Protecting Your Data
Data Protection Officer: Mercedes-Benz France
Address: 7, avenue Niépce 78180 Montigny-le-Bretonneux, France
Email: dpo_mbf@mercedes-benz.com
Other Responsible Parties for Analysis and Marketing Activities:
Mercedes-Benz AG
Address: Mercedesstraße 120 70327 Stuttgart, Germany
Email: dialog@mercedes-benz.com
Mercedes-Benz Mobility AG
Address: Siemensstr. 7 70469 Stuttgart, Germany
Email: mobility@mercedes-benz.com
Data Protection Officer for both companies:
Mercedes-Benz Group AG
Address: HPC E600 D-70546 Stuttgart, Germany
Email: data.protection@mercedes-benz.com
Data Protection and Joint Responsibility
a. Welcome to Mercedes Benz’s online platforms. We value the protection of your personal data. In this Privacy Policy, we inform you about the collection, usage, purpose, and legal basis for processing your personal data, as well as your rights and remedies. Please refer to the Mercedes-Benz Data Protection Directive for further details.
b. Our Privacy Policy and the Mercedes Benz Data Protection Directive do not apply to your activities on social media or other third-party websites accessed through links on our platforms. Please refer to those providers’ privacy policies for information on data protection.
c. For analysis and marketing activities detailed below, we collaborate closely with the aforementioned responsible parties. We process your website visit data together with these parties using the following technologies:
d. For analysis purposes:
- Google Analytics 360
For marketing purposes:
- Salesforce Interaction Studio
- Salesforce Audience Studio
- Adobe Target
The processing of personal data for the aforementioned purposes only occurs with your consent, as described in section 5.c. of this privacy statement. The framework for joint processing of personal data and respective responsibilities has been agreed upon with these responsible parties in accordance with legal requirements. For more information on the essential content of these agreements, please contact us using the contact details provided in section 9.d. of this privacy statement.
Collection and Processing of Your Personal Data
a. When you visit our websites, we record certain information about your browser and operating system, date and time of your visit, access status, website functionality usage, keywords entered, pages visited, files accessed, data volume transmitted, referrer URL, and the website you visit after leaving our platforms. Additionally, we record your IP address and internet service provider name for security purposes, such as preventing and detecting attacks and fraudulent activities, for a period of seven days.
b. We only process other personal data if you provide it to us, for example, through registration, contact forms, online chat, surveys, contests, or for contract fulfillment. In these cases, we only process your data if we have your consent or if it is legally required.
c. Providing your personal data is not legally or contractually required. However, certain functions on our platforms may depend on the availability of personal data. If you choose not to provide your personal data, certain functions may not be available or may be limited.
Purpose of Data Usage
a. We use the collected data from your website visit to enhance usability and protect our systems from attacks and illegal activities.
b. If you provide additional personal data, for example, through registration, contact forms, online chat, surveys, contests, or for contract fulfillment, we will use it for customer management purposes and, if necessary, for transaction management and billing.
c. For other purposes, such as displaying personalized content or advertisements based on your usage behavior, we and selected third parties will use your data only with your consent within our consent management system. You can find more information and decision options under “Cookie Settings” in the footer of our website.
d. Furthermore, we use personal data as legally required, such as for statutory retention periods, official or judicial orders, or to fulfill legal obligations.
Transmission of Personal Data to Third Parties; Social Plugins; Service Providers
a. Our platforms may contain offers from third parties. If you click on such an offer, we will transmit the necessary data to the respective provider, including information about the referral source and any additional information you provided.
b. When we integrate social plugins from social media platforms such as Facebook and Twitter, they are initially disabled. By clicking on the corresponding plugin, you establish a direct connection to the respective server. If you are logged in to your social media account, the platform can link your visit to our platforms to your user account. To avoid this, please log out of your account before activating the plugin.
c. When you click on a link or activate a social plugin, personal data may be transferred to recipients located outside of the European Economic Area (EEA) that do not provide an adequate level of data protection. Please consider this before proceeding with the data transfer.
d. We use qualified service providers for the operation, optimization, and security of our platforms. We only disclose your personal data to these service providers if necessary for platform functionality, fulfillment of our legitimate interests, compliance with legal obligations, or with your consent. You can find more information about recipients in our consent management system under “Cookie Settings” in the footer of our website.
Cookies
a. Our websites may use cookies and similar software tools to enhance your browsing experience, remember your preferences, and provide certain functions such as online shops or vehicle configurators.
b. Cookies are small files stored on your device during a website visit. They enable us to establish a link between your device and the website, remember your preferred language, offer specific functionalities, and recognize your interests based on your usage behavior. Cookies may contain personal data.
c. The use of cookies depends on the domains and functions you use on our platforms and whether or not you consent to the use of non-essential cookies. You can find more information and adjust your preferences under “Cookie Settings” in the footer of our website.
d. The use of cookies also depends on your internet browser settings. Most browsers are set to accept cookies automatically, but you can generally change this setting and delete cookies from your device. Please refer to your browser’s instructions for more information.
e. Consent to the use of cookies and your preferences are device-specific and browser-specific. You can make different decisions or adjust settings for each device or browser.
f. Please note that if you reject or delete cookies, some functions on our platforms may not be available or may be limited.
Security
We implement technical and organizational security measures to protect your personal data against manipulation, loss, destruction, or unauthorized access. We continuously improve our security measures to reflect technological advancements.
Legal Basis for Data Processing
a. If you have consented to the processing of your personal data, your consent serves as the legal basis for processing (Art. 6(1)(a) of the GDPR). For data transfers to third countries (Art. 49(1)(a) of the GDPR), please refer to section 12.
b. The legal basis for the processing of personal data to initiate or fulfill a contract with you is Art. 6(1)(b) of the GDPR.
c. If the processing of your personal data is necessary to fulfill legal obligations, the legal basis is Art. 6(1)(c) of the GDPR.
d. We also process personal data to preserve our legitimate interests and the legitimate interests of third parties, based on Art. 6(1)(f) of the GDPR. Our legitimate interests include the functionality of our IT systems, marketing our own and external products and services (unless based on your consent), and legally-required documentation of business transactions. We carefully balance these interests with the privacy of your personal data.
Deletion of Your Personal Data
We will delete your IP address and internet service provider name after seven days for security purposes. We will delete your personal data when the purpose of collection and processing no longer exists, unless legal retention periods, regulations, or other legal requirements in the EU or in third countries with an appropriate level of data protection require further retention. In some cases, data deletion may not be possible, but access to such data will be restricted.
Rights of Data Subjects
a. As a data subject, you have the right to access (Art. 15 of the GDPR), rectify (Art. 16 of the GDPR), erase (Art. 17 of the GDPR), restrict processing (Art. 18 of the GDPR), and receive your personal data in a structured, commonly used, and machine-readable format (Art. 20 of the GDPR).
b. If you have consented to the processing of your personal data, you have the right to revoke your consent at any time. Your revocation does not affect the legality of the data processing carried out prior to the revocation, nor does it affect any data processing based on other legal grounds.
c. Right to Object: You have the right to object, on grounds relating to your particular situation, to the processing of your personal data based on Art. 6(1)(e) of the GDPR (processing in the public interest) or Art. 6(1)(f) of the GDPR (legitimate interests). If you object to the processing, we will only continue processing your personal data if we can demonstrate compelling legitimate grounds that outweigh your interests, rights, and freedoms, or if the processing is necessary for the establishment, exercise, or defense of legal claims. If we process your personal data for direct marketing purposes based on a balance of interests, you have the right to object to such processing without providing any reasons.
Please address your objections or explanations to dpo_mbf@mercedes-benz.com, if possible.
d. If you believe that the processing of your personal data violates the law, you have the right to lodge a complaint with a competent data protection supervisory authority (Art. 77 of the GDPR).
Newsletter
If you subscribe to our newsletter, we will only use the data collected during your registration for the purpose of sending the newsletter, unless you expressly agree otherwise. You can unsubscribe from the newsletter at any time using the unsubscribe function provided in the newsletter.
Central Access Service by Mercedes-Benz Group AG
The central access service by Mercedes-Benz Group AG allows you to log in to all websites and applications within the Mercedes-Benz Group and its brands. The current terms of use define special data protection rules and are available on the login pages of the websites and applications.
Transfer of Data to Recipients outside the European Economic Area
a. When using service providers (see section 4.d.) or transferring data to third parties with your consent (see section 3.c.), personal data may be transferred to recipients outside the European Economic Area (EEA), Iceland, Liechtenstein, and Norway for processing, particularly in India.
[Optional: You can identify these countries in our consent management system under “Cookie Settings” in the footer of our website.]
b. The following countries have been recognized by the EU as providing an adequate level of data protection (adequacy decision): Andorra, Argentina, Canada (restrictions apply), United States (the European Commission has determined that the United States ensures an adequate level of data protection through the Privacy Shield. Data transfers to certain U.S. organizations can now take place freely without requiring additional safeguards), Faroe Islands, Guernsey, Israel, Isle of Man, Japan, Jersey, New Zealand, Switzerland, South Korea, Uruguay, United Kingdom. For recipients in other countries, we use EU standard contractual clauses, binding corporate rules, or other permitted mechanisms to ensure an adequate level of data protection in accordance with legal requirements. For more information, please contact the contact persons mentioned in section 9.d. above.
c. By giving your consent within our consent management system, you also consent to the transfer of data to recipients in countries outside the European Economic Area that do not provide an adequate level of data protection. You can find information about the transferred data, data recipients or categories of data recipients, and the countries involved in our consent management system under “Cookie Settings” in the footer of our website. Data protection laws in these countries may not be fully comparable to those in the European Economic Area, including the data subject rights mentioned in section 9 above. Additionally, there may be no data protection authorities or comparable options to oppose data protection violations in these countries. Public authorities in these countries, for example, may have easier access to processed data and use it for purposes other than in the European Economic Area. Some of these circumstances can be partially compensated by specific measures.
Version: August 2023