Privacy Statement

Privacy Statement

We are pleased about your interest in the Schaeffler Group (Schaeffler AG and affiliated companies) and our products. The protection of your privacy when using our online offer is very important for us. If personal data is processed, we observe the applicable data protection laws.


I. General information about data processing

1. Scope and purpose of processing of personal data

In principle, we collect and use your personal data only insofar as it is necessary to provide a functional website as well as our content and services offered on the website. Your personal data is regularly collected and used only after your consent. An exception to this applies in cases where the processing of the data is permitted by law.

2. Legal basis for data processing

Processing of your personal data is based on the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).
If you have given your consent to the processing of personal data for specific purposes, the legal basis for processing of personal data is Art. 6 (1)(a) GDPR. You can withdraw your consent at any time. Please remember that the withdrawal is only effective for the future.
Processing based on consent before its withdrawal is not affected.
Processing of personal data in the context of the performance of a contract to which you are a party or in order to take steps prior to entering a contract at your request is based on Art. 6 (1)(b) GDPR. The purposes of data processing are governed by the respective contract documents and the subject matter of the contract.
If processing of personal data is necessary to comply with a legal obligation to which we are subject, Art. 6 (1)(c) GDPR serves as a legal basis.
If processing is necessary for the purposes of the legitimate interests pursued by Schaeffler or by a third party (e.g. to establish or defend legal claims; to ensure IT security; to prevent crimes; to conduct business and to further develop services and products) and if your interests, fundamental rights and freedoms as data subject do not override the aforementioned interest, Art. 6 (1)(f) GDPR serves as the legal basis for processing.

3. Data erasure and retention period

We process and store your personal data for as long as this is necessary to satisfy the respective purpose. In addition, such storage may take place in order to comply with a legal obligation by Union or Member State law, regulation or other provision to which we as controller are subject. If the data is no longer necessary or if a retention period prescribed by the aforementioned laws has expired, your data will be erased on a regular basis.

4.Access to personal data within the Schaeffler Group and by third parties

Within the Schaeffler Group, those entities gain access to your data who require it as a part of “least privilege” (assignment of user rights to the lowest possible extent) and the “need-to-know” principle (knowledge of data only if necessary).
We may only transfer data to third parties outside the Schaeffler Group if this is necessary, if statutory provision so requires, if you have given your consent or if any commissioned processors have agreed to comply with the requirements of the GDPR and the BDSG.

Under these conditions, recipients of personal data may be: competent internal specialist departments and external service providers, if necessary.

5.Transfer of personal data to a third country or to an international organisation

A transfer of data to countries outside the EU/EEA (so-called third countries) will only take place as it is necessary or required by law, you have given your consent or as part of data processing by a processor. If service providers in third countries are deployed, in addition to written instructions, they are required to comply with data protection standards in Europe by agreeing on the EU standard contractual clauses.

Colinx, the US-based service provider used for provision of the Schaeffler Store, has been placed under the obligation to comply with the standard EU contractual clauses by Schaeffler.

6.IT security and links to third party Websites

The Schaeffler Group uses technical and organisational security measures to protect your data that we manage against accidental or intentional destruction, manipulation, loss or access by unauthorised persons. These safeguards are constantly being developed in accordance with the respective new technical possibilities.

Our websites may contain links to the websites of other providers. Our Privacy Policy does not apply to these websites.

7.Obligation to provide personal data

While entering into a contract, you must provide the personal data that is necessary to establish, implement and terminate the contract and to satisfy the resulting duties or that Schaeffler must collect due to legal provisions. Without these data no contract with Schaeffler can be concluded

If we provide you with offers and services on this website that you can voluntarily use, there is no duty to provide your data to us, but without your personal data, you may not be able to use our offers and services.

8.“Profiling” and automated decision-making

We do not use fully automated decision-making pursuant to Art. 22 GDPR. Schaeffler basically does not use “profiling”. If we use it in individual cases, we will inform you about this separately, if it is required by law and – if necessary - obtain your prior consent.

9.Sources of your personal data

We use data that we receive from you.


II. Data processing for the provision of the website and the creation of log files

By default, when you visit our website, our web servers obtain and collect the name of your Internet service provider, your IP address, the website from which you are visiting us, the websites you visit on our website, and the date and duration of the visit. This data is stored in the log files of our systems. However, the use of the IP address is limited to the technically necessary extent and is abbreviated and therefore used only anonymously, so that it is not possible to assign the IP address to a user. The data is not merged with personal data.

The legal basis for the temporary storage of data is Art. 6 (1)(f) GDPR.

The temporary storage of the abbreviated IP address by our systems is technically necessary to display the website to your terminal device. Storage in log files is done to ensure the functionality of the website. Data is not being analysed for marketing purposes in this context. For these purposes, we have legitimate interest in processing of data according to Art. 6 (1)(f) GDPR.

The collection of data for the provision of the website and the storage of data in log files is essential for the operation of the website. Therefore, there is no possibility for you as a user to object to such processing.


III. Data processing in respect of services offered on the Website

On our website various services are offered, for the use of which we request personal data from you. In this context, it is always optional for you to provide us with personal data.

1.Log-in for use of the website

The website is access-protected. For use of the website, enabling of a central administrator by us is necessary. The central administrator can, in turn, enable access to our website for employees (users) in his/her organization. By logging in via a personal log-in (personal e-mail address and password), the respective user can use the website with his/her personal user profile.

The first time a user logs in, a welcome e-mail is sent to the user's e-mail address. The user must change the initially set password via this e-mail. The user's personal data (e-mail address) is saved by our service provider Colinx and by us.

The legal basis for processing of the data is Art. 6 (1)(f) GDPR.

Enabling and personal log-in are required for provision of the website content and services. The data are deleted as soon as they are no longer needed for achieving the purpose of their collection. This is the case for the e-mail address made available to us when the personal user profile on our website is deleted or changed. We do not receive any other personal data about the user. The user can delete his/her user profile at any time. The user can change the data saved about him/her at any time. To do so, please see the "Administration" section of the website.

2.Ordering products

On this website, the offered products can be ordered. The ordering process is completed via the ordering systems implemented by us internally. Processing of personal data takes place in such a way that the personal data (e-mail address) of the user triggering the order is saved. Other personal data are not processed; only the customer's company data saved by us are used.

The legal basis for processing of personal data is Art. 6 (1)(a) GDPR.

The personal data of the user placing the order are saved with the order information in our ordering systems and are deleted as soon as the legal retention periods have elapsed.

During the ordering process cookies are placed on the user’s terminal device for storing your shopping cart. Further information on the cookies used can be found in our Cookie Policy (below).

3.Use of our contact and request forms

The website has contact and request forms that can be used to contact us electronically.

To use the contact forms, you must fill mandatory information in the respective input mask marked by an asterisk (e.g. your e-mail address). All other information is optional for you. This personal data will be sent to a department of our company that is responsible for processing and stored in our systems. At the time of sending your message, the date and time of the entry will be saved. We will obtain your consent for processing of the data during the inquiry process.

The data filled in the input mask will be used exclusively to process your inquiry.

The legal basis for the processing of your personal data is Art. 6 (1)(a) GDPR.

The data will be erased as soon as the communication process is completed.

You have the right withdraw your consent to the processing of personal data at any time to by sending an e-mail to dataprivacy@schaeffler.com. In this case, all personal data stored as part of the contact will be deleted with effect for the future. Depending on the time of your withdrawal, we may not be able to answer your request.

4.Use of the Schaeffler info service offers

On the website we offer the possibility to register for Schaeffler info service offers free of charge.
When you register for Schaeffler info service offers and give your corresponding consent, you will receive advertising and information (e.g. newsletter, invitations to trade fairs and events, information about products, services, offers and promotions including opinion polls and company news) of the Schaeffler Group, for example, by e-mail, telephone, SMS and/or instant messenger services, such as WhatsApp, to the contacts provided by you when registering for the info service offers via an input mask. In order to use the info services, you need to provide your e-mail address and other information marked as mandatory in the input mask, such as: name, company and telephone number. This data is being collected to send you the advertising and information. For this purpose, we may also engage third parties (service providers) with whom we have a data processing agreement, and transfer your data to any of these third parties. After submitting the registration form, you will receive from us a confirmation e-mail to the e-mail address you provided. The registration will only take effect if you confirm it by clicking on the link in the e-mail.

The legal basis for the processing of your personal data after registration is Art. 6 (1)(a) GDPR.

The data will be erased as soon as it is no longer necessary for the purposes of its collection. Therefore, the data will be stored as long as the registration for the info service is active. You have the right to withdraw your consent to the processing of the personal data at any time by sending an e-mail to unsubscribe@schaeffler.com or by clicking the “unsubscribe” link in received messages, with effect for the future, thereby deregistering from the info service. In this case, all personal data stored for communication will be erased. The withdrawal of consent does not affect the lawfulness of processing based on this consent before its withdrawal.

5.Creation of a user profile for individualised advertising and Information

We want to provide you with as individual offers as possible. We would like to use the information about your user behaviour that you provide and generate automatically when you visit our website in order to create advertising tailored to you and your interests. For this purpose, we request your separate consent to the creation of a personalized user profile.

In the user profile, we store the personal data you have provided us while registering for the “Schaeffler Info Service” together with data about your movement on this website and/or in the information and advertising communication we have sent to you. Movement data is information about your user behaviour, e.g. which columns, articles and content you access on this website or in our newsletter, and at which time, including receipt and read confirmations of e-mails and newsletters.
We analyze this usage profile exclusively to send you individually customized information and advertising, provided that we have obtained your separate consent to the use of data for information and advertising purposes due to your registration for the “Schaeffler Info-Service”. For this purpose, we may also engage third parties (service providers) with whom we have a data processing agreement, and transfer your data to any of such third parties.

The legal basis for processing of your personal data after registration is Art. 6(1)(a) GDPR.

The data will be erased as soon as it is no longer necessary in relation to the purposes of its collection. Therefore, data is being stored as long as your consent to data tracking is active. You have the right to withdraw your consent to the processing of personal data at any time by sending an e-mail to unsubscribe@schaeffler.com or by clicking the “unsubscribe” link in received messages, with effect for the future, thereby deregistering from data tracking. In this case, all personal data stored for communication will be deleted. Withdrawing the consent does not affect the lawfulness of the processing based on this consent before its withdrawal.


IV. Use of Cookies

We use cookies to enable you to make the best possible use of the website. Cookies are text files that are stored in the Internet browser or saved by the Internet browser on the terminal device of the user. If a user visits our website, a cookie can be stored on the user’s operating system. This cookie contains a characteristic string that allows clear identification of the browser when the website is accessed again.

In the following, we provide you with general information about the use of cookies on our website and the associated processing of personal data. For further information on specifically used cookies, please refer to the Schaeffler Cookie Policy (LINK) published on this website.br>
We use cookies to make our website more user-friendly. Some elements of our website require the requesting browser to be identified even after a page break

In addition, we use cookies on our website to allow the analysis of the user’s surfing behavior.

When visiting our website the user is informed about the use of cookies and referred to this privacy policy.

The purpose of using technically necessary cookies is to simplify the use of our website for the users. Some features of our website cannot be offered without the use of cookies. It is necessary that the browser is recognized even after a page break. The user data collected through the technically necessary cookies will not be used to create user profiles. Further information can be found in the Schaeffler Cookie Policy. Analysis cookies are used to improve the quality of our website and its content. Analysis cookies show us how the website is used, so that we can constantly optimize our offer. Further information can be found in the Schaeffler Cookie Policy.

The legal basis for the processing of personal data using cookies is Art. 6(1)(f) GDPR.

Cookies are stored on the terminal device of the user and transferred from it to our website. Therefore, as user, you have full control over the use of cookies. You can disable or restrict the transmission of cookies by changing the settings in your Internet browser. Already saved cookies can be deleted at any time. This can also be done automatically. If cookies are disabled for our website, it may not be possible to use all features on the website.


V. Your rights as data subject

If your personal data is being processed, you are the data subject pursuant to the GDPR and you have the following rights:

1. Right of access (Art. 15 GDPR)

Upon request you can obtain from us confirmation from us as to whether or not your personal data is being processed by us. If this is the case, you can request us to give you access to the information provided for by law (see Art. 15 (1) GDPR). We will also notify you of appropriate safeguards pursuant to Art. 46 GDPR in the context of data transfer, in case your personal data is being transferred to a third country or to an international organisation. There are restrictions according to Sections 34 and 35 BDSG.

2.Right to rectification (Art. 16 GDPR)

You have a right to rectification and/or completion if the processed personal data is inaccurate or incomplete. We have to rectify the data without due delay.

3.Right to restriction of processing (Art. 18 GDPR)

Provided that the legal requirements are met (see Art. 18 (1) GDPR), you have the right to restrict processing of your personal data. For consequences of the restrictions please refer to Art. 18(2) and (3) GDPR.

4.Right to erasure (Art. 17 GDPR)

You have the right to demand from us erasure of your personal data without undue delay, and we are obliged to immediately erase this data if any of the reasons pursuant to Art. 17 (1) GDPR applies. The right to erasure does not apply in cases of Art. 17 (3) GDPR. Furthermore, there are restrictions pursuant to Sections 34 and 35 BDSG.

5.Right to notification

If you have exercised your right to rectification, erasure, or restriction of processing, we are obliged to notify each recipient to whom the personal data have been disclosed of this rectification, erasure, or restriction of processing, unless this proves impossible or involves disproportionate effort. We have to inform you about those recipients upon your request.

6.Right to data portability (Art. 20 GDPR)

You have the right to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format. For details please refer to Art. 20 GDPR.

7.Right to object (Art. 21 GDPR)

You have the right to object at any time to the processing of your personal data that is based on Art. 6 (1)(e) or (f) GDPR on grounds relating to your particular situation. Further details can be found in Art. 21 GDPR.

In addition, you have a right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR in conjunction with Section 19 BDSG.


VI.Name and contact details of the controller

Schaeffler Technologies AG & Co. KG
Industriestraße 1-3
91074 Herzogenaurach
Deutschland
Telefon: +49 9132 82-0
Fax: +49 9132 82-49 50
E-Mail: info.de@schaeffler.com

VII.Contact details of the data protection officer

Schaeffler AG
Data protection officer
Industriestraße 1-3
91074 Herzogenaurach
Deutschland
Telephone: +49 9132 82-1476
Fax: +49 9132 82-5901
Email: Dataprivacy@schaeffler.com


Cookie Policy

Notice on the use of cookies

When you visit one of the websites of Schaeffler AG and companies in which Schaeffler AG, directly or indirectly, holds a majority interest (Schaeffler Group), information will be stored on your terminal device in the form of a so-called “cookie”. Cookies are small text files which enable analysis of the use of the website, record settings and data in your browser, as well as allow customizing website to your interests and displaying interest-based advertising on other websites. We do not collect any personal data by means of cookies unless you have expressly given us your consent to do so.

1. Types of cookies:

Depending on their function and purpose, cookies can be divided into two categories: technically necessary cookies and optional cookies.
There may also be so-called first-party cookies, which are cookies that we place as the operator of the website, and so-called third-party cookies, which are placed by a domain other than ours. In principle, any cookie can be removed by deleting the browser cache, thereby immediately losing its validity.

Below you will find a list of all cookies that can be used on our websites as well as further information about their purpose, period of validity and type.

Technically necessary cookies

Technically necessary cookies are required so that you can navigate through our websites and operate the basic functions of our websites. Without these cookies, the use of the website may be limited.

Name Purpose Period of validity Type

AWSALB

Used by Aws to maintain user session on the correct backend server

User Session duration + 7 days

First-party
cookie

AWSSESSION_ID

Used by Aws to maintain user session on the correct backend server

User Session duration + 7 days

First-party
cookie

AWSUSER_ID

Used by Aws to maintain user session on the correct backend server

User Session duration + 7 days

First-party
cookie

JSESSIONID

Stores a key to the user's application session.

Until the user logs out, or after 3 hours inactivity

First-party
cookie

leftNavState

Stores the store the user is navigating in

10 years

First-party
cookie

enhancedSearchFilterState

Stores user search filter preferences

10 years

First-party
cookie

cachePandA

Stores user pricing and availability cache references

10 years

First-party
cookie

incap_ses

Session id (64 bit number), signed by a secret (to prevent fakes), encoded.

until browser closes

First-party
cookie

nlbi_

Encrypted and signed IP of origin server encoded in base64

until browser closes

First-party
cookie

visid_incap_

Visitor
id (64 bit number). Signed and encoded.

12 months

First-party
cookie


Optional cookies

Optional cookies collect information about the use of our website, serve to optimise the website and allow the preparation of reports on probable interests and probable demographic characteristics of the visitors.
They can also be used to offer targeted content that is relevant to the users and adapted to their interests. The latter information may be shared with third parties, such as advertisers.

Name Purpose Period of validity Type

UN

Store the users' login name, for purposes of easier login

Until removed by the user via checkbox under login box

First-party
cookie

cell20Collapsed*

Stores whether the user has chosen to hide cell 20

10 years

First-party
cookie


2. Managing cookies

You can object to the use of cookies so that no cookies will be placed on your terminal device. This can be done, for example, by a corresponding setting in your Internet browser. However, we would like to point out that in this case you may not be able to use all functions of this website to the full extent. If you want to deactivate individual cookies or services on our website, you will find the necessary information about the respective services in section 1 of this Cookie Policy.

Below we have put together links that provide detailed information about disabling cookies in common browsers:

-Internet Explorer https://support.microsoft.com/help/17442/windows-internet-explorer-delete-manage-cookies
-Mozilla Firefox https://support.mozilla.org/en-US/kb/delete-cookies-remove-info-websites-stored
-Google Chrome https://support.google.com/accounts/answer/61416
-Safari https://support.apple.com/kb/PH21411

We would also like to draw your attention to the deactivation page of the Network Advertising Initiative (http://www.networkadvertising.org/managing/opt_out.asp) and the deactivation page of the Digital Advertising Alliance (http://www.aboutads.info/choices).



If you have any questions about the Cookie Policy, please contact Dataprivacy@Schaeffler.com.