Privacy Notice


Enterprise Privacy Statement

This Privacy Statement explains how John Deere and its controlled affiliates Process Personal Data. This Statement also answers specific questions that you may have regarding the privacy and security of collected data. This Statement is addressed to individuals with whom we interact, including visitors or users of our websites, applications (web or mobile), or online products and services; current and prospective customers; management and personnel of corporate customers and vendors; management and personnel of authorized dealerships and distributors; visitors to our facilities, museums, and attractions; and other recipients of our products and services. We refer to individuals whose Personal Data is Processed as ‘you’ in this Statement.

Personal Data is shared with members of the John Deere Group. A list of members belonging to the John Deere Group is available here and within the Binding Corporate Rules . Members belonging to the John Deere Group may jointly Process Personal Data in certain circumstances.

Country or product-specific privacy supplements may apply to the Processing of Personal Data in relation to specific products or services offered by John Deere that may generally require Processing of additional categories of Personal Data or Processing for different purposes.

John Deere products and services are distributed through a network of authorized dealers and distributors. The majority of these authorized dealers and distributors are independently owned and operated businesses that may have their own privacy statements.


1. Types of Personal Data We Collect

We Process Personal Data about you. This section contains some common examples. Depending on your country/region and Applicable Law, the examples below may be considered Personal Data and/or may be collected from you.

Personal Details and Contact Information

  • Name, date of birth, government identifiers, signature, image
  • Address, phone number, email address
  • Demographic information (such as gender, marital status, household, general location)
  • Username, password, social media profile
  • GPS location


Transaction and Financial Account Information

  • Financial information (such as accountholder, account number, credit/debit card information, financing/leasing information)
  • Transaction information (such as purchases, service history, payments, complaints, claims)
  • Credit application information (such as assets, liabilities, income, occupation, financial statement information, current and historical account information with us, equipment and the dollar amount being financed, credit information [including credit scores], property reports about any property which secures your obligation to us)
  • Insurance information (such as proof of insurance)


Preference and Relationship Information

  • Preference and relationship information (such as business type, interests)
  • Business role information (such as occupation, job title, contact information, company details, employment history)
  • Property, farm or business information
  • Language preference
  • Information about how you interact with us, authorized dealers and distributors, and business partners
  • Details of accounts with us (such as purchases, inquiries, customer accounts, warranty claims history, payment history)


Computer, Device, Online Service, Social Media, and Internet Information

  • Activity in our online services (such as username and password used to log in, date/time of visit, search details)
  • Device identifier for any device used to access our online services (such as model, serial number, usage tracking)
  • Information about pages or content visited on the online services
  • Social media profile and comments (including views and opinions), images, and other information you may post on message boards, user forms (including social media) or in response to surveys
  • Whether you have opened or read our communications
  • Cookies and other tracking technologies (See Cookie Statement )
  • Time and duration of use of the online services, error reports, and performance data. Information and data collected include your internet protocol (IP) address and information related to the IP address
  • Type and version of your device’s operating system or web browser
  • Hardware model and other unique device identifiers; and in some cases, your device’s location. This information may be logged when you use the online services


Sensitive or Special Personal Data

  • Some of the Personal Data that we may Process in connection with the Purposes in Section 3 may be deemed sensitive or special personal data under Applicable Law. In certain countries/regions, this data may not be collected.

We also collect Machine Data that is generated by, collected by, or stored in products or equipment or any hardware or device interfacing with products or equipment. For more information about how we may use Machine Data, see the John Deere Data Services & Subscriptions Statement and WIRTGEN GROUP WITOS Agreements . Examples of such data could include license, registration, VIN, location hours, diagnostic data, and usage information.


2. How We Collect Personal Data

We collect Personal Data from a variety of sources, including:

Information We Collect Directly from You:

We collect Personal Data when you interact with us. You may provide Personal Data to us electronically, in writing, or verbally. Common interactions where you provide Personal Data to us include when you:

  • Sign up for or purchase services or buy products and equipment
  • Register for an account
  • Use our online services, including our website
  • Sign up to receive a newsletter
  • Contact us for customer service purposes or register your warranty
  • Apply for financing
  • Respond to surveys


From Third Parties:

We receive Personal Data about you from third parties who provide it to us. Third parties include authorized dealerships and distributors, suppliers, insurance providers, your employer, credit reference agencies, and law enforcement or governmental authorities.

If you purchase or lease goods or services on credit, we generally collect Personal Data about you from you, credit bureaus, financial institutions and other creditors, your employer, and publicly available sources, to the extent permitted by Applicable Law. For example, we may collect Personal Data from certain third parties, like your employer to confirm your income details, creditors to confirm your creditworthiness and credit bureaus to obtain a credit report, or we may engage an agent to collect information on our behalf, or we may have existing Personal Data about you on file if you were a previous customer or a guarantor for another of our customers.

We may also collect Personal Data from third party data suppliers, who enhance our files and help us better understand our customers:

  • If you purchase any of our products or services through such third parties,
  • If you access social media sites, such as Facebook, or if you interact with a social media function on the online services such as a social medial plug-in (a Facebook "like" button),
  • If you ‘like’ our social media pages, or
  • If you join our communities

We (or third parties) use cookies and other technological tools to collect information about your computer or device and your use of John Deere and other third-party websites and applications. Please see our Cookie Statement at the bottom of our homepage for further information on the cookies we place.


3. How We Use Personal Data (the “Purposes”)

We will Process Personal Data where we are satisfied that we have an appropriate legal basis. Common legal bases and purposes for processing Personal Data include the following, unless another legal basis applies under the requirements of country or product specific laws:

Processing to Fulfill Contractual Obligations: We Process Personal Data to fulfill our contractual obligations to you. This Processing consists of:

  • Collecting and using Personal Data to provide the requested products and services
  • Delivering goods and services that you request
  • For related services such as product delivery, maintenance, customer and product support and service (including warranty service), financing, leasing, and credit services; and operation of the online services
  • Assessing your creditworthiness, in some countries/regions this is done through the use of automatic decision making
  • Servicing and collecting your account, responding to your related inquiries, processing your feedback, and providing you with support
  • Providing you with general customer services and to respond to your queries and complaints in relation to our services
  • Maintaining your access to related services and applications
  • Sending you service communications regarding maintenance, availability, functionality, or other matters


Processing Where You Provide Consent: We Process Personal Data based on your consent, which you may revoke at any time. This Processing may consist of:

  • Sharing Personal Data with our authorized dealers, distributors, and/or merchants so that they can support you when you purchase a product or service or as otherwise agreed between you and your dealer/merchant
  • Sharing Personal Data when you purchase or lease goods or services on credit from an authorized dealer or distributor, John Deere Financial Multi-Use Account merchant, or other person, or when you agree to guarantee someone else's obligations under such an arrangement
  • Sharing Personal Data with suppliers
  • Sharing Personal Data with authorized dealers and distributors for them to contact you with marketing information about John Deere’s products and services
  • Marketing to you about our products and services, and to identify goods and services which we believe may be of interest to you, including from authorized dealers and distributors, suppliers, and partners. We will contact you for marketing purposes only as you authorize in your marketing preferences
  • To administer sweepstakes, contests, loyalty programs, and other promotional events for which you sign-up or enter, such as scheduling and arranging tours of facilities or our attractions or participating in product introductions and other trade shows
  • To provide other information that may be of interest, such as announcements, reminders, service outages, product improvement programs, and technical service bulletins; news about John Deere, company magazines (such as The Furrow and Homestead), and catalogs; and invitations to trade shows, product introductions, and other events


Processing to Ensure Compliance:

  • We will Process Personal Data as required by Applicable Law or regulatory requirements that apply to John Deere.


Processing Based on Our Legitimate Interest. We may process Personal Data based on our legitimate interest, including as follows:

  • To monitor, maintain, and improve our IT environment and the applications that our customers use and that we use to manage our services
  • If necessary, we will Process Personal Data for the purposes of preventing or prosecuting criminal activities such as fraud and to assert or defend against legal claims
  • We may pseudonymize/anonymize Personal Data to create data sets, which we use for our business purposes, including developing new products and services
  • To evaluate your use of our services to assist with our development of new products and services, and to make improvements to our existing products and services


4. Why Personal Data is Disclosed by John Deere

We share Personal Data in the manner and for the purposes described below and in accordance with this Privacy Statement and any transaction specific document, unless we have informed you otherwise or if the Processing is in conflict with Applicable Law:

  • With the John Deere Group, where such sharing is helpful to provide you with our services or products or to manage our business
  • With other companies to perform specialized or professional functions for us
  • With third party service providers (who will operate under our instructions set out in a written agreement with us) to assist us in providing information, products, or services to you, in conducting and managing our business, or in managing and improving our products or services. We share your Personal Data with these third parties to perform services, subject to appropriate contractual restrictions and security measures. These include IT service providers who help manage our IT and back-office systems and machine services, including internet and software services: data hosting, data conversion, and cloud computing capabilities, account management and security, testing, debugging, error reporting, and usage analytics, as well as mobile telecommunication providers
  • With regulators and courts, to comply with all Applicable Laws, regulations and rules, and requests of law enforcement, regulatory and other governmental agencies
  • With authorized dealers and distributors so that they can support you. They may use your Personal Data in the ways set out in “How We Use Personal Data” in Section 3 above or relating to products and services that complement our own range of products and services. These services may be subject to separate terms and conditions and privacy policies
  • With our partners, affiliates, or advertisers, we may share aggregate, statistical, or traffic pattern data so that you have more personalized offerings
  • With the online services that may contain plugins or third-party content, such as Facebook (the “like” button), Twitter (“Share to Twitter” button), LinkedIn, or Google. For more information, see our Cookie Statement .
  • If, in the future, we sell or transfer some or all of our business or assets to a third party, we may share information to a potential or actual third-party purchaser of our business or assets


5. Cookies and Similar Collection Technologies

Technical information that may also constitute Personal Data (your browser type, operating system, IP address, domain name) may be collected via cookies and other tracking technologies (such as transparent GIF files). Please see our Cookie Statement at the bottom of our homepage for further information.


6. How to Access and Control your Personal Data

You have certain rights in relation to Personal Data, subject to certain exemptions and depending on your country/region, and in some cases dependent upon the Processing activity we are undertaking. If you have these rights in your country/region, such as in the EU/UK, and if you wish to access, correct, update, request deletion, request information, object, request restriction of processing, request data portability, not be subject to decisions based solely on automated processing, or otherwise take action with respect to Personal Data, you can exercise your rights by completing a data subject request form below at any time or by contacting us using the contact details provided in Section 12 (‘How to Contact Us’) below.

Data Subject Request Form

If we have Processed Personal Data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any Processing we conducted prior to your withdrawal, nor will it affect Processing of Personal Data conducted in reliance on lawful processing grounds other than consent.

In certain countries/regions, you have a right to lodge a complaint with your local supervisory authority if you have concerns about how we are Processing Personal Data. We ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority at any time.

If you have any questions about Personal Data, please contact us using the contact details provided in Section 12 below. We may ask you for additional information to confirm your identity and for security purposes, before disclosing the Personal Data requested by you. In accordance with Applicable Law, we reserve the right to charge a fee where permitted by law, for instance if your request is unfounded or excessive.

Subject to legal and other permissible considerations, we will make every reasonable effort to honor your request promptly or inform you if we require further information in order to fulfill your request. We may not always be able to fully address your request, for example, if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.

In certain countries/regions you may unsubscribe from receiving marketing and promotional communications from us by unsubscribing at the appropriate link or writing to us at the contact information in Section 12 below. If you receive our email communications, you may also unsubscribe by clicking on the unsubscribe link included in each email. Please note that you may continue to receive transactional and account-related communications from us.

In some cases, the exercise of these rights (for example, erasure, objection, restriction or the withholding or withdrawing of consent to processing) may make it impossible for us to achieve the purposes identified in Section 3 of this Privacy Statement.


7. Information & Data Security

We have implemented and maintain appropriate technical and organizational security measures, policies, and procedures designed to reduce the risk of accidental destruction or loss, or the unauthorised disclosure or access of Personal Data. For further information on our cybersecurity program, please see our latest company Sustainability Report or contact us as outlined in Section 12 below.


8. Data Retention

We will store Personal Data for as long as is necessary for the purposes for which it was collected, as explained in this Privacy Statement or in any transaction specific document. In some circumstances we may store Personal Data for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax, or accounting requirements. In specific circumstances, we may store Personal Data for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to Personal Data or your dealings. Personal Data is retained in accordance with our record retention schedule and with applicable legal provisions. Subject to our record retention schedule and with applicable legal requirements, we will delete and/or anonymize Personal Data that are no longer needed.


9. Transferring Personal Data Globally

John Deere operates on a global basis. Accordingly, Personal Data may be transferred and stored in countries around the world, including the European Union (“EU”), the United States of America, Brazil, India, and other countries where John Deere has offices, authorized dealers and distributors, or service providers. These locations often have different standards of data protection. Realizing these differences, when we transfer Personal Data to other countries, we will protect that information as described below in this Privacy Statement or as disclosed to you at the time of data collection.

John Deere will take appropriate steps to ensure that transfers of Personal Data are in accordance with Applicable Law and carefully managed to protect your privacy rights and interests. We have established and implemented a set of Binding Corporate Rules (‘BCRs’) for the EU amongst members of the John Deere Group that have been recognized by EU data protection authorities as providing an adequate level of protection to the Personal Data we process globally. A copy of our BCRs is available here .

In all other countries outside of the EU, when transferring Personal Data between members of the John Deere Group, appropriate measures have been implemented such as standard contractual clauses, certifications, codes of conduct, or other valid data transfer mechanisms. Our internal policies and codes of conduct also require compliance with all applicable privacy laws and regulations.

Where we transfer Personal Data outside of John Deere or to third parties who help provide our products and services, we obtain contractual commitments from them to protect Personal Data. Some of these assurances are well recognized data transfer terms, such as EU Standard Contractual Clauses.

Where we receive requests for information from law enforcement or regulators, we carefully validate these requests before any Personal Data is shared, and then only share Personal Data as appropriate.

You may contact us for more information about our use of service providers and the safeguards we have put in place (including a copy of relevant contractual commitments) to ensure the adequate protection of Personal Data when transferred as mentioned above.


10. Children’s Privacy

The John Deere website and applications are not directed to children or adolescents, and we do not knowingly collect any Personal Data directly from children under the age of 18. If you believe that we are processing information pertaining to a child, please contact us using the information provided under the ‘How to Contact Us’ section below so that we may investigate and restrict the data.


11. Changes to this Privacy Statement

From time to time, we may update this Statement to reflect new or different privacy practices. If we make changes, we will revise the “Last Updated” date at the bottom of this Statement.


12. How to Contact Us/Common Controllers

Please contact us if you have any questions or comments about our privacy practices or this Privacy Statement. Our appointed data privacy officers (or similar) are also noted here .


Definitions

Personal Data is defined under Applicable Law. It often means any information relating to an identified or identifiable natural person (‘Data Subject’). An identifiable natural person often means one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, etc.

In South Africa and in Argentina, Personal Data of corporate entities is also protected by applicable data privacy laws. When processing such Personal Data in South Africa and in Argentina, we will process it in accordance with this Privacy Statement.

Processing is defined under Applicable Law, including but not limited to actions such as collecting, storing, using, accessing, amending, deleting, destroying, or sharing data.

Machine Data is data generated by, collected by, or stored in your equipment or any hardware or device interfacing with your equipment.

Applicable Law means any relevant and applicable laws, rules, regulations, decrees, statutes, enactments, orders, mandates, and resolutions pertaining to data security, data protection, privacy, and/or the Processing of Personal Data, and which applies to the John Deere Group.

Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

The Deere entity with which you have a primary relationship with is the controller of personal data collected from individuals within the scope of this Statement. This entity may vary depending on the situation. It may be the entity that concluded services/supply contract with you or with your employer the entity that has provided you with marketing and promotional materials and communications; the primary entity in the country operating the John Deere website which you visited; the entity that operates the local facilities that you visited, the entity which (co)-organized an event; etc.

When there is more than one entity responsible for the processing, such as: when two Deere entities co-sign a business contract with your company, such entities are jointly responsible for the lawfulness of a specific processing activity (“Joint Controllers”).

On some occasions, more than one Deere entity may process your personal data as independent controllers. If you have any questions about controllership, do not hesitate to contact us (see Section 12 for contact information).


Website Privacy Policy

I. Name and address of the Controller II. Contact information for the Data Protection Officer III. General data processing information IV. Provision of the website and creation of logfiles V. Font „Avenir“ VI. Use of cookies VII. Forms and email contact VIII. Hosting and infrastructure provider IX. Newsletter X. Online Application XI. Compliance Hotline XII. RSS Feeds XIII. Google Maps XIV. Social Media Links XV. Your rights

I. Name and address of the Controller

The controller and service provider is:

WIRTGEN GROUP („we“, „us“ or "Wirtgen Group")
Branch of John Deere GmbH & Co. KG
Reinhard-Wirtgen-Straße 2
53578 Windhagen, Germany
Telefon: +49 (0) 2645-131 0
Telefax: +49 (0) 2645-131 392
E-mail: info@wirtgen-group.com
Website: https://www.wirtgen-group.com


II. Contact information for the Data Protection Officer

You can contact our data protection officer:

Data Protection Officer
c/o WIRTGEN GROUP Branch of John Deere GmbH & Co. KG
Reinhard-Wirtgen-Strasse 2
53578 Windhagen, Germany
E-mail: datenschutz@wirtgen-group.com


III. General data processing information

The protection of your personal data is very important to us. We process your data primarily to provide a working and easy-to-use website. Your data will always be processed in accordance with the relevant legal regulations.

We furthermore process your data only if and insofar as this is permitted by statutory provisions. Additional information is available in the following statements.


IV. Provision of the website and creation of logfiles

Every time our website is accessed, our system automatically collects data and information from your computer system. We collect the following data:

  • (1) information about the browser type and version used
  • (2) your operating system
  • (3) your IP address
  • (4) date and time of access
  • (5) websites from which your system reaches our website
  • (6) name of files retrieved or URL
  • (7) data volumes transferred
  • (8) http status code (e.g. “inquiry successful” or “requested file not found”), methods (e.g. “GET” or “POST”), and version (e.g. “HTTP/2.0” or “HTTP/1.1”)

This data is stored in the log files of our system. There is no storage of the aforementioned data together with other personal data.

We use this data to secure our IT systems. Furthermore temporary storage is used for error detection and error prevention. The data will not be used for marketing purposes in this context. The legal basis for the temporary storage of data and the logfiles is Art. 6 para. (1) lit. f) of the European General Data Protection Regulation (“GDPR”).

The data is stored until it is no longer necessary in relation to the purposes for which they were collected or otherwise processed. If data is required to deliver the website, the necessity ends when the session ends. Your data will be deleted automatically at the end of the session. If stored in our log files, the data will be erased after seven days at the latest. If the data is stored longer than this, your IP address will be deleted or alienated so it cannot be traced back to you or your internet connection.

The hosting of our website is carried out on our behalf by processors which are acting under our authority and in compliance with GDPR and do not forward your data to third parties without authorization.


V. Font „Avenir“

For our website we use the font “Avenir” provided by the company Monotype GmbH, Horexstraße 30, 61352 Bad Homburg, Berlin branch: Bergmannstraße 102, 10961 Berlin, Germany. This ensures that the website looks the same for all visitors, regardless of which device and which browser is used.

For this purpose, your personal data will only be processed by us to deliver the website with all headlines to you and personal data will not be transmitted to a third party. Monotype GmbH tracks the number of views of the fonts on our website as well as our data for contractual purposes.


VI. Use of cookies

Our website uses "cookies". These are text files that are stored on your computer system. It contains a custom string that identifies your browser the next time you visit the site. When you visit our website, a cookie may be stored on your system.

The following sections to no. 1 ("Obligatory or necessary cookies”), to no. 2 (“Functional cookies"), and to no. 3 ("Targeted or marketing cookies") are meant to explain in detail what types of cookies we use and what data is processed.

Unless other erasure periods are listed in the following explanations, the following applies to the retention period regardless of the type and use of cookies:

You have unrestricted control over the use of cookies. They are stored on your computer and the data is transferred from your computer to our page. By default, most browsers are configured to accept cookies. However, changing the browser settings can disable or restrict the use of cookies. Already saved cookies can be deleted at any time. This can also be done automatically by setting your browser accordingly.

If cookies are generally disabled for our website, you may not able to use all features on our website.

The legal basis for the processing for all types of cookies is therefore Art. 6 para. 1 lit. a) GDPR.

1. Obligatory or necessary cookies
Obligatory or necessary cookies are cookies that are required for the functionality of the online services. They are, for example, used to enable the execution of the online services, to store previous actions (e.g. text entered if you go back to a page within one session), securely design the online services, and to manage the online services (e.g. prevention of fraud). Without these cookies, online services would not function properly, or the WIRTGEN GROUP would not be able to offer certain services.

Legal basis for the processing of personal data using technically necessary cookies is Art. 6 para. 1 lit. f) GDPR. The data collected using technically necessary cookies is not used to create user profiles.

If you object to the use of these cookies or if you configure your browser accordingly, our website will not recognize your browser and certain content may not be retrievable or data (e.g. from an input field) may be lost.

The obligatory cookies used by us are session cookies that are automatically deleted at the end of the session.

2. Functional Cookies
Functional cookies are cookies that are not necessary for the execution of online services but facilitate the use of online services by storing certain selected options or offering expanded functions. They are, for example, used to store websites headings or options, e.g. the selection of a language or other online settings (e.g. fonts). These cookies and other technologies may be used to provide requested functions, e.g. displaying a video.

Functional cookies also collect information on how online services are used, among other things the pages that are most frequently retrieved, the browser or operating systems that are used, or from which page the users arrive at the online services, whether a product or link is displayed or used, and which error messages have been generated. This information helps us improve the online services, capture the number of visitors, determine patterns of views, rectify problems within the online services, and improve the design for using the online services.

Some analysis and performance cookies are used in connection with services provided by third-party providers, among them:

  • Adobe Analytics is an Internet analysis service by Adobe. Adobe Analytics is used to capture information on your use of online services. The generated data is transmitted to Adobe servers in the US and is stored there. Additional information is available on the Adobe website .

Through the gained statistics we can improve our offer and design it more interesting for you as a user. Legal basis in addition to the consent granted by you within the scope of the cookie consent manager is therefore also our legitimate interest pursuant to Art. 6 para. 1 lit. f) GDPR.

The placed cookie is valid for seven days. Non-anonymized log files on our servers are automatically deleted after 7 days.

3. Targeted or marketing cookies
These cookies collect information on your surfing behavior and your online behavior even across different browsers and devices used by you in order to display advertisement in the online services and other visited sites that could be of interest for you. Your surfing behavior in the online services and your activities on other websites can, for example, be used to derive information about you, which is then used to design advertisement that is more relevant to you (frequently referred to as “interest-based advertisement”). They are also used to limit the display frequency of advertisements and determine the efficiency of advertisement campaigns. They store the information that you have visited the online services (including visited pages and links clicked on) and possibly forward this information to other companies, e.g. advertisers and marketing networks. These cookies are usually placed by third parties. Data collected through functional cookies (e.g. analysis and performance cookies) can also in part be used for advertisement purposes.

4. Management of cookies
Click on the button below in order to access the cookie consent manager of the WIRTGEN GROUP. The cookie consent manager is a browser-cookie-based tool through which you can change the settings regarding certain functional, targeted, or advertisement cookies. The settings for obligatory cookies cannot be changed because they are necessary. The tool communicates the chosen setting to the third-party providers, which then initiate an opt-out. The effects of this setting are described in the cookie policy, privacy policy, and/or data forwarding declaration of the third-party provider.

An opt-out cookie is placed in your browser for the technical implementation of your objection. This cookie serves only to allocate your objection. Please note that for technical reasons, an opt-out cookie is effective only in the browser in which it was placed. If you delete the cookies or use another browser or another terminal device, you have to place the opt-out cookie again.

Change cookie settings: Cookies Preferences


VII. Forms and email contact

We use Silverstripe to create forms. Your transmitted data is stored on our server for 7 days and is then deleted.

https://www.silverstripe.org/

You can contact us through a form on our website or by email. If you enter data in the input fields provided for this purpose, then this data will be transmitted to us and processed by us.

We furthermore process the data that you voluntarily transmit to us.

If you contact us through the provided email address, then the personal data transmitted with your email will be processed (e.g. email address, name, first name, and other voluntary data).

Legal basis for processing the data transmitted is Art. 6 para. 1 lit. f) GDPR as we have a legitimate interest in being able to respond to your message. If contacting through a form or email is connected to the conclusion or performance of a contract, Art. 6 para. 1 lit. b) GDPR serves as an additional legal basis for processing your data. Insofar as processing of personal data is necessary for the fulfillment of a legal obligation incumbent upon us, the legal basis for this is Art. 6 para. 1 lit. c) GDPR.

We process personal data from the input masks or e-mails exclusively for the correspondence with you. We will not forward your personal data to a third party. However, if you have specific questions, your information including your personal data may be forwarded to other WIRTGEN GROUP companies, technical and legal experts, or translators.

You can object to the processing of your personal data by simply sending a message without any requirements as to form to the above-stated contact information.

In these cases, a processing of your message may however not be possible.

If data is required for the fulfillment of a contract or the performance of pre-contractual measures, early deletion may be possible only insofar as contractual or statutory obligations permit such. The respective applicable retention periods must be determined separately for the respective contracts and contractual parties.

When you send your message through the respective form, the following data is additionally stored:

  • (1) date and time of sending

Processing of this data during the sending process is to prevent misuse of the contact form and to ensure the security of our information technology systems. Therefore, Art. 6 para. 1 lit. f) GDPR serves as a legal basis. The personal data additionally collected during the sending process will be deleted after a period of seven days at the latest, unless statutory or contractual purposes permit a longer retention period.


VIII. Hosting and infrastructure provider

For the operation and provision of this website, we have leased servers from Microsoft Azure. These servers meet various certifications, among them ISO 27001. The Microsoft Corporation (One Microsoft Way, Redmond, Washington 98052, USA) is the operator of these servers.

The servers are located in the European Union as well as United States of America. Insofar as personal data of EU citizens is transferred to computer centers outside of the European Union, these computer centers meet the same level of protection on the basis of standard contractual clauses.

Privacy policy: https://privacy.microsoft.com/en-gb/privacystatement


IX. Newsletter

You can subscribe to our gratuitous newsletter. For this purpose, we process the following data:

  • name
  • first name
  • email
  • company

Your data is processed with your consent, which you declare by checking a box during the registration process. Art. 6 para. 1 lit. a) GDPR serves as a legal basis. After subscribing, you will receive an email in which we request your confirmation of your subscription. This confirmation is necessary so that nobody can register with foreign email addresses.

Art. 6 para. 1 lit. b) GDPR and Art. 6 para. 1 lit. f) GDPR serve as a legal basis because the processing of data is also necessary to deliver the requested newsletter.

Data will not be forwarded to third parties within the scope of data processing for sending newsletters. The data is used exclusively for sending the newsletter. However, newsletters are send on our behalf by processors in terms of Art. 28 GDPR, which pursuant to Art. 4 No. 10 GDPR are not “third parties” in terms of GDPR.

You are authorized to cancel subscription of the newsletter at any time. Each newsletter contains a corresponding link to unsubscribe. With this we simultaneously enable you to revoke your consent to storage of your data. You can also revoke your consent at any time without requirements as to form to the above stated contact information.

We delete your data as soon as it is no longer necessary for achieving the purposes for which it was collected. Your email address will be stored as long as you subscribe to the newsletter.

Newsletter subscriptions will be recorded in order to verify that the subscription process meets legal requirements. This includes storage of the time of registration and confirmation as well as your IP address. This personal data collected within the scope of the subscription process is generally deleted 7 days after collection.


X. Online Application

You can apply for jobs on our website. You can either use the online application tool or send us your up to date CV via e-mail. You can find our vacancies here:

https://www.wirtgen-group.com/career/

In this respect we use the software Umantis Talent Management as well as other services of Haufe-Lexware GmbH & Co. KG, a company of the Haufe Group, Munzinger Straße 9, 79111 Freiburg, which acts as a processor. The processor is bound by our instructions as well as by the GDPR and does not pass on your data to third parties without our instruction.

Haufe hosts the individual application forms. You therefore leave our website and are redirected there if you click on the link to the online application.

If you use the application form, the following personal data will be transmitted to us and processed by us (mandatory information is marked with a *):

  • (1) First and last name*
  • (2) Date of Birth
  • (3) Email address*
  • (4) Password*
  • (5) Language
  • (6) Address
  • (7) Phone
  • (8) URL of your LinkedIn und Xing-Profile
  • (9) Place of Birth
  • (10) Information on your age* & Name of parents if not of legal age

We furthermore process the data that you voluntarily submit to us as a message or which is contained in the transmitted attachments.

Prior to sending the data, we ask for your consent for the processing of your data and we refer to this privacy statement. Your data is then processed with your consent. Therefore legal basis is Art. 6 para. 1 lit. a) GDPR.

You have the right to withdraw your consent at any time. You can address your withdrawal at any time, without requirements as regards form, to the above-stated contact information or the processor responsible for your job application. However, a processing of your application may then no longer be possible.

Furthermore, additional legal basis is § 26 BDSG (Federal Data Protection Act).


XI. Compliance Hotline

1. For what purposes is the Compliance Hotline operated?
Section 301 (4) of the Sarbanes-Oxley Act (SOX) requires the establishment of a whistle-blower system. The German Corporate Governance Code (Section 4.1.3) also recommends the establishment of whistleblower systems. Regardless of these statutory requirements, whistleblower systems are also generally considered a suitable component of effective compliance management systems (CMS), since they provide a protected space where employees and third parties can report compliance violations. The Compliance Hotline is such a whistleblower system.

2. On what legal basis do we process your data?

  • We process the data in order to detect compliance violations and criminal offenses (e.g. for the prevention of corruption) on the basis of points (c) and (f) of Art. 6(1) GDPR and/or Section 4 para. 1 sentence 1 no. 1 BDSG [German Federal Data Protection Act].
  • Therefore, we use the Compliance Hotline to pursue our legitimate interests in the con-text of the performance of the employment relationship and for the investigation of criminal offenses; cf. Sec. 26 GDPR.
  • Under the conditions of Article 88(1) GDPR and Section 26 para. 1 sentence 2 BDSG, it is permissible to collect, process and use employee data through whistleblower systems.

3. Who is involved in the processing of my data?
The following parties are involved in the processing of your data:

  • WIRTGEN GROUP Branch of John Deere GmbH & CO. KG, Reinhard-Wirtgen-Straße 2, 53578 Windhagen, Germany
  • Deere & Company, One John Deere Place, Moline, IL 61265, United States
  • NAVEX Global, 5500 Meadows Road, Suite 500, Lake Oswego, OR 97035, United States (Hotline provider)

If necessary, data is disclosed to:

  • internal departments such as Management and Legal & Compliance
  • law enforcement and administrative agencies, courts and lawyers.
  • To investigate your request, information, including your personal data, may be disclosed to other WIRTGEN GROUP companies, technical and legal experts or translators for the above-mentioned purposes.

4. Is the data transferred to a third country?
The data is transferred to the parent company's Center for Global Business Conduct and the service provider, both of which are located in the United States. However, WIRTGEN GROUP has taken precautions to ensure the protection of your data.

5. Which data must and/or may be provided and what happens to it?
Information is provided at the whistleblower’s discretion, which is why it is not possible to determine the precise categories of personal data independently from the individual case.


XII. RSS Feeds

You can subscribe to our RSS Feeds and receive relevant news on our business. Our posts and articles are being shown in your feed reader. Unlike newsletters this does not require processing of your personal data. If you like to learn more about processing of your data using RSS Feeds please contact the operator of your feed reader.


XIII. Google Maps

In order to provide you with virtual maps our website uses Google Maps by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

We have integrated Google Maps in compliance with data protection laws. As a result, your data will not be transferred to Google unless you activate the map. By doing this you give your consent regarding the processing of your data according to Art. 6 para. 1 lit. a) GDPR.

By using Google Maps the service operator receives the following data:

  • IP-Address
  • Date and time of your request
  • Time Zone
  • Details of the request
  • HTTP-Statuscode
  • Data volume
  • The website from which you have accessed the accessed website (referrer)
  • Browser details
  • Operating System
  • Language and version of your browser

This is done regardless of whether Google provides a user account through which you are logged in or do not have a user account. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish the association with your Google profile, you will need to log out beforehand. Google stores your data as user profiles and uses it for the purpose of marketing, market research, and/or appropriate design of its website.

Such analysis is performed in particular (even for users that are not logged in) to provide appropriate advertisement and to inform other users of the social network of your activities on our website. You may be entitled to a right to object to the creation of these user profiles and to exercise this right to must contact Google.

Further information regarding the scope and purpose of data collection and processing by the plug-in provider is available in the privacy statements of the provider. There you will also find additional information regarding your rights and settings options to protect your privacy: http://www.google.de/intl/de/policies/privacy .


We do not use social media plugins on our websites. The featured icons are hyperlinks to the mentioned social media platforms. By clicking these links you will be redirected to the WIRTGEN GROUP YouTube channel, our Twitter page, and our LinkedIn page. When clicking on these links, the respective page operator will process your personal data. If you are logged in to your respective account, the visit of our website may be associated to your profile.

Additional details are available on our respective privacy statements on the social media page and the information of the platform operator (YouTube: https://policies.google.com/privacy?hl=en ; Twitter: https://help.twitter.com/en/twitter-for-websites-ads-info-and-privacy )


XV. Your rights

We would like to inform you about your rights regarding the processing of your personal data.

1. Revocation of your consent (Art. 7 para. 3 GDPR)
You have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. Prior to giving consent, you will be informed thereof.

2. Right to access (Art. 15 GDPR, Sec. 34 BDSG)
Pursuant to Art. 15 GDPR you have the right to obtain from us confirmation as to whether we process your personal data, and, where that is the case, access to the personal data and the following information:

  • the purposes of the processing;
  • the categories of personal data concerned;
  • the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;
  • where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
  • the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
  • the right to lodge a complaint with a supervisory authority;
  • where the personal data are not collected from you directly, any available information as to their source;
  • the existence of automated decision-making, including profiling, referred to in Article 22 para. (1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for your data.

If personal data are transferred to a third country or to an international organization, you have the right to be informed of the appropriate safeguards ensuring compliance with the provisions of GDPR at these recipients.

3. Right to rectification (Art. 16 GDPR, Sec. 35 BDSG))
You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

4. Right to erasure or “right to be forgotten” (Art. 17 GDPR, Sec. 35 BDSG)
You have the right to our erasure of your personal data without undue delay insofar as one of the following grounds applies:

  • the data are no longer necessary for the purposes for which they were collected or otherwise processed;
  • you withdraw consent on which the processing is based and no other legal ground for the processing applies;
  • you object to the processing pursuant to Article 21 para. 1 GDPR for reasons based on your particular situation and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing;
  • You object to the processing for direct advertisement pursuant to Article 21 para. 1 GDPR
  • the personal data have been unlawfully processed;
  • the personal data have to be erased for compliance with a legal obligation in Union or Member State law;
  • the personal data have been collected in relation to the offer of information society services referred to in Article 8 para. 1 GDPR.

Where we have made the personal data public and are obliged to erase the personal data, we, taking account of available technology and the cost of implementation, take reasonable steps, including technical measures, to inform controllers which are processing the respective personal data thereof.

5. Right to restriction of processing (Art. 18 GDPR)
According to Art. 18 GDPR, we may only process data to a limited extent where one of the following applies:

  • You contest the accuracy of your data, until we can verify its accuracy,
  • The processing is unlawful and instead of requesting the erasure of the data you ask for the restriction of use of the personal data,
  • We no longer need the data for the purposes of processing, but you do need it to establish, exercise or defend legal claims, or
  • You objected to the processing pursuant to Art. 21 para. (1) GDPR for reasons arising from your particular situation, provided it is not yet clear whether our legitimate reasons for processing override your interests

If processing is restricted we are allowed to only store this data. Further processing shall only be permitted with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.

You are authorized to withdraw your consent granted in this regard at any time.

6. Notification obligation regarding rectification or erasure of personal data or restriction of processing (Art. 19 GDPR)
We are obliged to inform all recipients of your data of any correction or deletion or any restriction on processing thereof, unless this proves impossible or involves disproportionate effort.

We will inform you about those recipients if you request it.

7. Right to data portability (Art. 20 GDPR)
You have the right to receive the personal data which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from us, where the processing is:

  • based on your consent or contract and
  • carried out by automated means.

In exercising your right to data portability, you have the right to have the personal data transmitted directly from us to third party, where technically feasible. This right shall not adversely affect the rights and freedoms of others.

8. Automated individual decision-making, including profiling (Art. 22 GDPR)
On our website, your data is not subject to decisions based solely on automated processing (e.g. profiling).

9. Right to object (Art. 21 GDPR)
If we process your data on the basis of a legitimate interest (Art. 6 para. (1) lit. f) GDPR), you have the right to object, on grounds relating to your particular situation. This also applies to profiling based on those provisions. In this case, we will no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or grounds for the establishment, exercise or defense of legal claims.

Where we process personal data for direct marketing purposes, you have the right to object at any time to processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing.

If you object to processing for direct marketing purposes, your data shall no longer be processed for such purposes.

To object, simply address a message without requirements as regards form to the contact information listed on p. 1.

10. Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)
Without prejudice to any other administrative or judicial remedy to which you may be entitled, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement if you consider that the processing of your personal data infringes the data protection regulations.


Privacy Information: WIRTGEN GROUP Portal

Controller and Data Protection Officer

The controller is:

WIRTGEN GROUP
Branch of John Deere GmbH & Co. KG
Reinhard-Wirtgen-Strasse 2
53578 Windhagen
Germany
Phone: +49 (0) 26 45 - 131 - 0
E-Mail: info@wirtgen-group.com
Internet: www.wirtgen-group.com

You can also contact the WIRTGEN GROUP data protection officer at any time. Preferably by e-mail to: datenschutz@wirtgen-group.com

Information about Data Processing

Protecting your privacy is extremely important to us, so it goes without saying that we comply with all legal provisions governing data protection. In the following, we would like to briefly describe how we process your personal data:

Processing/Purpose
WIRTGEN GROUP Portal:
1. Support and provision of business processes
2. Protection and criminal prosecution

Categories
User ID, first name, last name, e-mail address, log data, IP address, essential cookies

Legal Basis

  • 1. Article 6(1) (b) of the GDPR Contract
  • 2. Article 6(1) (f) of the GDPR
    Legitimate interests:
    • The monitoring, maintenance, and improvement of our IT environment and the applications that our users use and which we use for the management of our services
    • If necessary, we shall process personal data in order to prevent or take legal action against criminal acts such as fraud and exercise or defend our legal rights against such acts.

Retention Period:

  • Log data about the utilization of applications in the WIRTGEN GROUP Portal: not more than 12 months
    Such data will be anonymized at the latest after the expiry of the 12-month retention period.
  • Log data about internal program processes in the WIRTGEN GROUP Portal: 90 days
  • User ID: As long as the user is active or still relevant Deletion via the leave process

Provision of the WIRTGEN GROUP Portal and the Generation of Log Files

Every time you visit our website, our system automatically collects data and information about your computer system. We collect the following data:
(1) Information about the browser type and the version used
(2) Your operating system
(3) Your IP address
(4) User name
(5) Date and time of the visit
(6) Name of files accessed or URLs used
(7) HTTP Referer (name of the website from which your system accessed our website)
(8) HTTP status-code (e.g. “OK“ or “File not found“)

These data are saved in the log files generated by our system. The data listed above are not saved together with any other personal information.
We utilize these data for the protection of our IT systems. The data in this context are not utilized for marketing purposes. The legal basis for temporary storage of these data and log files is Article 6(1)(f) of the General Data Protection Regulation (hereinafter: “GDPR”).
The data will be stored for as long as required for the fulfillment of the purpose for which they were collected. Insofar as the data are necessary for the provision of the website, this necessity lapses as soon as the respective session is closed. Under certain circumstances, the remaining data, which in any case provide no inferences to your person, may be retained for a longer period of time.

Use of Cookies

Our website uses cookies. Cookies are text files that are saved in or by your web browser on your computer system. When you visit our website, a cookie may be stored on your system. It contains a unique string of characters that can be used to identify your browser the next time you visit the website.
In the following section about “Essential Cookies”, we provide a detailed explanation of how we use cookies and which data are processed.
Insofar as the following information does not specify any other retention periods, the following applies collectively with respect to the retention period, irrespective of the type and purpose of the cookies:
You have complete control over the use of cookies. These are stored on your computer and the data they contain is transmitted to our site. Most browsers are set to accept cookies by default, but by changing your browser settings, you can disable or restrict the transmission of cookies. Any cookies that have already been saved can be deleted at any time. This can also be performed automatically by appropriate configuration of your browser settings Please note that if you deactivate all cookies for our website, you may no longer be able to fully use all of its features and functions.

Essential Cookies

Essential cookies are cookies that are required for ensuring the correct function of the online services we provide. Essential cookies are, for example, used to enable the provision of online services, for saving and storing earlier activities (e.g. login times), making online services secure, and for the management of the online services (e.g. the prevention of fraud). Without these cookies, the online services would not function correctly and it would not be possible to provide some of the services offered by the WIRTGEN GROUP.
The legal basis for the processing of personal data by the use of essential cookies is Article 6(1)(f) of the GDPR. The data collected by essential cookies are not utilized for the creation of user profiles.
Should you have configured your browser to disable such cookies, our website will not recognize your browser and it may well happen that certain content is not accessible or that data previously entered (e.g. in an input mask or form) will be lost.
In the case of the essential cookies we use, these are so-called “session cookies”, which are deleted automatically at the end of each session.

Recipients of Your Personal Data/Data Transfer to Third Countries

Within the company, the recipients of your personal data are the specialist departments responsible for processing the data in question.
Parallel to this, we assign the processing of certain information to external service providers. We have entered into agreements with these service providers that assure that the privacy of your personal data is preserved at all times. Insofar as said service providers process your personal data in third countries, they are obligated to maintain appropriate privacy standards in accordance with Articles 45 and 46 of the GDPR, either due to the existence of an adequacy decision on the part of the EU Commission or other suitable guarantees (e.g. standard contractual clauses for the transfer of personal data).
Your personal data may also be transferred to further recipients outside the organization when this is in the legitimate interest of the company for the fulfillment of legal or contractual obligations.

Your Rights in Relation to the Processing of Your Personal Data

We would like to inform you about your rights in relation to the processing of your personal data. Should you have any questions regarding your rights or wish to assert your rights vis-à-vis our company, please contact our data protection officer at datenschutz@wirtgen-group.com or at the above mailing address, adding “Data Protection Officer.”

Right to Withdraw Your Consent (Article 7(3) of the GDPR)

If you have granted your express consent to the processing of your personal data, you may withdraw this consent at any time. Withdrawing your consent does not affect the lawfulness of processing carried out on the basis of your consent before its withdrawal. You will be informed of this right of withdrawal before you grant your consent.

Right of Access (Article 15 of the GDPR)

You have the right to obtain confirmation as to whether or not we are processing your personal data. If this is the case, you have the right to access this personal data. Where personal data is transferred to a third country or to an international organization, you also have the right to be informed of appropriate safeguards that ensure that recipients fulfill the requirements of the GDPR.

Right to Rectification (Article 16 of the GDPR)

You have the right to obtain from us without undue delay the rectification of inaccurate personal data. Taking into account the purposes of the processing, you also have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

Right to Erasure, i.e. “Right to Be Forgotten” (Article 17 of the GDPR)

You have the right to immediately obtain the erasure of your personal data without undue delay where one of the following grounds applies:

  • The personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
  • You withdraw consent and there is no other legal ground for the processing;
  • You object to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing;
  • You object to the processing for the purposes of direct marketing pursuant to Article 21(2) of the GDPR;
  • the personal data has been processed unlawfully;
  • The personal data has to be erased to comply with a legal obligation in European Union or German law;
  • The personal data was collected in relation to the offer of information society services directly to a child referred to in Article 8(1) of the GDPR.

We will comply with your request to erase the data unless we are required or authorized by law to continue to store and process your data. In addition, we are authorized to retain your data if it is not possible for us to assert, exercise or defend against legal claims without your data.

Right to Restriction of Processing (Article 18 of the GDPR)

Pursuant to Article 18 of the GDPR, we may process data only to a restricted extent if:

  • You contest the accuracy of the personal data, for a period enabling us to verify the accuracy of the personal data;
  • The processing is unlawful and you object to the erasure of your personal data and request the restriction of its use instead;
  • We no longer need the personal data for the purposes of the processing, but you require the data for the establishment, exercise, or defense of legal claims;
  • You have objected to processing pursuant to Article 21(1) paragraph 2 of the GDPR pending the verification of whether our legitimate grounds override your interests.

Where processing has been restricted, we are only authorized to store these data. In this case, further processing is only permitted with your consent or for the establishment, exercise, or defense of legal claims, for the protection of the rights of another natural or legal person, or for reasons of important public interest of the European Union or of an EU member state. You can withdraw your consent in this regard at any time. We will inform you before the restriction of processing is lifted.

Notification Obligation (Article 19 of the GDPR)

Please note that we are obligated to communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom your personal data has been disclosed. This does not apply if doing so proves impossible or involves disproportionate effort.
We will inform you about these recipients on request.

Right to Data Portability (Article 20 of the GDPR)

You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format. You also have the right to instruct us to transfer this data to a third party in certain cases. This right may not, however, adversely affect the rights and freedoms of others, including our company. If this is the case, we are authorized to refuse to disclose or transfer your data.

Right to Object (Article 21 of the GDPR)

If we process your data on the basis of a legitimate interest (Art. 6(1)(f) of the GDPR), you have the right to object to this on grounds relating to your particular situation. This also applies to profiling based on this provision. In this case, we will no longer process your data unless we can demonstrate compelling legitimate grounds for the processing. These must override your interests, rights, and freedoms or the processing must serve the establishment, exercising, or defense of legal claims.

Right to Lodge a Complaint with a Supervisory Authority (Article 77 of the GDPR)

You have the right to lodge a complaint with a supervisory authority, in particular in the EU member state of your habitual residence, place of work, or place of the alleged infringement, if you consider that the processing of the data concerned violates the provisions of the GDPR. This does not affect any other administrative or judicial remedies to which you may be entitled.

Further Information

Further information about the processing of personal data in accordance with our privacy policy within the context of our general business activities can be found here .


Julne 2023


California Consumer Privacy Statement

Effective Date: January 1, 2020

In addition to your rights in the Enterprise Privacy Statement , California law provides for additional rights for California consumers. You have the right to request a description of the categories and specific pieces of Personal Information about you we have collected and the categories of Personal Information about you that we may disclose for a business purpose to third parties, along with a description of the categories of third parties that may receive that Personal Information. We do not sell your Personal Information.
You also have the right to request that we delete Personal Information about you that we have collected from you. Personal Information that is needed to complete a transaction, provide goods or services you requested, perform our contract(s) with you, or that was reasonably anticipated within the context of our ongoing business relationship with you, or that we can otherwise retain under applicable law, may not be deleted. The Personal Information we collect, use and share is further explained in our Enterprise Privacy Statement .
You may exercise these rights by calling us at 1-844-972-2272 (CCPA), through our request form here or by mailing your request to Privacy Manager, Center for Global Business Conduct, Deere & Company, One John Deere Place, Moline, Illinois 61265-8089. We will ask you to verify your identity to fulfill these requests.

If you wish to use an authorized agent to submit a request, we will need to verify the authorized agent by confirming that the original requestor has given written permission. We may deny a request from an agent that does not submit proof that they have been authorized by the consumer to act on their behalf.

Please be advised that any California consumer that exercises a right under the California Consumer Privacy Act will not be treated differently or discriminated against for exercising these rights.

This notice is not an agreement. This notice may be amended by us from time to time by updating this notice.


Privacy Information for our Course Offer

The WIRTGEN GROUP Branch of John Deere GmbH & Co. KG (hereinafter also referred to as “we” or “WIRTGEN”) complies with the requirements of the European Union’s General Data Protection Regulation (hereinafter referred to as the “GDPR”) and other legal requirements governing the protection of personal data. In particular, we implement technical and organizational security measures in line with current security standards.

This privacy information is intended for training participants and other parties whose data we process in connection with our course offering. If you are booking training courses for other participants and individuals at your company, please be sure to provide them with the following privacy information. Collective bargaining agreements, provisions in employment contracts, legitimate interests, or declarations of consent can serve as an appropriate legal basis with respect to the data disclosed to the WIRTGEN GROUP (e.g. training participants’ contact information) and the data processed by the relevant WIRTGEN GROUP company as the controller. We may provide you with additional privacy information in other situations in which we contact you or process your data, and you should take note of this information as well.

The purpose of the following privacy information is to provide you with details about how WIRTGEN processes personal data within the scope of our course offer, as well as about your rights as a data subject:

Controller & Data Protection Officer
The controller is:

WIRTGEN GROUP
Branch of John Deere GmbH & Co. KG
Reinhard-Wirtgen-Straße 2
53578 Windhagen
Germany
Phone: +49 (0) 2645 131 – 0
Fax: +49 (0) 2645 131 – 392
Email: info@wirtgen-group.com
Internet: www.wirtgen-group.com

You can also contact the WIRTGEN GROUP data protection officer at any time. The best way is to send an email to datenschutz@wirtgen-group.com .


Information on Data Processing

Protecting your privacy is extremely important to us, so it goes without saying that we comply with the applicable legal provisions governing data protection. In the following, we would like to briefly describe how we process your personal data:

QUICK REFERENCE

Processing/Purpose:
Wirtgen Group training courses

  • 1. Organization, administration, and implementation of the Wirtgen Group’s worldwide training courses
  • 2. Training the participants
  • 3. Tracking training levels (skills, job profiles) and issuing reports and certificates

Categories: Name, email address, photo (optional), title, phone number, country, language, log data (IP address, timestamp, date)

Legal Basis:

  • 1. Article 6(1)(a) of the GDPR
    Consent (photo, registration of external participants)
  • 2. Article 6(1)(b) of the GDPR
    Contract (dealers, customers)
  • 3. Article 6(1)(c) of the GDPR
    Compliance with a legal obligation
  • 4. Article 6(1)(f) of the GDPR
    Legitimate interests: see Purposes
  • 5. Section 26 of Germany’s Federal Data Protection Act
    Employee training

Recipients: Affiliated WIRTGEN GROUP companies, IMC AG (Learning Suite), VITERO (web conferencing and live e-learning), Microsoft (collaboration software: Teams)

Duration of Storage: We store your data for a period of 5 years.


What Personal Data do we process?

In this document, the term “personal data” refers to personal data as defined in Article 4(1) of the GDPR. This includes any information relating to a natural person and that can be used to directly or indirectly identify that person.

Within the scope of providing training, we generally process contact information such as the title, name, telephone number, photo (optional), IP address (web-based learning platform), and the email address of contacts and training participants, as well as data relating to content and skill levels that is generated in connection with participating in training (e.g., training results, reports, certificates), and other accompanying data (e.g., training date, hotel booking request).

In this context, you must provide the personal data that is required to conduct our training courses, including to fulfill the associated contractual obligations, as well as to comply with legal obligations. We will inform you of the data that this includes in a suitable manner in each individual case (e.g. by identifying optional fields in forms).

We usually obtain your personal data from you yourself or from your employer as our business partner, in particular from information provided during the training registration process.


Use of Cookies

Our training platform uses cookies. Cookies are text files that are saved in or by your web browser on your computer system. When you visit our website, a cookie may be stored on your system. It contains a unique string that can be used to identify your browser the next time you visit the website.

The length of time that a cookie remains on your device depends on the type of cookie. We use two types of cookies on our websites. Session cookies are temporary cookies that are saved only while you are using the website (or, more precisely, until you close your browser after using the website). Session cookies help our websites remember what you selected on the previous page without requiring you to re-enter the information. Persistent cookies remain on your device even after you have visited our website. Persistent cookies help us identify you as a unique visitor, but do not contain information that can be used to identify you to another person.

Insofar as the following information does not specify any other retention periods, the following applies collectively with respect to the retention period, irrespective of the type and purpose of the cookies:

You have full control over the use of cookies. These are stored on your computer and the data they contain is transmitted to our site. Most browsers are set to accept cookies by default, but by changing the browser settings, you can disable or restrict the transmission of cookies. Any cookies that have already been saved can be deleted at any time. This can also be performed automatically by configur-ing your browser accordingly.

Please note that if you deactivate cookies on our training platform, you may no longer be able to fully use all of the website’s features.

Detailed information on the respective cookies can be found here:

https://etraining.services.wirtgen-group.com/ilp/pages/cookiepolicy.jsf


For What Purpose and on What Legal Basis do we process Personal Data?

As a company, we process personal data within the scope of providing training on the basis of one of the legal bases specified below:

a) Consent from the Data Subject (Article 6(1)(a), Article 7 of the GDPR)
Within the scope of providing training, WIRTGEN processes personal data on the basis of the informed consent of the data subject when it comes to certain activities. In the event that WIRTGEN processes personal data on the basis of your consent, the specific purposes of processing will be specified in the content of the respective declaration of consent.

b) For the Performance of a Contract (Article 6(1)(b) of the GDPR)
Personal data is processed for the performance of a contract with a natural person or in order to take steps prior to entering into a contract. The scope and details of such data processing are specified in the respective contract that we enter into directly with you in each individual case and, if applicable, in the associated terms and conditions.

c) Compliance with a Legal Obligation (Article 6(1)(c) of the GDPR)
WIRTGEN is subject to legal requirements that may result in an obligation to process personal data. On the basis of these requirements, WIRTGEN is, in particular, obligated to ensure that data is retained properly, especially in accordance with the German Fiscal Code (abbreviated AO in German) and the German Commercial Code (abbreviated HGB in German), and archives documents in corresponding IT systems and, if necessary, also in paper form.

d) For the Purposes of Our Legitimate Interests (Article 6(1)(f) of the GDPR)
The WIRTGEN GROUP processes personal data within the scope of general business operations and for the purpose of providing services to our customers on the basis of our legitimate interests, except where such interests are overridden by the interests or fundamental rights of the data subject. A specific interest of the WIRTGEN GROUP in this respect lies primarily in the performance of our contractual obligations vis-à-vis our customers. As a general rule, the WIRTGEN GROUP processes personal data provided by customers only to the extent that this is actually necessary for the provision of services.


To Whom do we disclose Personal Data?

In compliance with legal obligations, personal data may be disclosed to the following recipients:

  • Certain group companies within the WIRTGEN GROUP, e.g. if they perform data processing tasks centrally for the affiliated companies within the group. In addition, we may also share information with other affiliated companies for the purposes of corporate governance, internal communications, or other administrative purposes on the basis of our legitimate interests
  • Government agencies, courts, or other public authorities in Germany and abroad, if necessary
  • IT service providers and other processors strictly for a specific purpose, such as hosting, cloud services, document destruction, archiving
  • Other service providers and auxiliary persons to whom data is transferred for the purpose of conducting the training or arranging accompanying services (e.g. hotels)

When integrating service providers into WIRTGEN’s data processing processes, WIRTGEN’s stringent data protection standards are contractually imposed on the service providers. In the case of contractual processing relationships, both parties enter into data protection agreements in accordance with the legal requirements of Article 28 of the GDPR.

In certain cases, we may also transfer your data to third parties, i.e. partners with whom we collaborate outside of a contractual processing arrangement. Such partners provide their services (e.g. payment services such as PayPal) as controllers in their own right; the processing of your data by these partners is governed solely by their privacy policies.


Your Rights in Relation to the Processing of Your Personal Data

We would like to inform you about your rights in relation to the processing of your personal data. If you have any questions about your rights or wish to assert your rights vis-à-vis our company, please contact our data protection officer at datenschutz@wirtgen-group.com or at the above mailing address, adding “Data Protection Officer.”

Right to Withdraw Your Consent (Article 7(3) of the GDPR)
If you have granted your express consent to the processing of your personal data, you may withdraw this consent at any time. Withdrawing your consent does not affect the lawfulness of processing carried out on the basis of your consent before its withdrawal. You will be informed of this right of withdrawal before you grant your consent.

Right of Access (Article 15 of the GDPR)
You have the right to obtain confirmation as to whether or not we are processing your personal data. If this is the case, you have the right to access this personal data. Where personal data is transferred to a third country or to an international organization, you also have the right to be informed of the appropriate safeguards pursuant to the GDPR relating to the transfer.

Right to Rectification (Article 16 of the GDPR)
You have the right to obtain from us without undue delay the rectification of inaccurate personal data. Taking into account the purposes of the processing, you also have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

Right to Erasure, i.e. “Right to Be Forgotten” (Article 17 of the GDPR)
You have the right to obtain the erasure of your personal data without undue delay where one of the following grounds applies:

  • The personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed
  • You withdraw consent and there is no other legal ground for the processing
  • You object to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing
  • You object to the processing for the purposes of direct marketing pursuant to Article 21(2) of the GDPR
  • The personal data has been processed unlawfully
  • The personal data has to be erased to comply with a legal obligation in European Union or German law
  • The personal data was collected in relation to the offer of information society services directly to a child referred to in Article 8(1) of the GDPR

We will comply with your request to erase the data unless we are required or authorized by law to continue to store and process your data. In addition, we are authorized to retain your data if it is not possible for us to assert, exercise, or defend against legal claims without your data.

Right to Restriction of Processing (Article 18 of the GDPR)
Pursuant to Article 18 of the GDPR, you have the right to obtain from us the restriction of processing where one of the following applies:

  • You contest the accuracy of the personal data, for a period enabling us to verify the accuracy of the personal data
  • The processing is unlawful and you oppose the erasure of the personal data and request the restriction of its use instead
  • We no longer need the personal data for the purposes of the processing, but you require the data for the establishment, exercise, or defense of legal claims
  • You have objected to processing pursuant to Article 21(1) of the GDPR pending the verification of whether our legitimate grounds override your interests.

Where processing has been restricted, we are only authorized to store this data. In this case, further processing is only allowed with your consent or for the establishment, exercise, or defense of legal claims, for the protection of the rights of another natural or legal person, or for reasons of important public interest of the European Union or of an EU member state. You can withdraw your consent in this regard at any time. We will inform you before the restriction of processing is lifted.

Notification Obligation (Article 19 of the GDPR)
Please note that we are obligated to communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom your personal data has been disclosed. This does not apply if doing so proves impossible or involves disproportionate effort.
We will inform you about these recipients if you request it.

Right to Data Portability (Article 20 of the GDPR)
You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format. You also have the right to have us transfer this data to a third party in certain cases. This right cannot adversely affect the rights and freedoms of others, including our company, however. If this is the case, we are authorized to refuse to disclose or transfer your data.

Right to Object (Article 21 of the GDPR)
If we process your data on the basis of a legitimate interest (Art. 6(1)(f) of the GDPR), you have the right to object to this on grounds relating to your particular situation. This also applies to profiling based on this provision. In this case, we will no longer process your data unless we can demonstrate compelling legitimate grounds for the processing. These must override your interests, rights, and freedoms or the processing must serve the establishment, exercise, or defense of legal claims.

Right to Lodge a Complaint with a Supervisory Authority (Article 77 of the GDPR)
You have the right to lodge a complaint with a supervisory authority, in particular in the EU member state of your habitual residence, place of work, or place of the alleged infringement, if you consider that the processing of your personal data violates the provisions of the GDPR. This does not affect any other administrative or judicial remedies to which you may be entitled.


Amendments

It may become necessary to amend the content of this privacy information from time to time. As such, we reserve the right to amend this information at any time. We will also publish the amended version of the privacy information here and you can further request it from us at any time (see the contact details of the data protection officer above).

Version 1.3 (2021)


Social Media Profiles

I. Controller Name and Address

The controller within the meaning of the European Union’s General Data Protection Regulation is:

WIRTGEN GROUP (hereinafter referred to as: “we” or “Wirtgen Group”)
Branch of John Deere GmbH & Co. KG
Reinhard-Wirtgen-Str. 2
53578 Windhagen, Germany
Phone: +49 (0) 2645-131 0
Fax: +49 (0) 2645-131 392
Email: info@wirtgen-group.com
Website: https://www.wirtgen-group.com


II. Contact Details of the Data Protection Officer

You can contact our data protection officer at:

Data Protection Officer
c/o WIRTGEN GROUP Branch of John Deere GmbH & Co. KG
Reinhard-Wirtgen-Str. 2
53578 Windhagen, Germany
Email: datenschutz@wirtgen-group.com


III. Data Processing by Wirtgen

We maintain online profiles on social networks and process user data in this context in order to communicate with users who are active on these platforms or to provide information about our company. If you have an account on one of the networks listed below, are logged in, and choose to follow our page, you will be visible to us as a follower. As a result, we will process the personal data contained in your profile name and profile picture.

We process the same data when you like, comment on, or share a post of ours, even if you do not follow our page.

Furthermore, we process the same data if you send us a message via the messaging feature. In this context, we additionally process the data that you voluntarily provide to us in your messages.

In addition, we receive anonymized statistical data about the users of these pages through features such as “Facebook Insights,” a service provided by Facebook that you cannot opt out of. This data is collected with the help of cookies that Facebook saves on your system. These cookies each contain a unique user code that may also be linked to your profile on the platform. Such tools are also used by other social networks.

This data is processed on the basis of our legitimate interests pursuant to Article 6(1)(f) of the GDPR.

We do not perform any further analysis of your data beyond the aforementioned. We save your data as long as you follow our page. If you stop following our page, we will no longer process your data.


IV. Data Processing by the Operators of the Social Networks

We would like to expressly inform you that user data may be processed outside the territory of the European Union. This may result in privacy risks for users as data subjects that could, for example, make it more difficult to enforce the rights of data subjects.

Furthermore, user data on social networks is usually processed by the platform operators for market research and advertising purposes. For example, they may create usage profiles based on user behavior and the resulting interests of the users. These usage profiles can, in turn, be used, for example, to serve ads to users within and outside the networks that presumably correspond to the users’ interests. Cookies are usually saved on the users’ computers for these purposes, which are then used to save the user’s usage behavior and interests. Furthermore, data may also be saved in the usage profiles regardless of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).

For a detailed explanation of the respective forms of processing and the options to opt out, please refer to the privacy statements and information provided by the operators of the respective networks.

In addition, in the case of requests for information and to exercise your rights as a data subject, we would like to point out that the most effective way to exercise these rights is to contact the providers directly. Only the providers have access to their users’ data and can take appropriate measures and provide information directly. If you still need help, feel free to contact us, however.

  • Types of data processed: Personal data (e.g., names, addresses), contact data (e.g., email addresses, telephone numbers), content data (e.g., data entered into online forms), usage data (e.g., websites visited, interest in content, access times), metadata/communication data (e.g., device information, IP addresses).
  • Data subjects: Users (e.g., website visitors, users of online services).
  • Purposes of processing: Contact requests and communication, tracking (e.g., inter-est/behavioral profiling, use of cookies), remarketing, audience measurement (e.g., access statistics, detection of returning visitors).
  • Legal basis: Legitimate interests (Article 6(1)(f) of the GDPR).

Services Used and Service Providers:


V. Your Rights in Connection with the Data Collected by Wirtgen

Below we would like to provide a summary of your rights under the General Data Protection Regulation.

1. Right to Withdraw Consent under Applicable Privacy Law (Article 7(3) of the GDPR)
You have the right to withdraw consent granted under applicable privacy law at any time. Please note that withdrawing your consent does not affect the lawfulness of processing on the basis of your consent before its withdrawal. You will be informed of this right before you grant your consent.

2. Right of Access (Article 15 of the GDPR)

Under Article 15 of the GDPR, you have the right to request confirmation from us as to whether we are processing personal data concerning you. Where this is the case, you have a right of access to this personal data and to the following information:

  • The purposes for which we are processing this data
  • The categories of personal data that we process
  • The recipients to whom this personal data has been or will be disclosed, in particular if this applies to recipients in third countries or international organizations
  • Where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period
  • The existence of the right to request the rectification or erasure of personal data concerning you or the restriction of processing of personal data concerning you, or to object to such processing
  • The right to lodge a complaint with a supervisory authority
  • Where the personal data was not collected from you, any available information as to its source
  • The existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you

If personal data is transferred to a third country or to an international organization, you also have the right to information about the appropriate safeguards in place to ensure that these recipients also comply with the provisions of the GDPR.

3. Right to Rectification (Article 16 of the GDPR)
You have the right to obtain from us without undue delay the rectification of inaccurate personal data. Taking into account the purposes of the processing, you also have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

4. Right to Erasure, i.e., the “Right to Be Forgotten” (Article 17 of the GDPR)
You have the right to obtain the erasure of your personal data without undue delay where one of the following grounds applies:

  • The data is no longer necessary in relation to the purposes for which it was collected or otherwise processed
  • You withdraw consent on which the processing is based and there is no other legal ground for the processing
  • You object to the processing on grounds relating to your particular situation in accordance with Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing
  • You object to processing for direct marketing purposes in accordance with Article 21(2) of the GDPR
  • The personal data has been processed unlawfully
  • The personal data has to be erased to comply with a legal obligation under European Union or German law
  • The data was collected in relation to the offer of information society services referred to in Article 8(1) of the GDPR

If we have made your personal data public and are obligated to erase the data pursuant to Article 17(1) of the GDPR, we will, taking account of available technology and the cost of implementation, take reasonable steps, including technical measures, to inform controllers that you have requested the erasure of such personal data.

5. Right to Restriction of Processing (Article 18 of the GDPR)
Pursuant to Article 18 of the GDPR, you have the right to obtain from us the restriction of processing where one of the following applies:

  • You contest the accuracy of the personal data, for a period that allows us to verify the accuracy of the personal data
  • The processing is unlawful and you oppose the erasure of the personal data and request the restriction of its use instead
  • We no longer need the personal data for the purposes of the processing, but you require the data for the establishment, exercise, or defense of legal claims
  • You have objected to processing on grounds relating to your particular situation pursuant to Article 21(1) of the GDPR pending the verification of whether our legitimate grounds override your interests

Where processing has been restricted, we are only authorized to save this data. Any further processing is then only permitted with your consent or for the establishment, exercise, or defense of legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State.
You can withdraw your consent granted in this context at any time.
We will inform you before the restriction of processing is lifted.

6. Notification Obligation (Article 19 of the GDPR)
We are obligated to communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom your personal data has been disclosed, unless this proves impossible or involves disproportionate effort. We will inform you about these recipients if you request it.

7. Right to Data Portability (Article 20 of the GDPR)

You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format. You also have the right to have us transfer this data to a third party, provided that:

  • The processing of the data is based on your consent or on a contract, and
  • The processing is carried out by automated means

In this context, you can instruct us to transfer your personal data directly to the third party, insofar as doing so is technically feasible and does not affect the rights and freedoms of others.

8. Automated Individual Decision-Making, Including Profiling (Article 22 of the GDPR)

We do not process your personal data in any way that is based solely on automated processing, including profiling.

9. Right to Object (Article 21 of the GDPR)

If we process your data on the basis of a legitimate interest (Art. 6(1)(f) of the GDPR), you have the right to object to this on grounds relating to your particular situation. This also applies to profiling based on this provision. In this case, we will no longer process your data unless we can demonstrate compelling legitimate grounds for the processing. These must override your interests, rights, and freedoms or the processing must serve the establishment, exercise, or defense of legal claims.
If we process your personal data for direct marketing purposes, you have the right to object, at any time, to the processing of your personal data for the purpose of such marketing; this also applies to profiling insofar as it is conducted in conjunction with such direct marketing.
If you object to the processing of your personal data for direct marketing purposes, we will cease to process your personal data for this purpose.
You can object to such processing by simply sending a brief message to the contact details of the data protection officer listed above.

10. Right to Lodge a Complaint with a Supervisory Authority (Article 77 of the GDPR)
You have the right to lodge a complaint with a supervisory authority, in particular in the EU member state of your habitual residence, place of work, or place of the alleged infringement, if you consider that the processing of your personal data violates the provisions of the GDPR. This does not affect any other administrative or judicial remedies to which you may be entitled.


Privacy Policy for Photography and Recording Videos at Trade Shows

1. Name and Contact Details of the Controller and Privacy Officer 2. Purpose and Legal Basis of Data Processing 3. Recipients and Data Processing in Third Countries 4. Posting on Social Networks 5. Duration of Storage 6. Your Rights as a Data Subject

As part of our activities at trade shows, the WIRTGEN GROUP produces photos and videos for visual documentation and communications. Since we cannot completely rule out the possibility that it may be possible to identify you directly or indirectly in such photos or videos, these photos and videos represent personal data within the terms of the European Union’s General Data Protection Regulation (GDPR).

As such, we would like to provide you with the following information about how your personal data is processed in connection with photos/videos shot at our trade show booth and about your rights as a data subject.

We may provide you with further privacy policies in other situations in which we contact you or process your data, and you should also take note of these.

1. Name and Contact Details of the Controller and Privacy Officer

WIRTGEN International GmbH (hereinafter referred to as “we” or the “WIRTGEN GROUP”)
Reinhard-Wirtgen-Strasse 2
53578 Windhagen
Germany
Phone: +49-26-45-131-0
Fax: +49-26-45-131-392
E-mail: info@wirtgen-group.com
Website: www.wirtgen-group.com
Legal Information: www.wirtgen-group.com/de/service/impressum/

You can contact our privacy officer by e-mail at international.datenschutz@wirtgen-group.com or by postal mail by adding “The Privacy Officer” to our mailing address.

2. Purpose and Legal Basis of Data Processing

Taking photographs and recording videos of our trade show booth and activities for PR and advertising purposes may also involve the processing and publication of your personal data, in particular photos and videos of you.

We generally only take portraits or close-ups of you if you have given us or the photographer we have hired your consent to do so, which can also take the form of behaving in a manner that clearly expresses such consent (e.g. smiling into the camera). In this respect, the legal basis is normally your consent (Article 6(1)(a) of the GDPR), whereby in individual cases such photos can also be taken on the basis of our legitimate interests in documenting our events and carrying out associated public relations activities (Article 6(1)(f) of the GDPR). You can withdraw your consent at any time without specifying any reasons (the withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal, however) or object to the associated processing (see section 6 below).

In addition, we also take photos that provide an overview of our booth as well as group photos that do not include a portrait or close-up of any specific individual. Doing so is primarily based on our legitimate interest in documenting our events and carrying out associated public relations activities (Article 6(1)(f) of the GDPR). If you have any issues with us taking such overview or group photographs that include your likeness, you may object to our doing so (see section 6 below). We will then review on an individual basis whether your legitimate interests as a data subject outweigh our interests. We will normally accept your objection – unless the WIRTGEN GROUP has overriding business interests – and remove the photographs in question that contain your likeness and not use them in the future.

The production of photos/videos is also generally not prohibited due to the fact that your ethnic background, religion, or health (e.g. skin color, headwear, glasses) may be discernible. Under no circumstances, however, do we process the photos/videos in order to specifically obtain such information. In particular, we will not perform any automated scans to find such information.

The WIRTGEN GROUP would like to point out that photos/videos posted on the Internet and in social networks can be accessed worldwide and found using search engines. As such, the possibility exists that the photographs and videos may be distributed and used by third parties that the WIRTGEN GROUP has no control over.

3. Recipients and Data Processing in Third Countries

We will only transfer your personal data to external third parties if this is necessary to protect our legitimate interests, if another legal basis exists, or if we have your consent to do so. External recipients may, in particular, include service providers (e.g. hosting providers or photo/video studios) or subsidiaries of the WIRTGEN GROUP or of Deere & Company, John Deere Place, Moline, Illinois, 61265, USA. We carefully select and regularly review all processors (e.g. photographers); they are only authorized to use the data for the specified purposes and in accordance with our instructions on the basis of a Data Processing Agreement pursuant to Article 28 of the GDPR.

If data is transferred to recipients whose registered office or location for data processing is not located in a member state of the European Union (EU) or in another nation party to the Agreement on the European Economic Area (EEA), we will ensure that, prior to the transfer, the recipient maintains an adequate level of privacy or you have granted your consent to the data transfer, except in exceptional cases permitted by law.

4. Posting on Social Networks

If photographs or videos are posted to the pages of the WIRTGEN GROUP and its affiliated companies on social networks, they may be transmitted to a country outside the EU/EEA, in particular to the United States. The social networks we use and their parent companies listed below are certified in accordance with the EU-U.S. Privacy Shield Agreement and are therefore obligated to comply with the provisions of the GDPR.

We do not have any control over the use of your data by these social networks, however. We can neither determine nor influence the extent to which, where, and for how long the data will be stored, to what extent any existing obligations to delete such data will be fulfilled, what analyses of the data will be conducted and links to the data will be created, and to whom the data will be transfered. Details about the providers of the social networks we use and about how they process data can be found in the following information:

In this context, please also note our supplementary privacy policies for our respective pages and fan sites on the aforementioned social networks.

5. Duration of Storage

We store your personal data for a period of 3 years.

We will delete your personal data prior to the end of this period if we are required to do so by law.

In the event of an objection, we will no longer process your personal data unless further processing is permitted or even mandatory according to the applicable legal provisions (e.g. within the framework of our obligations to retain data under commercial and tax law). We will normally accept your objection – unless the we have overriding business interests – and remove the photographs in question that contain your likeness and not use them in the future.

6. Your Rights as a Data Subject

You have numerous rights as a data subject, including but not limited to the following:

  • Right of access (Article 15 of the GDPR; Section 34 of Germany’s Federal Data Protection Act)
  • Right to rectification (Article 16 of the GDPR)
  • Right to erasure (Article 17 of the GDPR; Section 35 of Germany’s Federal Data Protection Act)
  • Right to restriction of processing (Article 18 of the GDPR)
  • Right to data portability (Article 20 of the GDPR)
  • Right to Object to Data Processing on the Basis of Legitimate Interests (Article 21 of the GDPR): You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on our legitimate interests as defined in Article 6(1)(f) of the GDPR. If you make such an objection, we will cease to process your personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or the processing is for the establishment, exercise, or defense of legal claims.

Furthermore, you have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal (Article 7(3) of the GDPR).

Last but not least, you have the right to lodge a complaint with a supervisory authority (Article 77 of the GDPR).

To exercise any of the aforementioned rights, please contact us by e-mail at international.datenschutz@wirtgen-group.com or by postal mail at the address specified in section 1 above.

Updated: September 2022 (Subject to change without notice)

Please click here for WITOS contract terms & conditions

witos-contracts