Privacy policy
Status: 11. July 2025

 

Person responsible

JR Automobile
Lindlarer Straße 1
51515 Kürten
E-Mail: jr-automobile@t-online.de
Imprint https://www.jr-automobile.de/impressum/

 

Overview of processing

As part of our business activities, we process personal data of various categories to ensure our service and your user experience.

Processed data types:

  • Inventory data (e.g. names, addresses)
  • Location data
  • Contact details (e.g. e-mail, telephone number)
  • Content data (e.g. messages, posts)
  • Usage data (e.g. visit times, click paths)
  • Meta, communication and process data
  • Event data (e.g. Facebook interactions)
  • Log data (log files)

Persons concerned:

  • Communication partner
  • Users (e.g. website visitors)

Purposes of the processing:

  • Communication
  • Security measures
  • Reach measurement
  • Organizational and administrative processes
  • Feedback management
  • Profiling with user-related information
  • Provision and optimization of the online offering
  • Information technology infrastructure
  • Public relations

 

Legal basis of the processing

We only process personal data on a legal basis in accordance with Art. 6 GDPR:

  • Consent (Art. 6 para. 1 lit. a GDPR): if you give us your express consent.
  • Contract fulfillment (Art. 6 para. 1 lit. b GDPR): for the performance of a contract or pre-contractual measures.
  • Legitimate interests (Art. 6 para. 1 lit. f GDPR): if legitimate interests on our part or those of third parties require processing and do not outweigh your rights.

In addition, national data protection regulations, in particular the German Federal Data Protection Act (BDSG), apply with supplementary regulations.

 

Security measures

We use technical and organizational measures to protect personal data from unauthorized access, loss or misuse. These include

  • Access controls (physical and electronic)
  • Encryption technologies (TLS/SSL for online data transmission)
  • Procedure for safeguarding the rights of data subjects
  • Data protection through technology design and data protection-friendly default settings (privacy by design and by default)
  • Shortening of the IP address (IP masking) to minimize identifiability

 

Transmission of personal data

Personal data will only be transferred to third parties if this is necessary for the fulfillment of the contract, to protect legitimate interests or due to legal obligations. We always conclude contracts for order processing and guarantee the protection of your data.

Internal data transfers are only made for administrative or contract-related purposes.

 

International data transfers

Data is only transferred to third countries (outside the EU/EEA) if there is an adequate level of data protection, for example through adequacy decisions by the EU Commission, standard contractual clauses, express consent or statutory exceptions.

Information on third country transfers and certified providers is available in the data protection notices of the respective service providers and on the website of the EU Commission.

 

General information on data storage and deletion

We only store personal data for as long as is necessary for the purposes of processing or for as long as there are statutory retention obligations.

Retention periods under German law:

  • 10 years: accounting documents, annual financial statements, tax documents
  • 6 years: business letters, other tax-relevant documents
  • 3 years: Warranty and compensation claims

After expiry of the retention periods, data will be deleted or anonymized, provided that no legal obligations or legitimate interests prevent further storage.

 

Rights of the data subjects

As a data subject, you have the following rights under Articles 15 to 21 GDPR:

  • Right to information: Confirmation and information about the processed personal data.
  • Right to rectification: Correction of incorrect or incomplete data.
  • Right to erasure: Deletion of your data under certain conditions.
  • Right to restriction of processing: Restriction of processing instead of erasure.
  • Right to data portability: Receipt of your data in a structured, commonly used and machine-readable format or transmission to third parties.
  • Right of withdrawal: Revocation of granted consent at any time with effect for the future.
  • Right of objection: Object to processing on grounds relating to your particular situation, in particular to direct marketing and profiling.
  • Right of appeal: Right to lodge a complaint with a data protection supervisory authority.

To exercise these rights, please contact us using the contact details above.

 

Provision of the online offer and web hosting

In order to provide our online services, we process technical data, in particular IP addresses, usage data and log data, in order to transmit content and functions to your end device and to ensure the stability and security of our offering.

Processed data types: Nutzungsdaten, Meta- und Kommunikationsdaten, Inhaltsdaten, Protokolldaten
Persons concerned: Webseitenbesucher und Onlinedienstnutzer
Legal basis: Berechtigte Interessen gemäß Art. 6 Abs. 1 lit. f DSGVO
Storage duration: Logfiles werden maximal 30 Tage gespeichert, längere Aufbewahrung nur bei begründetem Anlass.

Service provider:

  • ALL-INKL.COM - Web hosting, storage space, computing capacities
  • WordPress.com - Hosting and software provision for website operation

Contractual data processing agreements have been concluded with these service providers.

 

Use of cookies

Cookies are small text files that are stored on your end device to ensure the functionality, security and analysis of our online offer.

We use cookies in accordance with the statutory provisions and obtain your consent if this is required. Temporary session cookies are deleted when the browser is closed. Permanent cookies can be stored for up to two years.

You can revoke your cookie settings at any time or control them via the privacy settings of your browser.

Processed data types: Meta and communication data
Legal basis: Consent (Art. 6 para. 1 lit. a) GDPR) or legitimate interests (Art. 6 para. 1 lit. f) GDPR)

Consent management:
We use a consent management solution that documents, manages and revokes consent. Consent is stored on the server and/or by means of opt-in cookies.

 

Contact and request management

When contacting us - for example by post, contact form, email, telephone or via social media - as well as in the context of existing user and business relationships, we process personal data of the inquiring persons insofar as this is necessary to process and answer the contact requests or to implement requested measures.

Processed data types:
Inventory data (e.g. full name, address, customer number), contact data (e.g. email address, telephone number), content data (e.g. text or image messages, information on authorship, timestamps), usage data (e.g. page views, length of stay, click paths, devices used), meta and communication data (e.g. IP addresses, time data, identification numbers).

Persons concerned: Communication partners and inquirers.

Purposes of the processing:

  • Processing and answering contact requests
  • Organization and management of communication
  • Obtaining and evaluating feedback
  • Ensuring the user-friendliness and functionality of our online offering

Storage and deletion:
Data will be deleted as soon as it is no longer required for processing the requests, in accordance with the specifications in the section “General information on data storage and deletion”.

Legal basis:

  • Contract fulfillment and pre-contractual measures (Art. 6 para. 1 lit. b GDPR)
  • Legitimate interests (Art. 6 para. 1 lit. f GDPR) to ensure communication and service quality

Further information:
Data transmitted via the contact form or by e-mail will only be used to process the request.

 

Web analysis, monitoring and optimization

We analyze the use of our online offering in order to record visitor flows, understand user behavior and interests and record demographic characteristics such as age or gender in pseudonymized form. The aim is to optimize our website and design it in line with requirements.

For this purpose, profiles are created that summarize various usage processes and process technical data such as browser type, operating system, usage times and, if applicable, location data.

IP addresses are pseudonymized (IP masking) to ensure data protection. Clear data such as names or e-mail addresses are not recorded.

Processed data types:
Usage data (e.g. page views, dwell time, click paths), meta and communication data (e.g. IP addresses, time data).

Persons concerned: Users of our online offer.

Purposes of the processing:

  • Reach measurement
  • Creation of user profiles for optimization
  • Ensuring user-friendliness

Storage and deletion:
Data is deleted in accordance with the general requirements. Cookies and similar storage devices can remain for up to two years.

Legal basis:

  • Consent (Art. 6 para. 1 lit. a GDPR)
  • Legitimate interests (Art. 6 para. 1 lit. f GDPR)

Safety measures: IP masking for pseudonymization

Services used:

  • Google Analytics
  • Google Tag Manager

 

Presence in social networks (social media)

We maintain profiles on social networks in order to communicate with users and provide information. In doing so, we process user data that is often processed outside the EU, which entails risks for the enforcement of user rights.

As a rule, user data is processed for marketing and market research purposes. Profiles based on user behavior and interests can be used for targeted advertisements.

Processed data types:
Contact data, content data (e.g. posts), usage data (e.g. interactions, device data).

Persons concerned: Users and visitors of social networks.

Purposes of the processing:

  • Communication
  • Public relations
  • Feedback collection

Legal basis:

  • Legitimate interests (Art. 6 para. 1 lit. f GDPR)

Platforms used:

  • Instagram (Meta Platforms Ireland Limited)
  • Facebook pages (Meta Platforms Ireland Limited)
  • X (formerly Twitter)
  • YouTube (Google Ireland Limited)

 

Plug-ins and embedded functions and content

We integrate functional and content elements from third parties (e.g. videos, graphics, maps) whose providers process personal data, in particular IP addresses, in order to deliver the content.

Third-party providers also use pixel tags (“web beacons”) to collect usage data for statistical and marketing purposes. This data can be stored in cookies and combined with other information.

Processed data types:
Usage data, meta, communication and process data, inventory and contact data, content data, location data, event data (e.g. meta pixels).

Persons concerned: Users of our online offer.

Purposes of the processing:
Provision and optimization of the online offer.

Legal basis:

  • Consent (Art. 6 para. 1 lit. a GDPR)
  • Legitimate interests (Art. 6 para. 1 lit. f GDPR)

Weitere Dienste:

  • Drittsoftware, Skripte und Frameworks (z. B. jQuery)
  • Facebook-Plugins und -Inhalte
  • Google Fonts (Eigenhosting)
  • Font Awesome (Eigenhosting)
  • Google Maps
  • YouTube-Videos

 

Change and update

We regularly update this privacy policy to reflect changes in data processing or legal requirements. We will communicate any necessary cooperation on your part (e.g. renewed consent) separately.