This privacy policy explains how your personal data is processed by ANDREAS STIHL AG & Co. KG (hereinafter "STIHL") in compliance with the EU General Data Protection Regulation (GDPR). Any questions or comments you may have about this privacy policy may be directed to the e-mail address provided in section 2 below at any time.
1. Overview
The following information describes the nature and scope of the processing of personal data by STIHL. Personal data means any information that is or can be attributed to you, directly or indirectly.
2. Name and contact details of the controller and the data protection officer
This privacy policy governs data processing by ANDREAS STIHL AG & Co. KG, Badstraße 115, 71336 Waiblingen, Germany (the "Controller") in connection with the website data.stihl-timbersports.com. STIHL's data protection officer may be contacted at: ANDREAS STIHL AG & Co. KG, Datenschutzbeauftragter, Stuttgarter Straße 80, 71332 Waiblingen, or by e-mail at datenschutz@stihl.de.
3. Purposes of processing, legal basis and legitimate interests pursued by STIHL or any third party; categories of recipients
3.1. Accessing our website
When you access our website, the browser used on your end device automatically sends information to our website server where it is temporarily stored in a log file. The following information is collected automatically and stored until such time as it is automatically deleted:
- IP address of the requesting Internet-enabled device;
- date and time of access;
- name and URL of the requested file;
- address of the previous web page/application from which a link to the requested page was followed (referrer URL);
- your browser and, where applicable, the operating system of your Internet-enabled computer and the name of your access provider.
The legal basis for processing the IP address is Article 6(1)(f) GDPR. Our legitimate interest follows from the data collection purposes set out below.
We use the IP address of your end device and the other data set out above for the following purposes:
- to ensure a fault-free connection;
- to ensure ease of use of our website;
- to analyze system security and stability.
The data is stored for a period of seven days and is then automatically deleted. Our website also uses cookies; this is explained in more detail under section 3.2.1 below.
3.2. Website and web page optimization
3.2.1. Cookies – general information
This website uses cookies to improve the user experience and enable certain functions. Cookies are small text files which are stored on your end device. Some of the cookies we use are deleted at the end of your browser session, i.e., when you close your browser; these are known as session cookies. Other cookies remain on your end device, allowing us or our partner companies to recognize your browser on your next visit; these are known as persistent cookies. Cookies cannot be used to access other files on your computer or to determine your e-mail address.
Insofar as we use cookies which are strictly necessary for making our web pages available, the legal basis for the processing of personal data using such cookies is Article 6(1)(f) GDPR.
We will only process personal data using cookies for statistical purposes if you have given us your consent to do so. The legal basis for this is Article 6(1)(a) GDPR.
You may withdraw your consent at any time without providing reasons by visiting the
following link and changing the permitted functionalities.
Cookies are stored on your end device and you have full control over how they are used. You may block certain cookies or disable them entirely by changing your browser settings. You may delete stored cookies at any time or have them deleted automatically. If cookies are disabled, you may not be able to use the full functionality of our website.
3.2.2. Contacting us
When you contact us by telephone, e-mail, post, via contact forms or in any other way with a request or if we contact you, we also process your personal data, e.g., name, address, telephone number and the content of the message itself. This data is processed solely for purposes of properly processing your request. We only use your data to the extent necessary in the given case. Where necessary, we may disclose your data to other entities in the STIHL Group, if and to the extent that this is necessary to process your request. The legal basis for processing the data described above is Article 6(1)(f) GDPR because we have a legitimate interest in business correspondence with you.
Correspondence will be deleted to the extent that it is no longer required for communicating with you and any statutory retention periods have expired.
4. Transfer of data
Certain processing operations may be performed by other entities within the STIHL Group. This requires that data be transferred within the Group on a regular basis. As a rule, such transfers of data are made on the basis of a contractual agreement for the processing of data on behalf of a controller (commissioned data processing agreement). In other cases, Article 6(1)(f) GDPR serves as the legal basis for the transfer, whereby our legitimate interest lies in the efficient organization of our processes.
As a rule, we do not transfer your data to recipients domiciled outside the European Union or the European Economic Area. In some exceptional cases, data may be transferred by our authorized service providers and sent to servers located in the U.S. Should such a transmission occur, it is always encrypted and based on appropriate safeguards to ensure an adequate level of data protection within the meaning of Art. 44 – 47 GDPR.
5. Your rights
5.1. Overview
In addition to the right to withdraw any consent you have granted to us, you have the following additional rights provided the respective statutory conditions are met:
- right of access with respect to your personal data stored with us pursuant to Article 15 GDPR;
- right to rectification of inaccurate personal data and right to have incomplete personal data completed pursuant to Article 16 GDPR;
- right to erasure of your personal data stored with us pursuant to Article 17 GDPR provided that no statutory or contractual retention periods or other statutory rights or obligations for further retention must be complied with;
- right to restriction of processing of your data pursuant to Article 18 GDPR;
- right to data portability pursuant to Article 20 GDPR;
- right to lodge a complaint with a supervisory authority.
5.2. Right to object
Provided the requirements of Article 21(1) GDPR are met, you may object to the data processing on grounds relating to your particular situation.
The aforementioned general right to object applies to all purposes of processing set out in this privacy policy carried out on the basis of Article 6(1)(f) GDPR. In contrast to the specific right to object to data processing for advertising purposes, in accordance with the GDPR we are only required to give effect to any such general right to object if you cite grounds of overriding importance.
6. Amendments to this privacy policy
This privacy policy will be revised whenever changes are made to our website or other circumstances so require. The most recent version is always posted on this website. We therefore recommend that you check this website periodically for changes to our policy.