Privacy Policy

Privacy Policy

Status: Februar 2024

The operator of this website takes the protection of your personal data very seriously. We process personal data of our users only to the extent necessary for the provision of a functional website as well as our contents and services. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy. By using this website, a variety of personal data will be collected. Personal data is data that identifies you as an individual. This privacy policy explains what kind of data we collect and for what it is used. It also explains for what purpose it is used and how it is used. We hereby point out that data transmission on the internet (e.g. when communicating by e-mail) may be subject to security gaps. Complete protection from access by unauthorized third parties is not ensured.

1. Information on the controller

ARTHUR BUS GmbH
Moosacher Str. 82a
80809 Munich
Germany
Phone: +49 (0)89 200 686 97
E-Mail: info@arthurbus.com

2. Amendments to this Privacy Policy

We reserve the right to change this privacy policy at any time with future effect. A current version is provided on the website. Please visit the website regularly and inform yourself about the applicable data protection provisions.

3. Information on the collection of personal data

The following information provides a general overview of how your personal data is processed while you visit this website. Personal data is any kind of data that can be used to identify you personally. Firstly, your data is collected by submitting it to us. By contacting us via e-mail or a contact form, the data you provide (your e-mail address, name, and telephone number, if applicable) will be stored in order to answer your inquiries. The legal basis for this data processing is your consent pursuant to Art. 6 para. 1 lit. a GDPR. We delete the data accruing in this context after the storage is no longer necessary or we restrict the processing if there are legal retention obligations. By using this website, we only collect the personal data that your browser transmits to our server.

If you want to access our website, we always collect the following data, which is technically necessary to display our website and to ensure its stability and security (this is also our legitimate interest; legal basis is Art. 6 para. 1 lit. f GDPR):

  • IP address
  • Date and time of the request
  • Time zone difference from Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status/HTTP status code
  • Amount of data transferred in each case
  • Website that the request originated from
  • Browser
  • Operating system and its interface
  • Language and version of the browser software
  • We also collect and process data to fulfill legal requirements, Art. 6 para. 1 p. 1 lit. c GDPR. This involves in particular legal requirements under commercial and tax laws.
4. Cookies

In addition to the previously mentioned data, cookies are stored on your computer while using our website. Cookies represent data records that are stored on your terminal device and provide the website host that sets the cookie with specific information. They are used to enhance the overall user-friendliness and effectiveness of the website. Under https://www.cookiehub.com/about-cookies, we inform you about all cookies.

Required cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies. Our legitimate interests also lie herein. The legal basis for corresponding cookies is Art. 6 para. 1 p. 1 lit. f DS-GVO.

Analytical cookies help website owners understand how visitors interact with websites by collecting and reporting information anonymously. These cookies are only set if and as long as you have given corresponding consent. The legal basis is Art. 6 para. 1 p. 1 lit. a DS-GVO.

Section 6 provides detailed information about cookies from third-party providers whose services we employ.

5. Your rights

You have extensive rights with regard to the processing of your personal data. Firstly, you have a comprehensive right to information about your personal data that we process and can request correction of inaccurate data and/or deletion of your personal data. You can also request a restriction of the data processing and have the right to object as well as the right to data portability. If you wish to exercise any of your rights and/or receive more information about this, please contact us at info@arthurbus.com.

If the data processing is based on your consent, you may withdraw this consent at any time. However, the lawfulness of the previous processing remains unaffected.

In addition, you have the right to lodge a complaint with a supervisory authority of your choice, e.g. with the Bavarian State Office for Data Protection Supervision, https://www.lda.bayern.de/de/beschwerde.html.

If you have any questions, comments or requests regarding the collection, processing, and use of your personal data by us, please also contact us (see the contact details provided above under 1.).

6. Analytic tools and third party tools

By visiting this website, your browsing behavior can be statistically evaluated. This is done mainly with so-called analytic programs. These tools may be provided by third parties and may involve the collection and tracking of certain data and information about the characteristics and activities of visitors using our website. We can transfer data, including personal data, to certain third party providers in order to obtain such services.

We only use such tools if you have given your consent to do so, Art. 6 para. 1 lit. a DS-GVO.

Among other things, we use tools from companies based in the USA or other third countries that are not secure under data protection law. If these tools are active, your personal data may be transferred to these third countries and processed there.

For the transfer of data to the USA, we rely on the adequacy decision of the EU Commission of 10.07.2023 (C(2023) 4745 final) on the EU-US Data Privacy Framework. This applies to all companies listed at https://www.dataprivacyframework.gov/list, such as Google LLC and LinkedIn Corporation.

Please note that a level of data protection comparable to that in the EU cannot be guaranteed in countries outside the EU. This also applies to companies in the USA that are not listed at https://www.dataprivacyframework.gov/list. We have no influence on processing activities in these countries.

7. Notice on disclosure of data to third parties

We can also transfer information (email address, your name and phone number if applicable, and the data we collect in connection with the usage of this website as indicated above) to third parties (service providers) who process information on our behalf. We do so to enable our ability to operate certain internal business processes, including email distribution, IT services, and client services. As part of our agreements with them, these third parties are required to process this data securely and only in accordance with our instructions.

Your data may also be transferred to organizations in other parts of the world. Because their data protection laws may not be consistent with the standards of your home country, we will only transfer data if there is an adequate level of data protection that protects the information stored in that country and if the local service provider complies with applicable data protection laws at all times.

There may be occasions when we are required by law or court order to share information about you with law enforcement, authorities or third parties. We always act responsibly and with data minimization. We consider your interests, as far as possible, when responding to such requests.

We will not share your data with third parties beyond that. If you are concerned about these arrangements for sharing personal data with third parties, please contact us and ask us not to process your personal data.

8. Hosting with Amazon Web Services (AWS)

We host our website with AWS. The provider is Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, 1855 Luxembourg. By visiting our website, your personal data will be processed on AWS’s servers. In this context, personal data may also be transmitted to the corporate headquarters of AWS in the USA. The data transfer to the USA is based on the EU standard contractual clauses. Details can be found here: https://aws.amazon.com/blogs/security/aws-gdpr-data-processing-addendum/.

For the transfer of data to the USA, we rely on the adequacy decision of the EU Commission of 10.07.2023 (C(2023) 4745 final). This applies to all companies listed under https://www.dataprivacyframework.gov/list, such as Amazon.com, Inc.

The use of AWS is based on Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in ensuring that our website is presented as reliably as possible. If a corresponding consent was requested, the processing is exclusively based on Art. 6 para. 1 lit. a GDPR; the consent can be revoked at any time. For further information, please refer to the AWS privacy policy: https://aws.amazon.com/de/privacy/?nc1=f_pr.

9. Duration of storage

We process and store your personal data primarily for the period required by the respective purpose of usage. If applicable, this also includes the periods of initiation of a contract (pre-contractual legal relationship) and the processing of a contract. On this basis, personal data is regularly blocked or deleted as part of the fulfillment of our contractual and/or legal obligations, unless its temporary further processing or storage is necessary for the following purposes:

  • Fulfilment of legal retention obligations, which result, for example, from the German Commercial Code (“HGB”) and the German Fiscal Code (“AO”). The periods specified in these regulations for storage and documentation are up to ten years.
  • Preservation of evidence taking into account the statute of limitations. According to the German Civil Code (“BGB”), these limitation periods can be up to 30 years, with the regular limitation period being three years.

If you request the deletion of your data or revoke consent to data processing, your data will be deleted unless we are entitled and obliged to store your personal data for other legally permissible reasons (e.g. tax or commercial law retention periods); in the latter case, the data will be deleted after the respective retention obligations cease to apply.