1. Controller and data protection officer for data processing; contact
Controller for data processing within the meaning of the data protection legislation is:
Porsche Deutschland GmbH
Please do not hesitate to contact us if you have questions or ideas relating to data protection.
You can contact our data protection officers at the following address:
Dr. Gregor Scheja
Beauftragter für Datenschutz
Tel.: +49 (0) 228-227 226-0
Tel.: +49 (0) 228-227 226-26
2. Subject matter of data protection
The subject matter of data protection is personal data. This is all the information that relates to an identified or identifiable natural person (known in the legislation as the data subject). This covers, for example, information such as name, postal address, e-mail address, or telephone number as well as information that necessarily originates during the use of our event management system such as details about the start, end, and scope of use, and the communication of your IP address.
3. Type, scope, purposes of, and legal basis for automated data processing
In general, it is possible to use our event management system without registering. Even if you use our event management system without registering, personal data can still be processed.
An overview of the type, scope, purposes of, and legal basis for data processing within the scope of our event management system is provided below.
3.1 Provision of our event management system
When you access our event management system using your device, we automatically process the following data:
• date and time of access
• duration of your visit
• type of device
• operating system used
• the functions that you use
• quantity of data sent
• type of event
• IP address
• referrer URL
• domain name
We process this data on the basis of Article 6 (1) (f) GDPR to provide the service, to ensure the technical operation, and to identify and rectify faults. In this way, we pursue the interest of facilitating and ensuring the long-term use of our event management system and its technical functional capability. When our event management system is selected, this data is automatically processed. You cannot use our services unless this data is provided. We do not use this data for the purpose of drawing conclusions about you or your identity.
We generally delete this data after 12 months, unless, in exceptional cases, we need it for longer for the above-mentioned purposes. In such cases, we delete the data immediately after these purposes cease to apply.
4. Individual services and functionalities
You can voluntarily enter personal data in several places in the closed area of our event management system. We will inform you of the scope, purpose and legal basis of the processing at the appropriate place.
5. Recipients of personal data
Internal recipients: Within Porsche Deutschland the only people who have access are those who need it for the purposes named in Sections 3 and 4.
External recipients: We only forward your personal data to external recipients outside Porsche Deutschland if this is necessary for the administering or processing of your issue, if another legal authorization exists, or if we have your consent to forward the data.
External recipients can be:
Group companies in Porsche Deutschland or external service providers that we use to provide services, for example in the areas of technical infrastructure and maintenance for the Porsche Deutschland offering or the provision of content. We carefully select and regularly inspect these processors to make sure that your privacy is protected. The service providers may use the data only for the purposes we have specified and in accordance with our instructions.
b) Public bodies
Authorities and public institutions, such as public prosecutors, courts, or financial authorities to which we must transfer personal data for legal reasons. The data is transferred on the basis of Article 6 (1) (c) GDPR.
c) Private bodies
Dealers, cooperation partners, or support staff to whom the data is transferred on the basis of consent, to implement a contract with you or to safeguard legitimate interests, for example Porsche Dealerships, financing banks, providers of other services or transport service providers. The data is transferred on the basis of Article 6 (1) (a), (b) and/or (f) GDPR.
6. Data processing in third countries
If data is transferred to bodies whose headquarters or whose place of data processing is not located in a member state of the European Union or in another country outside of the European Union who is a signatory to the treaty, we ensure before forwarding the data that, outside of legally permitted exceptional cases pertaining to the recipient, either an appropriate level of data protection exists (e.g., through an adequacy decision of the European Commission, through suitable guarantees such as self-certification by the recipient for the EU-US Privacy Shield, or the agreement of EU standard contractual clauses between the European Union and the recipient) or you give sufficient consent for the transfer of the data.
We can provide you with an overview of the recipients in third countries and a copy of the specifically agreed regulations to ensure the appropriate level of data protection. To obtain these, please contact the address specified in Section 1.
7. Duration of storage
For information on the duration of storage of personal data, please refer to the relevant section on data processing relating to certain services and functions above in Section 3 and Section 4. In addition, as a general rule, we store your personal data only for the length of time necessary to fulfill the purposes, or – in the case of consent – until you withdraw your consent. If you object, we delete your personal data unless its further processing is permitted according to the relevant legal provisions. We also delete your personal data if we are obliged to do so for legal reasons.
8. Rights of data subjects
As the data subject affected by the data processing, you have several rights. Specifically,
Right of access: You have the right to obtain information from us about the data that we have stored about you.
Right of rectification and erasure: You have the right to demand that we rectify incorrect data and – provided the legal requirements are met – that we delete your data.
Restriction of processing: You have the right – provided the legal requirements are met – to demand that we restrict the processing of your data.
Data portability: If you have provided us with data on the basis of a contract or consent, you have the right, in accordance with the legal requirements, to obtain the data you have provided in a structured, standard, and machine-readable format or you can demand that we transfer this data to another controller.
Objection to the processing of data on the legal basis of "legitimate interests": You have the right to object at any time, on grounds relating to your particular situation, to our processing of your data, provided this objection is based on the legal basis of "legitimate interests". If you exercise your right to object, we will cease the processing of your data unless we can – pursuant to the legal requirements – prove compelling legitimate reasons for the further processing, which override your rights.
Withdrawal of consent: If you have given us consent to process your data, you can withdraw this consent at any time with effect for the future. The lawfulness of the processing of your data remains unaffected up until the time of the withdrawal of consent.
Right to lodge a complaint with a supervisory authority: You can also submit a complaint to the competent supervisory authority if you believe that the processing of your data is in breach of the legislation. To do so, you can apply to the data protection authority that is responsible for your town/city or country or the data protection authority that is responsible for us.
Contacting us: Please do not hesitate to contact us if you have any questions regarding the processing of your personal data, your rights as a data subject, and any consent that you may have given. To exercise all of these above-mentioned rights, please contact https://www.porsche.com/germany/privacy/contact or by post at the address specified above in Section 1. In doing so, please ensure that it is possible for us to uniquely define you.
9. Links to third-party offerings
Websites and services delivered by other providers that are linked to by this online service have been and are structured and provided by third parties. We do not have any influence over the structure, content, or role of these third-party services. We explicitly distance ourselves from all content in all linked third-party offerings. Please note that the third-party offerings linked to from this online service may install their own cookies on your device or collect personal data. We have no influence over this. Please contact the providers of these linked third-party offerings as required for the relevant information.
Scope of application
What are cookies?
We use "cookies" in order to provide you with a comprehensive scope of functions, make it easier to use our service, and optimize our offerings. Cookies are small files, which are stored on your device by your Internet browser.
Categories of cookies
Duration of storage
Session cookies: Most cookies are required only for the duration of your current service call or session and are deleted or become invalid as soon as you exit our event management system or your current session expires. Session cookies are used, for example, to retain certain information such as your login for the event management system during your session.
Permanent cookies: Cookies are occasionally stored over a longer period for the purposes of recognizing you when you subsequently call up our event management system again and retrieving saved settings. This makes it faster and easier for you to access our event management system and means that you do not have to repeat settings such as your selected language, for example. Permanent cookies are deleted automatically at the end of a predefined period when you visit the page or domain from which the cookie was set.
Flow cookies: These cookies are used for communication between various internal Porsche servers. They are created at the start of a user interaction and deleted again when it is ended. Flow cookies are assigned a unique identification number during the interaction. However, this does not allow any conclusions to be drawn with respect to the identity of the actual customer or user.
The following cookies may be stored when you call up our event management system:
|Name of cookie||Technical requirement||Duration of storage||Cookie provider||Purpose and interest||Legal basis|
|de.porsche.ag.pdrms.presentation.mvc.2017.release||yes||Session cookie (end of session)||Dr. Ing. h.c. F. Porsche AG||This cookie is required for storing the user session and the login to the event management system.||Art. 6 (1) (b) GDPR|
|de.porsche.ag.pdrms.presentation.mvc.2017.Language||yes||Permanent cookie (duration of storage: 10 days)||Dr. Ing. h.c. F. Porsche AG||This cookie stores the user's decision in which language the presentation should take place.||Art. 6 (1) (b) GDPR|