Last updated: 25 May 2018
We are delighted that you are interested in our website. We take the protection of personal information very seriously and pay close attention to this aspect in our online activities. The processing of your personal information by Brose takes place in compliance with statutory requirements and – if necessary – based on your consent. The most important statutory basis for this is the European General Data Protection Regulation (GDPR) . We also comply with all other applicable data protection legislation, in particular Germany’s Data Protection Act (Bundesdatenschutzgesetz, BDSG) and Telemedia Act (Telemediengesetz, TMG).
In the following we would like to inform you in detail about the applicable legal requirements, particularly those of the GDPR, concerning the processing of your personal data when you visit our website.
You are on the website “brose-ebike.com”. Brose Antriebstechnik GmbH & Co. Kommanditgesellschaft, Berlin , („Brose“) is responsible (the “controller”) for data processing associated with your use of the website.
When you visit our website, your browser contacts our web server to retrieve the pages you wish to visit. You generally do not need to register or identify yourself to use this function. However, our server uses your IP address to allocate requests and responses, which could potentially be used to identify you.
In particular, personal data such as your IP address is transmitted to our web server as part of an HTTP/S call. This connection data is processed by our web server to allow access to the website. In some cases form data may also be processed containing data you have entered.
In addition, the respective HTTP/S calls are logged in a log file. We use this file for technical troubleshooting as well as to block and resolve attacks on our systems. We also utilize the already saved log files to create reports that we use to optimize our websites. The actual analysis is always anonymous, i.e. through a pooling of call data and thus it is no longer possible to use the data to identify a person.
The legal basis of any processing of your data that takes place depends on the specific purpose of your visit:
- When you visit our website to initiate contracts or business relationships with us, the legal basis for the processing of your data is Art. 6 para. 1 (b) GDPR ( initiation or performance of a contract).
- Also, as a general rule, processing takes place based on our legitimate interests in accordance with Art. 6 para. 1 (f) GDPR. Our legitimate interest is to operate a website for general information and communication purposes as well as to present our company.
Processing of log files takes place as a general rule based on our legitimate interests in accordance with Art. 6 para. 1 (f) GDPR. Our legitimate interest is to protect our plants and systems against attacks and, if necessary, to take legal action against attackers as well as to continue to develop our websites for commercial purposes.
It is not possible to use this website or its forms without processing your connection or form data.
As a general rule, processing is automatic. Our IT department has access to the log files. The competent internal departments use these files for the above mentioned purposes and, if necessary, the data is also transmitted to external recipients (in particular law enforcement agencies to prosecute attacks).
The log files are stored for 14 days. All other data is deleted immediately after executing the HTTP/S call.
On our site we offer the possibility to contact us by email and/or via a contact form. In this case the information you provide is stored for the purpose of processing your contact request and for any follow-up questions. If you contact us with a request or we contact you, we also process your personal data such as your name, address, phone number and the content of the communication for the purpose of exchanging information with you
The processing of your data as part of communication via the contact form or by email takes place on the basis of Art. 6 para. 1 (b) GDPR, provided the exchange is in conjunction with the initiation or performance of a contract with you.
For the remainder, the legal basis depends on the purpose of the exchange; Art. 6 para. 1 (f) GDPR (our legitimate interest, business correspondence or, for example, to answer requests related to data protection) will apply in most cases.
Your are not required to provide your data. However, communication by email or via the contact form is not possible without processing your personal data.
We only share your data internally with the department that is responsible for your request. In some cases, it may also be forwarded to another Brose Group company.
Your personal data is deleted when it is no longer required for the exchange of information with you. In some cases the data may be held longer on the basis of Art. 6 para. 1 (c) GDPR in conjunction with the applicable statutory retention periods (in particular in accordance with trade, tax and revenue law). In the case of business correspondence, this is usually six to ten years after the end of the year in which it is received.
More specifically, these cookies or similar technologies make it possible to save your user preferences or credentials for the duration of your visit or until your next visit or, for example, to offer you shopping cart or application functions across multiple pages of our website. Moreover, we use specific cookies to collect information about how visitors use our website, e.g. which pages were visited and the duration of the visits. Pseudonymized user profiles may be created for this purpose.
we use the CDN from Akamai Technologies GmbH (Parkring 20 – 22, 85748 Garching, Germany) for the basic features of our website and the service provider Brightcove, Inc. (290 Congress Street, 4th Floor, Boston MA 02210, USA) for the delivery of videos. Usage data is collected automatically on the servers of Akamai and Brightcove for the purpose of delivery, acceleration and protection of Brose web content.
Data processing and the required storage of cookies takes place based on our legitimate interests as per Art. 6 para. 1 (f) GDPR. Our legitimate interests relate to the smooth and accelerated display of our web content on brose-ebike.com and thus serve our business interests to operate a website for general information and communication purposes as well as to present our company.
Your usage data is shared with Akamai and Brightcove where it is automatically processed on our behalf. Brose has no possibility to analyze this data.
Your usage data is stored by the cookies of Akamai and Brightcove only for the duration of your visit to the website and then automatically deleted (“session cookies”).
It is not possible to use the website without processing your usage data.
More information about privacy and the processing of your personal data by Akamai is available here: www.akamai.com/us/en/privacy-policies.More information about privacy and the processing of your personal data by Brightcove is available here: www.brightcove.com/en/legal/privacy.
We use the “etracker” service, which enables data traffic analysis for our website (web analytics). This helps us continuously improve the information and the design of our website. We use etracker for various purposes such as to analyze which sections and subpages of our website were visited – and how often and for how long – and where our users come from (other websites).
etracker GmbH (Erste Brunnenstraße 1, 20459 Hamburg, Germany) processes different usage data for this purpose and assigns an anonymous identifier to it. Additionally, certain information of the operator of website from which you came to us (in particular the URL of the previous page, any related search engine, any related search terms) may be processed. This usage data is used to create non-personalized reports on the use of our website.
Data processing and the required storage of cookies takes place based on your consent as per Art. 6 para. 1 (a) GDPR.
Your usage data is shared with etracker GmbH where it is automatically processed on our behalf. In principle, analysis options are used only internally by our IT and marketing department.
See table below.
|etcamp, etcampi||Permanent||Campaign allocation (external/internal). Placed in the event of a campaign contact||30-180 days|
|etrp_STATID||Session||Tags referrals. Placed only when campaign referrals are used||Current session|
|cntcookie||Permanent||Exclusion from count||4 years after last visit|
|et_id||Permanent||Visitor identification campaign control||2 years after last visit|
|_et_coid||Permanent||Cookie identification campaign control||2 years after last visit|
|_vv||Permanent||Stores status of Visitor Voice invitation. Placed only when Visitor Voice is used||30 minutes to 30 days|
|_vmu||Permanent||Stores status of Visitor Motion recording. Placed only when Visitor Motion is used||30 days|
|_vms||Permanent||Stores status of Visitor Motion session. Placed only when Visitor Voice is used, current session||30 days|
|et_overlay||Session||Stores the overlay settings, duration of session||Current session|
|onpageConfiguration.SID||Session||Identification for the onpage configurator||Current session|
|et_ocookie||Session||Stores the session for the overlay||Current session|
|Alphanumeric, 32 characters||Session||Stores the session ID so that the session cannot be viewed with another browser||Current session|
More information about privacy and the processing of your personal data by etracker is available here: www.etracker.com/en/data-privacy.
We secure our website and other systems with up-to-date technical and organizational measures to prevent your data from being lost, destroyed, accessed, modified or disseminated by unauthorized persons. When sending personal data, we make use of encryption technology to ensure extremely high levels of confidentiality. Our servers use various security mechanisms and permission processes to make unauthorized access difficult. You should keep your access information secret at all times and close your browser window once you have finished communicating with Brose. This will ensure that no one apart from you can access your personal data if you share your computer with other people.
If our company processes your personal data you have the following rights within the respective legal scope:
If the processing is based on consent that you have provided (Art. 6 para. 1 (a) or Art. 9 para. 2 (a) GDPR), you have the right to revoke your consent at any time. This shall not affect the lawfulness of processing carried out on the basis of consent prior to your revocation.
In addition, you have the possibility of sending a complaint