Privacy policy

Last updated: 25 May 2018

We are delighted that you are interested in our website. We take the protection of personal information very seriously and pay close attention to this aspect in our online activities. The processing of your personal information by Brose takes place in compliance with statutory requirements and – if necessary – based on your consent. The most important statutory basis for this is the European General Data Protection Regulation (GDPR) . We also comply with all other applicable data protection legislation, in particular Germany’s Data Protection Act (Bundesdatenschutzgesetz, BDSG) and Telemedia Act (Telemediengesetz, TMG).

In the following we would like to inform you in detail about the applicable legal requirements, particularly those of the GDPR, concerning the processing of your personal data when you visit our website.

1. Controller

You are on the website “brose-ebike.com”. Brose Antriebstechnik GmbH & Co. Kommanditgesellschaft, Berlin , („Brose“) is responsible (the “controller”) for data processing associated with your use of the website.

2. Visiting pages on brose-ebike.com

For what purposes do we process your data?

When you visit our website, your browser contacts our web server to retrieve the pages you wish to visit. You generally do not need to register or identify yourself to use this function. However, our server uses your IP address to allocate requests and responses, which could potentially be used to identify you.

In particular, personal data such as your IP address is transmitted to our web server as part of an HTTP/S call. This connection data is processed by our web server to allow access to the website. In some cases form data may also be processed containing data you have entered.

In addition, the respective HTTP/S calls are logged in a log file. We use this file for technical troubleshooting as well as to block and resolve attacks on our systems. We also utilize the already saved log files to create reports that we use to optimize our websites. The actual analysis is always anonymous, i.e. through a pooling of call data and thus it is no longer possible to use the data to identify a person.

On what legal basis do we process your data?

The legal basis of any processing of your data that takes place depends on the specific purpose of your visit:

- When you visit our website to initiate contracts or business relationships with us, the legal basis for the processing of your data is Art. 6 para. 1 (b) GDPR ( initiation or performance of a contract).

- Also, as a general rule, processing takes place based on our legitimate interests in accordance with Art. 6 para. 1 (f) GDPR. Our legitimate interest is to operate a website for general information and communication purposes as well as to present our company.

Processing of log files takes place as a general rule based on our legitimate interests in accordance with Art. 6 para. 1 (f) GDPR. Our legitimate interest is to protect our plants and systems against attacks and, if necessary, to take legal action against attackers as well as to continue to develop our websites for commercial purposes.

Is there an obligation for you to provide your data and what happens if you choose not to?

It is not possible to use this website or its forms without processing your connection or form data.

Is your data shared with anyone? Or, who participates in the processing of my data?

As a general rule, processing is automatic. Our IT department has access to the log files. The competent internal departments use these files for the above mentioned purposes and, if necessary, the data is also transmitted to external recipients (in particular law enforcement agencies to prosecute attacks).

How long is your data stored?

The log files are stored for 14 days. All other data is deleted immediately after executing the HTTP/S call.

3. Contact form, communication by email

For what purposes do we process your data?

On our site we offer the possibility to contact us by email and/or via a contact form. In this case the information you provide is stored for the purpose of processing your contact request and for any follow-up questions. If you contact us with a request or we contact you, we also process your personal data such as your name, address, phone number and the content of the communication for the purpose of exchanging information with you

On what legal basis do we process your data?

The processing of your data as part of communication via the contact form or by email takes place on the basis of Art. 6 para. 1 (b) GDPR, provided the exchange is in conjunction with the initiation or performance of a contract with you.

For the remainder, the legal basis depends on the purpose of the exchange; Art. 6 para. 1 (f) GDPR (our legitimate interest, business correspondence or, for example, to answer requests related to data protection) will apply in most cases.

Is there an obligation for you to provide your data and what happens if you choose not to?

Your are not required to provide your data. However, communication by email or via the contact form is not possible without processing your personal data.

Is your data shared with anyone? Or, who participates in the processing of my data?

We only share your data internally with the department that is responsible for your request. In some cases, it may also be forwarded to another Brose Group company.

How long is your data stored?

Your personal data is deleted when it is no longer required for the exchange of information with you. In some cases the data may be held longer on the basis of Art. 6 para. 1 (c) GDPR in conjunction with the applicable statutory retention periods (in particular in accordance with trade, tax and revenue law). In the case of business correspondence, this is usually six to ten years after the end of the year in which it is received.

4. Cookies

Like virtually every other website, we use cookies and similar technologies. A cookie is a small text file consisting of letters and numbers that is stored on your device when you visit a website. A cookie contains information that is stored when you visit this website on your computer or mobile device for the duration of your visit (“session cookies”) or for a longer period of time (“permanent cookies”). When you visit pages on this website, our system – or another website that recognizes this cookie – can query the cookie. This makes it possible to distinguish your device from other devices when you visit our website.

More specifically, these cookies or similar technologies make it possible to save your user preferences or credentials for the duration of your visit or until your next visit or, for example, to offer you shopping cart or application functions across multiple pages of our website. Moreover, we use specific cookies to collect information about how visitors use our website, e.g. which pages were visited and the duration of the visits. Pseudonymized user profiles may be created for this purpose.

We use cookies on your website brose-ebike.com as part of the following processing operations:

4.1. Technically required cookies

For what purposes do we process your data?

we use the CDN from Akamai Technologies GmbH (Parkring 20 – 22, 85748 Garching, Germany) for the basic features of our website and the service provider Brightcove, Inc. (290 Congress Street, 4th Floor, Boston MA 02210, USA) for the delivery of videos. Usage data is collected automatically on the servers of Akamai and Brightcove for the purpose of delivery, acceleration and protection of Brose web content.

On what legal basis do we process your data?

Data processing and the required storage of cookies takes place based on our legitimate interests as per Art. 6 para. 1 (f) GDPR. Our legitimate interests relate to the smooth and accelerated display of our web content on brose-ebike.com and thus serve our business interests to operate a website for general information and communication purposes as well as to present our company.

Is your data shared with anyone? Or, who participates in the processing of my data?

Your usage data is shared with Akamai and Brightcove where it is automatically processed on our behalf. Brose has no possibility to analyze this data.

How long is your data stored?

Your usage data is stored by the cookies of Akamai and Brightcove only for the duration of your visit to the website and then automatically deleted (“session cookies”).

Is there an obligation for you to provide your data and what happens if you choose not to?

It is not possible to use the website without processing your usage data.

More information about privacy and the processing of your personal data by Akamai is available here: www.akamai.com/us/en/privacy-policies.More information about privacy and the processing of your personal data by Brightcove is available here: www.brightcove.com/en/legal/privacy.

4.2. Web analysis using etracker

For what purposes do we process your data?

We use the “etracker” service, which enables data traffic analysis for our website (web analytics). This helps us continuously improve the information and the design of our website. We use etracker for various purposes such as to analyze which sections and subpages of our website were visited – and how often and for how long – and where our users come from (other websites).

etracker GmbH (Erste Brunnenstraße 1, 20459 Hamburg, Germany) processes different usage data for this purpose and assigns an anonymous identifier to it. Additionally, certain information of the operator of website from which you came to us (in particular the URL of the previous page, any related search engine, any related search terms) may be processed. This usage data is used to create non-personalized reports on the use of our website.

On what legal basis do we process your data?

Data processing and the required storage of cookies takes place based on your consent as per Art. 6 para. 1 (a) GDPR.

Is your data shared with anyone? Or, who participates in the processing of my data?

Your usage data is shared with etracker GmbH where it is automatically processed on our behalf. In principle, analysis options are used only internally by our IT and marketing department.

How long is your data stored?

See table below.

What rights do I have?

You may reject (as per Section 15 (3) TMG or Art. 21 para. 1 DSGVO)) data processing and the use of cookies at any time for the future or revoke your consent (as per Art. 7 Abs. 3 GDPR) as follows: Please refer to Section 7.

etracker cookies

Name Type Purpose Deletion
etcamp, etcampi Permanent Campaign allocation (external/internal). Placed in the event of a campaign contact 30-180 days
etrp_STATID Session Tags referrals. Placed only when campaign referrals are used Current session
cntcookie Permanent Exclusion from count 4 years after last visit
et_id Permanent Visitor identification campaign control 2 years after last visit
_et_coid Permanent Cookie identification campaign control 2 years after last visit
_vv Permanent Stores status of Visitor Voice invitation. Placed only when Visitor Voice is used 30 minutes to 30 days
_vmu Permanent Stores status of Visitor Motion recording. Placed only when Visitor Motion is used 30 days
_vms Permanent Stores status of Visitor Motion session. Placed only when Visitor Voice is used, current session 30 days
et_overlay Session Stores the overlay settings, duration of session Current session
onpage​Configuration.​SID Session Identification for the onpage configurator Current session
et_ocookie Session Stores the session for the overlay Current session
Alphanumeric, 32 characters Session Stores the session ID so that the session cannot be viewed with another browser Current session

More information about privacy and the processing of your personal data by etracker is available here: www.etracker.com/en/data-privacy.

5. Data security

We secure our website and other systems with up-to-date technical and organizational measures to prevent your data from being lost, destroyed, accessed, modified or disseminated by unauthorized persons. When sending personal data, we make use of encryption technology to ensure extremely high levels of confidentiality. Our servers use various security mechanisms and permission processes to make unauthorized access difficult. You should keep your access information secret at all times and close your browser window once you have finished communicating with Brose. This will ensure that no one apart from you can access your personal data if you share your computer with other people.

6. Your rights

If our company processes your personal data you have the following rights within the respective legal scope:

  • Right of access , especially to obtain information from the controller concerning the personal data its stores and how it is processed (Art. 15 GDPR),
  • Right to rectification of inaccurate or incomplete data (Art. 16 GDPR),
  • Right to erasure , e.g. of unlawfully processed or no longer necessary data (Art. 17 GDPR),
  • Right to restriction of processing (Art. 18 GDPR),
  • Right to object the processing, in particular if this takes place to safeguard the legitimate interests of the controller (Art. 21 GDPR) and
  • Right to data portability, provided the processing takes place based on consent or to perform a contract or by means of an automated process (Art. 20 GDPR).

If the processing is based on consent that you have provided (Art. 6 para. 1 (a) or Art. 9 para. 2 (a) GDPR), you have the right to revoke your consent at any time. This shall not affect the lawfulness of processing carried out on the basis of consent prior to your revocation.

In addition, you have the possibility of sending a complaint

  • to our data protection officer Thomas Grimm, Max-Brose-Straße 1, 96450 Coburg, Germany, email: datenschutz@brose.com and
  • the competent regulatory agencies. For Brose Antriebstechnik GmbH & Co. Kommanditgesellschaft, Berlin, Germany, this is Berliner Beauftragter für Datenschutz und Informationsfreiheit, An der Urania 4-10, 10787 Berlin, Telefon: 030 13889 - 0