User Privacy Notice


In our User Privacy Notice we have compiled all essential information about our handling of your personal data and your corresponding rights for you.

This Privacy Notice is valid from 1.1.2024

1. Scope and updates of this User Privacy Notice

This User Privacy Notice applies to the use of the mobile.de and automobile.fr websites and all websites connected to them, as well as all applications, services, products and tools of mobile.de (collectively the "Services"), regardless of how you access or use these Services, including access via mobile devices and apps.

We may change this User Privacy Notice at any time by posting the revised version here and indicating the effective date of the revised User Privacy Notice. You will be notified of any material changes to this User Privacy Notice by email if you have registered a user account with us.

2. Controller

mobile.de GmbH, Albert-Einstein-Ring 26, 14532 Kleinmachnow, is the operator of the Services and the data controller in the sense of the General Data Protection Regulation (GDPR). Whenever the words "we" or "our" are used in this User Privacy Notice, these refer to mobile.de GmbH as the data controller.

3. Data protection officer and contact

We have appointed a data protection officer to oversee the protection of your personal data. If you have any questions about this User Privacy Notice or about data protection at mobile.de in general, you can contact the data protection officer at any time at datenschutz@team.mobile.de or via postal mail directed at the data protection officer at the address indicated above.

Furthermore, if you have any questions or complaints regarding this User Privacy Notice, you can contact us at any time.

4. What personal data we collect and process

We collect your personal data when you use our Services, create a new mobile.de account, provide us with information via a web form, add or update information in your mobile.de account, participate in online community discussions or otherwise interact with us. We also collect personal data from other sources (such as other members of the Adevinta group of companies, credit agencies or bureaus, and other data brokers).

In total, we collect the following personal data:

4.1 Personal data you provide when using our Services or creating a mobile.de account:

  • Data that identifies you, such as your name, address, telephone numbers, email addresses, your user name, profile picture or your tax identification number that you provide when setting up your mobile.de account or at a later date.
  • Data on ads and data that you enter in relation to a transaction and other transaction-related content which you generate (e.g. ads, vehicle identification number and other content which you generate or which relates to your mobile.de account, use of the contact function in the ads or financing enquiries, saved searches and ads).
  • Information required for a financing request (in particular, for a pre-credit check) or financing brokerage (in particular, employment status, monthly net income and housing costs, any credit obligations, preferred credit period and down payment).
  • Other content that you generate or that relates to your account (such as dealer ratings and comments on dealer ratings).
  • Content that you share with other users through our messaging tools (see 'Filtering of messages sent via our messaging tools' under section 11).
  • Financial information (e.g. credit card and account numbers, payment data) in connection with the use of a paid service offered by us or our Safe Pay feature.
  • In some cases: age, gender, country of birth, nationality, family status, interests and preferences.
  • Data that we are required to collect for tax purposes when you use our Safe Pay feature as a seller, including, e.g., the tax identification number and the EEA Member State that issued it, your date of birth, the financial account identifier, the name of the financial account holder (if different from the name we have on file in the mobile.de account) and any other information that identifies the account holder, and any EEA Member State in which you are considered to be resident.
  • When you submit a report regarding illegal content or a complaint to us: Data that identifies you, such as your name and email address, and any additional information you provide with your report or complaint.
  • You may provide us with additional information through a web form or by updating or adding information to your mobile.de account, by participating in community discussions, member chats, inquiries, customer service calls recorded with your consent, or if you contact us for any other reason regarding our Services.
  • Other data that we are required or entitled by applicable law to collect and process and that we need for your authentication or identification, or for the verification of the data we collect.

4.2 Personal data we collect automatically when you use our Services or create a mobile.de account

  • Data that is generated through your use of our Services and which is linked to your mobile.de account, e.g. when you save searches or ads.
  • Data regarding all other interactions with our Services (such as search queries or the ads you view), your advertising preferences, and your communications with us; this also includes the pseudonymised information that the telephone number shown to you in an ad was called.
  • Location data, including your general location data (e.g., region based on your IP address) and the precise location data of your mobile device. Please note that for most mobile devices, you can manage or disable the use of location services for all applications in the settings menu of your mobile device.
  • Computer and connection information, such as statistics regarding your use of our Services, information on data traffic to and from websites, referral URL, information on advertisements, your IP address, your access times, your browser history data, your language settings and your weblog information.

4.3 Personal data we collect in connection with the use of cookies and similar technologies

We use cookies, web beacons and similar technologies to collect data while you use our Services. We collect this data from the devices (including mobile devices) that you use our Services with. The data collected includes the following usage- and device-related information:

  • Data about the pages you visit, the access time, frequency and duration of visits, the links on which you click and other actions you take as part of your use of our Services and in advertising and email content.
  • Data about your activities and interactions with our advertising partners including data about the advertisements you were shown, how often they were shown, when and where they were shown, and whether you took any action, such as clicking on an advertisement or making a purchase.
  • The user segment or category into which you as a user fall, for example: male, 20-49 years old, interested in cars.
  • Model or device type, operating system and version, browser type and settings, device ID or individual device identifier, advertisement ID, individual device token, and cookie-related data (e.g. cookie ID).
  • The IP address from which your device accesses the Services.
  • Location data, including your general location data (e.g., region based on your IP address) and the precise location data of your mobile device. Please note that most mobile devices allow you to manage or disable the use of location services for all applications in the settings menu.

For more information about our use of these technologies and your choices, see '9 Cookies & similar technologies'.

4.4 Personal data from other sources

We also collect personal data about you from other sources and from third parties to the extent permitted by applicable law. In particular, this includes the following data:

  • Data from public sources (e.g. demographic data)
  • Data from credit agencies or bureaus (e.g. credit checks and identity confirmation)
  • Data from data providers (e.g. demographic data, interest-based and online advertising related data)

We combine or connect the personal data we collect from you with data from these other sources. Where personal data is disclosed to us by third parties, we take steps to confirm that these third parties are legally permitted to disclose your personal data to us. We also receive access to personal data about you from other members of the Adevinta group of companies.

4.5 Social network data you share with us

  • We allow you to share data with social networks or use social networks or similar service providers with whom you already have an account to create a mobile.de account or to link your mobile.de account to your social network account or account at a similar service provider (e.g. Meta and Google). These social networks and similar service providers may automatically grant us access to certain personal data about you that is stored there (e.g., content you have viewed or like, information about the advertisements you have viewed or clicked on, etc.). You can control the personal data we can access by using the privacy settings of the social network or similar service provider.

  • We use social media links to various social networks. With the help of these links you can, among other things, share content or recommend products to others. The social media links are integrated in a way that no personal data can be collected by the social networks when the page is accessed. Only when the user clicks on a social media link, a connection to the respective social network is established. For the purpose and scope of the data collection and the further processing and use of data by social networks as well as your rights and setting options for the protection of your privacy, please refer to the data protection information of the respective networks or websites. You will find the links below. On our websites we have included social media links to the following social networks:

    o Meta (Meta Platforms Ireland Limited, Merrion Road, Dublin 4, Irland)
    Link to the Meta Privacy Notice: https://www.facebook.com/about/privacy
    o X (X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA).
    Link to the X Privacy Notice: https://twitter.com/privacy
    o YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4. Irland).
    Link to the YouTube Privacy Notice:: https://policies.google.com/privacy?hl=en-en

4.6 Information we receive when you use social login features

  • We offer you the opportunity to register with the social login features of Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) and Apple (Apple Inc., a California corporation with its principal place of business at One Apple Park Way, Cupertino, California 95014, USA) ("Register with Google", "Register with Apple"). These features allow you to create a mobile.de account using your Apple or Google login information. When you use this feature, we send a request to Google or Apple with the information that you want to register with us and a connection is immediately established between your device and the Google or Apple server. You will then be prompted by Google or Apple to log in and confirm your registration with mobile.de. Google or Apple will then send us at least your email address, your name and - if you expressly allow it - any other profile data.
  • We will then process this data as if you had provided it to us directly during registration and as described in the following sections (in particular section 5).
  • If you subsequently use Google's or Apple's sign-in feature, we will only receive information from Google or Apple that you are authorised to sign-in. We do not receive any knowledge of your actual login information (such as usernames or passwords).

5. Purposes and legal basis for data processing and categories of recipients

We process your personal data for various purposes and based on several different legal bases that allow this processing. For example, we process your personal data to provide and improve our Services, to provide you with a personalized user experience on this website, to contact you about your mobile.de account and our Services, to provide customer service, to provide you with personalized advertising and marketing communications, and to detect, prevent, mitigate and investigate fraudulent or illegal activity. We also share your information with third parties (including service providers acting on our behalf) and other members of our company group for these purposes pursuant to section 5.6 of this User Privacy Notice.

Below you will find a summary of the purposes for which we process your personal data, including the categories of recipients to whom we transmit personal data for the purposes stated, sorted by our legal basis for this processing:

5.1 We process your personal data in order to fulfil our contract with you and to provide you with our Services (Article 6(1) (b) GDPR). This includes the following purposes:

  • Processing of data relating to you or your company for the purpose of entering into a contract with you and executing it.
  • Provision of our Services, including but not limited to publishing ads and other content, billing, providing the direct sales service and enabling the execution of financing comparisons and -brokerages, insurance comparisons and to measure and improve the quality and success of our Services, to keep our Services secure and operational and to adapt the content of the website and Services to what you might like based on the actions you take. In the context of the financing brokerage of the mobile.de online purchase, we process personal data described in more detail in joint responsibility within the meaning of Art. 26 DSGVO with Santander Consumer Bank AG, Santander-Platz 1, 41061 Mönchengladbach. Further information on this joint responsibility is available in the context of the ordering process of mobile.de online buying and on request from our data protection officer (see section 3 of this data protection declaration above).
  • Enabling transactions/contacts with other users (including the transmission of your personal data required for this purpose to other mobile.de users), providing and improving functions such as ratings and mobile.de account management, providing other services you use (as described in connection with such services) and ensuring the functionality of our Services.
  • Provision of the Safe Pay feature including the transfer of your data to the payment service provider MANGOPAY S.A. ("Mangopay") cooperating with us for the performance of your contract with Mangopay regarding the processing of the payment of the purchase price. Mangopay processes your data to fulfil the contract concluded with you and to fulfil its legal obligations (e.g., to prevent money laundering) in accordance with the Mangopay privacy policy.
  • Granting access to your saved vehicles, searches and - if available - saved non-binding financing offers as well as other features offered by us, in particular, saving your details for financing enquiries so that future financing enquiries can be made with just a few clicks.
  • Solution of problems with your mobile.de account, enforcing fee claims and providing other customer support services (including the feedback solution on our website), in particular to remind you of the possibility of a requested financing transaction by email. For these purposes, we may contact you by email, telephone, SMS, push notification on your mobile device or by post.
  • Processing of general location data (such as IP address or postal code) in order to provide you with location-based services (such as radius search and other content that is personalized on the basis of your general location data).
  • Enforcement of our General Terms and Conditions and this User Privacy Notice and other rules and policies.
  • Display of the business address of registered car dealers on a map in ads of the respective dealer (For this purpose, we transmit the address data to external service providers such as Google Ireland Limited for the use of Google Maps (Google Privacy Notice). If a dealer does not want his location details to be shown on a map in his ads, he can contact mobile.de customer service at any time).
  • Publication and promotion of your listings and related content on the websites or in the applications, services and tools of other members of our company group (especially Kleinanzeigen for the automatic export of ads) or cooperating third party operators of websites, applications, services and tools. If we share the content of your listings and any related personal data with third parties, we do so only on the basis of an agreement that limits the use of such personal data by the third party to the purposes necessary to fulfill its contractual obligations to us. Third party providers are contractually obliged to take appropriate security measures with regard to this data. Third party providers are not allowed to pass on personal data contained in your listings to other third parties.

Where necessary, we transmit your personal data to processors and the following recipients for one or several of the purposes described above:

  • Other mobile.de users
  • mobile.de dealers
  • Members of our company group pursuant to section 5.6 of this User Privacy Notice, especially Kleinanzeigen
  • External service providers such as financing brokers, financial institutions and other partners linked to car financing services and the payment service provider for the Safe Pay feature (Mangopay)
  • External operators of websites, applications, services and tools

5.2 We process your personal data in order to comply with legal obligations to which we are subject (Article 6(1) (c) GDPR). This includes the following purposes:

  • Participation in investigations and proceedings (including judicial proceedings) conducted by public authorities or government agencies, in particular, for the purpose of detecting, investigating and prosecuting illegal acts.
  • Prevention, detection and mitigation (including compliance with reporting obligations) of illegal activities (e.g. fraud, money laundering and terrorist financing).
  • Complying with information requests from third parties based on any statutory information rights they have against us (e.g. in the event of an intellectual property infringement, product piracy or other unlawful activity).
  • Handling reports of illegal content and complaints, including assessing whether these reports or complaints from the same user are often obviously unfounded.
  • Complying with other statutory legal requirements in the areas of consumer protection, online platforms and taxes.
  • Ensuring the information security of our Services.
  • Retention and storage of your personal data to comply with specific legal retention requirements (for more information on mobile.de’s storage of your data, see '7. Storage duration and erasure').

Where necessary, we transmit your personal data to processors and the following recipients for one or several of the purposes described above:

  • Law enforcement agencies, tax authorities, courts, government agencies or public authorities, intergovernmental or supranational bodies
  • Third parties based on statutory information claims against us
  • Third party service providers and financial institution partners
  • Third parties who are involved in judicial proceedings, in particular, if they submit a legal order, court order or equivalent legal order to us
  • Credit agencies, bureaus, or associations, if required by applicable law (e.g. information on payment delays, payment defaults or other irregularities that may be relevant to your credit report)
  • Other users.

5.3 We process your personal data in order to protect your vital interests or the vital interests of another natural person (Art. 6(1) (d) GDPR). This includes the following purposes:

  • Prevention, detection, mitigation and investigation of unlawful activities that may result in impairment of your vital interests or the vital interests of another natural person, unless there is a statutory obligation to this effect.

Where necessary, we transmit your personal data to processors and the following recipients for one or several of the purposes described above:

  • Law enforcement agencies, courts, government agencies or public authorities, intergovernmental or supranational bodies
  • Third parties who are involved in judicial proceedings
  • External service providers

5.4 We process your personal data where necessary for the purposes of the legitimate interests pursued by us or by a third party (Art. 6(1) (f) GDPR), except where such interests are overridden by your interests or fundamental rights and freedoms. In order to reconcile our legitimate interests with your rights, we have introduced appropriate control mechanisms. On this basis, we process your data for the following purposes:

  • Participation in proceedings (including judicial proceedings) conducted by courts, law enforcement agencies, government agencies or public authorities, intergovernmental or supranational bodies, in particular for the purpose of detecting, investigating and prosecuting illegal acts, unless there is a statutory obligation to this effect, and we may legitimately assume that the disclosure of the data is necessary to avert imminent disadvantages or to report a suspicion of an illegal act. In such cases, we will only disclose what we believe is necessary, such as your name, city, zip code, telephone number, email address, (previous) user names, IP address, fraud complaints and ad content.
  • Protection of the legitimate interests of third parties in connection with civil law disputes, unless there is a statutory obligation to this effect, if we may legitimately assume that it is necessary to disclose the data to such third parties in order to avert imminent disadvantages.
  • Prevention, detection, mitigation and investigation of fraud, security breaches and other prohibited or unlawful activities, including the assessment of corresponding risks (e.g. through the use of the telephone number stored in your mobile.de account for two-factor authentication), unless there is a statutory obligation to this effect.
  • Assessing whether the reports submitted to us as part of the reporting procedure regarding illegal content (including unnamed or anonymous reports) are fraudulent or malicious.
  • Monitoring and improvement of the information security of our Services, unless there is a statutory obligation to this effect.
  • Performance of identity checks, evaluation of applications and comparison of information for accuracy and verification purposes.
  • Automatic filtering and, where necessary, manual review of messages sent through our messaging tools to prevent fraudulent or suspicious activity or violations of our General Terms and Conditions or other rules and policies, as further explained below under Filtering of messages sent via our messaging tools (see '11. Other important information regarding data protection').
  • Provision of functions for users that make the processing of transactions easier or more convenient.
  • Performance of your vehicle financing request, in particular to transmit the data you have entered to the respective financial institution partner for the pre-credit check and, together with the result of this pre-credit check, to the advertising mobile.de dealer in order to answer your financing enquiries and to check commission claims. We also use this information in connection with the analysis of your use of our Services. You receive more detailed information, in particular in relation to the pre-credit check, via the privacy notice provided when submitting the respective financing request.
  • Analysis and improvement of our Services, e.g. by reviewing information from users about blocked or crashed pages in order to identify and solve problems and to thereby provide you with an improved user experience.
  • Analysis of telephone conversations with our customer service that we recorded with your consent.
  • Advertisements by mail (unless you have objected).
  • To the extent permitted by applicable law without your consent, communications with you via electronic mail (e.g. email) or telephone to offer you vouchers, discounts and special offers, to conduct opinion polls and surveys, to inform you about our Services, and to contact you after you have made an appointment with a mobile.de dealer as part of a direct sale, for example to send you an appointment confirmation and reminder or to support you in other ways with regard to the appointment. If you do not wish to receive marketing communications from us, you can unsubscribe by clicking on the link in the email you received. For technical reasons, the implementation may take a few days.
  • Customization of page content to display the ads and services you may like based on the actions you take.
  • Evaluation of the quality and success of our email marketing campaigns on an aggregated basis (e.g. through analysis of opening and click rates).
  • Assessment of the service status (e.g. on the basis of information provided in response to inquiries from interested users).
  • Provision of shared content and services (such as registration for services, transaction processing and customer service) with cooperation partners such as banks and insurance companies.
  • Measures to facilitate compliance with tax regulations for the collection, disclosure and reporting of information.
  • Initiation, preparation and execution of a company acquisition, e.g. in the event of a merger with another company or takeover by another company. If such an event occurs, we will require the merged entity to comply with this User Privacy Notice with respect to your personal data. Should your personal data be processed for any purpose not specified in this User Privacy Notice, you will be informed in advance of the processing of your data for this new purpose.
  • Assertion of or defense against legal claims, including those asserted by one mobile.de user against another mobile.de user.

Where necessary, we transmit your personal data to processors and the following recipients for one or several of the purposes described above:

  • Members of our company group pursuant to section 5.6 of this User Privacy Notice
  • External service providers
  • Other mobile.de users
  • Financial institution partners and mobile.de dealers
  • Law enforcement agencies, courts, government agencies or public authorities, intergovernmental or supranational bodies
  • Third parties who are involved in judicial proceedings
  • Credit agencies or bureaus and collection agencies (e.g. information about payment delays, payment defaults, or other irregularities that may be relevant to your credit report)
  • Other companies in the context of a company acquisition
  • Right owners who have entered into a non-disclosure agreement with us, in case of intellectual property infringement, retail crime, stolen goods, product piracy or other unlawful activity, if we, in our sole discretion, deem the investigation of such incident necessary or useful. In such cases, we will disclose the name, address, city, zip code, country, telephone number, email address, company name and ad content to the third party.

Information about your right to object to processing based on our legitimate interests can be found below under '8. Rights as a data subject' and, with regard to the use of cookies and similar technologies, below under '9. Cookies & similar technologies'.

5.5 With your consent (Art. 6(1) (a) GDPR), we process your personal data for the following purposes:

  • Personalization, measurement and improvement of our and third party advertisements in our online offerings, the online offerings of other members of our company group or third parties.
  • Marketing communications by telephone or electronic mail (such as email or SMS), including communications by other members of our company group or by third parties, unless these communications are permitted without your consent under applicable law.
  • Analysis of user behaviour to improve our Services with the help of our own tools as well as tools from third-party providers, also in the context of product development, insofar as the data processing for these purposes is not based on another legal basis (in particular legitimate interests). With your consent, the information obtained in this way can also be used to personalize direct advertising (e.g. by e-mail).
  • Processing of your precise location data to provide location-based services.
  • Processing of your personal data on the basis of your consent, which you have given so that we or third parties can enable you to use certain services or make them available to you, such as the automatic prefilling of input forms for further financing requests within the Services.

You can find information about your right to withdraw your consent below under '8. Rights as a data subject' and information with regard to the use of cookies and similar technologies below under '9. Cookies & similar technologies'.

You can find information about your right to withdraw your consent below under '8. Rights as a data subject' and information with regard to the use of cookies and similar technologies below under '9. Cookies & similar technologies'.

Where necessary, we transmit your personal data to processors and the following recipients for one or several of the purposes described above:

  • Members of our company group pursuant to section 5.6 of this User Privacy Notice
  • External service providers
  • Other third parties with whom we partner to offer you specific services (as described at the collection of the respective user consent)
  • Third party financial institutions with whom we partner to offer financial products to you, for them to provide joint content and services (such as insurance and financing comparison services). These third party partners will use your personal data to send you marketing communications only if you have requested their services.

Without your consent, we will not pass on your personal data to third parties for their marketing or advertising purposes, nor will we sell or otherwise make it available to third parties for a fee.

5.6 Data Sharing between Adevinta Corporate Family Members

As set out above under '4.4 Personal data from other sources', we also receive access to personal data about you from other members of the Adevinta group of companies. This enables us, in particular, to provide you, with your consent as legally required, with information about products and services, which we believe might interest you, and improve our products, services, content, and advertising by analyzing your use of the services of other members of our company group. Furthermore, this allows us to better prevent, detect, mitigate and investigate fraud, security breaches and other prohibited or unlawful activities, including the assessment of corresponding risks. We will also grant access to personal data about you to other members of our company group for the aforementioned purposes. To the extent that other members of our company group have access to your personal data, they will follow practices that are at least as restrictive as the practices described in this User Privacy Notice.

5.7 Automated decision-making

We use technologies that are considered automated decision making or profiling. We will not make any automated decisions about you that would significantly affect you unless such a decision is necessary for entering into, or the performance of, a contract with you, we have obtained your consent, or we are required by applicable law to use such technology. You will find information on your right to object to this processing of your data below under '8. Rights as a data subject'.

6. International data transfers

Some recipients of your personal data are located outside your country or have offices in countries where data protection laws may provide a different level of protection than the laws in your country. When transferring personal data to such recipients, we provide appropriate safeguards.

6.1 Data transfers to eCG company group members

mobile.de is part of the Adevinta group of companies. As a rule, your personal data is processed exclusively within the European Economic Area (EEA). If, by way of exception, personal data is transferred to companies of the Adevinta group of companies outside of the EEA and there is no adequacy decision of the EU Commission, this transfer is subject to appropriate safeguards (e.g. standard data protection clauses issued or approved by the EU Commission as well as appropriate supplementary measures, where necessary).

6.2 Other data transfers (from the European Economic Area to third countries)

We will only transfer your personal data from the European Economic Area (EEA) to third countries, i.e. countries outside the EEA, on the basis of appropriate safeguards. Third countries providing an adequate level of data protection according to the European Commission currently include Andorra, Argentina, Canada (for companies covered by the Personal Information Protection and Electronic Documents Act), Switzerland, the Faroe Islands, Guernsey, the State of Israel, the Isle of Man, Japan, Jersey, New Zealand, Uruguay, the United Kingdom and South-Korea. In other cases, mobile.de provides the necessary safeguards, e.g. through the conclusion of data protection contracts adopted by the European Commission (e.g. standard data protection clauses) with the recipients, or through other measures provided for by law. A copy of the documentation of the measures taken by us is available on request.

7. Storage duration and erasure

Your personal data will be stored by us and our service providers in accordance with applicable data protection laws to the extent necessary for the processing purposes set out in this User Privacy Notice (see '5. Purposes and legal basis for data processing and categories of recipients' for more information on the processing purposes). Subsequently, we will delete your personal data in accordance with our data retention and deletion policy or take steps to properly render the data anonymous, unless we are legally obliged to keep your personal data longer (e.g. for legal compliance, tax, accounting or auditing purposes). In Europe, the retention periods are generally between 6 and 10 years (e.g. for contracts, notifications and business letters). As far as legally permissible or required, we restrict the processing of your data instead of deleting it (e.g. by restricting access to it). This applies in particular to cases where we may still need the data for the execution of the contract or for the assertion of or defense against legal claims, or where such retention is otherwise required or permitted by law. In these cases, the duration of the restriction of processing depends on the respective statutory limitation or retention periods. The data will be deleted after the relevant limitation or retention periods have expired.

The specific retention periods for personal data are documented in our regional data retention guidelines. How long we retain personal data may vary depending on the Services we provide and our legal obligations under applicable national law. The following factors typically affect the retention period:

  • Necessity for the provision of our Services
    This includes such things as executing the contract with you, maintaining and improving the performance of our products, keeping our systems secure, and maintaining appropriate business and financial records. Most of our retention periods are determined on the basis of this general rule.
  • Special categories of personal data
    If we store special categories of personal data (i.e. personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data which is being processed for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation), a shorter retention period is usually appropriate.
  • Consent-based processing of personal data
    If we process personal data on the basis of consent (including consent to the extended storage), we store the data for as long as necessary in order to process it according to your consent.
  • Statutory, contractual or other similar obligations
    Corresponding storage obligations may arise, for example, from laws or official orders. It may also be necessary to store personal data with regard to pending or future legal disputes. Personal data contained in contracts, notifications and business letters may be subject to statutory storage obligations depending on national law.

8. Rights as a data subject

Subject to possible restrictions under national law, as a data subject, you have the right to access, rectification, erasure, restriction of processing and data portability with regard to your personal data. In addition, you can withdraw your consent and object to our processing of your personal data on the basis of our legitimate interests. You can also lodge a complaint with a supervisory authority.

Our competent Data Protection Supervisory Authority is:

Landesbeauftragte für den Datenschutz und für das Recht auf Akteneinsicht Brandenburg (Brandenburg Federal State Commissioner for Data Protection and for the Right to Access Records)
Stahnsdorfer Damm 77
14532 Kleinmachnow
Germany
http://www.lda.brandenburg.de

Your rights in detail:

  • You can withdraw your consent to the processing of your personal data by us at any time. As a result, we may no longer process your personal data based on this consent in the future. The withdrawal of consent has no effect on the lawfulness of processing based on consent before its withdrawal.
  • You have the right to obtain access to your personal data that is being processed by us. In particular, you may request information on the purposes of the processing, the categories of personal data concerned, the categories of recipients to whom the personal data have been or will be disclosed, the envisaged period for which the personal data will be stored, the existence of the right to request rectification or erasure of personal data or restriction of processing of personal data or to object to such processing, the right to lodge a complaint with a supervisory authority, any available information as to the personal data’s source (where they are not collected from you), the existence of automated decision-making, including profiling and, where appropriate, meaningful information on its details. Your right to access may be limited by national law.
  • You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
  • You have the right to obtain from us the erasure of personal data concerning you, unless processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims. The right to erasure may be limited by national law.
  • You have the right to obtain from us restriction of processing to the extent that the accuracy of the data is disputed by you, the processing is unlawful, but you oppose the erasure of the personal data, we no longer need the data, but you need it to assert, exercise or defend legal claims or you have objected to the processing.
  • You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller ("right to data portability").

If your personal data is processed on the basis of our legitimate interests, you have the right to object to the processing of your personal data on grounds relating to your particular situation. This also applies to profiling. If your personal data is processed by us for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing.

The exercise of the above data subjects’ rights (e.g. right to access or erasure) is generally free of charge. Where requests are manifestly unfounded or excessive, in particular because of their repetitive character, we may charge an appropriate fee (at most our actual costs) in accordance with the applicable statutory regulations or refuse to process the application.

Exercising your rights and managing your settings

You can exercise your rights as a data subject via our contact form. In addition, you are of course free to contact us.

If you would like to change your preferences regarding mobile.de marketing communications, you can do so at any time in your mobile.de account. If you do not wish to receive marketing communications from us, you can also unsubscribe by clicking on the link in the email you received. For technical reasons, the implementation may take a few days. For information on how to manage your cookie and similar technology preferences, see the next section '9. Cookies & similar technologies'.

9. Cookies & similar technologies

When you use our Services, we and selected third parties may use cookies and similar technologies to provide you with a better, faster and safer user experience or to show you personalized advertising. Cookies are small text files that are automatically created by your browser and stored on your device when you use the Services. You can find detailed information about our use of cookies and similar technologies and your choices in our User Cookie Notice.

Our cookies and similar technologies have different functions:

  • They may be technically necessary for the provision of our Services
  • They help us optimize our Services technically (e.g. monitoring of error messages and loading times)
  • They help us improve your user experience (e.g. save font size and form data entered)
  • They allow us to show you more relevant advertisements.

We use cookies and similar technologies that remain on your device only as long as your browser is active (session cookies), as well as cookies and similar technologies that remain on your device longer (persistent cookies). Where possible, we take appropriate security measures to prevent unauthorized access to our cookies and similar technologies. A unique ID ensures that only we and/or selected third parties have access to cookie data.

Your choices regarding cookies

You are free to disable the use of cookies and similar technologies if this is supported by your device. You can manage your cookie settings in your browser or device settings. In addition, you can decide whether we may use cookies and similar technologies to show you personalized advertisements and analyse your usage behaviour:

If you decide not to have your personal data processed by us for advertising purposes via cookies (and similar technologies), this does not mean that we will not show you advertisements. It simply means that these advertisements will not be personalized for you using first-party or third-party cookies, web beacons, or similar technologies; but personal data may still be collected, as described in this User Privacy Notice.

10. Data security

We protect your personal data through technical and organizational security measures to minimize risks associated with data loss, misuse, unauthorized access and unauthorized disclosure and alteration. To this end we use firewalls and data encryption, for example, as well as physical access restrictions for our data centers and authorization controls for data access.

11. Other important information regarding data protection

This section contains important additional information about the protection of personal data in connection with the use of our Services, including whether you are required to provide personal data.

What happens when you share your personal data on our sites or applications?

Other users have access to the information you share on mobile.de or disclose to other users. For example, other users can see your ads, ratings and associated comments.

Your responsibilities over personal data of other users that you receive through mobile.de

When you communicate with another user and receive personal data (such as name, email address or other contact information) from the other user, you are, independent from us, the controller of such data and responsible for any processing that you perform after we have shared this data with you.

Unless you act for purely personal purposes, we recommend that you explain your data processing activities in your own privacy notice and protect the privacy of other users. As a seller, you must in any case comply with the applicable data protection laws and in particular protect the rights of other users as data subjects, e.g. give them the opportunity to access the personal data collected by you and demand that it be erased.

You may only use the personal data that you have access to for mobile.de transaction-related purposes, and for purposes expressly consented by the user to whom the data relates. Using personal data of other users that you have access to for any other purpose, such as adding them to a mailing list without their express consent, constitutes a violation of our General Terms and Conditions.

Personal data relating to third parties

If you provide us with personal data relating to another person, you must obtain the consent of this person or the disclosure of the data to us must be otherwise legally permissible. You must inform the other person of how we process personal data in accordance with our User Privacy Notice.

Filtering of messages sent via our messaging tools

All messages sent via our messaging tools are first received by us and then forwarded to the recipient. All messages are automatically filtered according to certain criteria. If necessary, conspicuous messages are checked manually by our customer service. In the event of a violation of our General Terms and Conditions, we reserve the right to block the transmission of the message and to block your mobile.de account. In cases of suspicion, for example following a justified customer complaint, our customer service team can also inspect messages that have already been sent.

This is to protect our legitimate interests such as protecting against fraudulent or suspicious activities (e.g. spam, viruses, phishing, or other illegal activities) or enforcing our General Terms and Conditions and our other rules and policies (e.g. illegal and other prohibited content).

Are you obliged to provide your personal data to us?

Some of the personal data that you provide to us (e.g. data by which we can identify you) are required to enter into the contract with you. Although the provision of any other personal data is voluntary, it may be necessary for the use of our Services, such as item details and contact information when posting an ad.

Children's Privacy

Our services are not intended for the use by children. We do not knowingly collect personal data from users who are considered children under applicable national laws. Under our General Terms and Conditions, children are not permitted to use our Services.

Staying Signed in

When you sign in to your account on our Services, you stay signed in for certain amount of time, until you log out. If you use our app, you stay signed in. If you are using a public or shared computer, we encourage you to log out at the end of your session. You or any other user of the computer/browser you signed in on will be able to view and access most parts of your account and take certain specific actions during this signed in period without any further authorization. The specific actions and account activities that you or any other user of this computer/browser may take include:

  • Post an ad or contact another user
  • View your activities
  • View your mobile.de profile page
  • Search your saved cars and searches
  • Conduct after-sale activities, like leaving ratings or submitting claims

If you attempt to change your password or your user name, update any other account information or attempt other account activity beyond those listed above, you may be required to enter your password.

You can typically end your signed in session by either signing out and/or clearing your cookies. If you have certain browser privacy settings enabled, simply closing your browser may also end your signed in session. If you are using a public or shared computer, you should sign out and/or clear your cookies when you are done using our Services to protect your mobile.de account and your personal data.