MOBILITYFORYOU

Safe ⦁ Flexible ⦁ Reliable

Imprint

mobilityforyou GmbH
Motorstr. 36
70499 Stuttgart

Phone: +49 711 1227 53 56
Fax: +49 7156 309 68 91
Email: info@mobilityforyou.de

Represented by:
Managing Director Emre E. Sahin

Registry Entry:
Registered in the Commercial Register.
Registry Court: District Court Stuttgart
Registry Number: HRB 786086

We hereby inform you in accordance with the legal requirements of data protection law (especially according to BDSG n.F. and the European General Data Protection Regulation 'DS-GVO') about the nature, scope, and purpose of the processing of personal data by our company. This data privacy statement also applies to our websites and social media profiles. Regarding the definition of terms such as "personal data" or "processing," we refer to Art. 4 DS-GVO.

Name and Contact Information of the Data Controller
Our data controller (hereinafter "Controller") as defined in Art. 4 No. 7 DS-GVO is:

mobilityforyou GmbH
Motorstr. 36
70499 Stuttgart, Germany
Managing Director Emre E. Sahin
Commercial Register No.: HRB 786086
Registry Court: District Court Stuttgart
Fax: +49 7156 309 68 91
Email Address: info@mobilityforyou.de

Types of Data, Purposes of Processing, and Categories of Data Subjects

Below, we inform you about the nature, scope, and purpose of the collection, processing, and use of personal data.

1. Types of Data We Process
Usage data (access times, visited websites, etc.), master data (name, address, etc.), contact data (telephone number, email, fax, etc.),

2. Purposes of Processing According to Art. 13 (1) c) DS-GVO
Execution of contracts, technical and economic optimization of the website, providing easy access to the website, improving user experience, user-friendly website design, creation of statistics,

3. Categories of Data Subjects According to Art. 13 (1) e) DS-GVO
Visitors/Users of the website,

The data subjects are collectively referred to as "Users."


Legal Bases for Processing Personal Data

Below, we inform you about the legal bases for the processing of personal data:

  1. If we have obtained your consent for the processing of personal data, Art. 6 (1) sentence 1 lit. a) DS-GVO is the legal basis.
  2. If the processing is necessary for the performance of a contract or for the implementation of pre-contractual measures carried out at your request, Art. 6 (1) sentence 1 lit. b) DS-GVO is the legal basis.
  3. If the processing is necessary for compliance with a legal obligation to which we are subject (e.g., legal retention obligations), Art. 6 (1) sentence 1 lit. c) DS-GVO is the legal basis.
  4. If the processing is necessary to protect the vital interests of the data subject or another natural person, Art. 6 (1) sentence 1 lit. d) DS-GVO is the legal basis.
  5. If the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller, Art. 6 (1) sentence 1 lit. e) DS-GVO is the legal basis.
  6. If the processing is necessary to protect our legitimate interests or the legitimate interests of a third party and such interests are not overridden by your interests or fundamental rights and freedoms, Art. 6 (1) sentence 1 lit. f) DS-GVO is the legal basis.

Disclosure of Personal Data to Third Parties and Data Processors

We generally do not disclose data to third parties without your consent. If this does occur, it is based on the legal bases mentioned above, for example, when data is disclosed to online payment providers for contract fulfillment or due to a court order or a legal obligation to surrender data for the purposes of law enforcement, hazard prevention, or the enforcement of intellectual property rights.
We also use data processors (external service providers, e.g., for web hosting of our websites and databases) for the processing of your data. When data is disclosed to data processors as part of an order processing agreement, this is always done in accordance with Art. 28 DS-GVO. We select our data processors carefully, check them regularly, and have obtained the right to issue instructions regarding the data. In addition, the data processors must have taken appropriate technical and organizational measures and comply with data protection regulations according to BDSG n.F. and DS-GVO.


Data Transfer to Third Countries

The adoption of the European General Data Protection Regulation (DS-GVO) has established a unified basis for data protection in Europe. As a result, your data is primarily processed by companies subject to DS-GVO. However, if processing does occur by third-party services outside the European Union or the European Economic Area, they must meet the special requirements of Articles 44 ff. DS-GVO. This means that processing is based on special safeguards, such as the EU Commission's officially recognized determination of a level of data protection equivalent to that of the EU or compliance with officially recognized specific contractual obligations, known as "standard contractual clauses."
In cases where we, due to the ineffectiveness of the so-called "Privacy Shield," obtain your explicit consent for data transfer to the United States under Article 49 (1) sentence 1 lit. a) DS-GVO, we will inform you about the risk of secret access by U.S. authorities and the use of data for surveillance purposes, potentially without legal remedies for EU citizens.


Data Deletion and Storage Duration

Unless expressly stated otherwise in this privacy policy, your personal data will be deleted or blocked as soon as the consent granted for processing is revoked by you or the purpose of storage no longer applies, or the data is no longer required for the purpose, unless further retention is required for evidentiary purposes, or statutory retention obligations prevent deletion. This includes, for example, commercial storage obligations for business letters under § 257 (1) HGB (6 years) as well as tax retention obligations under § 147 (1) AO for documents (10 years). Once the prescribed retention period has expired, your data will be automatically blocked or deleted, unless continued storage is required for contract conclusion or fulfillment.


Existence of Automated Decision-Making

We do not employ automated decision-making or profiling.


Provision of Our Website and Creation of Log Files
  1. When you use our website solely for informational purposes (i.e., no registration or transmission of information), we only collect the personal data that your browser transmits to our server. When you want to view our website, we collect the following data:
    • IP address;
    • Internet service provider of the user;
    • Date and time of access;
    • Browser type;
    • Language and browser version;
    • Content of the request;
    • Time zone;
    • Access status/HTTP status code;
    • Data volume;
    • Websites from which the request comes;
    • Operating system.
    These data serve the purpose of delivering our website to you in a user-friendly, functional, and secure manner, with features and content, as well as optimizing and statistically evaluating it.

  2. The legal basis for this is our legitimate interest in data processing according to Article 6 (1) sentence 1 lit. f) DS-GVO, which also underlies the above-mentioned purposes.

  3. For security reasons, we store this data in server log files for a storage period of 30 days. After this period, they are automatically deleted unless their retention is necessary for evidentiary purposes in the event of attacks on the server infrastructure or other legal violations.

Cookies
  1. We use so-called cookies when you visit our website. Cookies are small text files that your Internet browser stores on your computer. When you revisit our website, these cookies provide information to automatically recognize you. Cookies include "user IDs," where user information is stored using pseudonymous profiles. We inform you about the use of cookies for the purposes mentioned above and how to object to their storage ("opt-out") when you visit our website, through a notice in our privacy policy.

    The following types of cookies are distinguished:

    • Necessary, essential cookies: Essential cookies are necessary for the operation of the website to store certain functions of the website, such as logins, shopping carts, or user input, e.g., regarding the language of the website.

    • Session cookies: Session cookies are needed to recognize repeated use of an offering by the same user (e.g., if you have logged in to determine your login status). When you revisit our site, these cookies provide information to automatically recognize you. The information obtained in this way is used to optimize our offerings and to facilitate access to our site. When you close your browser or log out, the session cookies are deleted.

    • Persistent cookies: These cookies remain stored even after closing your browser. They are used for storing login information, measuring reach, and for marketing purposes. They are automatically deleted after a predefined duration, which may vary depending on the cookie. You can delete cookies at any time in your browser's security settings.

    • Third-party cookies (especially from advertisers): According to your preferences, you can configure your browser settings, e.g., to reject third-party cookies or all cookies. However, we would like to point out that you may then not be able to use all the features of this website. You can find more information about these cookies in the respective data protection statements of the third-party providers.

  2. Data Categories: User data, cookies, user ID (including visited pages, device information, access times, and IP addresses).

  3. Purposes of Processing: The information obtained serves the purpose of technically and economically optimizing our web offerings and providing you with easier and secure access to our website.

  4. Legal Basis: If we process your personal data using cookies based on your consent ("Opt-in"), then Article 6(1) Sentence 1 lit. a) GDPR is the legal basis. Otherwise, we have a legitimate interest in the effective functionality, improvement, and economic operation of the website, in which case Article 6(1) Sentence 1 lit. f) DS-GVO is the legal basis. The legal basis is also Article 6(1) Sentence 1 lit. b) DS-GVO when cookies are set for contract initiation, e.g., for orders.

  5. Storage Duration/Deletion: Data will be deleted as soon as they are no longer necessary for the purpose of their collection. In the case of data collected for website provision, this occurs when the respective session ends.

    Cookies are otherwise stored on your computer and transmitted from it to our site. As a user, you have full control over the use of cookies. By changing the settings in your Internet browser, you can deactivate or restrict the transmission of cookies. Already stored cookies can be deleted at any time, including automated deletion. Disabling cookies for our website may result in some functions of the website not being fully available.

    Here you will find information on deleting cookies by browsers:

    Chrome: https://support.google.com/chrome/answer/95647

    Safari: https://support.apple.com/de-at/guide/safari/sfri11471/mac

    Firefox: https://support.mozilla.org/de/kb/cookies-und-website-daten-in-firefox-loschen

    Internet Explorer: https://support.microsoft.com/de-at/help/17442/windows-internet-explorer-delete-manage-cookies

    Microsoft Edge: https://support.microsoft.com/de-at/help/4027947/windows-delete-cookies

  6. Objection and "Opt-Out": You can prevent the storage of cookies on your hard drive independently of consent or legal permission by choosing "do not accept cookies" in your browser settings. However, this may result in a functional limitation of our offerings. You can object to the use of cookies by third parties for advertising purposes via an "Opt-out" on this American website (https://optout.aboutads.info) or this European website (https://www.youronlinechoices.com/de/praferenzmanagement/).


Contract Processing
  1. We process inventory data (e.g., company, title/academic degree, names and addresses, and contact data of users, email), contract data (e.g., services used, names of contact persons), and payment data (e.g., bank details, payment history) to fulfill our contractual obligations (knowledge of who the contracting party is; establishment, content design, and execution of the contract; verification of the plausibility of the data) and provide services (e.g., contacting customer service) in accordance with Article 6(1) Sentence 1 lit. b) DS-GVO. The entries marked as mandatory in online forms are required for contract conclusion.

  2. Data will generally not be disclosed to third parties unless it is required to pursue our claims (e.g., transfer to a lawyer for debt collection) or to fulfill the contract (e.g., transfer of data to payment providers) or there is a legal obligation to do so under Article 6(1) Sentence 1 lit. c) DS-GVO.

  3. We may also process the data provided by you to inform you about other interesting products from our portfolio or send you emails with technical information.

  4. Data will be deleted as soon as they are no longer necessary for the purpose of their collection. This is the case for inventory and contract data when the data is no longer required for the execution of the contract and no claims can be asserted from the contract because they have expired (warranty: two years / standard limitation period: three years). Due to commercial and tax law requirements, we are obligated to store your address, payment, and order data for ten years. However, after the end of the contract, we restrict the processing of the data after three years, meaning your data will only be used to fulfill legal obligations. Information in the user account remains until it is deleted.


Contact via Contact Form / Email / Fax / Mail
  1. When you contact us via contact form, fax, mail, or email, your information will be processed for the purpose of handling the contact request.

  2. The legal basis for processing the data, when you have given your consent, is Article 6(1) Sentence 1 lit. a) GDPR. The legal basis for processing data transmitted in the course of a contact request or email, letter, or fax is Article 6(1) Sentence 1 lit. f) GDPR. The data controller has a legitimate interest in processing and storing the data to be able to respond to user inquiries, for liability purposes, and to potentially fulfill legal obligations regarding business letters. If the contact aims at concluding a contract, an additional legal basis for processing is Article 6(1) Sentence 1 lit. b) GDPR.

  3. We may store your information and contact request in our Customer Relationship Management system ("CRM System") or a similar system.

  4. The data will be deleted as soon as they are no longer necessary for the purpose of their collection. For personal data from the contact form input and those sent via email, this is the case when the respective conversation with you is concluded. The conversation is considered concluded when it can be inferred from the circumstances that the matter in question has been conclusively resolved. For users with an account or contract with us, we retain the data for up to two years after contract termination. In the case of legal archiving obligations, deletion occurs after their expiration: end of commercial (6 years) and tax (10 years) retention periods.

  5. You have the right to revoke your consent for the processing of personal data at any time under Article 6(1) Sentence 1 lit. a) GDPR. If you contact us by email, you can also object to the storage of personal data at any time.


Contact by Phone
  1. When you contact us by phone, your telephone number is processed for handling the contact request and its processing and temporarily stored in the RAM/cache of the telephone device/display. Storage is done for liability and security reasons, to provide evidence of the call, and for economic reasons to enable a callback. In the case of unauthorized advertising calls, we block the numbers.

  2. The legal basis for processing the phone number is Article 6(1) Sentence 1 lit. f) GDPR. If the contact aims at concluding a contract, an additional legal basis for processing is Article 6(1) lit. b) GDPR.

  3. The device cache stores calls for 30 days and gradually overwrites or deletes old data; when the device is disposed of, all data is deleted, and the storage may be destroyed. Blocked phone numbers are checked annually for the need for blocking.

  4. You can prevent the display of the telephone number by calling with a suppressed telephone number.


Data Protection for Job Applications and in the Application Process
  1. Applications sent electronically or by post to the data controller are processed electronically or manually for the purpose of handling the application process.

  2. We expressly point out that applications containing "special categories of personal data" under Article 9 GDPR (e.g., a photo that reveals your ethnic origin, religion, or marital status) are unwanted, except for any disabilities you may voluntarily disclose. You should submit your application without these data. This has no effect on your chances of being considered for the position.

  3. Legal bases for processing are Article 6(1) Sentence 1 lit. b) GDPR and § 26 BDSG n.F.

  4. If an employment relationship is established with the applicant after the application process, the applicant's data is stored in compliance with relevant data protection regulations. If no position is offered to you after the application process, your submitted application letter and documents will be deleted 6 months after sending the rejection to meet any obligations and evidence requirements under the General Equal Treatment Act (AGG).


Rights of the Data Subject
  1. Objection or Revocation of Data Processing

    If processing is based on your consent under Article 6(1) Sentence 1 lit. a), Article 7 GDPR, you have the right to revoke your consent at any time. The legality of data processing carried out before the revocation will not be affected.

    If we base the processing of your personal data on the balancing of interests under Article 6(1) Sentence 1 lit. f) GDPR, you have the right to object to the processing. This is the case, in particular, when processing is not necessary for the performance of a contract with you, as described in more detail in the following description of functions. If you exercise such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of a justified objection, we will review the situation and either cease or adjust data processing or demonstrate compelling legitimate grounds for continuing processing.

    You can object to the processing of your personal data for advertising and data analysis purposes at any time. You can exercise this right to object free of charge. You can inform us of your objection to advertising using the following contact information:

    mobilityforyou GmbH
    Motorstr. 36
    70499, Stuttgart, Germany
    Managing Director Emre E. Sahin
    Commercial Register/No.: HRB 786086
    Registry Court: Amtsgericht Stuttgart
    Fax: +49 7156 309 68 91
    Email Address: info@mobilityforyou.de

  2. Right to Information

    You have the right to information about your personal data stored by us according to Article 15 GDPR. This includes, in particular, information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage duration, the origin of your data, if it was not collected directly from you.

  3. Right to Rectification

    You have the right to have inaccurate data corrected or incomplete data completed under Article 16 GDPR.

  4. Right to Erasure

    You have the right to have your data stored with us erased under Article 17 GDPR, unless legal or contractual retention periods, other legal obligations, or rights to further storage conflict with this.

  5. Right to Restriction of Processing

    You have the right to request the restriction of processing of your personal data if one of the conditions in Article 18(1) lit. a) to d) GDPR is met:
    • If you contest the accuracy of the personal data concerning you for a period that allows the controller to verify the accuracy of the personal data;

    • the processing is unlawful, and you oppose the erasure of the personal data and request the restriction of their use instead;

    • the controller no longer needs the personal data for the purposes of the processing, but you require them for the establishment, exercise, or defense of legal claims, or

    • if you have objected to processing pursuant to Article 21(1) GDPR pending the verification of whether the legitimate grounds of the controller override your grounds.

  6. Right to Data Portability

    You have the right to data portability under Article 20 GDPR, which means that you can receive the personal data we have stored about you in a structured, commonly used, and machine-readable format or request the transmission of this data to another controller.

  7. Right to Lodge a Complaint

    You have the right to lodge a complaint with a supervisory authority. Usually, you can contact the supervisory authority in your place of residence, your workplace, or the location of the alleged violation.


Data Security

To protect all personal data sent to us and to ensure compliance with data protection regulations by both us and our external service providers, we have implemented appropriate technical and organizational security measures. Therefore, all data between your browser and our server is transmitted via a secure SSL connection.



As of: September 7, 2023

Source: www.juraforum.de