according to Art. 13, 14 DSGVO as of 19.10.2021
Audi Tradition GmbH, Auto-Union-Straße 1, 85045 Ingolstadt
Representative: Mr. Stefan Trauf (Managing Director)
E-Mail: tradition.datenschutz@audi.de
Auto Union GmbH Data protection officer Auto-Union-Straße 1 85045 Ingolstadt E-mail: tradition.datenschutz@audi.de Website: www.audi.de/betroffenenrechte Link
The EU General Data Protection Regulation (GDPR) and the new Federal Data Protection Act (BDSG-neu) provide various rights for data subjects, which we will inform you about below.
According to Art. 15 DSGVO and the conditions according to § 34 BDSG-neu you have the right to information about the processing of your personal data. Pursuant to Art. 16 DSGVO, you have the right to demand immediate correction of incorrect personal data concerning you. In addition, you can demand a restriction of processing in accordance with the conditions of Art. 18 DSGVO, a data transfer of your personal data in accordance with Art. 20 DSGVO, as well as deletion in accordance with the conditions of Art. 17 DSGVO and § 35 BDSG-neu. In addition, you can object to the processing of your personal data in accordance with the conditions of Art. 21 DSGVO. Pursuant to Art. 7 DSGVO, you may revoke your consent at any time with effect for the future.
Right to object on a case-by-case basis You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(f) DSGVO. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims.
Right to object to processing of personal data for direct marketing purposes In accordance with Art. 21 DSGVO, you have the right to object at any time to the processing of personal data concerning you for the purpose of direct marketing. If you object to the processing of your personal data for the purpose of direct marketing, we will no longer process your personal data for these purposes.
When using the app, no personal data is collected for the purpose of direct advertising.
In accordance with Art. 77 DSGVO, you have the right to lodge a complaint with the supervisory authority. The supervisory authority responsible for us is:
Bayerisches Landesamt für Datenschutzaufsicht Promenade 18 91522 Ansbach
Telefon: +49 (0) 981 180093-0 Telefax: +49 (0) 981 180093-800 E-Mail: poststelle@lda.bayern.de
Webseite: https://www.lda.bayern.de/ (Link)
Please contact us regarding your data protection rights and questions at: E-Mail: tradition.datenschutz@audi.de oder Webseite: www.audi.de/betroffenenrechte (Link)
Please note all the processing listed below. If you have any questions, please do not hesitate to contact us using the above contact details.
Unless otherwise noted in the case of a processing operation no automated decision in individual cases including profiling according to Art. 22 DSGVO.
Unless otherwise stated in the case of processing, the data controller will not transfer the user data to a third country or other international organization in accordance with the GDPR, provided that
Unless otherwise noted in the case of a processing operation the processing takes place until the intended purpose is fulfilled or until a required retention period is reached.
The app is offered for download in various app stores.
2.4.1.1. For Art. 6 para. 1 let. f DSGVO: the legitimate interest Our legitimate interest is to make the app available in corresponding app stores so that (future) users can download it.
2.4.1.2. Recipients or categories of recipients of the personal data
2.4.1.3. Intention of data transfer to a third country or int. organization, as well as basis Please note that when using the app stores, the usage and data protection provisions of the respective responsible party of the app store apply. This also applies to possible feedback or ratings of a user via an app store.
2.4.1.4. Duration or criteria for the duration of storage If personal data is provided via the app store, this is done in accordance with the data protection conditions of the respective app store.
2.4.1.5. Provision required by law or contract and consequences of non-provision Please note that the app store Provision of the data is necessary for the delivery the app.
When using the app, content such as videos or images are loaded from a web server. The IP address, user agent of the client (browser recognition, partly operating system), referring URL, date and time, type of request and the status code (successful delivery or error message) are processed by the delivering server.
2.4.2.1. Recipients or categories of recipients of the personal data
2.4.2.2. Duration or criteria for the duration of storage Processing takes place until to the end of the active transmission. In individual cases, it may be necessary to process personal data for a longer time at short notice within the scope of legitimate interest. See the section „Processing in individual cases on the basis of legitimate interest“ for more information.
2.4.2.3. Provision required by law or contract and consequences of non-provision Please note that the data is necessary for the delivery of the content for the app.
Provision and installation of direct updates for the app, Art. 6 para. 1 let. b DSGVO.
We can provide function and security updates at short notice, which are then directly applied without users having to download the app again. Here, the IP address, user agent of the client (browser recognition, with device and operating system, as well as version), referring URL (referrer URL), date and time, type of request and the status code (successful delivery or error message) are processed by the delivering server.
2.4.3.1. Recipients or categories of recipients of the personal data
2.4.3.3. Duration or criteria for the duration of storage 30 days (serverlogfile)
2.4.3.4. Provision required by law or contract and consequences of non-provision** Please note that the data is necessary for the delivery of the updates for a secure and functional app.
In order to quickly identify and eliminate errors, detected errors are documented and transmitted to the development platform.
2.4.4.1. For Art. 6 para. 1 let. f DSGVO: the legitimate interest Our legitimate interest is to detect and document errors when they occur in order to carry out a transmission after consent has been given, as well as to subsequently analyze these errors and rectify them by providing updates.
2.4.4.2. In the case of Art. 6 para. 1 let. a DSGVO consent: Note revocation in the future and voluntariness The user is asked for voluntary consent before transmittsion. This consent can be revoked at any time with effect for the future.
consentDebugging (hier wird der Schalter fürs den Debbung Consent eingeblendet)
2.4.4.3. Recipients or categories of recipients of the personal data
2.4.4.4. Intention of data transfer to a third country or int. organization, as well as basis Sentry, Anbieter Functional Software, Inc. (San Francisco, USA) on the basis Standard Contractual Clauses (SCCs).
The app has been set so that no personal data, such as the device ID, is transmitted. Thus, corresponding error messages contain the type of device and the operating system version in addition to the technical information. However, the IP address of the transmitting device is required for transmission.
2.4.4.5. Duration or criteria for the duration of storage The recorded errors and associated data are transmitted anonymously. However, the transmission of the IP address is required for the transmission process.
2.4.4.6. Provision required by law or contract and consequences of non-provision Consent to data transmission is not required to use the app.
In order to optimize the app, Google Analytics has been integrated for usage analysis.
2.4.5.1. For Art. 6 para. 1 let. f DSGVO: the legitimate interest The responsible party has a legitimate interest in integrating a usage analysis tool to optimize the offer. There is a request for consent before processing usage data that requires consent in order to comply with the regulations.
2.4.5.2. In the case of Art. 6 para. 1 let. a DSGVO consent: Note revocation in the future and voluntariness The user is asked for voluntary consent before usage data is recorded. This consent can be revoked at any time with effect for the future. You can change your given consent under the following link:
consentAnalytics
2.4.5.3. Recipients or categories of recipients of the personal data
2.4.5.4. Intention of data transfer to a third country or int. organization, as well as basis Data transfer to the USA is based on the standard contractual clauses of the EU Commission (link) and the consent of the person concerned. The IP address is stored anonymously by setting the last octet of IPv4 addresses and the last 80 bits of IPv6 addresses to 0 before storage.
2.4.5.5. Duration or criteria for the duration of storage The responsible party has set a storage period of XX months in Google Analytics.
2.4.5.6. Provision required by law or contract and consequences of non-provision Consent to analysis is not required to use the app.
2.4.5.6. Automated decision-making and profiling according to Art. 22 DSGVO Google Analytics enables the responsible party to analyze the use of the offer. For this purpose, various usage data such as the origin of a user, dwell time and page views are processed. This data may be summarized by Google in a profile that is assigned to the respective user or their end device. You can find more information on Google's data protection at: https://support.google.com/analytics/answer/6004245?hl=en (Link)
2.4.6.1. Recipients or categories of recipients of the personal data
2.4.6.2. Intention of data transfer to a third country or int. organization, as well as basis A transfer to a third country or international organization takes place if -this is possible in accordance with data protection regulations, incl. Art. 49 para. 1 DSGVO and is necessary in individual cases,
*2.4.6.3. Duration or criteria for the duration of storage Processing takes place until the intended purpose is fulfilled or until a required retention period is reached.
2.4.6.4. Provision required by law or contract and consequences of non-provision There is no contact form in the app. The person making contact decides on the type of contact and the scope of communication. If further data is required to respond, this will be communicated.
In individual cases, it may be necessary to process personal data at short notice within the scope of legitimate interest.
2.4.7.1. For Art. 6 para. 1 let. f DSGVO: the legitimate interest Our legitimate interest is the investigation and rectification of technical problems, the detection and defense against unauthorized access, as well as the assertion, exercise or defense of legal claims or settlement of damages. For this purpose, we reserve the right, if necessary, to store existing data for longer than is provided for in the processing operations by default, to implement security measures or to transfer corresponding data to necessary third parties.
2.4.7.2. Recipients or categories of recipients of the personal data
2.4.7.3. Intention of data transfer to a third country or int. organization, as well as basis A transfer to a third country or international organization takes place if this is possible in accordance with data protection regulations, incl. Art. 49 para. 1 DSGVO and is necessary in individual cases.
2.4.7.4. Duration or criteria for the duration of storage Processing takes place until the intended purpose is fulfilled or until a required retention period is reached.