Privacy Notice

Continental Reifen Deutschland GmbH (hereinafter referred to as “Continental”) processes your data in the course of your use of the ContiGarant platform.

We are aware of the sensitivity of personal data and, when handling users’ personal data, we comply with the applicable statutory data protection regulations, in particular the provisions of the German Federal Data Protection Act (BDSG) and the General Data Protection Regulation (GDPR).

1. General

The definitions set out in Article 4 of the GDPR shall apply.

2. Data Controller

Continental Reifen Deutschland GmbH
Continental-Plaza 1
30175 Hannover
Germany
E-Mail support@contigarant.com

3. Contact Details of the Data Protection Officer

If you have any questions regarding data protection or these data protection notices, you may also contact the Data Protection Officer at: dataprotection@conti.de

4. Processing and Purpose of Data Processing, Legal Basis and Storage Period

At various stages of the project, Continental processes your personal data for different purposes.

Data Processing (Purpose)	Legal Basis	Storage Period
Initiation, administration and settlement of the ContiGarant tyre guarantee First and last name Address: street, postcode, city Email address of the tyre owner Upload of proof of purchase	Article 6(1)(b) GDPR (Performance of a Contract with a Natural Person) Article 6(1)(f) GDPR Continental’s legitimate interest is the performance of the contract or the implementation of pre-contractual measures at the customer’s request.	Your data will be processed for the purpose of initiating, carrying out and administering the ContiGarant promotion. The data will be stored until revoked. Once the purpose no longer applies, your personal data will be deleted, provided that no statutory retention obligations prevent such deletion.
Provision of the Website and Creation of Log Files When accessing our website or retrieving a file, data relating to this process is stored in a log file on the web server. In detail, the following data may be stored: IP address Domain name of the website you came from Names of the files accessed Date and time of access Name of the Internet service provider Operating system and browser version of your device The purpose of this processing is to ensure the operation of this website. This includes protection against malicious attacks or excessive use of our services. When using this data, we do not draw any conclusions about your identity. The information collected is solely required to ensure the functionality of the website and to maintain system security and stability. Statistical analysis of anonymised datasets remains reserved.	Article 6(1), sentence 1, point (f) GDPR (temporary storage of log data). The legitimate interest arises from the above-mentioned purposes of data collection. The anonymised data collected in the server log files is always stored separately from any personal data provided by a data subject.	These log data are stored solely for the stated purposes and for a maximum period of 7 days.
Anonymised reporting for the analysis of participation in ContiGarant	Article 6(1)(f) GDPR	After completion of ContiGarant, customer data will be anonymised and used for internal reporting purposes.

Data Processing (Purpose)

Legal Basis

Storage Period

Initiation, administration and settlement of the ContiGarant tyre guarantee

First and last name
Address: street, postcode, city
Email address of the tyre owner
Upload of proof of purchase

Article 6(1)(b) GDPR (Performance of a Contract with a Natural Person)

Article 6(1)(f) GDPR

Continental’s legitimate interest is the performance of the contract or the implementation of pre-contractual measures at the customer’s request.

Your data will be processed for the purpose of initiating, carrying out and administering the ContiGarant promotion.

The data will be stored until revoked. Once the purpose no longer applies, your personal data will be deleted, provided that no statutory retention obligations prevent such deletion.

Provision of the Website and Creation of Log Files

When accessing our website or retrieving a file, data relating to this process is stored in a log file on the web server. In detail, the following data may be stored:

IP address
Domain name of the website you came from
Names of the files accessed
Date and time of access
Name of the Internet service provider
Operating system and browser version of your device

The purpose of this processing is to ensure the operation of this website. This includes protection against malicious attacks or excessive use of our services. When using this data, we do not draw any conclusions about your identity. The information collected is solely required to ensure the functionality of the website and to maintain system security and stability. Statistical analysis of anonymised datasets remains reserved.

Article 6(1), sentence 1, point (f) GDPR (temporary storage of log data).

The legitimate interest arises from the above-mentioned purposes of data collection. The anonymised data collected in the server log files is always stored separately from any personal data provided by a data subject.

These log data are stored solely for the stated purposes and for a maximum period of 7 days.

Anonymised reporting for the analysis of participation in ContiGarant

Article 6(1)(f) GDPR

After completion of ContiGarant, customer data will be anonymised and used for internal reporting purposes.

Based on statutory requirements, Continental has implemented a global, uniform and internal data protection policy (Binding Corporate Rules) that governs the protection of personal data.

5. Article 22 GDPR

There is no automated decision-making in individual cases, including profiling.

6. Voluntary Nature of Consent

My declaration of consent is given voluntarily. I may refuse to give my consent without stating any reasons, without suffering any disadvantages as a result.

7. Withdrawal of Consent

My consent given above shall remain valid until I withdraw it. I may declare this withdrawal at any later time without stating reasons, with effect for the future. In this regard, reference is made to the contact details provided in sections 1.2 and 1.3 of this privacy notice.

In addition, I am entitled to the rights vis-à-vis Continental set out under “11. Rights of the Data Subject”.

8. Requirement to Provide Your Personal Data

You are not legally obliged to provide your data to Continental. However, if you seek to enter into a contractual relationship with Continental, Continental must process the data that is necessary for the performance of the contract or for carrying out pre-contractual measures at your request.

9. Recipients

Your personal data may be shared with the following recipients, where applicable:

Service provider and support for ContiGarant (processor)

Advertising agency Speitkamp e.K., Kaiserstraße 133, 52134 Herzogenrath, Germany
Hosting provider (sub-processor of Speitkamp):
Pixel X e.K., Kuhstraße 26-27, 38100 Braunschweig, Germany

10. Transfer to Third Countries

No transfer to third countries takes place.

11. Rights of the Data Subject

We would like to inform you that, as a data subject, you have the following rights under the GDPR in connection with the processing of your personal data:

Right to information pursuant to Articles 13 and 14 GDPR
Right of access pursuant to Article 15 GDPR
Right to rectification pursuant to Article 16 GDPR
Right to erasure pursuant to Article 17 GDPR
Right to restriction of processing pursuant to Article 18 GDPR
Right to data portability pursuant to Article 20 GDPR
Right to lodge a complaint with a supervisory authority pursuant to Article 77 GDPR

To exercise your rights, please contact the company named in section 2.

You may also contact our Data Protection Officers at any time in writing (including by email) with questions or complaints at: dataprotection@conti.de wenden

12. Protection of Stored Data

Continental implements technical and organisational security measures to protect the personal data you provide to us against manipulation, loss, destruction or unauthorised access. These security measures are continuously improved and adapted in line with the state of the art.

Data transmitted without encryption may be accessible to third parties. We therefore point out that secure transmission cannot be guaranteed for data transmission over the Internet (e.g. when communicating by email). Sensitive data should therefore either not be transmitted at all or only via a secure connection (SSL). If you access pages and files and are prompted to enter data about yourself, please note that such data transmission over the Internet may be unsecured and that the data may therefore be accessed or altered by unauthorised persons.