Privacy Statement

Version 2.24 from 30/06/2020

Data Protection Regulations

We, the publisher, and potentially the separate provider, welcome your interest in this app. The protection of your privacy as a user of the app is important to us. Please see below for information about how personal data is used in connection with the app. “Personal data” is all information that relates to an identified or identifiable natural person. Overall, our handling of personal data is based on the Privacy Policy applicable to us.

1 Responsibility

For the purposes of these data protection regulations/this privacy statement, the terms “Publisher” or “we” are used throughout, irrespective of whether the Publisher is the sole contracting partner in accordance with Section 1.1 of the EULA (please refer to Part I of the Terms and Conditions of Use) or a different provider is specified in the app’s provider information (under Provider). In this case, the provider is responsible under data protection law, otherwise the publisher is responsible.

2 Scope and Purpose of Data Processing

2.1 Data Categories

We process personal data of the user which the user enters when registering and using the app, data on the device released by them for processing and data in connection with the use of the app (for example, the location).

The transfer of such data is neither legally or contractually prescribed nor necessary for the conclusion of a contract. The user is not obliged to transfer such data. However, if such data is not transferred, this may result in the app not functioning or only functioning with restrictions.

To use the payment function, we also save the identification number provided. If you use a credit card as your payment method in the payment function, we also process the name of the credit card holder, the credit card’s expiry date and the credit card number which the user entered as a payment method when registering. Beyond this, we also use an encrypted picture of the credit card details with a shortened credit card number as a unique identifier for the credit card. If you use other payment methods in the payment function (e.g. PayPal), we process the information (e.g. email address) which is required for the payment processes.

2.2 Purposes of Data Processing

We process the above data in accordance with the applicable data protection law. Data is processed for the following purposes:

Contract Performance

We always delete the personal data as soon as further processing for the purpose of contract performance is no longer necessary. Any further storage or processing is only possible in accordance with the “Storage duration and deletion” section.

When you use the payment function, we process the personal data indicated above in order to provide the service to you. If you choose this service, you do not have to input your payment details again when you make payments in other online shops linked to this service. We have to process this data in order to provide this service to you. As a result, the legal basis for processing is fulfilling a contract with the data subject.

Consent to Data Processing

If you have given us your consent to the processing of your personal data for other purposes (for example, in order to analyse usage data, please refer to the “Evaluation of usage data” section), said data processing shall be carried out exclusively on the basis of said consent.

Consent is always voluntary and may be freely revoked at any time. Consent granted within the app can usually also be revoked there; in all other cases, you may revoke consent using the e-mail address specified in the provider information. Your revocation does not affect the lawfulness of the processing of your data up to that point on the basis of your consent. Any further processing of this data on the basis of different legal provisions, for example to meet legal requirements (please refer to the “Fulfilment of statutory requirements” section) is also unaffected.

Pursuit of Legitimate Interests

If necessary, we process your personal data in a manner that goes beyond the fulfilment of the contract in order to preserve the legitimate interests of the Publisher or third parties. Preserving the functioning and security of our IT systems constitutes such a legitimate interest.

We always delete this personal data as soon as further processing or archiving is no longer required to preserve the legitimate interest in question. Any further storage or processing is only possible in accordance with the “Storage duration and deletion” section.

Fulfilment of Statutory Requirements

As a company, we are subject to statutory obligations and requirements, such as obligations to preserve records relating to commercial and tax law. We therefore also process the user’s personal data where this is necessary in order to fulfil legal obligations. We only disclose a user’s personal data to regulatory and law enforcement agencies where there is a legal obligation to do so.

3 Evaluation of Usage Data

If you have consented to your usage data being analysed by activating the function, we analyse usage data from the app (usage data is collected so that we can run and develop Bertha and advise individual users), so that we can recognise preferences and further develop the app. In this way, the app can be better adapted and improved to meet the needs of users.

You can revoke your consent to your usage data being analysed at any time by deactivating the function under My Account > Data Protection > Usage Information and restore your consent by activating it again. Where cookies are used for evaluation purposes, their use will be discontinued when the evaluation function is deactivated.

4 Receipt of Push Notifications

If you have given your consent to receive push notifications, you will receive push notifications on your end device with information on how to better use the app, and functions that may be of interest to you. You can also revoke your consent to receiving push notifications at any time by deactivating the function under My Account > Data Protection > Usage Information and restore your consent by activating it again.

5 Recipients of Personal Data

Relaying to third parties

If services of other providers and third parties, in particular Adobe Analytics, Adjust, Sentry, Clever Tap, are used from within the app, we will pass on the user’s personal data to these parties. This shall only be done insofar as it is necessary for the provision and use of the app and its functionalities, for the pursuit of the legitimate interests of the Publisher or third parties, or insofar as you previously consented to said relaying (please refer to the “Purposes of data processing” section).

The service providers were carefully chosen by us and are regularly monitored, including with respect to their careful and secure handling of the personal data that is accessible to them. We impose an obligation to observe confidentiality and comply with statutory requirements on all service providers.

If links to third-party content and offers are provided in the app, the respective third party is responsible for this content.

To allow you to use the payment function, we transfer your data to one or more payment processors and the additional service providers selected by the online shop (hereinafter referred to as “Service Providers”). All relevant Service Providers are located within the European Union and are bound in their relationship to us by data processing agreements according to Article 28 GDPR. Some of the Service Providers in question may deploy sub-processors located outside of the European Union. An appropriate level of data protection is ensured by agreeing the standard contractual clauses for sub-processors.

Company employees of Daimler AG

For users who register for the first time with their internal Daimler email address, the email address is sent to Daimler AG to check the user’s Daimler fuel card, which can be automatically stored in the app. The user is informed of this on registration, prior to sending the email address. If the user does not want their Daimler email address to be passed onto Daimler AG, the user has the opportunity to give a private email or other external email address before we go ahead with checking.

If the user’s Daimler AG employee fuel card is saved, the tank data required for payment processing will be sent to Daimler AG.

Governmental institutions or authorities

Personal data is only transferred to governmental institutions or authorities in accordance with mandatory legal requirements (see “Purposes of data processing” section).

6 Storage Duration and Deletion

We store and process your personal data only for as long as this is necessary for the particular purpose (see “Purposes of data processing” section). Beyond this, any storage and processing of data takes place only where this is permissible for another purpose (see “Purposes of data processing” section), such as the fulfilment of statutory requirements (e.g. obligations to preserve records relating to commercial or tax law). In this case, we restrict the further data processing to this purpose and the legal basis of further processing.

7 Contact for Data Protection

If you should have any questions about the processing of personal data in the app, you can contact the Chief Officer for Corporate Data Protection who, along with his team, is available to respond to requests for information, suggestions, or complaints.

Daimler AG
Chief Officer for Corporate Data Protection HPC G353 D-70546 Stuttgart E-Mail: data.protection@daimler.com

8 Addenda for the European Union

In addition to the aforementioned regulations, the following applies in accordance with the requirements of the General Data Protection Regulation of the European Union (GDPR), where applicable:

The processing described in the “Purposes of data processing” section is performed on the following legal basis:

8.2 Data Subject Rights

As a data subject, you have the right to information (Article 15 GDPR), correction (Article 16 GDPR), deletion of data (Article 17 GDPR), restricting processing (Article 18 GDPR) and transferring data (Article 20 GDPR).

8.3 Right to Object

You have the right to object to the processing of personal data concerning you at any time as a result of an extraordinary situation on the basis of Article 6 1 e) GDPR (data processing in the interest of the public) or Article 6 1 f) GDPR (data processing on the basis of balancing of interests). If you object, we shall only continue to process your personal data where we can provide mandatory, justifiable reasons that overrule your interests, rights and liberties or if the processing serves to assert, exercise or defend legal rights.

8.4 Complaint

If you are of the opinion that the processing of your personal data infringes statutory provisions, you have the right to file a complaint with a responsible data protection supervisory authority (Article 77 GDPR).

9 Update

We reserve the right to adapt this Privacy Statement as appropriate with effect for the future from time to time, e.g. in response to changed circumstances and technical developments. We will use suitable means to inform you about substantial changes with appropriate notice and point out your rights in connection with any such changes.