Thank you for visiting our website and your interest in our company. We want you to feel safe and secure when visiting our website. We therefore take the protection as well as the confidentiality of your personal data very seriously.
This privacy notice is to inform you about when and for which purpose we process personal data that we collect when you use our website.
Of course, your personal data will be processed in compliance with the provisions of the EU General Data Protection Regulation („GDPR“), the German Federal Data Protection Act (Bundesdatenschutzgesetz, („BDSG“) and any other applicable regulations on data protection.
The Controller, i.e., the body responsible for processing personal data, is:
Porsche Automobil Holding SE
Telephone +49 711 911 244 20
Telefax +49 711 911 118 19
Our data protection officer can be contacted by email at firstname.lastname@example.org or by post by adding „For the attention of the data protection officer“ to the address.
1. General information
On the one hand, your personal data will be collected when you communicate them to us; e.g. if you write to us via the contact form or if you send us an inquiry. As far as certain input fields are marked as „mandatory“, we collect with these fields only the data that is necessary for the fulfillment of the contract or the execution of the desired action. Of course, you can provide us with additional information. Your personal data will only be processed for the execution of the requested measures, e.g. answering your enquiries and fulfilling your requests (Art. 6 para. 1 sentence 1 lit. b GDPR).
On the other hand, our IT systems automatically collect data when you are visiting the website (for more information, please see clause 2 onwards).
By visiting our site our server stores your access data. This includes e.g. the type and version of your browser, the kind of your used operating system, the domain name of the internet service provider, the IP address of the computer used, the website from which you are visiting us, date and time of the server request as well as the client's file request (file name and URL). We use these data anonymously for statistical evaluations, whereby no attribution is made to the respective user.
Purpose of this data processing is to enable the availability and the correct presentation of our website on your device and to optimize our website. In that regard, we have legitimate interests. Legal basis for the processing of the personal data is Art. 6 para. 1 sentence 1 lit. f GDPR as well as § 15 TMG.
A cookie is a small text file that is stored by a website on your hard drive. Cookies do not cause any damage to your computer and do not contain any viruses.
Generally, two types of cookies must be distinguished: cookies that only exist while the user navigates a website and are deleted when the browser is closed (known as session cookies) and cookies that are saved to the user's computer when a website is accessed and that enable us to identify your computer on your next visit (known as persistent cookies).
4. MONOTYPE Web Fonts
For the standardized presentation of fonts on our website we use so-called web fonts, which are provided by Monotype GmbH, Spichernstraße 2, 10777 Berlin, Germany, in cooperation with its parent company Monotype Imaging Holdings Inc., headquartered at 600 Unicorn Park Drive, Woburn, Massachusetts 01801 USA („Monotype“).
For this purpose your browser loads the required web fonts from the local server of our hosting provider into your browser cache when you visit our website. In order to enable Monotype to invoice the license fees for the use of the Web Fonts to us and to count the number of page views, the project identification number of the Web font (anonymized), the URL of the licensed website linked to a customer number and the URL of the previously visited page will be collected and forwarded to Monotype. It cannot be ruled out that the information collected may also be transmitted to a Monotype server in a third country, in particular to a server of Monotype Imaging Holdings Inc., USA. According to Monotype, it is not possible to draw any conclusions about the affected website visitor.
These web fonts are used in the interest of a standardized and attractive presentation of our website. This constitutes a legitimate interest within the meaning of the relevant legal basis of Art. 6 para. 1 sentence 1 lit. f GDPR.
For further information on the data processing through Monotype please refer to the following websites of Monotype:
As Joint Controller we operate a company site on the LinkedIn platform of the provider LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland („LinkedIn“), where we inform about news from our company and events.
Data processing on our LinkedIn site and legal basis for this
As a provider of an online presence on the social media platform LinkedIn, we process personal data when you contact us directly via the platform (in a personal message or via the public comment function). Which data is collected depends on the content of your message and the contact details you have provided or released.
With the help of this data the provider of the social media platform can also create user profiles. This enables him to display interest-related advertising to the user within and outside the respective social media presence. If you are also logged into your social media account with the browser you use for our LinkedIn site, the name of the account is also forwarded. This allows the social media provider to match the visit of this website to your user account.
The processing of personal data collected via the platform by us is based on Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest lies in being able to present Porsche SE to the outside world in a variety of ways and to make the most effective use of the communication opportunities with our customers. If you are asked by LinkedIn to give your consent to the above-mentioned data processing, the legal basis for this processing is Art. 6 para. 1 sentence 1 lit. a, Art. 7 GDPR.
Joint Controller Agreement according to Art. 26 GDPR
We have concluded a Joint Controller Agreement with LinkedIn pursuant to Art. 26 GDPR in which the data protection obligations arising from the operation of our company site are divided between us and LinkedIn. LinkedIn has thereby assumed a large part of the data protection obligations, such as the fulfillment of the data subject rights pursuant to Art. 12 et seq. GDPR, the obligation to provide suitable technical and organizational measures to protect the security of personal data, and the notification and notification obligations in the event of a data protection breach. If you contact us regarding your data subject rights, we will immediately forward your request to LinkedIn. We are obligated to do this under the agreement with LinkedIn.
For more information on the agreement between us and LinkedIn, please visit:
Disclosure of personal data
Please note that we cannot track all data processing activities on LinkedIn, nor do we have any control over it. Accordingly, we cannot control or exclude the possibility that the information collected by LinkedIn may be transferred to a third country, specifically to a server of LinkedIn's parent company, LinkedIn Corporation, located in 1000W. Maude Ave. Sunnyvale, California 94085, USA. In such cases, the information is submitted to LinkedIn Corporation on the basis of EU-Standard Contractual Clauses.
Rights of the data subject
In principle, you can assert your data protection rights with regard to data processing by our LinkedIn site both against us and against LinkedIn. However, we would like to point out that these can be most effectively claimed on LinkedIn. Because only LinkedIn, as the provider, has access to the users' data and can therefore take appropriate measures and provide information directly.
For further information on the processing of your personal data through LinkedIn, possibilities of adjustment and contradiction please refer to the websites of LinkedIn, for example:
Within Porsche SE, only authorised staff with relevant competencies will have access to your personal data.
We are authorised to mandate third parties, for example website administrators, to provide certain services, such as IT services. Furthermore, we retain legal advisors, management consultants and auditors, among other professionals. These third parties perform services on our behalf and under our supervision as well as in accordance with our instructions and they may have access to personal data to the extent required for them to render their services.
We require all of our employees, agencies and service providers to act in the strictest of confidence.
In addition, we can – to the extent legally permissible – transmit your personal data to authorities, courts and other governmental authorities both in Germany and abroad in order to comply with statutory duties or if this is in the company's best interest.
Your data will not be sold, hired out or traded in.
We will erase the data gathered in this connection once their storage is no longer necessary (usually after the request has been finally dealt with), the personal data is no longer required for any administrative or court proceedings, if any, and no other statutory obligations to furnish evidence or record retention requirements apply or any reasons justifying the storage exist.
Porsche SE employs technical and organisational security measures to protect your personal data that we process against random or intentional manipulation, loss, destruction or access by unauthorised persons. Our security measures are continuously improved in line with developments in technology.
Subject to the statutory requirements, you have the right to access information about your processed personal data (Art. 15 GDPR), to require rectification (Art. 16 GDPR) or erasure of your personal data (Art. 17 GDPR), the restriction of processing (Art. 18 GDPR) or the portability of your personal data (Art. 20 GDPR) by using the contact information indicated above.
Right to object (Art. 21 GDPR): If we process your data for the purposes of the legitimate interests pursued by us (Art. 6 para. 1 sentence 1 lit. f GDPR), at any time with effect for the future you may object to such processing on grounds relating to your particular situation that oppose such data processing. Please submit your objection to the contact address indicated above.
In some cases, however, we are not permitted to completely erase user data, due to legal retention requirements.
We would also like to draw your attention to the possibility to file a complaint with a responsible supervisory authority. The responsible supervisory authority for us is the Baden-Württemberg State Commissioner for the Protection of Data and Freedom of Information, Königstraße 10a, 70173 Stuttgart, Germany.
If you have any questions, comments or suggestions about this privacy notice or our data protection policies, please contact Porsche SE's data protection officer under email@example.com.
Status 21 June 2021