With regard to certain cookies, the aforementioned companies jointly determine the purposes and means of processing personal data. This applies in particular to cookies that are used on the Porsche Websites. For these scenarios, we specify in an agreement on joint control pursuant to Article 26 GDPR how the respective tasks and responsibilities for processing are structured and who fulfills which data protection obligations. In particular, we determine how an appropriate level of security and your data subject rights can be ensured, how data protection information obligations can be jointly fulfilled and how potential data protection incidents can be monitored. This also includes ensuring that reporting and notification obligations can be met. Insofar as you contact us, we will coordinate in the sense of the addressed agreement according to Article 26 GDPR in order to answer your inquiry and to ensure your data subject rights. In the detailed views in the "Your Cookie Settings" area, you will find the information on which cookies are used under whose (possibly joint) control.
In addition, in connection with data processing through cookies on the Porsche Marketplace platform (offered by Porsche Sales and Marketplace GmbH, including the Porsche Finder and the Porsche Shop), joint control may exist with other participants of this platform such as Porsche companies and Porsche Centres or service companies. We will then also proceed as described above and make appropriate arrangements for the organization of joint control.
The third-party providers that technically implement processing through cookies are indicated as "Data Recipients" in the detailed views in the "Your Cookie Settings" area, so that you can inform yourself about the background. Insofar as third-party providers are processors or, in individual cases, in joint control with us for processing, we make corresponding arrangements with the third-party providers or organize the data processing accordingly. Please note that third-party providers may merge the generated data with other data and also use it for their own purposes.
The WebStorage technology enables the local storage of variables and values in the user's browser cache. The technology includes so-called 'sessionStorage' which remains stored until the browser tab is closed as well as 'localStorage' which remains stored in the browser cache until the cache is emptied by the user. The localStorage technology enables, among other things, recognition of the user and user settings when the user comes back to our website.
Cookies/similar technologies can only be accessed from the Internet address where the cookie was set. This means that we cannot access the cookies set by the service providers involved. They cannot access our cookies either. Third parties cannot access our cookies or those of the involved service providers. Third parties may only gain access by technical attacks which we cannot control and for which we are not responsible.
Pixel tags are small graphic files which are loaded from the severs of the respective service provider when a user accesses our website. This also includes loading of the program code which enables the collection of data (e.g. regarding your user behavior while visiting our website).
For general information on the cookies used, please refer to the sections and detailed views below ('Your Cookie Settings').
As far as cookies for analysis as well as for (potentially personalized) marketing are concerned, which are only used on the basis of consent, the corresponding declaration of consent pursuant to Article 49 (1) (a) GDPR also includes the fact that the data may be processed in third countries outside the EU, which do not have a level of data protection that complies with the GDPR. For more information on the location of processing for the cookies used, please refer to the sections and detailed views below ("Your Cookie Settings"). Please note in connection with giving consent that due to the different legal situation in the third countries, there may be latent risks that transferred data may not be processed in accordance with the GDPR (e.g., by the third party providers merging the data with other data and using it for their own purposes, and you may not be able to exercise data subject rights such as rights to access and deletion against it as would be possible under the GDPR). In particular, local authorities in the respective third country could gain access to the data without providing you with effective legal protection or enforceable rights as in the UK/EU.