Privacy Policy

The responsible entity for data processing is:
LEAB Automotive GmbH
Thorshammer 6
24866 Busdorf
Germany
Email: info@leab.eu

Tel.: +49 (0) 4621 - 97860-0

We appreciate your interest in our online shop. The protection of your privacy is very important to us. We would like to inform you in detail about how your data is handled.

1. Access data and hosting

You can visit our websites without providing personal information. Each time a website is accessed, the web server automatically stores a so-called server log file, which contains, for example, the name of the requested file, your IP address, date and time of the selection, transferred amount of data and the requesting provider (access data), and which documents the selection. This access data is evaluated exclusively for the purpose of ensuring trouble-free operation of the site and improving our offer. This serves to safeguard our legitimate prevailing interests in a correct presentation of our offer pursuant to Article 6 para. 1.1.f of the GDPR. All access data shall be deleted at the latest seven days after the end of your site visit.

2. Data processing for contract processing and for contacting us

2.1 Data processing for contract processing

We collect personal information when you voluntarily provide it to us as part of your order or when contacting us (for example, by contact form or email). Mandatory fields are marked as such, as we require the data in these cases to process the contract or to process your contact and you cannot complete the order or send the contact without providing it. The data collected can be seen from the corresponding input forms.

We use the data provided by you for the purpose of processing the contract and handling your enquiries (including enquiries about and processing of any existing warranty and performance claims as well as any statutory update obligations) pursuant to Article 6 para. 1.1.b of the GDPR. More information on the processing of your data, in particular on the transfer to our service providers for the purpose of order, payment and shipping processing, can be found in the following sections of this privacy policy. After complete processing of the contract, your data will be restricted for further processing and deleted after expiry of any retention periods under tax and commercial law pursuant to Article 6 para. 1.1.c of the GDPR, unless you have expressly consented to further use of your data pursuant to Article 6 para. 1.1.a of the GDPR or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.

2.2 Contact

Within the scope of customer communication, we collect personal data in order to process your enquiries pursuant to Article 6 para. 1.1.b of the GDPR if you voluntarily provide us with this data when contacting us (e.g. via contact form or email). Mandatory fields are marked as such, as in these cases the data is essential to process your contact. The data collected can be seen from the respective input forms. After your enquiry has been fully processed, your data will be deleted unless you have expressly consented to further use of your data pursuant to Article 6 1.1.a of the GDPR or we reserve the right to use data in a manner that goes beyond this and is permitted by law and about which we inform you in this declaration.

3. Privacy Policy for Applicants

We process the information you have provided to us in connection with your application in order to assess your suitability for the position (or, if applicable, other open positions in our company) and to complete the application process. The legal basis for the processing of your data is primarily §26 of the Federal Data Protection Act (new). If the data is required for legal prosecution after completing the application process, data processing may be performed based on the requirements of Article 6 of the GDPR, in particular for the exercise of legitimate interests pursuant to Article 6 para. 1.1.F) of the GDPR. Our interest then lies in the assertion or defence against claims. Your data will be deleted in the event of cancellation after 6 months. In the event that you have consented to further storage of your personal data, we will transfer your data to our applicant pool. Here, the data will be deleted after ten years.

If you have received confirmation for a job as part of the application process, the data from the applicant data system will be transferred to our personnel information system. Your application data will be viewed by the Human Resources department upon receipt of your application. Suitable applications are then forwarded internally to the department heads for the respective open position. The only people who will have access to your data are those that need it to ensure that our application process runs properly. The data is processed solely in data centres of the Federal Republic of Germany. You can find your rights and a contact at the end of this privacy policy.

4. Data processing for the purpose of shipment handling

In order to fulfil the contract pursuant to Article 6 para. 1.1.b of the GDPR, we pass on your data to the shipping service provider commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods.

4.1 Data transfer to shipping service providers for the purpose of shipping notification

If you have given us your express consent to this during or after your order, we will forward your email address and telephone number to the selected shipping provider on the basis of this pursuant to Art. 6 para. 1.1.a of the GDPR so that the latter can contact you before delivery for the purpose of announcing or coordinating delivery. Consent can be revoked at any time by sending a message to the contact option described in this privacy policy or directly to the shipping service provider at the contact address listed below. After revocation, we will delete your data unless you have expressly consented to further use of your data or we reserve the right to use the data as legally permitted, of which we inform you in this policy.

United Parcel Service Deutschland S.à r.l. & Co. OHG
Görlitzer Straße 1
41460 Neuss
Germany

Spedition Karl Jürgensen Autofernverkehr und Spedition KG
Heinrich-Hertz-Straße 16
24837 Schleswig
Germany

5. Data processing for payment handling

We work with the following partners to process payments in our online shop: technical service providers, credit institutions, payment service providers.

5.1 Data processing for transaction handling

Depending on the payment method selected, we pass on the data necessary for processing the payment transaction to our technical service providers, who work for us within the framework of order processing, or to the commissioned credit institutions or to the selected payment service provider, insofar as this is necessary for processing the payment. This serves to fulfil the contract pursuant to Art. 6 para. 1.1.b of the GDPR. In some cases, the payment service providers collect the data required for processing the payment themselves, for example on their own website or via a technical integration in the order process. In this respect, the privacy policy of the respective payment service provider applies.

If you have any questions about our payment processing partners and the basis of our cooperation with them, please use the contact option detailed in this privacy policy.

5.2 Data processing for the purpose of fraud prevention and optimisation of our payment processes

Where applicable, we give our service providers further data which they use together with the data necessary to process the payment as our processors for the purposes of fraud prevention and optimising our payment processes (e.g. invoicing, processing of contested payments, accounts support). Pursuant to Art. 6 para. 1.1.f of the GDPR, this serves to protect our legitimate interests in our protection against fraud or in efficient payment management, which outweigh our interests in the context of a balancing of interests.

5.3 Credit check

If we make an advance payment (in the case of purchase on account), we obtain an identity and credit report from specialised service providers (credit agencies). For this purpose, we transmit your personal data required for a credit check to:

CRIF Bürgel GmbH
Radlkoferstraße 2
81373 Munich
Germany

This serves to protect our legitimate interests pursuant to Article 6 para. 1.1.f of the GDPR, which prevail in the context of a balancing of interests, in assessing the creditworthiness and willingness to pay of our potential customers in the run-up to the conclusion of the contract and thus avoiding purchase price defaults, and is necessary for the conclusion of the contract pursuant to Article 22 para. 2.a of the GDPR. Appropriate measures to protect your rights, freedoms and legitimate interests shall be taken into account. You have the opportunity to make your point of view known and challenge the decision by contacting the contact option detailed in this privacy statement. After the contract has been fully processed, your data processed for this purpose will be deleted unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.

6. Advertising by email

Email newsletter with registration and newsletter tracking

If you subscribe to our newsletter, we will use the data required for this purpose or provided separately by you in order to send you our email newsletter regularly on the basis of your consent pursuant to Article 6 para. 1.1.a of the GDPR. You may unsubscribe from the newsletter at any time, either by a message to the contact option described below or via a dedicated link in the newsletter. After unsubscribing, we will delete your email address from the list of recipients, unless you have expressly consented to further use of your data pursuant to Article 6 para. 1.1.a of the GDPR or we reserve the right to use data beyond this, which is permitted by law and about which we inform you in this declaration.

We draw your attention to the fact that we evaluate your user behaviour when sending the newsletter.Fot this purpose, we also analyse your interaction with our newsletter by measuring, storing and evaluating opening rates and click-through rates for the purpose of designing future newsletter campaigns (“newsletter tracking”).

For this evaluation, the emails sent contain single-pixel technologies (e.g. web beacons, tracking pixels) that are stored on our website. For the evaluations, we link the following "newsletter data" in particular

  • The page from which the page has been requested (referrer URL), the date and time of the call,

  • The description of the type of web browser used, the IP address of the requesting computer,

  • The email address,

  • The date and time of registration and confirmation

and the single-pixel technologies with your email address or your IP address and, if applicable, an individual ID. Links contained in the newsletter may also contain this ID.

If you do not wish to receive newsletter tracking, it is possible to unsubscribe from the newsletter at any time, as described above.

The information is stored for as long as you are subscribed to the newsletter.

7. Social media

Our online profile on Facebook (by Meta), Instagram (by Meta), Youtube and LinkedIn

Insofar as you have given your consent to the respective social media operator in accordance with Art. 6 para. 1.1.a of the GDPR, when you visit our social media mentioned above, your data is automatically collected and stored for market research and advertising purposes, from which usage profiles are created using pseudonyms. These can be used, for example, to display advertisements within and outside the platforms that presumably match your interests. Cookies are usually used for this purpose. For detailed information on the processing and use of data by the respective social media operator, as well as a contact option and your rights and setting options in this regard to protect your privacy, please refer to the data protection notices of the providers linked below. If you still need help in this regard, you can contact us.

Facebook (by Meta) is an offer of Meta Platforms Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland (“Meta Platforms Ireland”). The information automatically collected by Meta Platforms Ireland about your use of our online profile on Facebook (by Meta) is generally transmitted to a server of Meta Platforms, Inc., 1 Hacker Way, Menlo Park, California 94025, USA, where it is stored. There is no appropriateness resolution by the European Commission for the USA. Our cooperation with the USA is based on standard data protection clauses of the European Commission. Data processing in the context of a visit to a Facebook (by Meta) fan page takes place on the basis of an agreement between jointly responsible parties pursuant to Art. 26 of the GDPR.

Instagram (by Meta) is a service of Meta Platforms Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland (“Meta Platforms Ireland”). The information automatically collected by Meta Platforms Ireland about your use of our online profile on Instagram is generally transmitted to a server of Meta Platforms, Inc, 1 Hacker Way, Menlo Park, California 94025, USA, where it is stored. There is no appropriateness resolution by the European Commission for the USA. Our cooperation with the USA is based on standard data protection clauses of the European Commission. Data processing in the context of a visit to an Instagram (by Meta) fan page takes place on the basis of an agreement between jointly responsible parties pursuant to Art. 26 of the GDPR.

YouTube is a service of Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). The information automatically collected by Google about your use of our online offering on YouTube is generally transmitted to a server of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, where it is stored. There is no appropriateness resolution by the European Commission for the USA. Our cooperation with the USA is based on standard data protection clauses of the European Commission.

LinkedIn is a service of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (“LinkedIn”). The information automatically collected by LinkedIn about your use of our online offering on LinkedIn is generally transmitted to a server of LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA, where it is stored. There is no appropriateness resolution by the European Commission for the USA. Our cooperation with the USA is based on standard data protection clauses of the European Commission.

8. Contact options and your rights

8.1 Your rights

As a data subject, you have the following rights:

  • Pursuant to Art. 15 of the GDPR, you have the right to request information about your personal data processed by us to the extent specified therein;

  • pursuant to Art. 16 of the GDPR, you have the right to request the correction of inaccurate or incomplete personal data stored by us without delay;

  • Pursuant to Article 17 of the GDPR, you have the right to demand the deletion of your personal data stored by us, unless further processing is required

    - to exercise the right to freedom of expression and information;

    - to comply with a legal obligation;

    - for reasons of public interest, or

    - for the assertion, exercise or defence of legal claims;

  • The right, pursuant to Article 18 of the GDPR, to request the restriction of the processing of your personal data, insofar as

    - you dispute the accuracy of the data;

    - the processing is unlawful but you object to its erasure;

    - we no longer need the data, but you need it to assert, exercise or defend legal claims, or

    - you have lodged an objection against the processing under Article 21 of the GDPR;

  • Pursuant to Art. 20 of the GDPR, you have the right to receive the personal data you have provided to us in a structured, common and machine-readable format or to request transmission to another responsible party;

  • Pursuant to Art. 77 of the GDPR, you have the right to complain to a supervisory authority. As a rule, you may contact the supervisory authority at your usual place of residence or work or at our company registered office.


8.2 How to contact us

If you have any questions regarding the collection, processing or use of your personal data, for information, correction, restriction or deletion of data as well as revocation of any consent given or objection to a specific use of data, please contact our company data protection officer.

Data protection officer(s):

Thorshammer 6
24866 Busdorf
Germany

datenschutz@leab.eu


********************************************************************
Right of objection

Insofar as we process personal data as described above in order to safeguard our legitimate prevailing interests, you may object to this processing with effect for the future. If the processing is carried out for the purposes of direct marketing, you may exercise this right at any time as described above. If the processing is carried out for other purposes, you are only entitled to object if there are reasons arising from your particular situation.

After exercising your right of objection, we will not process your personal data further for these purposes unless we can prove compelling reasons for processing worthy of protection which outweigh your interests, rights and freedoms, or if the processing serves the assertion, exercise or defence of legal claims.

This shall not apply if the processing is conducted for the purposes of direct marketing. Then we will not further process your personal data for this purpose.