of the processing of your data, particularly if the accuracy of the data is contested by you or the processing of your data is unlawful and instead of deletion you demand restriction of use;
– Object to processing of your data based on legitimate interests, on grounds relating to your particular situation, or, without specific justification, to processing of your data carried out for direct marketing purposes; unless it is an objection to direct marketing, we ask that you explain the reasons why we should not process your data as we may do, when you lodge an objection. In the event of your reasoned objection, we will examine the merits of the case and cease processing unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims;
– Receive your data in a structured, commonly used and machine-readable format and to have your data transmitted from us directly to another controller;
– Withdraw consent, if you have given us consent for processing. Please note that the lawfulness of processing based on consent before its withdrawal will not be affected by your withdrawal.
If you assert any of the above-stated rights, please understand that we may require you to provide evidence showing that you are the person you claim to be. Furthermore, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of your data infringes the GDPR.
Our website may contain links to and from websites of other providers not affiliated with us (“third parties”). After clicking on the link, we no longer have any influence on the processing of any data transmitted to the third party when the link is clicked (such as the IP address or the URL on which the link is located), as the behaviour of third parties is naturally beyond our control. Therefore, we cannot assume any responsibility for the processing of such data by third parties.
Data processing
Each time you access and use our website, the web browser used on your terminal equipment (computer, smartphone or similar) automatically sends information to our web servers, which we store in so-called log files.
What data do we process and for what purposes?
We process the following data:
– Your (external) IP address
– Date and time of access
– Domain name of your internet access provider
– The type and version of browser you are using and the operating system you are using
– URL (address on the internet) of the web page you were on at the time of the access
– The files you retrieve via the respective web page (type of access, name of the retrieved file, URL of the retrieved file, success of the retrieval)
– The amount of data transmitted to you when visiting the respective web page
– If applicable, date and time of submission when using web forms
These data are in principle processed by us solely for the purpose of ensuring stability as well as network and information security. Processing for other purposes may only be considered if the necessary legal requirements pursuant to Article 6 para. 4 GDPR are met. In that case, we will of course comply with any information obligations pursuant to Article 13 para. 3 GDPR and Article 14 para. 4 GDPR.
On what legal basis do we process your data?
The processing of your data is carried out for purposes of legitimate interests pursuant to Article 6 para. 1 point f GDPR. Our legitimate interests pursued are the improvement and maintenance of the stability or functionality and the security of our website. You have the right to object, on grounds relating to your particular situation, at any time to processing based on Article 6 para. 1 point f GDPR.
Authentication on our websites takes place via a registered account.
What data do we process and for what purposes?
We process the following data when registering and using a Liebherr account via the web offer (so-called “Liebherr Account”) without using an existing account with Liebherr-Hausgeräte, Apple, Google, Facebook or Microsoft:
– The data you provide as part of the registration/authentication process
– Unique user ID (UPN)
– Log data such as registration date and date and time of the last successful login
We process the following data when registering and using a Liebherr account via the web offer using an existing account with Liebherr-Hausgeräte, Apple, Google, Facebook or Microsoft (so-called “external login”):
– External login identifier, the external login provider and your email address
Notes:
– If you register or authenticate yourself with an external login from Liebherr-Hausgeräte, Liebherr-Hausgeräte will send us your surname, first name, address and telephone number. This will not be processed by us for any purpose.
– If you register or authenticate with an external login from Facebook, Facebook will also send us your profile picture. This is not processed by us for any purpose.
– If you register or authenticate with an external login from Google, Google will also send us your surname, first name and the link to your Google Plus profile. These data are not processed by us for any purpose.
– If you register or authenticate with an external login from Microsoft, Microsoft will also send us your name and first name. These data are not processed by us for any purpose.
Please note that we have no influence on the processing of your personal data at and by Google, Facebook and Microsoft. For more information on the processing of your personal data at Google, Facebook and Microsoft, please refer to the respective data protection declaration of these providers.
We process the following data when registering and using a Liebherr account for business use (so-called “Liebherr Business Account”):
– The data you provide as part of the registration process
– Unique company ID (Company ID)
We process the following data when registering and using a Liebherr account as a service partner (so-called “Liebherr Business Service Partner Account”):
– The data you provide as part of the registration process
– Unique Service Partner ID (Company ID)
These data are in principle processed by us solely for the following purposes:
– Registration of a Liebherr account, Liebherr business account or Liebherr business service partner account for the use of the web offer either via a double opt-in procedure or via an external login account
– Central authentication mechanism for the use of the web offer and, if applicable, for the use of further offers/modules for which you are authorised
– Central administration of user and/or company data of the Liebherr account, Liebherr business account, Liebherr business service partner account
– Transmission of data stored in the respective user account (such as name and address as well as validated devices) to the provider of the offers/modules used/authorised by you
– Verification of the data provided by you, such as VAT number
– Support for your Liebherr account, Liebherr business account, Liebherr business service partner account
Processing for other purposes may only be considered if the necessary legal requirements pursuant to Article 6 para. 4 GDPR are met. In that case, we will of course comply with any information obligations pursuant to Article 13 para. 3 GDPR and Article 14 para. 4 GDPR.
On what legal basis do we process your data?
The processing of your data is carried out for the performance of a contract or in order to take steps prior to entering into a contract pursuant to Article 6 para. 1 point b GDPR.
– Apps
As a user, you will receive an overview of the apps (offers/modules) for which you are authorised or for which you can apply for authorisation.
What data do we process and for what purposes?
We may process the following data:
– Overview of the authorised applications or modules (in short: “apps”)
Note: The information of the authorisation for an app is transmitted to Liebherr-IT Services GmbH by the Liebherr company responsible for the offers/modules.
– App favourites
– Log data
These data are in principle processed by us solely for the following purposes:
– Clearly arranged depiction of the available apps or module
– Easy access to the authorised apps
– Maintenance or further development of the “App Launcher” module and support
Processing for other purposes may only be considered if the necessary legal requirements pursuant to Article 6 para. 4 GDPR are met. In that case, we will of course comply with any information obligations pursuant to Article 13 para. 3 GDPR and Article 14 para. 4 GDPR.
On what legal basis do we process your data?
The processing of your data is carried out for the performance of a contract or in order to take steps prior to entering into a contract pursuant to Article 6 para. 1 point b GDPR resp. for purposes of legitimate interests pursuant to Article 6 para. 1 point f GDPR. Our legitimate interest pursued is the improvement of the offer/module. You have the right to object, on grounds relating to your particular situation, at any time to processing based on Article 6 para. 1 point f GDPR.
– Business relationships
As a user of a Liebherr Business Account and Liebherr Business Service Partner Account, you are given the option of establishing and managing business relationships with service partners or customers for your company.
What data do we process and for what purposes?
We may process the following data:
– To the extent necessary, the data provided by you in the course of registration
– Information on the initiation of a business relation and information on the status of the validation process of your business relations with your service partner(s)
– Information about your business relation(s) with your service partner(s) (such as customer number, CompanyID, product range, billing address, order type, shipping method, payment method, price source, availability source, available special promotions, minimum order quantity, contact details of the assigned contact person, etc.)
– Log data
These data are in principle processed by us solely for the following purposes:
– Initiation of a business relation or management of your business relations with your service partner(s) or with your customer(s)
– Enabling the provision of services by your service partner(s)
– Maintenance and further development of the “Business relations” offer/module and support
Processing for other purposes may only be considered if the necessary legal requirements pursuant to Article 6 para. 4 GDPR are met. In that case, we will of course comply with any information obligations pursuant to Article 13 para. 3 GDPR and Article 14 para. 4 GDPR.
On what legal basis do we process your data?
The processing of your data is carried out for the performance of a contract or in order to take steps prior to entering into a contract pursuant to Article 6 para. 1 point b GDPR resp. for purposes of legitimate interests pursuant to Article 6 para. 1 point f GDPR. Our legitimate interest pursued is the improvement of the offer/module. You have the right to object, on grounds relating to your particular situation, at any time to processing based on Article 6 para. 1 point f GDPR.
– Products
As a user of a Liebherr Business Account as well as a Liebherr Business Service Partner Account, you are given the option of registering your products in your Liebherr Business Account and having them validated by a service partner.
What data do we process and for what purposes?
We may process the following data:
– To the extent necessary, the data provided by you in the course of registration
– Information on the product registration process (such as serial number (LMID), product photo, device reference (internal product designation))
– Information on the product validation process (such as status of product validation, protocol data, validator if applicable (main service partner of the customer from the product area), comments such as reason for rejection, reason why a service partner removes the device from its customer’s fleet, etc.))
– Authorisation information on the validated products (e.g. activated offers/modules, additionally authorised company/company/service partner with name of company/company, authorised users (internal authorised users and in the case of external companies (e.g. various branches)), authorising user, date of authorisation allocation or expiry date of authorisation)
– Telemetry data (such as status information, fill levels, service messages, etc.) and geo-position data (such as current geo-position)
Note: These data are transmitted to Liebherr-IT Services GmbH by the Liebherr company responsible for processing and providing the telemetry or geo-position data.
– Log data
These data are in principle processed by us solely for the following purposes:
– Registration, depiction and management of the products
– Validation of the registered products by main service partner
– Provision of additional offers/modules to a validated product
– Maintenance and further development of the “Products” module and support
Processing for other purposes may only be considered if the necessary legal requirements pursuant to Article 6 para. 4 GDPR are met. In that case, we will of course comply with any information obligations pursuant to Article 13 para. 3 GDPR and Article 14 para. 4 GDPR.
On what legal basis do we process your data?
The processing of your data is carried out for the performance of a contract or in order to take steps prior to entering into a contract pursuant to Article 6 para. 1 point b GDPR resp. for purposes of legitimate interests pursuant to Article 6 para. 1 point f GDPR. Our legitimate interest pursued is the improvement of the offer/module. You have the right to object, on grounds relating to your particular situation, at any time to processing based on Article 6 para. 1 point f GDPR.
– Parts Catalogue
As a user of a Liebherr Business Account, you are given the option of accessing the online spare parts catalogues for the validated products.
What data do we process and for what purposes?
We may process the following data:
– To the extent necessary, the data provided by you in the course of registration
– To the extent necessary, information on products that have already been validated
– Item favourites and notes on a product/item
– Log data
These data are in principle processed by us solely for the following purposes:
– Individual addressing within the spare parts catalogue
– Control of access authorisations
– Provision of the note and favourites function within the authorised user group of your company
– Provision of a specific download link to a document selected by you via e-mail
– Maintenance and further development of the “Spare Parts Catalogue” offer/module and support
Processing for other purposes may only be considered if the necessary legal requirements pursuant to Article 6 para. 4 GDPR are met. In that case, we will of course comply with any information obligations pursuant to Article 13 para. 3 GDPR and Article 14 para. 4 GDPR.
On what legal basis do we process your data?
The processing of your data is carried out for the performance of a contract or in order to take steps prior to entering into a contract pursuant to Article 6 para. 1 point b GDPR resp. for purposes of legitimate interests pursuant to Article 6 para. 1 point f GDPR. Our legitimate interest pursued is the improvement of the offer/module. You have the right to object, on grounds relating to your particular situation, at any time to processing based on Article 6 para. 1 point f GDPR.
– Shop
As a user of a Liebherr Business Account, you are given the option of ordering spare parts and/or further items for your validated products and of requesting quotations for items from a service partner.
What data do we process and for what purposes?
We may process the following data:
– To the extent necessary, the data provided by you in the course of registration
– To the extent necessary, information on already validated products and on business relationships
– Information on the item selection process (such as last viewed items, shopping cart, shopping cart identification, address of the shopping cart creator/shopping cart recipient, etc.)
– Information on the order process (such as internal order reference, order number, order type, payment type, product range, shipping method, creation date, product, partial delivery, desired delivery date, delivery address), billing address, ordered items, status of the order, attachments and comments, etc.)
– Information on the quotation process (such as reference to the shopping cart, quotation number, quotation name, item, status, order type, product range, product, update date, change history (price changes), added or deleted items, quantity changes, comments, etc.)
– Log data
These data are in principle processed by us solely for the following purposes:
– Processing of orders/quotations for spare parts
– Control of access authorisations
– Maintenance and further development of the “Shop” offer/module and support
Processing for other purposes may only be considered if the necessary legal requirements pursuant to Article 6 para. 4 GDPR are met. In that case, we will of course comply with any information obligations pursuant to Article 13 para. 3 GDPR and Article 14 para. 4 GDPR.
On what legal basis do we process your data?
The processing of your data is carried out for the performance of a contract or in order to take steps prior to entering into a contract pursuant to Article 6 para. 1 point b GDPR resp. for purposes of legitimate interests pursuant to Article 6 para. 1 point f GDPR. Our legitimate interest pursued is the improvement of the offer/module. You have the right to object, on grounds relating to your particular situation, at any time to processing based on Article 6 para. 1 point f GDPR.
– Parts Order Form
As a user of a Liebherr Business Account, you are given the option of ordering spare parts and/or other items for your validated products.
What data do we process and for what purposes?
We may process the following data:
– To the extent necessary, the data provided by you in the course of registration
– To the extent necessary, information on already validated products and on business relationships
– Information on the item selection process (such as shopping basket, shopping basket identification, address of the person placing the order/shopping basket recipient, etc.)
– Information on the order process (such as internal order reference, order number, order type, payment type, product range, shipping method, creation date, product, partial delivery, desired delivery date, delivery address, billing address, ordered items, status of the order, attachments and comments, etc.)
– Log data
These data are in principle processed by us solely for the following purposes:
– Abwicklung von Bestellungen von Ersatzteilen
– Steuerung der Zugriffsberechtigungen
– Wartung bzw. Weiterentwicklung des Angebotes/Moduls „Shop“ und Support
Processing for other purposes may only be considered if the necessary legal requirements pursuant to Article 6 para. 4 GDPR are met. In that case, we will of course comply with any information obligations pursuant to Article 13 para. 3 GDPR and Article 14 para. 4 GDPR.
On what legal basis do we process your data?
The processing of your data is carried out for the performance of a contract or in order to take steps prior to entering into a contract pursuant to Article 6 para. 1 point b GDPR resp. for purposes of legitimate interests pursuant to Article 6 para. 1 point f GDPR. Our legitimate interest pursued is the improvement of the offer/module. You have the right to object, on grounds relating to your particular situation, at any time to processing based on Article 6 para. 1 point f GDPR.
– Orders
As a user of a Liebherr Business Account, you will receive an overview of your orders or order information.
What data do we process and for what purposes?
We may process the following data:
– To the extent necessary, the data provided by you in the course of registration
– Information on the order (such as order date, processor of the order (service partner), product, order type, payment type, delivery address, invoice address, internal order reference, status of the order, delivery (status of the delivery (so-called sales order tracking) transmitted by the company responsible for the delivery), if applicable, documents such as invoices, comments on the orders, etc.)
– Log data
These data are in principle processed by us solely for the following purposes:
– Display of the orders placed and the order status
– Display of the order history
– Maintenance and further development of the offer/module “Orders” and support
Processing for other purposes may only be considered if the necessary legal requirements pursuant to Article 6 para. 4 GDPR are met. In that case, we will of course comply with any information obligations pursuant to Article 13 para. 3 GDPR and Article 14 para. 4 GDPR.
On what legal basis do we process your data?
The processing of your data is carried out for the performance of a contract or in order to take steps prior to entering into a contract pursuant to Article 6 para. 1 point b GDPR resp. for purposes of legitimate interests pursuant to Article 6 para. 1 point f GDPR. Our legitimate interest pursued is the improvement of the offer/module. You have the right to object, on grounds relating to your particular situation, at any time to processing based on Article 6 para. 1 point f GDPR.
– Service Partner Hub (“Management Interface for Service Partners”)
As a user of a Liebherr Business Service Partner Account, you are given the option of editing or managing your business relations with your customers, your customers’ orders or even your promotions and your offers for your customers via an administration interface.
What data do we process and for what purposes?
We may process the following data:
– To the extent necessary, the data provided by you in the course of registration
– Information about your business relation(s) with your customers (such as customer number, product range, billing address, order type, shipping method, payment method, price source, availability source, special promotions, minimum order quantity, contact details of the assigned contact person) and information about initiating a business relation (such as contacting a potential customer, overview of contacts sent, etc.)
– Information on the status of the validation process of your business relations and on the product validation process of the products registered by the customer and released for validation (such as status of product validation, log data, comments such as reason for rejection, etc.)
– Information on validated products of your customers (such as serial number (LMID), device reference (internal product designation), etc.)
– Information on customers’ orders and the offers made to the customer
– Log data
These data are in principle processed by us solely for the following purposes:
– Processing and administration of requested business relations to a customer or existing business relations with a customer
– Processing of products released by the customer for validation or administration of validated products
– Processing of orders/quotations for spare parts
– Enabling the provision of services
– Support for the customer
– Maintenance and further development of the “Service Partner Hub” module and support
Processing for other purposes may only be considered if the necessary legal requirements pursuant to Article 6 para. 4 GDPR are met. In that case, we will of course comply with any information obligations pursuant to Article 13 para. 3 GDPR and Article 14 para. 4 GDPR.
On what legal basis do we process your data?
The processing of your data is carried out for the performance of a contract or in order to take steps prior to entering into a contract pursuant to Article 6 para. 1 point b GDPR resp. for purposes of legitimate interests pursuant to Article 6 para. 1 point f GDPR. Our legitimate interest pursued is the improvement of the offer/module. You have the right to object, on grounds relating to your particular situation, at any time to processing based on Article 6 para. 1 point f GDPR.
– Data Exchange
As a user, you are given the option of exchanging information in any file format with Liebherr companies and appropriately authorised users.
What data do we process and for what purposes?
We may process the following data:
– To the extent necessary, the data provided by you in the course of registration
– The data you store yourself, such as documents or files
– Log data, for example, when you upload or download data
These data are in principle processed by us solely for the following purposes:
– Provision of the service
– Storage and provision of your data
– Ensuring security
– Maintenance and further development of the “Data Exchange” offer/module and support
Processing for other purposes may only be considered if the necessary legal requirements pursuant to Article 6 para. 4 GDPR are met. In that case, we will of course comply with any information obligations pursuant to Article 13 para. 3 GDPR and Article 14 para. 4 GDPR.
On what legal basis do we process your data?
The processing of your data is carried out for the performance of a contract or in order to take steps prior to entering into a contract pursuant to Article 6 para. 1 point b GDPR resp. for purposes of legitimate interests pursuant to Article 6 para. 1 point f GDPR. Our legitimate interest pursued is the improvement of the offer/module. You have the right to object, on grounds relating to your particular situation, at any time to processing based on Article 6 para. 1 point f GDPR.
Request application
We offer you the option of using the web form to send an access request for applications available to you to us or to other companies in the Liebherr Group that offer an application. If you take advantage of this option, we will transmit your collected data to the respective provider of the application. The respective provider is responsible for the further processing of your data. If we ourselves are the addressee of your enquiry, we will also process your data in order to deal with your enquiry.
What data do we process and for what purposes?
We process the following data:
– As far as necessary, the data you provided during registration
– Existing authorisations, if applicable
– Content data (your message/inquiry)
These data are in principle processed by us solely for the following purposes:
– Service provision (transmission of your message or enquiry to the addressee)
– Reply to and further processing of your message or enquiry, if we ourselves are the addressee of your message or enquiry
– Validation of the access request or provision of the authorisation of the requested application by the respective person responsible for the application
– Maintenance or further development of the module and support
Processing for other purposes may only be considered if the necessary legal requirements pursuant to Article 6 para. 4 GDPR are met. In that case, we will of course comply with any information obligations pursuant to Article 13 para. 3 GDPR and Article 14 para. 4 GDPR.
On what legal basis do we process your data?
The processing of your data is carried out for the performance of a contract or in order to take steps prior to entering into a contract pursuant to Article 6 para. 1 point b GDPR resp. for purposes of legitimate interests pursuant to Article 6 para. 1 point f GDPR. If we ourselves are the addressee of your message or enquiry, our legitimate interest pursued is the proper response and handling of your message or enquiry. You have the right to object, on grounds relating to your particular situation, at any time to processing based on Article 6 para. 1 point f GDPR.
A. General
In providing our website, we use cookies and other technologies. In the following cookie notices we provide you – as a user of our website – with additional information on data processing via the use of cookies and other technologies.
I. What are cookies and other technologies?
Cookies are small text files that a web server can store and read on your terminal equipment (computer, smartphone or similar) by means of the web browser that you use. Cookies contain individual, alphanumeric character strings that enable identification of the web browser that you are using and may also contain information on user-specific settings. In addition to cookies, we use other technologies as follows:
– Using so-called “local storage technology”, data is only stored locally, i.e. solely on your terminal equipment and not on the web server, in the so-called “local storage” of your web browser. In contrast to cookies, data stored using local storage technology does not possess an expiry date and is not automatically deleted without further action; you can, however, delete this data yourself via your web browser. Please refer to the instructions of your web browser manufacturer on how to delete data stored using local storage technology.
– In addition, we have integrated so-called “tracking pixels” (also called “pixels”, “pixel tags” or “web beacons”) on our website. Tracking pixels are small, usually invisible, image files that are automatically loaded by a web server and can provide information about your web browser or terminal equipment as well as your use of our website. This information can in turn be used to create a profile that is recognised when you visit our website again.
The aforementioned cookies and other technologies are hereinafter collectively referred to as “cookies”.
II. What types of cookies and other technologies exist?
We distinguish between essential cookies on the one hand and optional cookies on the other:
– Essential cookies are those that are technically necessary for the functionality as well as for ensuring the security and stability of our website and information technology systems. We also assign to this category those cookies that store certain settings that you have made, options selected or information entered until you close your web browser (at the latest), in order to provide the desired function that you have requested (e.g. login status, language setting etc.). Your consent is not required to store or read essential cookies. You cannot, therefore, manage essential cookies via the settings of the consent management service that we use, but only via your web browser and delete cookies stored there or block storage of cookies.
– Optional cookies are those that are not essential for functionality nor to ensure the security and stability of our website and information technology systems, but are used for analysis or marketing purposes. These cookies can, for example, be used to compile anonymous statistics and collect information on how you use our website, which enables us to analyse the use of our website and thereby optimise it. We also assign to this category those cookies that store certain settings that you have made, options selected or information entered; these remain after you have closed your web browser in order to provide the desired function that you have requested (e.g. login status by selecting “Remember my e-mail address”, wish list, compare list etc.) over a longer term. To store or read optional cookies, your prior consent is generally required. You can consent to the use of optional cookies and withdraw any consent that you have granted at any time with future effect via the settings of the consent management service that we use.
Both essential and optional cookies may be so-called “session cookies” or “persistent cookies”, which differ in their intended lifetime or functional life:
– Session cookies are stored on your terminal equipment and are automatically deleted when you close your web browser.
– Persistent cookies (or permanent cookies) are stored on your terminal equipment and are not automatically deleted when you close your web browser, but remain on your terminal equipment for a predefined period of time.
– Data stored using local storage technology does not have an expiry date and therefore has unlimited functional life.
Note: You can generally delete cookies and data stored using local storage technology yourself via your web browser. For details, please refer to the instructions of your web browser manufacturer.
B. Use of cookies on our website
I. Essential Cookies
1. Which essential cookies are used for what purpose and for how long?
– Consent management
Open settings In order for you to manage the use of optional cookies on our website, we have implemented a consent management service. Via the consent management service, the first time you access our website, you will be presented with a previously defined query (“Cookies, other technologies and miscellaneous services”), which allows you to accept or decline the use of optional cookies by clicking the appropriate button. In addition, clicking on “settings” will take you to the settings of the consent management service, where you will find inter alia a simplified cookie list, classified by type. With the consent management service, you can inter alia find out about the purposes of the cookies that we use, the data processed in each case as well as any data recipients and, in the case of optional cookies, you can give or withdraw your consent at any time by selecting or deselecting the relevant box. Please note that essential cookies are already stored upon accessing our website and that the relevant box is preselected. It is not possible to deselect essential cookies via the consent management service. The functionality of the consent management service itself requires the use of certain cookies.
Service provider information:
Usercentrics GmbH, Sendlinger Straße 7, 80331 München, Germany
Website:
General Terms and Conditions:
https://usercentrics.com/terms-and-conditions/
Privacy Policy:
https://usercentrics.com/privacy-policy/
– Content Delivery Network
To optimise the loading times of our website, we use a so-called “Content Delivery Network” (hereinafter “CDN”). A CDN is a network of geographically distributed servers connected via the Internet that can be used to deliver web content faster and more securely. Within the CDN, personal data is transferred to various countries; transfer to countries outside the EU or the EEA, so-called “third countries” takes place in compliance with the conditions laid down in Chapter V of the GDPR. With the service provider, standard contractual clauses adopted by the EU Commission (Article 46 para. 2 point c GDPR) have been concluded.
Service provider information:
Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA
Representative in the European Union:
Cloudflare Portugal, Unipessoal Lda., Largo Rafael Bordalo Pinheiro 29, 1200-369 Lisboa, Portugal
Website:
Privacy Policy:
https://www.cloudflare.com/privacypolicy/
Standard Contractual Clauses:
https://www.cloudflare.com/cloudflare_customer_SCCs.pdf
Load Balancer
For load distribution we use a so-called “load balancer”. With a load balancer, web requests are sent to a load balancing server, which in turn redirects the web request to an internal server. To avoid being routed back and forth between different servers within a session and to ensure uniform processing, your web requests are forwarded to the same server. To identify that server and to ensure correct redirection, we use a cookie with a lifetime or functional life of eight hours.
– Authentication
“Authentication cookies” are used so that you can access content or services for which access permission or authorization is required after successful authentication. These cookies are only saved for the current session and are automatically deleted when you close your browser.
– Security
“So that we can additionally protect the connections established with you against misuse, such as prevention of so-called cross-site request forgery or prevention of so-called brute force attacks through repeated login attempts) and guarantee the security of the offer, we use so-called security cookies. These cookies are automatically deleted after 4 hours at the latest.
– Language detection
We use a session cookie to enable user-specific language display of our website. In so doing, the language of your web browser will be detected and our website displayed for you in the same language.
2. On which legal basis are essential cookies used?
In order to be able to demonstrate that – or whether – you have consented to the use of optional cookies requiring your consent, we store the information about your consent, whether given or not, in order to fulfil our legal obligation to provide evidence in accordance with Article 6 para. 1 point c and Article 6 para. 3 point a GDPR in conjunction with Article 7 para. 1 GDPR. Furthermore, we use essential cookies for the purposes of legitimate interests in accordance with Article 6 para. 1 point f GDPR. Our legitimate interests pursued are:
– Ensuring the security and stability of our website and information technology systems, for example by protecting against attacks in the form of targeted server overloads (Denial of Service attacks) or by using optimal load distribution on servers
– Establishment, exercise or defence of legal claims
– Providing and guaranteeing the proper functionalities of our website
If you select the language display of our website yourself, we store this information with an optional cookie on the basis of consent pursuant to Article 6 para. 1 point a GDPR.
You have the right to withdraw given consent at any time with effect for the future. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
As an alternative to withdrawing your consent, you can also make use of the options described below under “Deletion/Blocking of Cookies” to delete or block cookies using the information provided there.
3. How can I object to the use of essential cookies?
You can exercise your right to object by means of the blocking options described below under “Deletion/Blocking of Cookies” (cf. Article 21 para. 5 GDPR), i.e. by blocking essential cookies via your web browser settings. Please note that if you delete without blocking, essential cookies will be used once again when you access our website at a later date. Please also note that deactivating or deleting or blocking essential cookies may affect the performance and functionality of our website and may cause certain features and functions to be unavailable.
II. Optional cookies
Using the following information, we would like to enable you to make a well-founded decision for or against the use of optional cookies and the associated data processing.
1. Which optional cookies are used for what purpose and for how long?
– Web analysis
Subject to your consent, we use web analysis cookies in order to analyse the use of our website and thereby be able to improve it continuously. The anonymised user statistics obtained (e.g. number and origin of website visitors) enable us to optimise our website and improve its design - such as by placing frequently accessed information or topics on our website at the right location to meet demand. For web analysis we use “Google Analytics”, a web analysis service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter collectively “Google”), with the “IP anonymization” extension (also called “IP masking method”). To this end, we have concluded a data processing agreement with Google in accordance with Article 28 GDPR. Google will accordingly process the data collected (data about your terminal equipment or web browser, IP addresses and your website or application activities) on our behalf for the purposes of evaluating your use of our website, compiling reports on website activity and providing other services relating to website and internet usage. The data collected using Google Analytics may be stored and processed in the USA or any other country in which Google or subprocessors of Google maintain facilities. The IP masking method that we use ensures that before the IP address is transferred to a Google server in the USA and stored there, it is shortened within EU member states or in other EEA member states so that no IP address is transferred in its entirety, thereby preventing or considerably complicating identification of a person. Only in exceptional cases will the complete, i.e. entire, IP address be transferred to a Google server in the USA and only shortened there. For a data transfer to a third country, i.e. a country outside the EU or EEA, appropriate safeguards for the protection of your personal data are generally required. After the Commission Implementing Decision (EU) 2016/1250 of 12 July 2016 on the adequacy of the protection provided by the EU-US Privacy Shield was declared invalid by the European Court of Justice, the EU-US Privacy Shield can no longer be used to guarantee an adequate level of protection in the USA in line with EU standards. Consequently, in the USA there does not currently exist a level of data protection that is equivalent to that prevailing in the EU pursuant to Article 45 GDPR and we cannot provide appropriate safeguards under Article 46 GDPR to offset this shortcoming. As a result, data transfer to the USA is only permitted here with your explicit consent in accordance with Article 49 para. 1 point a GDPR. Possible risks of this data transfer are that access by state authorities, such as security agencies and/or intelligence services, cannot be excluded and your data could be processed by them – possibly without you being informed separately and without you having enforceable rights and effective legal remedies available to you – for reasons of national security, law enforcement or for other purposes in the public interest of the USA.
Service provider information:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Google Ads Data Processing Terms:
https://privacy.google.com/businesses/processorterms/
Terms of Service:
https://marketingplatform.google.com/about/analytics/terms/us/
Overview of data usage in Google Analytics:
https://support.google.com/analytics/answer/6004245?hl=en
Privacy Policy:
https://policies.google.com/privacy
Technical explanation of “IP Anonymization (or IP masking) in Google Analytics”
https://support.google.com/analytics/answer/2763052?hl=en
Additional note:
If you wish to deactivate Google Analytics across all websites, you can download and install the “Google Analytics Opt-out Browser Add-on” at https://tools.google.com/dlpage/gaoptout?hl=en. This option only disables web analysis as long as you are using a web browser for which you have installed the add-on.
2. On which legal basis are optional cookies used?
We use optional cookies on the basis of the consent pursuant to Article 6 para. 1 point a in conjunction with Article 7 GDPR.
3. How can I withdraw the consent that I have given to the use of optional cookies?
When you (first) access our website, we request inter alia your consent for the use of optional cookies by means of a predefined query (“Cookies, other technologies and miscellaneous services”). You can withdraw the consent that you have given at any time with effect for the future and thereby prevent further collection of your data by deselecting optional cookies (web analysis, marketing) in the settings of the consent management service. If and insofar as you do not consent or withdraw consent already given (further) data collection by means of optional cookies requiring consent and the associated data processing will cease. This presents no drawbacks when using the website, unless you also deactivate the cookie functions for essential cookies. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. As an alternative to withdrawing your consent, you can also make use of the options described below under “Deletion/Blocking of Cookies” to delete or block cookies using the information provided there.
C. Deletion/Blocking of Cookies
Cookies are stored on your terminal equipment, so you have the control over them. If you do not want us to recognise your terminal equipment, you can deactivate or delete cookies already stored on your terminal equipment – manually or automatically – at any time and/or block storage of cookies with future effect by making the appropriate setting in your web browser software, e.g. “do not accept cookies” or similar. Most web browsers can also be configured in such a way that cookie storage is only accepted if you agree to this separately on a case-by-case basis. If you do not wish to accept cookies from our service providers and partners, you should have your web browser set to “block third-party cookies” or similar. Usually, the “Help” function in the menu bar of your web browser shows you how to deactivate or delete cookies already stored there and how to decline new cookies. For details of the options described, please refer to the instructions provided by your web browser manufacturer. Please note that if you delete without blocking, any essential cookies will be used the next time and we may ask you once again for your consent to optional cookies when you access our website at a later date. Please also note that deactivating or deleting or blocking essential cookies may affect the performance and functionality of our website and may cause certain features and functions to be unavailable. You can manage the settings for the use of optional cookies and the associated data processing at any time in the settings of the consent management service.
In providing our website, we integrate various content and functional elements (hereinafter also referred to collectively as “services”) that are obtained from the web servers of their respective providers (hereinafter referred to as “third-party providers”). For the proper presentation and provision of the services, it is always necessary that your IP address is transmitted to the respective third-party provider. Although we endeavour to only integrate services where the respective third-party provider only uses the IP address to deliver the services, we have no influence on the further processing by third-party providers unless the third party is a processor. For data transmissions/transfers requiring consent, we ask you for your consent for the data transmission/transfer to third-party providers/third countries associated with the use of miscellaneous services, among other things, when you access our website for the first time with a previously defined query (“Cookies, other technologies and miscellaneous services”). If you do not already give your consent with this previously defined query, third-party services requiring your consent will be blocked on our website and no data will be transmitted/transferred to third-party providers/third countries. Instead, you can give your consent separately for individual third-party services in each case by clicking on “Accept” in the respective blocker. If in future you no longer wish to give your consent to each third-party service individually and wish to be able to load them without the respective blocker, you have the option of additionally selecting “always accept” and thus also consenting to the associated data transmissions/transfers for all other third-party services which you open on our website in the future. You can withdraw given consents at any time with effect for the future and thus prevent the further transmission/transfer of your data by deselecting the corresponding services under “Miscellaneous services (optional)” in the settings of the consent management service.
Integrated third-party services:
– Cloudinary
We use the services of the processor “Cloudinary” on our website for the high-performance delivery of image and video data. This is a service of the Cloudinary Ltd, 20 Aharon Bart St Building C, Petach Tikva 4951448, Israel; parent company Cloudinary Ltd, 3400 Central Expressway, Suite 110, Santa Clara, CA 95051, USA (here togehter „Cloudinary“).
Website:
Privacy Policy:
https://cloudinary.com/privacy
Standard Contractual Clauses:
– Google Maps
We integrate map material from “Google Maps” on our website, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter collectively “Google”). Subject to your consent, we transmit/transfer your data, including your IP address, to Google when you load Google Maps material. The data transmitted/transferred within the scope of Google Maps may be stored and processed by Google in the USA, among other places. We have no influence on further data processing by Google. For a data transfer to a third country, i.e. a country outside the EU or EEA, appropriate safeguards for the protection of your personal data are generally required. After the Commission Implementing Decision (EU) 2016/1250 of 12 July 2016 on the adequacy of the protection provided by the EU-US Privacy Shield was declared invalid by the European Court of Justice, the EU-US Privacy Shield can no longer be used to guarantee an adequate level of protection in the USA in line with EU standards. Consequently, in the USA there does not currently exist a level of data protection that is equivalent to that prevailing in the EU pursuant to Article 45 GDPR and we cannot provide appropriate safeguards under Article 46 GDPR to offset this shortcoming. As a result, data transfer to the USA is only permitted here with your explicit consent in accordance with Article 49 para. 1 point a GDPR. Possible risks of this data transfer are that access by state authorities, such as security agencies and/or intelligence services, cannot be excluded and your data could be processed by them – possibly without you being informed separately and without you having enforceable rights and effective legal remedies available to you – for reasons of national security, law enforcement or for other purposes in the public interest of the USA.
Third-party provider information:
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Website:
https://cloud.google.com/maps-platform
Privacy Policy:
We may transmit your data to:
– Other companies of the Liebherr Group, insofar as this is necessary for the initiation, execution or termination of a contract or there is a legitimate interest on our part in the transfer and your overriding legitimate interest does not conflict with this;
– Our service providers that we use to achieve the above purposes;
– The providers of the offers/modules actively used by you or an employee of your company and any other services or services;
– The respective service partner selected by you to provide services and to ensure security in the central administration of your “Liebherr business account”;
– The respective users selected by you to view the products defined by them or the shopping basket defined by them;
– The recipient you have chosen
– The supplier with whom you have an existing account, with which you have registered or authenticate yourself
– Courts, arbitration tribunals, public authorities or legal advisors, if this is necessary to comply with applicable law or to assert, exercise or defend legal claims.
The transfer of data to bodies in countries outside the European Union or the European Economic Area (so-called third countries) or to international organisations is only permissible (1) if you have given us your consent or (2) if the European Commission has decided that an adequate level of protection exists in a third country (Article 45 GDPR). If the Commission has not made such a decision, we may only transfer your data to recipients located in a third country if appropriate safeguards are in place (e.g., standard data protection clauses adopted by the Commission or the supervisory authority following a specific procedure) and the enforcement of your data subject rights is ensured or the transfer is permissible in individual cases on the grounds of other legal bases (Article 49 GDPR). Where we transfer your data to third countries, we will inform you of the respective details of the transfer at the relevant points in this data protection declaration.
We will process your data as long as this is necessary for the respective purpose, unless you have effectively objected to the processing of your data or effectively withdrawn any consent you may have given. Insofar as statutory retention obligations exist, we will be bound to store the data in question for the duration of the retention obligation. Upon expiry of the retention obligation, we will check whether there is any further necessity for the processing. If there is no longer such a necessity, your data will be deleted.
We use technical and organisational security measures to ensure that your data is protected against loss, inaccurate alteration or unauthorised access by third parties. Moreover, for our part in every case, only authorised persons have access to your data, and this only insofar as it is necessary within the scope of the above-stated purposes. The transmission of all data is encrypted.