Privacy policy

This privacy policy provides an overview of the processing of your personal data when accessing the content and using the online services of the website on www.doll.eu (the “website”). This privacy policy also informs you of your rights and the options you have with regard to controlling your personal data and protecting your privacy.

The data controller is DOLL Fahrzeugbau GmbH,
Industriestr. 13, 77728 Oppenau, Germany. This is the company being referred to when the terms “we” or “us” are used in the following.

You can contact our data protection officer at the address provided above or by e-mailing dsb@doll.eu.
Note:

You are not legally or contractually obliged to provide us with the personal data specified in this privacy policy. However, if you enter into a contract with us (because you are commissioning our services, for example), submission of the contract information you have provided to us is a basic prerequisite for the conclusion of the contract. Furthermore, you may be unable to use our website or experience restricted use if you do not provide us with certain data or object to use of this data.

1.    Which personal data we process and where it originates:

When we make our website available to you, we process personal data from various sources. This may be data that we process automatically for every visitor to our website. This may also be data that you have voluntarily provided.

Data that we collect automatically when you use our website:

As soon as you visit the website, you send technical information to our web server that we store in server log files. This happens regardless of whether or not you then decide to contact us (for example, using the contact form). We always collect the following access and web access data (which we call “usage data”):
•        The date and time of the visit and the duration of website usage
•        The IP address of your device
•        The referral URL (the website from which you accessed our website)
•        The subpages visited on the website or app
•        Other information about your device (device type, browser type and version, settings, installed plug-ins, operating system)
We process usage data to enable use of the website and to ensure website functionality. We also process usage data to analyse website performance, to continuously improve the website and to rectify errors or personalise the content you see on the website. We also process usage data to guarantee IT security and system operation as well as to prevent or detect misuse, particularly fraud. These server log files are deleted after a maximum of 28 days.

Cookies and other tracking tools:
We use cookies to automatically process usage data. Cookies are small text files that you download onto your device when you visit our website and that store the personal information specified above. We use both our own cookies and cookies and tracking tools provided by third parties. If you want to find out more about how cookies work, which cookies process which data and for what purpose on our website and how you can deactivate them, you can find this information at the end of the privacy policy in our overview of cookies and web tracking tools.

This website uses SalesViewer® technology from SalesViewer® GmbH on the basis of the website operator’s legitimate interests (Section 6 paragraph 1 lit.f GDPR) in order to collect and save data on marketing, market research and optimisation purposes. In order to do this, a javascript based code, which serves to capture company-related data and according website usage. The data captured using this technology are encrypted in a non-retrievable one-way function (so-called hashing). The data is immediately pseudonymised and is not used to identify website visitors personally. The data stored by Salesviewer® will be deleted as soon as they are no longer required for their intended purpose and there are no legal obligations to retain them. The data recording and storage can be repealed at any time with immediate effect for the future, by clicking on https://www.salesviewer.com/opt-out in order to prevent SalesViewer® from recording your data. In this case, an opt-out cookie for this website is saved on your device. If you delete the cookies in the browser, you will need to click on this link again.

Data that you send to us:
Alongside the data that we receive from all visitors, we also process other data when you use our contact or application form. In this case, we store your title, company, name, street, postcode and city, telephone number, e-mail address and the content of your request (you can find the details on the relevant contact form).

We process this data in order to handle your request and delete the data once your request has been completed. If you have applied for a vacancy with us using the application form and we were unable to offer you the position at the time of your application, we will only continue to store your data after the application to make it easier for you to apply again. We will only do this if you have given us your consent beforehand.

You can also subscribe to our newsletter. If you give us specific consent to do so, we will save your e-mail address in order to send you our newsletter. It is possible to unsubscribe from the newsletter at any time and this can be done by sending a message to the contact listed below or by following the link provided for this purpose in the newsletter. Once you have unsubscribed, we will delete your e-mail address unless you have expressly consented to further use of your data, or unless we reserve the right to any further data use, which is permitted by law and explained in this privacy policy.
Newsletter2Go is used as the newsletter software. This involves your data being sent to Newsletter2Go GmbH. As part of this arrangement, Newsletter2Go is not permitted to sell your data or to use it for any purposes other than sending newsletters. Newsletter2Go is a German, certified provider, which was selected according to the requirements of the General Data Protection Regulation and the Federal Data Protection Act.
You can find further information here: www.newsletter2go.de/informationen-newsletter-empfaenger/
The consent you have given to store data and your e-mail address and for its use in order to send you the newsletter can be revoked at any time, for example via the “Unsubscribe” link in the newsletter.
2.    Other purposes for which we process your data:

We have already outlined the purposes for which we process your data in individual cases above. We may also process your data for other purposes. This includes, for example, not only sharing your personal data with third parties if we are legally obliged to do so, but also exercising our legal rights, or defending lawsuits, or meeting legal retention and documentation requirements.

3.    The legal basis for data processing:

When processing your personal data, we rely on various legal bases in accordance with the General Data Protection Regulation (GDPR), an EU-wide legal framework intended to standardise data protection law. It specifically covers:

Your consent (Article 6 Paragraph 1 a) GDPR)

By completing and sending our newsletter form, you are expressly agreeing to the data processing described in detail in this privacy policy by ticking the box signalling your consent before sending the registration or contact form: When we process your data in order to create your user account, it is because you have consented to this.

Fulfilling our contractual obligations to you (Article 6 Paragraph 1 b) GDPR)

In some cases we process your data because this is necessary in order to bring about a contractual agreement between us or to enable us to respond to a pre-contractual request: for example, if you submit a purchase order enquiry to us via the website, we will need to save your contact data in order to complete pre-contractual activities. This also applies should you complete our contact form or application form.

Our legitimate interests (Article 6 Paragraph 1 f) GDPR)

There are also cases where we are entitled to process your data without your consent because it is necessary to protect our legitimate interests (or the interests of third parties). This means that even if you have not given your consent for us to do so, we will always process the user data necessary to uphold the security of our IT systems or required for the operation/functional capability or improvement of our website.

Legal obligations (Article 6 Paragraph 1 c) GDPR)

We are also legally obliged to process specific data in individual cases in order to provide information to prosecution authorities or tax authorities. Our business correspondence and journal entries are also governed by retention requirements in accordance with commercial and tax law.

4.   To whom we disclose your data:

With the exception of the service providers (e.g. Newsletter2Go, see above) and partners described in more detail in this privacy policy, we will not disclose your data to third parties. If the listed data recipients process it on our behalf, these recipients will process your data alone on our instruction and they are obliged to comply with strict requirements when it comes to protecting your data.

We transfer your data to our hosting provider (https://www.leitwerk.de/ ), which enables the provision of the website. Providers listed in our information about cookies and tracking tools are only sent pseudonymised data, as further explained in that section. This also includes Google Ireland Ltd., insofar as we have integrated the Google Maps service on our website; you must share your IP address with Google in order to display map content.

5.  Data processing outside of the EEA:

We do not transfer your access and account data to countries outside of the EEA (known as third countries) as a matter of principle. We do not host your data in third countries and all your data is located on our hosting provider's servers situated in Germany.

In some cases your data is processed in third countries.  This relates in particular to cookies provided by third-party companies based in the United States. We will, however, ensure that appropriate data protection is guaranteed at all times. We do this by including the EU standard contractual clauses in our contracts with these providers to guarantee secure processing and appropriate data protection (which also includes any additional appropriate measures required to ensure the level of data protection).

6.  Storage period:

We process and store your personal data as required for the fulfilment of our contractual or legal obligations. We therefore store your data for as long as we have a contractual relationship with you, and once this has ended, only to the extent and for the length of time required by German law. Once your data is no longer required in the context of meeting legal requirements (as set out under commercial or tax law, for example), it is deleted at regular intervals unless its ongoing processing is necessary in order to preserve evidence or defend ourselves against legal proceedings. For example, if you have given us consent (to receive the newsletter, for example), we are required to retain your IP address and the precise time consent was given in order to preserve evidence. We restrict the processing of your data in the context of meeting legal retention requirements.

7.  Automated individual decisions:

We will not use your data to make fully automated individual decisions that have legal effect or may impact you significantly in similar ways, or to create an associated user profile.

8.  Your legal rights in accordance with the GDPR:

You can assert the following rights against us with regard to your personal data within the framework of the GDPR:
•        Your right to information and access in accordance with Article 15 GDPR
•        Your right to rectification in accordance with Article 16 GDPR
•        Your right to erasure in accordance with Article 17 GDPR
•        Your right to restriction of processing in accordance with Article 18 GDPR
•        Your right to data portability in accordance with Article 20 GDPR
You also have the right to lodge a complaint with the relevant authorities, specifically in the member state of your permanent place of residence or workplace or the place where you suspect the GDPR breach to have occurred.

You can also revoke your consent for processing of your personal data at any time. However, this revocation of consent is only valid for the future. Processing that has taken place prior to revocation remains unaffected.

Information about your right to object in accordance with Article 21 GDPR

1. Right to object on a case-by-case basis

In addition to the rights already mentioned, you have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data based on Article 6 Paragraph 1 f) GDPR (data processing based on a balance of interests). When you file an objection, we will cease to process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or unless the processing is necessary for the establishment, exercise or defence of legal claims.

2. Right to object to the processing of data for marketing purposes

You also have the right to object at any time to the processing of your personal data for direct marketing purposes (including subscribing to our newsletter); this includes creation of a user profile (profiling) to the extent that it is related to direct marketing. When you file an objection, we will cease to process your personal data.

Your objection can be raised informally by sending an e-mail to: dsb@doll.eu

9.    Note about our social media pages

We have a presence on Facebook (https://www.instagram.com/dolltrailer/) and Instagram (https://www.instagram.com/dolltrailer/) (referred to collectively as our “social media pages”) and use these platforms to share the latest news from within our organisation. In the context of our social media pages, we share joint responsibility for data processing with Facebook Ireland Ltd. (“Facebook”). More detailed information about how Facebook processes your data can be found in the Facebook Data Policy. Data subject rights can be exercised against both us and Facebook. Please also note that Facebook states by its own admission that it uses cookies; these are also used by Facebook in the context of our social media pages. For technical reasons, we have no control over the use of these cookies and cannot prevent their use. Neither are we able to use the data that Facebook shares with us to draw conclusions about the identity of specific persons; we are only provided with aggregated data about the use of our social media pages in the form of “Facebook Insights”. Similarly, we do not have any control over the subsequent use of the data Facebook collects using cookies.

You can find detailed information about Facebook Insights in Facebook’s information about Page Insights, which is available at https://www.facebook.com/legal/terms/page_controller_addendum. We process the data on our social media pages on the basis of Article 6 Para. 1) of the GDPR for the purposes of our legitimate interests so that we can remain in contact with potential customers, competitors or other interested parties.

Cookies, web tracking tools and remarketing on the website

Cookies do not cause any damage to your terminal device and do not contain viruses, Trojans or other malware. Information is stored in the cookie, which results in the establishment of a connection to the specific terminal device used. However, this does not mean that it stores any personal data or that we receive any information about your identity. Cookies are primarily used to improve and optimise your usage of websites and other online content. You can also manage the use of cookies in your browser settings. Different browsers offer different options for configuring cookie settings in the browser. You can find more detailed information about this at www.allaboutcookies.org/

The following is an overview of all cookies and other web-tracking tools on our website that are either provided by us or by third parties.

1.    Our own cookies (known as first-party cookies):

We use these cookies to analyse web traffic, to tailor our services, content and ads, to measure the effectiveness of ad campaigns and to promote trust in and the security of the website. We also use first-party cookies to differentiate one user from another and to calculate the total number of visitors to the website in conjunction with the log files on our web server. The data collected in this way helps us to receive the feedback required to continuously improve the website and offer users a better service. We only use session cookies which expire shortly after you have visited our website. We do not use any permanent first-party cookies that remain on your device for an extended period. The legal basis is Article 6 Paragraph 1 f) GDPR.

Users can stop accepting first-party cookies by configuring their browser settings so that they do not accept any cookies. However, once these settings have been made, you may not be able to use certain current or future elements of our website.

2.    Cookies and plug-ins on our website that send data to third parties (known as third-party cookies):

In addition to first-party cookies we also use – exclusively based on your consent (granted via our Consent Manager) – the following third-party cookies and plug-ins that are provided to us by the following parties and for the following purposes:

Google Analytics

Our website uses Google Analytics, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google EU”), a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 (“Google”).

The information about your usage of our website generated by the cookie (identifier, browser type/version, operating system used, referrer URL, truncated IP address, time of server request) is usually transferred to a Google server in the USA and stored there. However, in the member states of the European Union or in other signatory states to the Agreement on the European Economic Area, your IP address is truncated by Google on our website first. For this purpose, we have implemented the code “gat._anonymizeIp() ;” to guarantee anonymous collection of IP addresses (known as IP masking).

Only in exceptional circumstances is the full IP address sent to a Google server in the USA and truncated there. If in exceptional circumstances personal data is sent to the USA, Google is contractually obliged to ensure that appropriate data protection is guaranteed under the terms of the EU’s standard contractual clauses as well as through the adoption of additional measures.
Google will use the information about your usage of the website on our behalf within the framework of Google Analytics to assess your usage of the website, to compile reports about website activities and to provide other services related to website and internet usage. The IP address sent from your browser within the framework of Google Analytics and Google Tap Manager is not combined with other data by Google.

You can prevent storage of cookies by making the relevant settings on your browser software or the operating system on your mobile terminal device; however, please note that in this case, you may not be able to use all of the functions on our website to their full extent. You can also prevent collection of data about your usage of our website (including the IP address) by Google and its processing by Google by downloading and installing the browser plug-in at the following link: tools.google.com/dlpage/gaoptout

You can find more information on the terms of use and data protection at www.google.com/analytics/terms/us.html and www.google.com/intl/us/policies/privacy/

Use of the Facebook pixel

The Facebook pixel is installed on our website. You can find an overview of the Facebook plug-ins here: developers.facebook.com/docs/plugins/. These are services provided by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook EU”), which also transfer data to Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA (“Facebook USA”; “Facebook” as a whole together with Facebook EU). Under the terms of the EU’s standard contractual clauses, Facebook USA also guarantees appropriate data protection in the United States.

When you visit our website, a direct link is established between your device and the Facebook server. Facebook receives the information that you have visited our website together with your IP address. If you click on the “Like” button in your Facebook account, you can link the content on our website to your Facebook profile. This means that Facebook can link the visit to a visitor.

Please note that we, as the provider of the website, do not receive any information about the content of the data sent or how it is used by Facebook.  If you are not a member of Facebook, Facebook still receives and stores your IP address and receives information when you visit these websites and applications, including device information (operating system, hardware version, device settings, file and software names and types, battery and signal strength), device identifiers, device locations, including certain geographical locations such as GPS, Bluetooth or WiFi signals, connection information such as the name of your mobile phone provider or ISP, browser type, language and time zone, mobile telephone number, and information about your activities. According to Facebook, only one anonymised IP address is processed.

You can find more information in Facebook's data protection guidelines at www.facebook.com/policy.php or www.facebook.com/business/help/651294705016616. If you do not want Facebook to link your visit to our website to your Facebook account, please sign out of your Facebook account. Other settings and objections to usage of data for advertising purposes are possible within the Facebook profile settings: www.facebook.com/settings.

Facebook users should note that this website also uses Facebook's “Website Custom Audiences” communication tool.

For this purpose, Facebook pixels are integrated into our website. These identify you as a visitor to our website in anonymised form, without identifying you as a person. If you then log into Facebook at a later time, a non-reversible, non-personal checksum (profile) of your usage data is sent to Facebook for analysis and marketing purposes. Further information on the purpose and scope of data collection, how Facebook processes and uses your data as well as the setting options for protecting your privacy can be found in Facebook’s Data Policy, which is available, among other places, at www.facebook.com/ads/webseite_custom_audiences/ and www.facebook.com/privacy/explanation. If you wish to object to the use of Facebook website Custom Audiences, you can do so at www.facebook.com/ads/webseite_custom_audiences/.