[MSC] Data Protection

Çerezin adı	Tanımı	Cookie tip
__RequestVerificationToken	Antiforgery (Sahtecilik önleme) sistemi tarafından kullanılır.	Oturum
.AspNet.ApplicationCookie	Kullanıcı oturumlarını tanımlamak için kullanılır. Kullanıcı, portalı ilk kez incelediğinde bir kullanıcı oturumu başlar. Ve oturum kapatıldığında sona erer. Kimlik doğrulama sitesi ayarları oturumun sona erme süresini değiştirmek için kullanılabilir.	Oturum
adxPreviewUnpublishedEntities	Portal yöneticileri için klasik CMS sisteminde kullanılan önizlemenin AÇIK/KAPALI modunu kaydeder.	Oturum
adx-notification	Yönlendirme sırasında görüntülenmesi istenen uyarıları kaydetmek için temel form eylemlerinde kullanılır.	Oturum
ARRAffinity	Azure web siteleri tarafından otomatik olarak eklenir ve farklı web siteleri arasındaki isteklerin yük dengesini sağlar. Kullanıcı bilgilerini kaydetmez.	Oturum
ASP.NET_SessionId	Tekrar oturum açılmasını önlemek amacıyla oturum açmış bir kullanıcının oturumunu korumak için kullanılır.	Oturum
ContextLanguageCode	Bir oturum içinde ve web sitelerinde portala erişen kullanıcının varsayılan dilini kaydeder. Bu çerez, oturum tamamlandıktan sonra silinir.	Oturum
Dynamics365PortalAnalytics	Kritik servis çerezi, servis kullanımının anonim analizi ve istatistiksel amaçlar için bir araya toplanmıştır. purposes.	Oturum
iisDSTObserved	Güncel anın yaz saatinde olup olmadığını belirten bir değer kaydeder.	Oturum
isDSTSupport	Belirli bir tarihin ve saatin yaz saati aralığına düşüp düşmediğini gösterir.	Oturum
timeZoneCode	Geçerli zaman dilimi için CRM zaman dilimi tanımı tablosundaki zaman dilimi kodu alan değerini kaydeder.	Oturum
timezoneoffset	UTC ile yerel tarayıcı saati arasındaki saat dilimi farkını kaydeder.	Session
_pk_id	Benzersiz bir kullanıcı kimliğini kaydetmek için istatistik çerezi (anonim). Süresi 13 aydır.	Tip 3
_pk_ses	Benzersiz bir oturum kimliğini kaydetmek için istatistik çerezi (anonim). Süre aşımı: Oturum, maks. 30 dakikadır.	Tip 3
_pk_hsr	Matomo ısı haritası veya Matomo oturum kaydı için çerez (anonim). Süre aşımı: Oturum, maks. 30 dakikadır.	Tip 3

Privacy statement

The controller as per the EU General Data Protection Regulation ("GDPR") is:

Mercedes ServiceCard GmbH & Co. KG („We“)
Mainparkstr. 2 │ 63801 Kleinostheim │ Germany
Email: info@mercedesservicecard.com

Chief Data Privacy Officer:

Daimler Truck AG
Konzerndatenschutzbeauftragte
HPC DTF2B │70745 Leinfelden-Echterdingen │ Germany
E-Mail: dataprivacy@daimlertruck.com

1. Data protection

We appreciate you visiting our website and your interest in the products we offer. Protecting your personal data is very important to us. In this Privacy Policy, we explain how we collect your personal data, what we do with it, for what purposes and on what legal basis we do so, and what rights you have on that basis. We will also refer you to Daimler Truck's Data Protection Policy EU:

Daimler Truck Data Protection Policy

Our privacy statements on the use of our websites and the Daimler Truck AG Data Protection Policy do not apply to your activities on the websites of social networks or other providers that can be accessed using the links on our websites. Please read the data protection provisions on the websites of those providers.

2. Collecting and Processing Your Personal Data

a. Whenever you visit our websites, we store certain information about the browser and operating system you are using; the date and time of your visit; the status of the interaction (e.g. whether you were able to access the website or received an error message); the usage of features on the website; the search terms you may have entered; how often you visit individual websites; the names of the files you access; the amount of data transferred; the Web page from which you accessed our website; and the Web page you visited after visiting our website, whether by clicking links on our websites or entering a domain directly into the input field of the same tab (or window) of the browser in which you have our websites open. In addition, we store your IP address and the name of your Internet service provider for seven days. This is for security reasons, in particular, to prevent and detect attacks on our websites or attempts at fraud.

b. We only store other personal data if you provide this data, e.g. as part of a registration, contact form, chat, survey, price competition or fort he execution of a contract, and even in these cases only insofar as this is permitted to us on the basis of a consent given by you or in accordance with the applicable legal provisions (see section 7).

c. If personal data is collected as part of a complaints form, we will store it for a period of thirty (30) days to fulfill its intended purpose.

d. You are neither legally nor contractually obligated to share your personal information. However, certain features of our websites may depend on the sharing of personal information. If you do not provide your personal information in such cases, you may not be able to use those features, or they may be available with limited functionality.

3. Purpose of Use

a. We use the personal information collected during your visit to any of our websites to make using them as convenient as possible for you and to protect our IT systems against attacks and other unlawful activities.

b. If you share additional information with us – for example, by filling out a registration form, contact form, chat, survey, contest entry or to execute a contract with you – we will use that information for the designated purposes, purposes of customer management and – if required – for purposes of processing and billing and business transactions within the required scope in each instance.

c. For other purposes (e.g. display of personalized content or advertising based on your usage behaviour), we and, if applicable, selected third parties, use your personal data if and to the extent you give your consent through our consent management system. You will find further information and decision-making options here.

d. In addition, we use personal data to the extent that we are legally obliged to do so (e.g., storage for the fulfilment of commercial or tax-related retention obligations, release in accordance with official or judicial orders, e.g. to a law enforcement authority).

4. Transfer of Personal information to third parties; Social Plugins; use of service providers

a. Our websites may also contain an offer of third parties. If you click on such an offer, we transfer data to the respective provider to the required extent (e.g. information that you have found this offer with us and, if applicable, further information that you have already provided on our websites for this purpose).

b. When we use social plug-ins on our websites from social networks like YouTube, we integrate them as follows:

When you visit our websites, the social plug-ins are deactivated, i.e. no data is transmitted to the operators of these networks. If you want to use one of the networks, click on the respective social plug-in to establish a direct connection to the server oft he respective network.

If you have a user account on the network and are logged in when you activate the social plug-in, the network can associate your visit to our websites with your user account. If you want to avoid this, please log out of the network before activating the social plug-in. A social network cannot a visit to other Daimler websites until you have activated an existing social plug-in.

When you activate a social plug-in, the network transfers the content that becomes available directly to your browser, which integrates it into our websites. In this situation, data transmissions can also take place that are initiated and controlled by the respective social network. Your connection to a social network, the data transfers taking place between the network and your system, and your interactions on that platform are governed solely by the privacy policies of that network.

The social plug-in remains active until you deactivate it or delete your cookies (see section 5.d).

c. If you click on the link to an offer or activate a social plug-in, personal data may reach providers in countries outside the European Economic Area that, from the point of view of the European Union ("EU"), may not guarantee an "adequate level of protection" fort he processing of personal data in accordance with EU standards. Please remember this fact before clicking on a link or activating a social plug-in and thereby triggering a transfer of your data.

d. We also use qualified service providers (e.g., IT service providers, marketing agencies) to operate, optimize and secure our websites. We only pass on personal data to the latter insofar as this is necessary for the provision and use of the website and its functionalities, for the pursuit of legitimate interests, to comply with legal obligations, or insofar as you have consented there to (see section 7). You will find more information regarding recipients of personal data in our Consent Management System.

5. Cookies

a. Cookies may be used when you are visiting our websites. Technically, these are so-called HTML cookies and similar software tools such as Web/DOM Storage or Local Shared Objects (so-called "Flash cookies"), which we collectively refer to as cookies.

b. Cookies are small files that are stored on your desktop, notebook or mobile device while you visit a website. Cookies make it possible, for example, to determine whether there has already been a connection between the device and the websites; take into account your preferred language or other settings, offer you certain certain functions (e.g. online forms) or recognize your usage-based interests. Cookies may also contain personal data.

c. Whether and which cookies are used when you visit our websites depends on which areas and functions of our websites you use and whether you agree to the use of cookies that are not technically required in our Consent Management System. You will find further information and decision-making options here.

d. The use of cookies also depends on the settings of the web browser you are using (e.g., Microsoft Edge, Google Chrome, Apple Safari, Mozilla Firefox). Most web browsers are preset to automatically accept certain types of cookies; however, you can usually change this setting. You can delete stored cookies at any time. Web/DOM storage and local shared objects can be deleted separately. You can find out how this works in the browser or device you are using in the manual of the learner.

e. The consent to, and rejection or deletion of, cookies are tied to the device and also to the respective web browser you use. If you use multiple devices or web browsers, you can make decisions or settings differently.

f. If you decide against the use of cookies or delete them, you may not have access to all functions of our websites or individual functions may be limited.

6. Security

We take technical and organizational security measures in order to protect your information managed by us from being tampered with, lost, destroyed, or accessed by unauthorized individuals. We are continuously improving our security measures in line with technological advancements.

7. Legal Foundations for Processing

a. If you have given us your consent to process your personal information, then that is the legal foundation for processing it (Art. 6, para. 1, letter a, of the EU's General Data Protection Regulation, or GDPR).

b. Art. 6, para. 1, letter b, of the GDPR is the legal basis for processing personal information for the purpose of entering into a contact or performing a contract with you.

c. If processing your personal information is required to fulfill our legal obligations (e.g. data retention), we are authorized to do so by Art. 6, para. 1, letter c, of the GDPR.

d. Furthermore, we process personal information for purposes of protecting our legitimate interests as well as the interests of third parties in accordance with Art. 6, para. 1, letter f of the GDPR. Examples of such legitimate interests include maintaining the functionality of our IT systems as well as the (direct) marketing of our products and services (to the extent not covered by your consent) and those of third parties and the legally required documentation of business contacts. As part of the consideration of interests required in each case, we take into account various aspects, in particular the type of personal information, the purpose of processing, the circumstances of processing and your interest in the confidentiality of your personal information.

8. Deleting Your Personal Data

Your IP address and the name of your Internet service provider, which we store for security reasons, are deleted after seven days. Moreover, we delete your personal information as soon as the purpose for which it was collected and processed has been fulfilled. Beyond this time period, data storage only takes place to the extent made necessary by the legislation, regulations or other legal provisions to which we are subject in the EU or by legal provisions in third-party countries if these have an appropriate level of data protection. Should it not be possible to delete data in individual cases, the relevant personal data are flagged to restrict their further processing.

9. Rights of Data Subjects

a. As a data subject, you have the right of access (Art. 15 GDPR), right to rectification (Art. 16 GDPR), right to erasure (Art. 17 GDPR), right to restriction of processing (Art. 18 GDPR) and right to data portability (Art. 20 GDPR).

b. If you have consented to the processing of your personal data by us, you have the right to revoke your consent at any time. The legality of processing your personal data before revocation remains unaffected. We may further process such data pursuant to another applicable legal basis, e.g. for the fulfilment of our legal obligations (cf. section "Legal bases of processing").

c. Right of Objection

For reasons relating to your particular situation, you have the right to file an objection at any time to the processing of personal data pertaining to you that is collected under Section 6 Clause 1 e) GDPR (data processing in the public interest) or Section 6 Clause 1 f) GDPR (data processing on the basis of a balance of interests). If you file an objection, we will continue to process your personal data only if we can document mandatory, legitimate reasons that outweigh your interests, rights and freedoms, or if processing is for the assertion, exercise or defense of legal claims. To the extent we use your personal data for direct marketing based on legitimate interests, you have the right to object at any time without giving reasons.

d. We ask you to address your claims or declarations to the following contact address if possible: info@mercedesservicecard.com

e. If you believe that the processing of your personal data violates legal requirements, you have the right to lodge a complaint with a competent data protection supervisory authority (Art. 77 GDPR).

10. Newsletter

Our website does not offer a newsletter.

11. Processing of personal data as part of application process

a. Purpose of Processing
We process your personal data as part of application and decision-making processes regarding the conclusion of an employment contract.

No automated decision-making occurs.

b. Legal Foundation for Processing
This processing occurs on the basis of Article 6, Paragraph 1, letter b of the GDPR.

c. Recipients or categories of recipients of personal data
Your personal data will only be processed by internal bodies (human resources, the manager for the position, management board). Your data is not transmitted to third parties, except to our service provides as part of order processing. There is no intention to transfer your personal data to third countries or international organizations.

d. Retention Period
The data is deleted 6 months after the conclusion of the application process. If an employment contract is concluded or there is an interest in extending the retention period, we will inform you separately about the use of your data in the employment relationship or obtain your consent to extend the retention period.

12. Data transmission of recipients outside the european economic area

a. When using service providers (see section 4. d.) and passing on data to third parties based on you consent (see section 3.c.), personal data may be provided to recipients in countries outside the European Union ("EU"), Iceland, Liechtenstein and Norway (= European Economic Area) are transferred and processed there, in particular USA, India.

b. In den folgenden Ländern (Link zur Liste) besteht aus der Sicht der EU ein den EU-Standards entsprechendes angemessenes Schutzniveau für die Verarbeitung personenbezogener Daten (sog. Angemessenheitsbeschluss). Mit Empfängern in anderen Ländern vereinbaren wir die Anwendung von EU-Standardvertragsklauseln, von verbindlichen Unternehmensregelungen oder des Swiss-U.S. Privacy Shield, um entsprechend den gesetzlichen Anforderungen ein „angemessenes Schutzniveau“ zu schaffen. Informationen hierzu stellen wir Ihnen gerne über die in vorstehender Ziffer 9.d. genannten Kontaktdaten zur Verfügung.

Stand: Mai 2023