We are pleased that you have shown an interest in our website. Protecting your privacy is very important to us, and we are committed to protect your private data.
In the following declaration of data protection, we will inform you extensively about the way we handle your personal data when you visit a website related to Brand Addition, as well as your rights to data protection and how the law protects you.
Important Information and who we are
Purpose of this Information
This website is not intended for minors, and we do not knowingly or commonly collect any data relating to children.
If you have any questions regarding the collection, processing or use of your personal data, or for any further information, corrections, disabling or erasing of data, as well as withdrawal of given consent, please contact our data protection officer:
z. Hd: Dr. Dennis Werner,
+49 2351 66854-37,
We ask you to please first contact the aforementioned address in case you have any enquiries or complaints. You also have the right, irrespective of any further administrative or judicial appeals, to submit a complaint to the relevant data protection authority, the Data Protection and Freedom of Information Commissioner for Nordrhein-Westfalen.
Please be aware that the content of this information may be updated and altered at any time. Any changes or updates will be published on this page. The date of the most recent update or change can be found at the top of this website.
Collected personal data
Personal data or personal information is any data relating to an identifiable or identifiable natural person. This does not include anonymised data.
We collect, use, store and transfer different kinds of personal data, which we may have received from you through our website, through written or verbal communication, via email, telephone or in different ways, and which can be sorted into the following categories:
• Data that could be used for identification (first name, surname, maiden name, user name, etc.)
• Contact data (billing address, delivery address, email address and telephone numbers)
• Financial data (for example, bank account or credit card details, etc.)
• Transaction data (including information pertaining to payments made or payments received, and information relating to products you purchased)
• Technical data (for example, internet IP addresses, login data, time zone setting, the type of browser and other technical characteristics)
• Profile data (for example, passwords, purchases or orders)
• Usage data (for example, information about how you use our website, or how you use or order our products and services)
• Advertising and marketing communication (for example, your stated preference related to the way we communicate with you)
Please keep us informed of any changes in your personal data.
We do not collect or use any personal data covered by a special category of article 9 of the DSGVO (like, for example, ethnicity, religious beliefs, sexual orientation, political opinion, information about your health or genetic or biometric data). Neither do we collect or use any information about criminal convictions and offences through our websites.
Contractual Obligation regarding the Provision of Personal Data
In cases in which we are obliged due to legal stipulations to collect your personal data, or in which we entered a contractual agreement with you to collect them, and you do not grant us access to the required personal data, we will be exempt from our contractual obligation regarding the delivery of your ordered goods or services. We will notify you of this at the appropriate time.
Collection, Processing and Use of Personal Data
Personally identifiable data will only be collected if you share them voluntarily either through mail, telephone, email, or in other ways as part of the order process, by creating a customer account, by signing up to our newsletter, by requesting marketing material, or by submitting a review. Additionally we may, where applicable, also receive your personal data from third parties or other publicly available sources, ranging from technical analytics providers from outside the EU (such as, for example, Google etc.) or finance and transaction service providers, for example credit card companies both from inside and outside the EU, data brokers and collectors or other publicly available sources, such as for example the trade register, the electoral register, etc., within the EU.
How we use Personal Data
Without your separate consent, we exclusively use your provided data within the scope of the legal stipulations according to the listed purposes in the table below, so a) to fulfil and process your orders and the enforcement of our claims, b) to fulfil legal, accounting or supervisory regulations, c) to maintain and run our business and d) to evaluate how our customers use our products. After a complete performance of the contract and a completed payment, your data will be disabled for any future use, and after the expiry of the mandatory storage period stipulated by tax and commercial legislation, unless you explicitly consent to the continued use of your data. Upon subscribing to the newsletter, your E-mail address will be used for our own marketing purposes until you unsubscribe. It is possible to unsubscribe at any time.
||Type of data
||Lawful basis for processing including basis of legitimate interest
|To register you as a new customer
|Performance of a contract with you (please see paragraph 10 (Glossary) for a definition of performance of a contract)
|To process and deliver your order including:
(a) Manage payments, fees and charges
(b) Collect and recover money owed to us
(e) Marketing and Communications
|(a) Performance of a contract with you
(b) Necessary for our legitimate interests (to recover debts due to us)
|To manage our relationship with you which will include:
(b) Asking you to leave a review, feedback or take a survey
(d) Marketing and Communications
|(a) Performance of a contract with you
(b) Necessary to comply with a legal obligation
(c) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)
|To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
|(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)
(b) Necessary to comply with a legal obligation (please see paragraph 10 (Glossary) for a definition of comply with a legal or regulatory obligation)
|To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you
(e) Marketing and Communications
|Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)
|To use data analytics to improve our website, products/services, marketing, customer relationships and experiences
|Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)
|To make suggestions and recommendations to you about goods or services that may be of interest to you
|Necessary for our legitimate interests (to develop our products/services and grow our business)
We strive to provide you with the highest degree of flexibility regarding the use of your personal data, especially concerning marketing or advertising.
Advertising Promotions from Us
We will use your personal data to evaluate which products or services you may want to know about, need or which products and services you may be interested in. Based on these findings we can decide which products or service to offer (we call this process ‘marketing’). Provided that you requested information from us, or purchase products or services from us, you will receive marketing communication from us, unless you have explicitly informed us that you do not wish to receive further information.
Third Party Marketing
We will only share your personal data with third parties outside of the Brand Addition Group with your explicit agreement.
Rejection of Marketing Communication
At any time you are free to inform us and third parties that you do not wish to receive further marketing communication. In this case we will retain any of your personal data, collected by supplying services to you, or receiving warranty registrations, product feedback or transactions.
You may alter or revoke your preference regarding the collection and use of your personal date for marketing purpose at any time by sending us a written notice.
We use session cookies as well as permanent cookies on this website.
The types of cookies used on our website, and the purposes they’re serving are listed below.
We use Google Analytics to analyse the use of our website.
Our Analytics service provider generates statistical and other information about website use by means of cookies.
Third Party Cookies
Our website also uses third party cookies.
We publish Google AdSense interest-based advertisements on our website. These are tailored by Google to reflect your interests. To determine your interests, Google will track your behaviour on our website and on other websites across the web using the DoubleClick cookie. This behaviour tracking allows Google to tailor the advertisements you see on other websites to reflect your interests (we do not publish interest-based advertisements on this website). You can view, delete or add interest categories associated with your browser by visiting:
http://www.google.com/settings/ads/. You can also deactivate the AdSense partner network cookie by using those settings, or using the NAI's (Network Advertising Initiative's) multi-cookie opt-out mechanism at: http://www.networkadvertising.org/choices/.
Most browsers allow you to refuse to accept cookies. For example:
• In Internet Explorer (version 10), you can block cookies by using settings to override cookies. This can be done by clicking “Tools”, “Internet Options”, “Privacy” and then “Advanced”.
• In Firefox (version 24) you can block all cookies by selecting “Tools” from the drop-down menu, then clicking on “Options”, “Privacy”, “Use custom settings for history” and then unticking the “Accept cookies from sites” box; and
• In Chrome (version 29) cookies can be blocked by selecting “customise and control” on the menu and then clicking on “Settings”, “Show advanced settings” and “Content settings”, before then clicking on “Block sites from setting any data” under the headline “Cookies”.
Blocking all cookies may have negative impacts upon the user-friendliness of many websites. If you block cookies, you may not be able to use all the features of our website.
You can delete cookies already stored on your computer. For example:
• In Internet Explorer (version 10) you have to manually delete cookie files (instruction for doing so can be found at http://support.microsoft.com/kb/278835).
• In Firefox (version 24) you can delete cookies by clicking "Tools", "Options" and "Privacy", then selecting "Use custom settings for history", clicking "Show Cookies", and then clicking "Remove All Cookies"; and
• In Chrome (version 29) you can delete all cookies by accessing the "Customise and control" menu, and clicking "Settings", "Show advanced settings" and "Clear browsing data", and then selecting "Cookies and other site and plug-in data" before clicking "Clear browsing data".
Blocking all cookies may have negative impacts upon the user-friendliness of many websites.
Change of Purpose of Data Collection
We will only use your personal data for the purposes originally collected, unless we have a justified reason to use it on different grounds which are compatible with the original purpose. If you wish to see an explanation regarding how the process on different grounds is compatible with the original purpose, please do contact us
If we need to use your personal data on different grounds, we will inform you of this and clarify the legal foundation that enables us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the aforementioned rules, where this is legally required or permitted.
Disclosure of your Personal Data
Possibly we may have to share your personal data for the purposes set out in the table in paragraph 4 with the parties set out below.
• Internal third parties, such as our employees or leading staff members and legal entities of the corporate group Brand Addition.
• External third parties, including IT-support specialists and sub-contractors processing website, its processes and every contract we enter into with IT-support specialists, suppliers, sub-contractors or you (including Communicator, Qualtrics), supplier companies relating to your order (such as DHL, Royal Mail, Interlink), Adflex card payment solutions, PayPal, PowerWeave, IDynamics, PoxLogix, Ariba, Coupa, Tradeshift, Hubwoo, Adaptris, Communicator).
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not permit our third-party service providers to use your personal data for their own purposes, and we only permit them to process your personal data for particular purposes that are in accordance with our instructions.
International Transfer of Data
We share your personal data with other corporations of the Brand Addition Group in the countries we operate in. This involves transferring your data outside the European Economic Area (EEA), according to the privacy policies of Brand Addition.
Many of the countries in which we transfer personal data are based outside the EEA, and do not provide an adequate and equivalent level of protection for personal data, as deemed by the European Commission. However, where we use certain third parties, we are able to use specific contracts approved by the European Commission which protect personal data in Europe. You can find further information relating to this at the European Commission: Standard contractual clauses for the transfer of personal data to processors established in third countries. Please contact us if you require further information regarding mechanism we employ when transferring of your personal data outside of the EEA.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered or disclosed. Additionally, we also limit access to your personal data to those employees, representatives, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
We have put procedures in place to deal with any suspected breach of personal data, and we will notify you and any applicable regulatory authority when we are legally required to do so.
Transfer of Personal Data
Your data is shared with the shipping company charged with the delivery, insofar as this is necessary for the delivery of the goods. To process payments we transfer your payment data on to the credit institute charged with the transactional process. Moreover a transfer is made to the other enterprises of the Brand Addition Group.
We have put in place appropriate, and up-to-date security measures to secure your personal data, and we will only grant access to your personal data to people and third parties who have a business need to know.
We will only store and retain your personal data for as long as is necessary to fulfil the purposes we originally collected it for. This includes the fulfilment of any legal, accounting or reporting requirements.
To determine the appropriate retention time frame for personal data, we consider the amount, type and sensitivity of the personal data, as well as the potential risk of harm that could result from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data, and if these purposes can be fulfilled through any other means whilst adhering to the applicable legal requirements.
If you signed up to receive messages from us as part of a mailing-list, we will retain your personal data for up to 7 years. Once this period has lapsed, we will contact you and attempt to obtain your consent to continue storing your data.
You may be able to exercise the following rights according to the DSGVO and relevant data protection clauses:
Marketing: Before collecting your personal data, we will inform you whether your personal data will be used for marketing purposes, and we will only do so if you did not previously exercise your right to object to this use.
Corrections: If you inform us that any personal data that we hold about you is incomplete or incorrect, then we will strive to correct or complete the data as soon as possible.
Deletion: You can exercise the right to withdraw your consent to the collection and storage of your personal data, object to processing of your personal data, demand restrictions regarding the processing of personal data, or respectively demand that your personal data is deleted. Should you inform us of your withdrawal of consent, or demand the erasure of your personal data, we will erase the respective personal data without undue delay, insofar as this is legally permissible and technically feasible.
Object to processing: You can exercise the right to object to our processing of your personal information where we are relying on a legitimate interest (or those of a third party) and you are in a particular situation which may cause you to want to object to processing on this ground, as the processing of your information may affect your fundamental rights and freedom. You also have the right to object where we are processing your personal information for direct marketing purposes. In some cases we can demonstrate that there are overriding and justified grounds to process your information, which then overrule your rights and your freedom.
Processing restrictions: You have the right to ask us to suspend the processing of your personal data, yet still retain and store the data, in the following cases: the saved personal data we hold from you is incorrect, the processing of the data is unlawful, or we do not require it anymore. As soon as the processing is restricted, we will only process your personal data if you consent to it, or if we have overriding lawful basis to proceed processing it.
Free of charge access: You have the right to access the personal data we hold about you free of charge, and you can demand a copy of the collected data. A charge for this request can only be levied if the request entails disproportionate efforts or disproportionate costs
You have the right to receive a copy of your previously submitted personal data. This copy will be supplied in a commonly used and standard machine readable format. You are also able to ask us to directly transmit such personal data to another controller/data processor, where this is technically possible.
If you wish to exercise any of the aforementioned rights, please do contact us.
We will not charge any fees if you wish to access your personal data (or exercise any of your other rights). However, we retain the right to charge a reasonable fee if your request for access is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
Withdrawal of Consent
You may withdraw your consent to allow us process your personal data at any time, provided that we are relying on your consent to process your personal data. This will, however, not affect the lawfulness of any processing carried out before you withdrew your consent. If you withdraw your consent, we may potentially not be able to provide certain products or services to you. We will inform you if this is the case.
What we need from you
We may possibly require specific information from you that will help us confirm your identity and secure your right to access your personal data (or to exercise your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to request further information in order to speed up our response.
We aim to reply to all legitimate requests within one month. It may take longer than one month if your request is especially complex, or if you submitted several requests. In this case we will inform you and keep you up to date.
Legitimate Interests means the interest of our business in maintaining and facilitation our business, to enable us to offer the best service, the best product and the best experience. We ensure that we consider and evaluate possible impacts (positive as well as negative) in regards to you and your rights before processing your personal data for our legitimate interests. We do not use your personal data for activities where our legitimate interests are overridden due to the impact on you (unless we have your consent, or we are otherwise required to do so by law). Further information regarding how we assess our legitimate interests against possible impacts concerning certain activities can be obtained by contacting us.
Performance of a contract means to process your data insofar as is necessary to perform the contract, or to take steps according to your wishes before you enter such a contract.
A legal or regulatory requirement means processing your data insofar as is required to comply with our obligatory legal or regulatory responsibilities.
Information about joint responsibility under Art. 26 paragraph 2 line 2 of the General Data Protection Regulation (GDPR)
What is the reason for having joint responsibility?
Brand Addition GmbH and MANN+HUMMEL GmbH work closely together on this online shop. This also affects the processing of your personal data. The parties have jointly defined the order of processing of this data in the individual process stages, Consequently, in the process stages described below, they are jointly responsible for protecting your personal data (Art. 26 GDPR).
Which process stages are both parties jointly responsible for?
As soon as you register on this website to receive MANN-FILTER marketing products, both Brand Addition GmbH and MANN+HUMMEL GmbH will have access to the data you enter.
Brand Addition GmbH requires your data in order to process the purchase contract that it has entered into with you.
MANN+HUMMEL GmbH requires this data in order to adapt its product portfolio to best meet customer needs.
What have the parties agreed?
In the context of their joint data protection responsibilities, Brand Addition GmbH and MANN+HUMMEL GmbH have agreed upon which party will fulfil specific obligations under the GDPR. This applies in particular to protecting the rights of the individuals in question and complying with the obligation to provide information in accordance with Articles 13 and 14 of the GDPR.
This agreement is necessary because when customers register, their personal data is processed in systems to which both Brand Addition GmbH and MANN+HUMMEL GmbH have access.
What does this mean for the individuals in question?
Notwithstanding their joint responsibility, the parties will comply with their data protection obligations in accordance with their own responsibility for individual stages of the process, as follows:
• In the context of joint responsibility, Brand Addition GmbH and MANN+HUMMEL GmbH are jointly responsible for processing personal data that is entered during the registration process.
• Brand Addition GmbH is responsible for all further processing of personal data.
• Brand Addition GmbH and MANN+HUMMEL GmbH will provide the individual in question with the information required under Articles 13 and 14 of the GDPR in a precise, transparent, comprehensible and easily accessible manner, using clear and simple language, and free of charge. For this purpose, each party will provide the other with all the information that is required from their area of activity.
• The parties will inform one another promptly of any legal positions adopted by individuals. They will provide one another with all the information that is required in order to answer a request for information.
• Data protection rights can be asserted in relation to either Brand Addition GmbH or MANN+HUMMEL GmbH.