A. General
I. What does this privacy policy regulate?
We attach great importance to the protection and security of your personal data. It is therefore important for us to inform you about what personal data we use for which purposes and what rights you have in relation to your personal data.
MyLiebherr Account
The "MyLiebherr Account" is your central user account at Liebherr-Hausgeräte GmbH. You have to register in order to create a MyLiebherr Account. Your can register on the “MyLiebherr Portal" (https://home.myliebherr.com). When you register via the MyLiebherr Portal, you will receive an e-mail with a confirmation link at the end of the registration process. You must click on the confirmation link in order to complete the registration process. Alternatively, you can also sign up for the MyLiebherr Account using your Google, Facebook or Microsoft accounts (hereinafter referred to as "Social Login"). Please note that we have no influence on the processing of your personal data by Google, Facebook and Microsoft. With your MyLiebherr Account you can use the Single-sign-on service of Liebherr-Hausgeräte GmbH (hereinafter referred to as "SSO"). SSO allows you to use other access-restricted digital services (hereinafter referred to as "Modules") connected to the SSO using identical access data. SSO allows you to navigate between modules without the need for a separate registration and login process. SSO automatically transfers the data stored in your MyLiebherr Account which are required for the use of the relevant modules to the respective module providers in order to offer you the best possible comfort. The modules are operated either by Liebherr-Hausgeräte GmbH or by subsidiaries of Liebherr-Hausgeräte GmbH.
II. What are personal data and what does processing mean?
1. "Personal data" (hereinafter also referred to as "data") are any information that reveal something about a natural person. In addition to information that allows a direct inference about a specific person (such as a person’s name or e-mail address), personal data also include information that can be linked to a certain person with appropriate additional knowledge.
2. "Processing" refers to any action taken on your personal data (such as the collection, recording, organisation, ordering, storage, use or deletion of data).
B. Who is responsible for processing my data?
The Controller responsible for processing your data is Liebherr-Hausgeräte GmbH, Memminger St. 77-79, 88416 Ochsenhausen, Germany, Phone: +4973529280; Fax: +497352928408; E-mail: info.hau@liebherr.com.
C. Data processing in relation to the MyLiebherr Account
I. What data are collected for which purposes?
When calling up the MyLiebherr Account, the following data are processed by our web server and stored in what are known as log files:
- date of access to the MyLiebherr Account
- time of access to the MyLiebherr Account
- Internet address of the website on which you were when you called up the MyLiebherr Account
- files you access through the MyLiebherr Account
- amount of data transferred to you
- your browser type and version
- your operating system
- the domain name of your Internet access provider (e.g. Telekom, Vodafone, etc.)
- your (external) IP address
When registering and using a MyLiebherr Account via the MyLiebherr Portal without the use of Social Login, we process the following data:
- registration date
- your unique user ID (UPN)
- date and time of the last successful login
- your e-mail address
When registering and using a MyLiebherr Account via Social Login, we process the following data in addition to the data mentioned hereinabove:
- Social Login identification feature (so-called identifier)
Note: If you register or authenticate yourself with a Facebook Social Login, Facebook will also provide us with your last name, first name and profile picture in addition to the data listed. We do not process such data for any purpose.
Note: When you register or authenticate with a Google Social Login, Google will provide us with your last name, first name, and the link to your Google Plus profile in addition to the information listed. We do not process such data for any purpose.
Note: If you register or authenticate with a Apple Social Login, Apple will provide us with your last name and first name in addition to the information listed. We do not process such data for any purpose.
For the optimal use of the modules connected to the MyLiebherr Portal, we collect the following data on a voluntary basis:
- your preferred language
- your title
- your address
- your phone number
- your Liebherr refrigerator and freezer serial number
- your Liebherr refrigerator and freezer device type
- your SmartDeviceBox serial number
We process the data listed in points 1- 21 for the following purposes:
1. to protect our website offer
2. to register a MyLiebherr Account via the MyLiebherr Portal
3. to register a MyLiebherr Account via Social Login
4. for the central administration of user and profile data for SSO)
5. for the use of SSO
6. for transmission to the provider of the selected module
7. to support your MyLiebherr Account
Note: Please note that your personal data could be transferred to countries outside the EU/EEA if the provider of one of your modules is based in such a country. We will seek your express consent prior to any transmission to such provider.
Processing for other purposes may only occur in so far as legal requirements under Article 6 (4) of the General Data Protection Regulation (GDPR) apply. In this case, we will of course comply with any requirements to provide information according to Art. 13 (3) GDPR and Art. 14 (4) GDPR.
II. On what legal basis do we process your data?
In principle, the legal basis for processing your data is Art. 6 GDPR, in so far as there are no further specific legal provisions.
The processing of your data is based on the following legal bases:
1. Data processing for the performance of contracts (Article 6 (1) (b) GDPR)
2. Data processing based on a balance of interests (Article 6 (1) (f) GDPR)
3. Data processing to fulfil a legal obligation (Art. 6 (1) (c) GDPR)
4. Consent (Article 6 (1) (a) GDPR)
Our legitimate interests are:
Improvement of the stability, functionality and security of the Account
If we process your data on the basis of a balance of interests, you have the right to object to the processing of your data under the provisions of Art. 21 GDPR.
We process your data only to the extent necessary for the fulfilment of the above mentioned purposes.
IV. To whom and for what purposes do we transfer which categories of your data?
Where necessary, we will transfer your data:
1. To the providers of the modules you actively use and possibly of other services
2. To other companies of the Liebherr Group, if this is necessary for the initiation, execution or termination of a contract or if there is a legitimate interest in the transfer on our part and your predominant legitimate interest is not in conflict with the same;)
3. To the Social Login provider of your choice
4. To the service providers we use to achieve the above purposes;
5. To any court, arbitration tribunal, public authorities or legal advisor when required to comply with applicable law, or to assert, exercise or defend legal claims.
IV. Will my data be processed outside the European Union?
Data transfer to Processors in countries outside the European Union (known as third countries) is only permitted (1) if you have given us your consent or (2) if the European Commission has decided that an adequate level of protection exists in a third country (Art. 45 GDPR). If the Commission has not made such a decision, we may only transfer your data to third parties located in a third country in so far as appropriate safeguards exist (e.g. standard data protection clauses adopted by the Commission or the supervisory authority in a specific procedure) and the enforcement of your rights is ensured.
V. When do we delete or anonymise your data?
We process your data as long as this is necessary for the relevant purpose, unless you have effectively objected to the processing of your data or have effectively revoked your consent.
As far as statutory retention obligations exist - e.g. in commercial law or tax law - we will have to save the relevant data for the duration of the retention obligation. After the expiry of the retention period, we check whether there is any further need for processing. If there is no such further necessity, your data will be deleted.
D. How are my personal data secured against unauthorised access and loss?
We use technical and organisational security measures in order to secure your data against loss, incorrect modification and unauthorised access by third parties. Moreover, on our part, only authorised persons will ever have access to your data and they can only access it to the extent required within the framework of the purposes named above. All data is transferred in encrypted form.
E. Cookies and other technologies
We use cookies and other technologies in connection with the provision of our website. For further details about our cookie usage, please see our cookie information.
F. Data Subject Rights and Right of Appeal
Within the legal framework, you have the right to
1. information about your data;
2. the correction of incorrect data and completion of incomplete data;
3. the deletion of your data, in particular, if (1) they are no longer necessary for the purposes stated in this privacy policy, (2) you withdraw your consent and there is no further legal basis for processing, (3) your data have been unlawfully processed or (4) you have objected to the processing and there are no legitimate reasons for processing.
4. Limitation of the processing of your data, especially should you dispute the accuracy of the data or the processing of your data is illegal and you demand limitation of use in place of deletion.
5. The right to receive your data in a structured, standard and machine-readable form and to demand that we transfer your data directly to another responsible party.
Please note that the lawfulness of processing based on consent prior to your withdrawal of such is not affected by your withdrawal of consent.
We ask for your understanding that, where the above rights are not asserted in writing, we may require you to provide evidence proving that you are the person you claim to be. You also have a right of appeal with the responsible supervisory authority.
G. How do I contact the Data Protection Officer?
Should you have any questions regarding data protection please contact:
Data Protection
Liebherr-IT Services GmbH
St. Vitus 1
88457 Oberopfingen, Germany
datenschutz@liebherr.com
Last updated: March 2021