I. Who is responsible for processing your data?

The controller for processing your data is Liebherr-IT Services GmbH, St. Vitus 1, 88457 Oberopfingen, Contact: info.lis@liebherr.com

II. Which data do we process and for what purpose?

When you access the portal and its contents, our web server processes the following data in particular, which we store in so-called log files:

• date and time of access to the portal
• URL (address on the Internet) of the website on which you were at the time of accessing the portal
• the files you retrieved through the portal (type of access, name of the retrieved file, URL of the retrieved file, success of the retrieval)
• the amount of data transferred to you during your visit to the portal
• the type and version of browser you are using and the operating system you are using
• the domain name of your Internet access provider
• your (external) IP address

We process the data mentioned for the purpose of guaranteeing the security and stability of our website..

If you want to contact the respective provider in the portal directly via thecontact form, we may forward the following data to the provider for you.

• Reason for contacting us
• Name, first name
• Company
• Phone number
• E-mail addressE-Mail-Adresse

We process/ transmit the above-mentioned data for the purpose of direct contact between an interested party and the respective provider.

III.On what legal basis will we process your data?

We store the log files on the web server on the basis of a balancing of interests according to Art. 6 para. 1 lit. f) GDPR.
Our legitimate interests are: Improving stability, functionality and security of the portal.

You have the right to object to the processing of your data in accordance with the provisions of Art. 21 GDPR.

We transmit your data to the respective provider for the purpose of establishing contact on the grounds of the legal basis fulfilment of contracts according to Art. 6 para. 1 lit. b) GDPR.

IV. To whom and for what purposes do we transfer which categories of your data?

If appropriate, we will transfer your data to:

• Our service providers that we use in order to achieve the above stated purposes
• Provider you want to contact
• Courts, courts of arbitration, authorities or legal consultants, if this is necessary in order to comply with current law or to assert, exercise or defend legal claims

V. Will your data be processed outside the European Union?

The transfer of data to locations in countries outside the European Union (so-called third countries) is only permissible (1) if you have given us your consent or (2) if the European Commission has decided that an appropriate level of protection is afforded in a third country (Article 45 DGPR). Should the Commission not have taken such a decision we may only transfer your data to third parties that are in a third country provided there are suitable warranties (e.g. standard data protection clauses that are accepted by the Commission or the supervisory authority after a specific procedure), and the assertion of your rights as a data subject is ensured or the transfer is permissible in individual cases on the grounds of other legal bases (Article 49 GDPR).

VI. When will we delete or anonymise your data?

We will process your data so long as this is necessary for the purpose in question, unless you have effectively objected to the processing of your data or effectively withdrawn a consent you have given.

If there exist retention obligations by law we will be bound to store the data concerned for the period of the obligation to retain. Upon expiry of the retention obligation, we will check whether there is any further necessity for the processing. If there is no longer such a necessity, your data will be deleted.

VII. Links to other websites

The website may contain links to other websites not affiliated with us. After clicking on the link, we no longer have any influence on the processing of any data transferred to third parties by clicking on the link (such as the IP address or the URL on which the link is located), since the behavior of third parties is naturally beyond our control. Therefore, we cannot assume any responsibility for the processing of such data by third parties.

We employ technical and organisational security measures in order to ensure that your data are protected against loss, inaccurate alteration or unauthorized access by third parties. Moreover, for our part in every case only authorized persons have access to your data, and this only insofar as is necessary in the scope of the above stated purposes.

Within the legally foreseen scope, you have the right to

1. information about your data;
2. rectification of inaccurate data and completion of incomplete data;
3. erasure of your data, particularly if (1) they are no longer necessary for the purposes stated in this Data Protection Declaration, (2) you have withdrawn your consent and there is no other legal ground for the processing, (3) your data have been unlawfully processed, or (4) you have objected to the processing and there are no overriding legitimate grounds for the processing.
4. restriction of the processing of your data, particularly if the accuracy of the data is contested by you or the processing of your data is unlawful and instead of deletion you demand restriction of use.
5. receive your data in a structured, commonly used and machine-readable format and to have your data transmitted from us directly to another controller.

Please note that the lawfulness of processing based on consent performed prior to the withdrawal will not be affected by your withdrawal.

If you assert any of the above stated rights please understand that we may require you to provide evidence showing that you are the person you claim to be.

Furthermore, you have the right to lodge a complaint with the relevant supervisory authority.

If you have any questions concerning data protection please contact:

Corporate Privacy
Liebherr-IT Services GmbH
Oberopfingen
St.-Vitus 1
88457 Kirchdorf an der Iller
E-Maildatenschutz@liebherr.com

Status: December 2019