Data Privacy Statement

As at: 01.07.2021

In the following Data Privacy Statement, CLAAS KGaA mbH ("CLAAS") provides information about how your personal data is processed on this website.

A. General Data Privacy Statement

I. Controller's name and contact details

The controller is:

CLAAS KGaA mbH
Mühlenwinkel 1
33428 Harsewinkel
Germany
infoclaas@claas.com

II. Contact details of the data protection officer

The group's data protection officer can be contacted as follows: CLAAS KGaA mbH

Data Protection Officer
Mühlenwinkel 1
33428 Harsewinkel
Germany
datenschutz@claas.com

III. Storage period

CLAAS stores your personal data only for as long as necessary in order to fulfil the purpose for which it is collected and processed. Where necessary, CLAAS shall store your data for the duration of the business relationship. This includes, but is not limited to, the initiation and execution of the contract.

Furthermore, CLAAS stores your personal data if and as long as this is required to fulfil contractual or legal obligations. We thus process your data to fulfil commercial or fiscal verification and retention obligations. The stipulated retention and documentation periods are six years in accordance with the commercial requirements under Section 257 of the German Commercial Code (HGB) and up to ten years under the fiscal requirements pursuant to Section 147 of the Fiscal Code of Germany (AO), provided the data is no longer required for tax purposes (e.g. because a company audit is ongoing). The periods start at the end of the calendar year in which the record was created.

If the data is no longer required to fulfil contractual or legal obligations, it will be regularly erased, unless you have given CLAAS consent to process your data and/or further processing is required based on CLAAS' legitimate interests, for example to win back customers and defend against legal claims in legal disputes. In the case of data processed to defend against legal claims in legal disputes, the storage period shall also be based on the legal limitation periods. In accordance with Sections 195 et seq. of the German Civil Code (Bürgerliches Gesetzbuch, BGB), these are up to 30 years, with the regular limitation period lasting three years, starting at the end of the calendar year in which the claim arises. In this case, processing shall be limited, i.e. limited to the minimum scope required for the claim and blocked for other purposes.

The provision above does not apply insofar as the Separate Data Privacy Statement specifies otherwise.

IV. Categories of recipients

  • Carefully selected service providers. Service providers we engage, who support us in the performance of the business relationship, are granted access to the data. These companies operate in the following categories: Hosting providers, data management, software as a service, e-mail services, IT services (e.g. maintenance and support, data migration), consulting, service providers in the first, second and third level support, call centre services, customer administration, lettershops, marketing, media technology, telecommunications, customer relations management and lead management, tracking service providers, web agencies, compliance, disposal services (e.g. document shredders), companies who perform analyses for us, financial service providers, shipping and logistics services, printing services, technology service providers (e.g. for hardware and accessory parts). If any additional categories of service providers are employed, please refer to the relevant Separate Data Privacy Statement.
  • Transfer to third parties. We shall also transfer your data to third parties if this is permitted by legal or contractual provisions and/or you have given your consent. On this condition, the data can be transferred to the following categories of recipients: Public bodies and institutions (such as the public prosecutor's office, police, tax authority, data protection supervisory authority) to process official requests, provided that this is in your interest or we are legally obligated to do so. The legal basis for this is Article 6(1f) or 6(1c) GDPR.
  • Data transfer within the CLAAS Group. We shall transfer your data to other companies within the CLAAS Group or grant them access to your data. Insofar as this is required for administrative purposes, this shall be based on our legitimate interest in internal administrative purposes and group reporting. The legal basis for this is Article 6(1f) GDPR. If this is required to prepare for an agreement initiated by you or to fulfil contract-related obligations, or if you have given your consent, the legal basis is Article 6(1b) or 6(1a) GDPR. If we are legally entitled to do this, the legal basis arises from Article 6(1c) GDPR. We refer to the Separate Data Privacy Statement for any data transfer to third parties beyond the scope described here.
  • Third parties with whom we have an ongoing business relationship. If this is required to prepare for an agreement or to fulfil contract-related obligations, or if you have given your consent, the legal basis is Article 6(1b) or 6(1a) GDPR. If we are legally required to do this, the legal basis arises from Article 6(1c) GDPR.

V. Transfer to third countries

If we transfer your personal data ourselves or via service providers to countries based outside the European Union, we shall comply with the relevant particular requirements of Article 44 et seq. GDPR and our service providers shall also undertake to comply with these regulations. We shall therefore only transfer your data to countries based outside the European Union subject to the level of security guaranteed by the GDPR. This level of security is guaranteed in particular on the basis of an adequacy decision by the European Commission or with suitable guarantees in accordance with Article 46 GDPR.

Data is transferred to third countries (countries outside the EU or the European Economic Area – EEA) if, for example, this

  • is required to fulfil a contract to which you are a contractual party or if this is required to respond to your requests;
  • is required to safeguard our legitimate interests;
  • is stipulated by law or you have given your consent;
  • takes place as part of contract processing when involving service providers.

If there is no European Commission decision for the country in question as to a level of data protection that is appropriate for European data protection requirements, we shall enter into corresponding contracts to ensure that your rights and freedoms are suitably protected. An agreement of this kind ensures that a suitable level of data protection exists at the data recipient, especially with the agreement on the European Union's standard contractual clauses with the recipient. Otherwise, we can also perform a data transfer based on your express consent. You can withdraw your consent with future effect at any time, see Section A.VII. We will be happy to provide you with more detailed information free of charge on request. Please use the aforementioned contact details for this purpose.

Where we permit the recipient to process data without a suitable level of data protection based on your consent alone, please note the following risks: There may not be sufficient measures in place to protect your personal data appropriately; there is no data protection supervisory authority; the implementation of your data protection rights of the data subject is impeded or has been disregarded; there is no control over the further processing of data by and transmission of data to third parties.

Any further information required can be found in our Separate Data Privacy Statement.

VI. Obligation to provide personal data

Unless specified otherwise in the Separate Data Privacy Statement, you are not legally or contractually required to provide your data.

VII. Rights of the data subject

In accordance with Article 15 GDPR, you have the right to obtain information about the data that we hold that relates to you. If incorrect personal data has been processed, you have the right to rectification of your data in accordance with Article 16 GDPR. If the legal requirements apply, you can request erasure or restriction of processing and submit an objection to data processing (Articles 17, 18 and 21 GDPR). In accordance with Article 20 GDPR, you can exercise the right to data portability for data that is automatically processed on the basis of your consent or under a contract.

Your objection can be submitted in any form and should be addressed to the following where possible:

datenschutz@claas.com

You can exercise your rights vis-à-vis CLAAS using the contact details provided under Section A. II.

If you believe that data is being processed in violation of data protection regulations, you have the right to lodge a complaint with a data protection supervisory authority of your choice. (Article 77 GDPR).

You can of course also submit a complaint to the CLAAS data protection officer at any time (privacy@claas.com).

If you wish to exercise your data protection rights of the data subject, we will process your data in order to fulfil our legal obligations in accordance with Article 6(1c) GDPR in conjunction with Articles 15–22, 12(3–6) GDPR and Article 7(3) GDPR. This includes the processing of your data for the purpose of unequivocal identification of the data subject of a data processing activity, and the request for additional information to confirm identity. We do this on the basis of our legal obligation laid out in Article 12(6) GDPR. This includes the transfer of data to the data recipients within the meaning of Article 19 GDPR, as far as requests for the rectification of data, erasure or restriction of processing (Articles 16, 17(1), 18 GDPR) are concerned, and any related communications to these recipients (Article 19 GDPR) or to you as the data subject (Article 12 GDPR).

B. Separate Data Privacy Statement regarding provision of our website for the general public

I. Provision of our website for the general public

If you only use the website for information purposes, i.e. if you do not register or communicate information to CLAAS in any other way (e.g. using our contact form), CLAAS shall only collect the personal data transmitted by your browser to our server. Data collection is a technical requirement in order for us to show you our website. The legal basis for this is Article 6(1b) GDPR. Your visit to the website is recorded in the log files; this is necessary to guarantee the functionality of the website and the security of the IT systems. The legal basis for this data processing is Article 6(1f) GDPR. You are able to object to the processing of data on the basis of a legitimate interest at any time with future effect, see Section A.VII. For the aforementioned purposes, we also have a legitimate interest in data processing.

The following categories of data shall be collected when you visit the website: Usage and traffic data, technical documentation and logged data, e.g.

  • date and time of access;
  • time zone difference from Greenwich Mean Time (GMT);
  • IP address;
  • host name of the computer accessing the site;
  • website used to call up website;
  • websites called up via the website (content of the request);
  • pages visited on the website;
  • notification of whether access was successful;
  • volume of data transferred;
  • information about browser type, language and version used;
  • operating system.

This data shall be erased as soon as it is no longer required to achieve the purpose of its collection. As regards provision of the website, this is the case once the respective session has ended. If the data is stored in log files, this is the case after a maximum of 30 days. The data is not stored together with any of your other personal data.

In order to display external contents on our website (e.g. integrating an IFRAME to display the CLAAS Collection catalogue), we shall transfer your personal data specified above to third parties (e.g. companies within the CLAAS Group). The legal basis for this is Article 6(1f) GDPR. Our legitimate interest lies in making our website more interesting and user-friendly for you. You are able to object to the processing of data on the basis of a legitimate interest at any time with future effect, see Section A.VII.

II. Use of services (e.g. cookies, analytical and remarketing tools)

Description of Service

This is a consent management service. Usercentrics GmbH is used on the website as a processor for the purpose of consent management.

Processing Company

Usercentrics GmbH

Sendlinger Str. 7, 80331 Munich, Germany

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

datenschutz@usercentrics.com

Data Purposes

This list represents the purposes of the data collection and processing.

  • Compliance with legal obligations
  • Consent storage

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Local Storage

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Opt-in and opt-out data
  • Referrer URL
  • User Agent
  • User settings
  • Consent ID
  • Time of consent
  • Consent type
  • Template version
  • Banner language

Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. c GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The consent data (given consent and revocation of consent) are stored for three years. The data will then be deleted immediately.

Data Recipients

In the following the recipients of the data collected are listed.

  • Usercentrics GmbH

Click here to read the privacy policy of the data processor

https://usercentrics.com/privacy-policy/

Description of Service

This is a tag management system. With this the user can update measurement codes and related code fragments collectively known as tags on the users website or mobile app.

Processing Company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form

Data Purposes

This list represents the purposes of the data collection and processing.

  • Tag Management

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Pixel

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • Aggregated data about tag firing

Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The data will be deleted after 14 days of retrieval.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data outside of the EU/EEA and to a country without the required data protection standards. If the data is transferred to the US, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. This can be for different reasons like storing or processing.

  • United States of America,Singapore,Taiwan,Chile

Data Recipients

In the following the recipients of the data collected are listed.

  • Alphabet Inc., Google LLC, Google Ireland Limited

Click here to read the privacy policy of the data processor

https://policies.google.com/privacy?hl=en

Click here to read the cookie policy of the data processor

https://policies.google.com/technologies/cookies?hl=en

Click here to opt out from this processor across all domains

https://safety.google/privacy/privacy-controls/

Description of Service

This is a web analytics service. With this the user can measure the advertising ROI as well as track Flash, video, and social networking sites and applications.

Processing Company

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

Data Protection Officer of Processing Company

Below you can find the email address of the data protection officer of the processing company.

https://support.google.com/policies/contact/general_privacy_form

Data Purposes

This list represents the purposes of the data collection and processing.

  • Marketing
  • Analytics

Technologies Used

This list represents all technologies this service uses to collect data. Typical technologies are Cookies and Pixels that are placed in the browser.

  • Cookies
  • Pixel

Data Collected

This list represents all (personal) data that is collected by or through the use of this service.

  • App updates
  • Click path
  • Date and time of visit
  • Device information
  • Downloads
  • Flash version
  • Location information
  • IP address
  • JavaScript support
  • Pages visited
  • Purchase activity
  • Referrer URL
  • Purchase activity
  • Widget interactions
  • Browser information

Legal Basis

In the following the required legal basis for the processing of data is listed.

  • Art. 6 para. 1 s. 1 lit. a GDPR

Location of Processing

This is the primary location where the collected data is being processed. If the data is also processed in other countries, you are informed separately.

European Union

Retention Period

The retention period is the time span the collected data is saved for the processing purposes. The data needs to be deleted as soon as it is no longer needed for the stated processing purposes.

The Retention Period depends on the type of the saved data. Each client can choose how long Google Analytics retains data before automatically deleting it.

Transfer to Third Countries

This service may forward the collected data to a different country. Please note that this service might transfer the data outside of the EU/EEA and to a country without the required data protection standards. If the data is transferred to the US, there is a risk that your data can be processed by US authorities, for control and surveillance measures, possibly without legal remedies. Below you can find a list of countries to which the data is being transferred. This can be for different reasons like storing or processing.

  • United States of America,Singapore,Chile,Taiwan

Data Recipients

In the following the recipients of the data collected are listed.

  • Google Ireland Limited, Alphabet Inc., Google LLC

Click here to read the privacy policy of the data processor

https://policies.google.com/privacy?hl=en

Click here to read the cookie policy of the data processor

https://policies.google.com/technologies/cookies?hl=en

Click here to read the cookie policy of the data processor

https://tools.google.com/dlpage/gaoptout?hl=de

Storage Information

  • Maximum age of cookie storage: 2 years

Stored informationen

  • Name: _ga; This is used to distinguish users.; Typ: cookie; Duration: 2 years;
  • Name: _gid; This is used to distinguish users.; Typ: cookie; Duration: 1 day;
  • Name: _gat ; This is used to throttle request rate.; Typ: cookie; Duration: 1 minute;
  • Name: _dc_gtm_xxx; This is used to distinguish users.; Typ: cookie; Duration: 1 minute;
  • Name: _gat_gtag_xxx; This is used to distinguish users.; Typ: cookie; Duration: 1 minute;
  • Name: _gac_xx; This contains information about which ad was clicked.; Typ: cookie; Duration: 2 Months, 29 days;
  • Name: IDE; Through this ID, Google can recognize the user across different websites and domains and display personalized advertising.; Typ: cookie; Duration: 1 year;


C. Separate Data Privacy Statement regarding the handling of (general) enquiries and complaints and relevant communication (e.g. request for information, ordering or support, callback requests).

You can contact CLAAS using the contact details specified on this website or via the contact form provided on the website. We shall process your personal data for the purposes of handling your concern, providing a response or pursuing a complaint.

This is based on our legitimate interest, in accordance with Article 6(1f) GDPR, in the handling of the concerns you have raised with us and for the processing and pursuing of complaints as well as for communicating with customers and interested parties. You have the right to object to the data processing at any time, see Section A.VII. If the data processing serves to initiate a contractual relationship, this processing is based on Article 6(1b) GDPR.

The data needed in order to respond to your message is marked as mandatory with an asterisk (*). You can also provide us with additional data voluntarily. Mandatory data covers personal identification data (e.g. title, first name, last name), contact details (e.g. telephone number, e-mail address), company data (e.g. company name, address) and message contents (if you provide us with additional information about your concern).

We also process usage and traffic data (e.g. IP address, date and time of your enquiry). The legal basis for this data processing is Article 6(1f) GDPR, based on our legitimate interest in ensuring the functionality of this website and the security of the IT systems.

In addition to processing enquiries and complaints, we shall also use the data for the purposes of advertising and marketing measures. See Section D of this Data Privacy Statement.

If necessary, we shall also share your data with third parties, e.g. the CLAAS distribution partner responsible for you or chosen by you, CLAAS partners (e.g. importers) or CLAAS Group companies, as required to pursue and act on your concern.

CLAAS saves your data in order to best advise you. Your personal data shall be saved for the purposes of responding to your enquiry, and then erased, unless we are legally or contractually obliged to save the data for longer or we are permitted to do so on the basis of your consent. For more detailed information, see Section A.III. of this Data Privacy Statement. On the basis of your consent and/or another legally recognised form of permission, including but not limited to our legitimate interest in accordance with Article 6(1f) GDPR, your data can continue to be stored, e.g. for the purpose of customer loyalty or retention and in relation to the defence of legal claims. In the case of your data being processed to defend against legal claims in legal disputes, the storage period shall also be based on the legal limitation periods (e.g. in accordance with civil law and the German Product Liability Act). As regards storage of your data, our technical infrastructure is designed along the basic principles of necessity and purpose limitation. As such, the affiliates and trading partners are granted access to such data as is required for the performance of their tasks. For more detailed information, see Section A.IV..

D. Links to websites of third parties

This website contains links to websites of third parties (e.g. companies belonging to the CLAAS Group). If you access the relevant link, the website of the third party will open in a new window. This Data Privacy Statement does not extend to data processing on the website of the third party.

-------------------------------------------------------

1CLAAS KGaA mbH, Mühlenwinkel 1, 33428 Harsewinkel, Germany, infoclaas@claas.com

2CLAAS Global Sales GmbH, Mühlenwinkel 1, 33428 Harsewinkel, Germany, infoclaas@claas.com