As part of the use of the webpages that can be accessed under www.vwfs.com your personal data will be processed by data controllers (see also point 8, hereinafter also referred to as "we" and "us") and stored for the period needed for fulfilling the established purposes and legal obligations. In the following, we will inform you about what types of personal data are involved, how they will be processed and what your corresponding rights are with respect to the General Data Protection Regulation (EU) 2016/679 (GDPR).
1. Processing of personal data and purposes of the processing
When visiting our website
2. Third country transmission
The controller uses as part of this business relation also processors and other contractors (e.g. from the following branches: Information and communication technology) with seat outside of the European Economic Area (EEA). The transmission of your data is carried out in accordance with the special conditions of Art. 44 - 49 GDPR, especially the appropriate level of protection will be ensured on the basis of an adequacy decision of the European Commission under Art. 45 GDPR or closed standard data protection clauses under Art. 46 Para. 2 lit. c and d GDPR. You can download and see the standard data protection clauses on the website of the European Commission or call for them directly at the controller to get them as a copy.
The kind of information the cookie stores depends on the specific end device used. However, this does not mean that we can directly become privy to your identity in this manner.
Cookies are used, for instance, to make it easier for you to use our offerings. This is done by means of session cookies in order to determine which individual pages of our website you visited before.
In addition, we also use temporary cookies stored in your end device for a specified period of time for enhanced user friendliness. If you re-visit the website to use our services, the system automatically recognises that you have visited our website before and which entries and setting you used, thus saving you from having to re-enter them.
The data processed using cookies are necessary for the purposes stated above for the protection or our legitimate interests and those of third parties in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR.
Most browsers accept cookies automatically. You can however configure your browser in such a way that no cookies are stored or that you are notified before a cookie is created. If you entirely block cookies however, this might result in the disabling of some functions and features of our website.
4. Tracking/web analysis
The following tracking measures employed by us are performed on the basis of Art. 6 Para. 1 S. 1 lit. f GDPR. We use these tracking functions because we want to make sure your website experience is tailored to your needs and to ensure the continuous improvement of our website. In addition, we use tracking measures to analyse website use for statistical purposes. Furthermore, we use the data for optimized presentation of advertising content. These interests are to be considered as legitimate within the meaning of the aforementioned statute. You can ascertain the specific purpose of the processing and the categories of data from the description of the corresponding Tracking-tools.
- browser type / version,
- the operating system used,
- referrer URL (the website visited before),
- host name of the accessing computer (IP address),
- time stamp of server request,
are transferred to and stored on a server belonging to Adobe in Ireland.
The information will be used to analyse website use, to compile reports on website activities and to provide other services in connection with website use and internet use for the purposes of marketing and ensuring an internet experience tailored to users' needs.
Furthermore, this information may be transferred to third parties to the extent that this may be legally required or that third parties process these data on behalf of others. Under no circumstances will your IP address be combined with other data held by Adobe. The IP addresses will be anonymised so that attribution is not possible (IP masking).
You can block the installation of cookies by making appropriate settings in your browser software. We would like to point out however, in this case you may not be able to fully use the entire functions of this website.
You can also prevent the collection of the data created by the cookie and relating to your use of our website (including your IP address) and the processing of such data by Adobe by refusing your consent to collection by Adobe Analytics. An opt-out cookie is created which prevents the collection of your data when you visit this website in the future. The opt-out cookie is only valid in this browser and for this website and will be stored in your end device. If you delete the cookies in this browser, you have to set another opt-out cookie.
More information on data privacy protection in relation to Adobe Analytics can be found here.
5. Data security
All of the data personally submitted by you through our website will be encrypted with the commonly used and secure TLS Standard (Transport Layer Security). TLS is a secure and proven standard which is also used, for instance, in online banking. You can recognise a secure TLS connection, for instance by the letter 's' appended to http (i.e. https://..) in the address bar of your browser or by the padlock icon in the lower area of your browser.
We employ appropriate technical and organisational security measures in order to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved to keep pace with technological development.
6. Data subjects' rights
You have the following rights:
- pursuant to Art. 15 GDPR to request information from the Controller regarding personal data undergoing processing by the Controller. In particular you have the right to request information about the purpose of the processing, the categories of personal data concerned, the categories of recipient to whom the personal data have been or will be disclosed, the envisaged period for which the data will be stored, the existence of the right to request from the Controller rectification or erasure, restriction of processing or to object to such processing, the right to lodge a complaint, the source of the data, unless collected by the Controller, and the existence of automated decision-making, including profiling and, where relevant, meaningful information about the details;
- pursuant to Art. 16 GDPR to obtain rectification without undue delay of inaccurate personal data or have your personal data stored by the Controller completed;
- pursuant to Art. 17 GDPR to obtain from the Controller the erasure of your personal data, unless that processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
- pursuant to Art. 18 GDPR to obtain from the Controller restriction of processing your personal data where the accuracy of the data is contested by you, the processing is unlawful and you oppose the erasure of the personal data; where the Controller no longer needs the data, but you need them for the establishment, exercise or defence of legal claims or pursuant to Art. 21 GDPR have objected to processing;
- pursuant to Art. 20 GDPR to receive the personal data concerning you which you have provided to the Controller, in a structured, commonly used and machine-readable format or to obtain transmission of those data to another Controller;
- pursuant to Art. 7 Para. 3 GDPR to withdraw your consent from the Controller at any time. This has the consequence that the Controller may not continue the data processing in the future which was exclusively authorised by this consent and
- pursuant to Art. 77 GDPR to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority at your habitual residence or place of work or our registered office.
Should you wish to exercise your rights as a data subject, simply send an email to: betroffenenrechte.FSAG@vwfs.com. Any further contact to the data protection officer: dsb.FSAG@vwfs.com.
7. Right to object
Pursuant to Art. 21 GDPR you have the right to object at any time to processing of personal data concerning you, on grounds relating to your personal situation or where the objection is directed against general direct marketing or direct marketing customised for you. In the latter case you have a general right to object which we will implement without you having to invoke a particular personal situation.
Correspondence address of the Controller and Data Protection Officer:
Volkswagen Financial Services AG
Gifhorner Straße 57
If you want to exercise your right of objection, simply send an email to widerspruch.FSAG@vwfs.com.
8. Data Privacy Statement updates and changes
This information about data privacy protection is currently valid and has the version April 2019.
By further developing our website and offerings through the site or due to changing statutory and regulatory requirements, it might be necessary to amend this Data Privacy Statement. The currently valid Data Privacy Statement can be viewed on our website and printed at any time at: https://www.vwfs.com/en/home/data-privacy-policy.html