• Home
  • Data Protection Notice

Data Protection Notice

In this Data Protection Notice, we are informing you about the processing of your personal data by AUDI AG, Ettinger Straße 70, 85057 Ingolstadt, Germany (“we”) in the context of www.progress.audi.

Information related to our company, AUDI AG, is available on our website, www.progress.audi.

Personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.


1. Who is responsible for data processing and whom can I contact?

The entity responsible for the processing of your personal data (the Controller) is:

AUDI AG, Ettinger Straße 70, 85057 Ingolstadt, Germany.

If you have concerns about data protection, you can also contact our company's data protection officer:
AUDI AG, Data Protection Officer, Auto-Union-Straße 1, 85045 Ingolstadt, Germany
Email: datenschutz@audi.de

If you want to assert your data protection rights, please use the contact options at https://gdpr.audi.com/


There, you will find more information on how to assert your data protection rights. You can also contact us by mail at the following address:

AUDI AG, DSGVO-Betroffenenrechte, Auto-Union-Straße 1, 85057 Ingolstadt, Germany

If you have general questions about this Data Protection Notice or the processing of your personal data by AUDI AG, please address them to the following:


Audi Kundenbetreuung Deutschland, Postfach 10 04 57, 85045 Ingolstadt, Germany
E-Mail: kundenbetreuung@audi.de


2. What data do we process and what sources do such data come from?

2.1 Access to the Website

In general, you can access the website www.audi.com (“Website”) without providing personal data. Each time you access the website, your Internet browser automatically transmits certain information, which we store in so-called “log files”.

In particular, the following information are transmitted automatically:

  • IP address (Internet Protocol address) of the terminal from which the online service is accessed;
  • Internet address of the website from which the online service was accessed (the so-called "source URL" or "referrer URL");
  • Name of the service provider used to access the online offer;
  • Name of the files or information retrieved;
  • Date and time as well as duration of the retrieval;
  • Transferred data volume;
  • Operating system and information about the Internet browser used, including installed add-ons (e.g., Flash Player);
  • http status code (for example, "request succeeded" or "requested file not found").

 

In the log files, the above data is stored without your complete IP address, so that it is not possible to trace back to your IP address.

2.2 Other Data
Information about data processing in connection with the use of cookies and user tracking can be found in the relevant sections below.

 


3. For what purposes do we process your data and on which legal basis?

We process your personal data according to the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG) for various purposes.

 

The processing of your personal data must be based on one of the following legal bases:

  • You have given your consent (Art. 6 para. 1, first subparagraph letter a) GDPR);
  • The processing is necessary for the performance of a contract with you, or for the implementation of pre-contractual measures taken at your request (Art. 6 para. 1, subparagraph 1 letter b) GDPR);
  • The processing is necessary for the fulfilment of a legal obligation under EU law or the law of an EU member state to which we are subject (Art. 6 para. 1, subpara. 1 letter c) GDPR);
  • The processing is necessary to protect your vital interests or those of another person (Art. 6, paragraph 1, subparagraph 1, letter d) GDPR);
  • The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority conferred on us (Art. 6 para. 1, subpara. 1 letter e) GDPR);
  • The processing is necessary for the protection of the legitimate interests of Audi AG or a third party, unless your interests or fundamental rights and freedoms that require the protection of personal data prevail, in particular if the person is a child (Art. 6 Par. 1, Subparagraph 1 Letter f) GDPR)

If, in exceptional cases, we process special categories of personal data about you (data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, as well as the processing of genetic data, biometric data uniquely identifying a person, health data or data concerning sexual life or sexual orientation), one of the following legal bases must also be applicable:

 

  • You have given your explicit consent (Art. 9 para. 2 letter a) GDPR)
  • The processing is necessary to protect your vital interests or those of another person and the person concerned is physically or legally incapable of giving his or her consent (Art. 9 para. 2 letter c) GDPR);
  • The processing relates to personal data which you have evidently made public (Art. 9 para. 2 letter e) GDPR);
  • The processing is necessary for the assertion, exercise or defence of legal claims (Art. 9 para. 2 letter f) GDPR);
  • The processing is necessary for reasons of substantial public interest on the basis of EU law or the law of an EU Member State which is proportionate to the objective pursued, respects the essential content of the right to data protection and provides for adequate and specific measures to safeguard your fundamental rights and interests (Article 9(2)(g) GDPR).

 

In connection with the above, we process your personal data on the basis of the following legal bases for the following purposes:

Purpose Legal Basis Legitimate Interest in the Balancing of Interests
Providing the website for the general public and for the purpose of enabling contact by customers and interested parties Performance of the contract or balancing of interests We have a legitimate interest in providing an Internet presence (website), also to unregistered users, to provide general information about our company.
Collection of statistical information on the use of the website (so-called web analysis) Balancing of interests We have a legitimate interest in receiving information about the use of the website, in particular to improve our services.
Identification of disruptions and assurance of system security, including detection and tracking of unauthorized access attempts and access to our web servers Satisfaction of our legal obligations with respect to data security and Balancing of interests We have a legitimate interest in eliminating disruptions, ensuring system security, and detecting and tracking unauthorized access attempts.
Protecting and defending our rights Balancing of interest We have a legitimate interest in asserting and defending our rights.

4. Do I have an obligation to provide data?

In the context of our business relationship, you need to provide only the personal information that is required to enter into or conduct a business relationship or that we are obligated to collect by law. These data are marked as mandatory fields in the respective forms or functions. Without this data, we will generally have to refuse to enter into the contract or to execute the order, or we will be unable to perform under an existing contract and possibly may have to terminate it. This means that the use of a service or a functionality requires that you provide the specified data. Unless you provide the data, we cannot provide the service to you.

 


5. Who receives my data?


Due to the size and complexity of data processing by AUDI AG, it is not possible to list each recipient of your personal data individually in this Data Protection Notice, which is why we generally indicate only categories of recipients.

 

Within AUDI AG, your data is provided to the respective departments that need such data to fulfil our contractual and legal obligations and to protect our legitimate interests.

 

For these purposes we also provide data to service providers (so-called processors) that are employed by us and work on our behalf and assist us in data processing. We use contract processors of the following categories to provide specific services:

  • Tracking service providers
  • Web agencies
  • Hosting providers
  • IT service providers

 

Your personal data will only be given to third parties by us if this is necessary for the fulfilment of the contract, if we or the third party have a legitimate interest in the transfer or if we have your consent. In addition, data may be transferred to third parties where required by applicable law or by enforceable regulatory or judicial order. Third parties to whom we pass on your personal data and who act as data protection officers include

  • Authorities within the scope of their jurisdiction (e.g., tax authority, police, prosecuting authority, or social security agency)
  • Courts
  • Other third parties, to the extent that you instruct us to share data or give your consent.

 

6. Are data transmitted to a third country?


A transfer of data to third countries (i.e., countries that are neither members of the European Union nor of the European Economic Area) may occur to the extent necessary to perform services for you, if required by law, or where you have given us your consent. In addition, we may also share your personal information with third-party processors in third countries.

Please note that not all third countries have a data protection level considered as adequate by the European Commission. For data transfers to third countries where there is no adequate level of data protection, before we share data, we will ensure that the recipient either has an adequate level of data protection (e.g. adequacy decision of the EU Commission or agreement of so-called EU standard contractual clauses of the European Union with the recipient) or if our users give their explicit consent.

You can obtain from us a copy of the specific applicable or agreed provisions to ensure an adequate level of data protection.



7. How long will my data be stored?

We store your data as long as necessary for providing our services to you or as long as we have a legitimate interest to do so, in particular to eliminate disruptions.

In addition, we are subject to various retention and documentation obligations pursuant to, inter alia, the German Commercial Code (Handelsgesetzbuch - “HGB”) and the Tax Code (Abgabenordnung - “AO”). The retention and documentation periods specified therein last up to ten years. Finally, the storage period is also governed by statute of limitations periods, which can be up to thirty years, for example, pursuant to sec. 195 et seq. of the German Civil Code (Bürgerliches Gesetzbuch – “BGB”), whereby the general limitations period is three years.

In certain circumstances, your data may also need to be retained for a longer period of time, such as when a legal hold or litigation hold (i.e., a prohibition of data deletion for the duration of the proceedings) is ordered in connection with an administrative or judicial proceeding.

 

 

8. What rights do I have?

 

As the data subject, you are generally entitled to the following data protection rights:

Access: You have the right of access to your personal data stored by AUDI AG, be provided with information about to what extent your personal data will be processed or shared and to receive a copy of your stored personal data.

Rectification: You have the right to obtain from AUDI AG without undue delay the rectification of inaccurate personal data concerning you and the right to have incomplete personal data completed.

Erasure: You have the right to obtain erasure of your personal data stored by AUDI AG without undue delay, when the legal requirements are met.

This is particularly the case if

  • your personal information is no longer needed for the purposes for which it was collected;
  • the legal basis for processing was your consent, and you have withdraw your consent;
  • you have objected to processing your data which was based on the legal basis of legitimate interests due to personal reasons, and we cannot prove that there are overriding legitimate grounds for such processing;  
  • your personal data were processed unlawfully; or
  • your personal data must be erased in order to comply with legal requirements.

 

If we have transmitted your data to third parties, we will inform them about the erasure to the extent required by law.

Please note that your right to erasure is subject to certain limitations. For example, we may not and/or must not erase data that we are still required to retain due to statutory retention obligations. In addition, your right of erasure does not extend to data that we need in order to establish, exercise or defend against legal claims.


Restriction of processing: You have the right, under certain conditions, to request the restriction of processing (i.e. the marking of stored personal data with the aim of restricting their future processing). The requirements are:

  • The accuracy of your personal data is contested by you and AUDI AG must verify the accuracy of the personal data;
  • the processing is unlawful, but you oppose the erasure of the personal data and request the restriction of their use instead;  
  • AUDI AG no longer needs the personal data for the purposes of the processing, but you require the data to establish, exercise or defend your legal claims.
  • you have objected to processing pending the verification of whether the legitimate grounds of AUDI AG override your legitimate grounds.

 

Where processing has been restricted, such data will be marked accordingly and, with the exception of storage, will be processed only with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest the EU or an EU Member State.
 
Data Portability: To the extent that we automatically process your personal data that you have provided to us based on your consent or any contract with you (including your employment contract), you have the right to receive such data in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from AUDI AG. You also have the right to have the personal data transmitted directly from AUDI AG to another controller where technically feasible, provided that such transmission does not adversely affect the rights and freedoms of others.

Right to Object: If we process your personal data on grounds of legitimate interests or in the public interest, then you have the right to object to the processing of your personal data on grounds relating to your particular situation. In addition, you have an unrestricted right to object if we process your data for our direct marketing purposes. Please see our separate note in the section "Information about your right to object".

Withdrawal of Consent: If you have given consent to the processing of your personal data, then you can withdraw such consent at any time. Please note that the withdrawal applies prospectively only. Processing that occurred before the withdrawal of consent is unaffected.

Complaint: Furthermore, you have a right to file a complaint with a data protection authority (Datenschutzaufsichtsbehörde), if you believe that the processing of your personal data is unlawful. The right to file a complaint is without prejudice to any other administrative or judicial remedies. The address of the data protection authority responsible for AUDI AG is:

Bayerisches Landesamt für Datenschutzaufsicht
Promenade 18
91522 Ansbach
Germany

8.1 Information about Your Right to Object

Right to object for personal reasons
You have the right to object to the processing of your personal data on grounds relating to your particular situation. The prerequisite for this is that the data processing takes place in the public interest or on the basis of a balancing of interests. This applies also to profiling.

Insofar as we base the processing of your personal data on a balancing of interests, we generally assume that we can demonstrate compelling legitimate grounds but will, of course, examine each individual case.

In the event of an objection, we will no longer process your personal data, unless

  • we can demonstrate compelling legitimate grounds for the processing of these data that override your interests, rights and freedoms, or
  • your personal data serves the establishment, exercise or defence of legal claims.

Objection to the processing of your personal data for product improvement and general customer analysis

In the context of the balancing of interests, we grant you a particular right of objection regarding the processing of your personal data for product improvement and general customer analysis.

 

If you object to the processing of your personal data for the purpose of product improvement and/or general customer analysis, we will no longer process your personal data for these purposes. Purely statistical evaluations of aggregated or otherwise anonymized data remain unaffected.

 

Exercise of the right to object
The objection may be lodged without any form and should be made to the contact details listed in this Data Protection Notice.

 


9. Cookies and User Tracking

9.1 Cookies

We employ technologies on our website that are designed to make the website easier to use and to improve the user-friendliness of the website or to provide various functionalities (and thus to make the website as a whole more user-friendly, effective and secure). Such technologies include cookies, pixels and scripts (hereafter “cookies”).

 

Cookies are small data sets that are stored on your device and contain data such as personal page settings and login information. This data record is generated and sent to you by the web server with which you have established a connection via your web browser.

 

In general, it is also possible to access our web pages without cookies. However, if you would like to use the functionalities of our web pages comprehensively, you should accept cookies, which enable the use of certain functions or make them more convenient.

 

Most web browsers are set by default to automatically accept all cookies. You can, however, object to the use of cookies at any time with effect for the future by setting your browser to accept no cookies or only certain cookies or by informing you as soon as cookies are sent. As a result, you may not be able to use all the functions of our website to their full extent. As far as you accept cookies according to your browser settings, by using these cookies you agree to the use of our websites.

 

Please note that the settings in your browser only affect the respective browser. If you use different browsers or devices, you will have to change the settings again. Furthermore, you have the option of deleting cookies from your memory at any time. Please refer to the help function of your web browser for information on the cookie settings, how to change them and how to delete cookies.

 

We use cookies of the following categories:

Categories  Description
Essential Cookies Essential cookies guarantee functions without which you would not be able to use this website as intended.
Performance Cookies Performance Cookies collect information about the way a website is used. These cookies are used to improve the performance of a website and the user experience.
Functional Cookies Functional cookies enable a website to store information already entered (such as user name, language or current location) and offer the user improved, more personalised features.

9.2 User Tracking


Adobe Analytics

In order to keep the webpages updated, user-oriented and complete, this website relies on Adobe Analytics, Adobe Systems Software Ireland Limited, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland (including Omniture Site Catalyst, Omniture Genesis, Omniture Discover, Omniture TagManager, Omniture SaintBernard), which is a web analysis tool that allows our services to be optimized and tailored to your needs. Adobe Analytics uses cookies that can track your preferences when visiting our pages. In this manner, for example, the navigation will be simplified, and we would be able to further improve the user-friendliness of our services. The processing is carried out for purposes of advertising, market research or in order to design the website in a needs-based manner (pursuant to § 15 para. (3) of the German Telemedia Act). As a standard practice, the information generated thereby (including IP address) is rendered anonymous prior to storage in order to prevent any personal reference or connection.. To that end, this website was adjusted to guarantee an anonymized collection of IP addresses (so-called "IP masking"). A direct personal connection (tracing) to the information stored on the Adobe servers is precluded, as Adobe Analytics is used with the settings "Before Geo-Lookup: Replace visitor's last IP octet with 0" and "Obfuscate IP-Removed". The use of the setting "Before Geo-Lookup: Replace visitor's last IP octet with 0" guarantees that by replacing the last octet of the IP address with a zero, the IP address will be anonymized prior to such so-called "geo-localization".  The approximate location of the user will be added for statistical purposes to the tracking package, which still contains the complete IP address. Prior to storing the tracking package, the IP address will be replaced by a fixed IP address - often referred to as a generic IP address - if the "Obfuscate IP -Removed" setting is configured.  The IP address is thereby no longer contained in a stored data set.   

 

An analysis for reporting purposes is carried out only after the data is rendered anonymous. As a rule, the information generated by these cookies will be transmitted to an Adobe server located within the European Union. Nevertheless, there is a risk that in the event of a technical emergency, the data will be transferred to the United States and stored there, meaning that a relevant EU standard contract (reasonable guarantee for data processing in non-European countries) was concluded. You have the right to be informed about such standard contract.

As a user of our webpages, you have the opportunity, of course, to refuse the acceptance of any cookies at any time  by adjusting your browser settings. Most browsers generally allow cookies to be stored. If you adjust the setting, such change could result in some functional limitations in our offerings. You may at any time object to the acquisition of the data that are generated by the cookie and that relate to your use of the website - with prospective effect - for Adobe as well as the processing of such data by Adobe, by inserting an "OPT-OUT" cookie generated for that purpose. To do so, please use the "opt-out" button found at www.adobe.com/en/privacy/opt-out.html. Please note that your objection in the form of an opt-out cookie will function only if your browser is configured to allow the use of cookies. If you delete this cookie, use another browser or switch the device, then you once again need to reject the use of the Adobe Analytics. We would like to point out  that upon deleting all of your cookies, the aforementioned cookie will also be deleted and would need to be reinstalled.

{Track:js}
In order to give you a secure and disruption-free access to our webpages, we use a tool known as "Track.js". This tool allows us to continually analyze and improve the compatibility between our web content and your operating/browser version in the event that there are any disruptions (e.g., when there is a change in the model or version of our pages or there is a pattern of delayed loading of individual pages/content). The data processing is done for purposes of advertising, market research and in order to design the website in a needs-based manner (pursuant to § 15 para. (3) of the German Telemedia Act). In this regard, absolutely no personal data about you (and no IP address) will be collected, processed or used. For the analysis, only technical information from your browser (type and version) and your operating system (type and version) will be used with the then-current time stamp. To this end, the last conditions existing prior to a disruption will be transmitted to a cloud-based central server of Track.js and will be processed and used there for additional analysis. If you do not wish the collection of anonymous data relating your visit, then please click the following opt-out link. Opt-out {Track:js}

Your browser does not seem to be up to date. Maybe our website does not work optimally. Most browsers (but not MS Internet Explorer 11 & older) work fine.
We recommend you to update your web browser!
The latest version can ensure a good result anywhere on the internet.

Thank you very much for your visit.

Your Audi Team