Privacy Policy - Hyundai Motorsport Official Website

Privacy Policy


Privacy Policy

Privacy Policy

1. Controller and PDO

This is the Privacy Policy for this website which is run and provided by

Hyundai Motorsport GmbH,
Carl-Zeiss-Straße 4,
63755 Alzenau, Germany

E-Mail: info@hyundai-ms.com
Contact details of the data protection officer:
dataprotection@hyundai-europe.com

2. Purpose and legal basis processing

Insofar as we obtain your consent to the processing of personal data, Art. 6 para. 1 lit. a GDPR applies as the legal basis for the processing of your personal data.
When processing your personal data for the performance of a contract between you and Hyundai Motorsport GmbH, Art. 6 para. 1 lit. b GDPR applies as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
Insofar as the processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR applies as the legal basis.

If the processing is necessary to safeguard a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not override this interest, Art. 6 para. 1 lit. f GDPR applies as the legal basis for the processing.

1. Informational use of website

When you visit our website for informational reasons, i.e. without registering for any of our provided services and without providing us with personal data in any other form, we only automatically collect the personal data that your browser transmits to our server:

• your IP address
• Browser type, browser version, Language
• Operating system used
• Referrer URL
• Host name of t he accessing computer/device
• Time of t he server request

The personal data automatically collected is necessary to provide the website, and to ensure system stability and efficiency and to implement proper safeguards as to the security of our website and services. The legal basis for this is our legitimate interest (Art. 6 para. 1 lit. f GDPR).
The storage period for this data (logs) is 30 days.
The collection of data for the provision of the website and the storage of data in log files is mandatory for the operation of the website. It is therefore not possible for the user to object to this.

3. What are cookies?

Cookies are text files which are stored on your computer by a website that you visit and enable your browser to be identified again. Cookies transmit information to the site that sets the cookie. Cookies can store various information, such as your language setting, the duration of your visit to our website or the entries you make there. This prevents you from having to re-enter required form data each time you use the website, for example. The information stored in cookies can also be used to recognize preferences and target content according to areas of interest.
After you have finished your session and closed your browser many of the text files are deleted (“session cookies”). So-called “persistent cookies” are also stored and these allow us to recognize you during your next visit on our website. You can prevent cookies being saved on your computer by changing your browser settings. This may result in some functions used by our website being restricted.

Types of Cookies

Depending on the company managing them:

First-party- cookies – Are are set by the website you are currently visiting. Only this website may read information from these cookies.

Third party cookies – Are those which are sent to the user’s system from a system or domain that is not managed by the editor but by another company processing the data obtained through the cookies. These cookies are used by marketing companies, for example.

Depending on their purpose:

Technically necessary cookies:

Ensure that a website works and that a user sees it the same way the next time they visit it as the first time. They are required solely for the functions and operation of a website and are set automatically. 

• Analysis cookies: Are those which enable the manager to monitor and analyse the behaviour of the users of the websites to which they are linked, to improve the website. The information collected by means of this type of cookie is used to measure the activity of the websites, applications or platforms and to draw up browsing profiles of the users of such websites, applications and platforms in order to introduce upgrades on the basis of the analysis of the data on the use of the service by users.

• Marketing cookies: These cookies store behavioural information about users obtained through the ongoing observance of their browsing habits, which allows a specific profile to be defined in order to show advertising on the basis of their interests and behaviour.

By law, we can store cookies on your device if they are absolutely necessary for the operation of this website. We require your consent for all other cookie types. The legal basis for the use of absolutely necessary cookies is our legitimate interest in the proper functioning of our website pursuant to Art. 6 para. 1 lit. f) GDPR, § 25 para. 2 lit. 2) TDDDG. For all other cookies, the legal basis is your consent in accordance with Art. 6 para. 1 lit. f GDPR. 1 lit. a GDPR, § 25 para. 1 TDDDG.

This website uses the following types of cookies, the scope and function of which are explained below:

Cookie NameDomainTypeDurationFirst/Third Party
Necessarymotorsport.hyundai.comNecessary1 yearFirst
Non-Necessarymotorsport.hyundai.comNecessary1 YearFirst
View-Cookie Policymotorsport.hyundai.comNecessary1 YearFirst
GPS.youtube.com (USA)End of SessionThird
PREF.youtube.com (USA)8 MonthsThird
CookieLawInfoConsentmotorsport.hyundai.comNecessary1 YearFirst

You can delete cookies already stored on your device at any time. If you want to prevent the storage of cookies, you can do this via the settings in your Internet browser. Please note that individual functions of our website may not work if you have deactivated the use of cookies.

4. Career

You can apply to our company via our application portal at https://motorsporthyundai.career.softgarden.de/
Please note the data protection information in the application process on our application portal at: https://motorsporthyundai.softgarden.io/en/data-security?0

5. Social Share-Buttons

This website uses social share buttons (plug-ins) from Facebook, (Meta Platforms, Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA, hereinafter referred to as“Facebook”), as well as X, (X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA., hereinafter referred to as „Twitter“) which connect this website to the social network of Facebook and X (Twitter). The plug-ins are integrated using the Shariff button. If you access a page of this website that contains such a button, your browser does not establish a direct connection to the Facebook or Twitter server. Only with a click on the button such a connection is established. Through this integration, Facebook and/or Twitter receives the information that your browser has accessed the corresponding page of our website, even if you do not have an social media profile or are not currently logged in to Facebook or Twitter. This information (including your IP address) is transmitted directly from your browser to an Facebook or Twitter server in the USA and stored there. The content you want to share loads – if you are already logged in to Facebook or Twitter – in a popup window, in which you can still edit the text of the post. The plugins are only activated by clicking on the respective symbol and you thereby give your consent for your data to be transferred to the respective provider. The legal basis for the use of the plugins is your consent pursuant to Art. 6 para. 1 lit. a) GDPR.

The purpose and scope of the data collection and the further processing and use of the data by Facebook and Twitter as well as your rights and setting options for the protection of your privacy can be found in Facebook’s data policy under https://www.facebook.com/policy.php or X’s (Twitter’s) data policy under https://twitter.com/de/privacy. If you do not want Facebook or Twitter to collect your data through this website, you may not use the button provided.

Insofar as data is processed outside the EU/EEA, Meta (Facebook) and Twitter (X) have certified themselves in accordance with the Data Privacy Framework (DPF) program and are listed in the Data Privacy Framework list of the International Trade Administration (ITA). This means that Meta and X have publicly committed to complying with the DPF obligations and that a data transfer to the USA is harmless based on the current adequacy decision of the European Commission of July 10, 2023.

6. Our Social Media Company Pages

Social media has become an integral part of the internet and modern communication. In order to stay in contact with our customers and interested parties, we operate our own social media profile pages on selected social networks such as Facebook, Instagram, LinkedIn, X (Twitter) and TikTok. For this purpose, we regularly publish contributions, stories or posts from our company with which you can interact publicly according to the respective functions of the social media platform. We only process the personal data that has obviously become part of our social media page through your participation.

The moment you access our respective social media page, your browser establishes a connection with the servers of the respective operators. In any case, regardless of whether you are registered with the respective social network or not, your IP address will be transmitted and cookies may be set. If you are a member of one of the aforementioned social networks and are logged into your user account, the provider can also assign your visit to our social media page to your user account.

If you wish to prevent the respective provider from linking the data about your visit with your stored membership data, you should log out of the respective account before visiting our social media pages and delete the cookies stored on your device. However, even after these steps have been taken, the providers may still recognize you by so-called unique identifiers, such as device IDs and other identifiers.

In addition to the publicly visible functions, all of the social networks mentioned offer the option of viewing anonymous statistics on the interaction of visitors with our company profiles. These insights functions provide us with anonymized data on visitors and their interactions with our social media pages in the form of statistics, which the providers collect using cookies and other technologies, among other things. It is not possible for us to draw any conclusions about you personally, even if you are logged in with your respective user account when you visit our social media site.

The statistics of the so-called Insights show us in particular the development trends of our followers and visitors, their summarized demographic data (average age, gender, approximate place of residence: country and city), as well as the reach of our posts (interactions, reactions, comments) in order to derive which content is more interesting to our customers and interested parties than others.

You can find more information about the so-called Insights here:

Facebook-Insights
Instagram-Insights
LinkedIn-Insights
TikTok Insights
X Insights

The legal basis for the use of our social media pages and the Insights function is our legitimate interest, Art. 6 para. 1 lit. f) GDPR. We consider our legitimate interest in data processing to be the presentation of our company and our products and services for your information and, in particular, the provision of up-to-date communication options for and with you. The Insights function enables us to better understand the needs and interests of our audience and to improve our presence on social networks. If you have given your consent to data processing when visiting the social media page (e.g. by using the respective cookie banner), the respective processing is based on your consent (Art. 6 para. 1 lit. a) GDPR), which you can withdraw at any time for the future

As the operators Meta (Facebook and Instagram), X (Twitter) and LinkedIn are headquartered in the USA, data processing outside the European Union cannot be ruled out. Those providers have been certified under the Data Privacy Framework (DPF) program and are listed in the Data Privacy Framework list of the International Trade Administration (ITA). This means that the providers have publicly undertaken to comply with a level of data protection equivalent to that in the EU. In this respect, a data transfer to certified US companies is generally unobjectionable due to the current adequacy decision of the European Commission of July 10, 2023.

TikTok is headquartered in China. If data is transferred to countries outside the European Economic Area where there is no level of data protection that meets the European standard, TikTok states that it uses standard contractual clauses in accordance with Art. 46 para. 2 lit. c GDPR.

We are jointly controller with the operators of the respective social network for the data processing operations in connection with your visit to our social media pages:

Facebook and Instagram:
Meta Platforms Ireland Limited,
Serpentine Avenue, Block J,
Dublin 4 Ireland
Due to the joint responsibility, we inform you below about the essentials of the joint responsibility agreement between us and Meta with regard to Art. 26 GDPR:
https://www.facebook.com/legal/terms/page_controller_addendum

LinkedIn:
LinkedIn Ireland Unlimited Company,
Wilton Place,
Dublin 2, Ireland
Due to the joint controller, we inform you below about the essentials of the joint controller agreement between us and LinkedIn with regard to Art. 26 GDPR:
https://legal.linkedin.com/pages-joint-controller-addendum

(Twitter) X:
X Corp.,
1355 Market Street,
Suite 900, San Francisco,
CA 94103, USA
Due to the joint responsibility, we inform you below about the essentials of the joint responsibility agreement between us and Meta with regard to Art. 26 GDPR:
https://gdpr.x.com/en/controller-to-controller-transfers.html

Your rights:
You can exercise your rights both against us and against the respective operators of the social networks.
Please note that the operators of the social networks also process your data for their own purposes, over which we have no control. For more information, please refer to the operators’ privacy policies:
Facebook and Instagram
LinkedIn
Twitter
TikTok

7. Google Analytics 4

If you have given your consent, Google Analytics 4, a web analysis service of Google LLC, is used on this website. The controller for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

Google Analytics uses cookies to help the website analyze how users use the site. The information collected by the cookies about your use of this website is usually transferred to a Google server in the USA and stored there.

In Google Analytics 4, the anonymization of IP addresses is activated by default. Due to IP anonymization, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. According to Google, the IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. During your visit to the website, your user behavior is recorded in the form of “events”.

Events can be

• Page views

• First visit to the website
• Start of the session
• Websites visited
• Your “click path”, interaction with the website
• Scrolls (whenever a user scrolls to the end of the page (90%))
• Clicks on external links
• Internal search queries
• Interaction with videos
• File downloads
• Viewed / clicked ads
• Language setting

• Also recorded:

• Your approximate location (region)
• Date and time of your visit
• Your IP address (in abbreviated form)
• Technical information about your browser and the end devices you use (e.g. language setting, screen resolution)
• Your internet provider
• The referrer URL (via which website/advertising medium you came to this website)

On behalf of the operator of this website, Google will use this information to evaluate your pseudonymous use of the website and to compile reports on website activity. The reports provided by Google Analytics are used to analyze the performance of our website.

Recipients of the data are/may be

• Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (as processor pursuant to Art. 28 GDPR)
• Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA
• Alphabet Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA

For the USA, the European Commission adopted its adequacy decision on July 10, 2023. Google LLC is certified under the EU-US Privacy Framework. Since Google servers are distributed worldwide and a transfer to third countries cannot be completely ruled out, we have also concluded the EU standard contractual clauses with the provider.

The data sent by us and linked to cookies is automatically deleted after The maximum lifespan of Google Analytics cookies is 2 years. Data whose retention period has been reached is automatically deleted once a month.

The legal basis for this data processing is your consent in accordance with Art. 6 para. 1 lit. a) GDPR and § 25 para. 1 TDDDG.

You can withdraw your consent at any time with effect for the future by accessing the cookie settings [CLICK HERE TO SET THE CONSENT TOOL SETTINGS] and changing your selection there. The lawfulness of the processing carried out on the basis of the consent until withdrawal remains unaffected. 

You can also prevent the storage of cookies from the outset by setting your browser software accordingly. However, if you configure your browser to reject all cookies, this may limit the functionality of this and other websites. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by
a.) not giving your consent to the setting of the cookie or
b.) downloading and installing the browser add-on to deactivate Google Analytics HERE.

You can find more information on the terms of use of Google Analytics and on data protection at Google at https://marketingplatform.google.com/about/analytics/terms/de/ and at https://policies.google.com/?hl=de

8. YouTube Videos

On our websites you can watch videos that are integrated through plug-ins from YouTube (YouTube, LLC, 901 Cherry Ave, 94066 San Bruno, CA, USA, a subsidiary of Google Inc, Amphitheatre Parkway, Mountain View, CA 94043, USA,). As soon as you visit a website, on which such a YouTube Plug-in is integrated, a connection to the servers of YouTube is established. Personal data is transmitted to YouTube, e.g. your IP address or which page of our online offer you are currently visiting.

If you are logged in to YouTube at the same time as your YouTube account when you visit one of our websites, YouTube may associate your surfing behavior with your YouTube user profile. You can prevent such data processing by logging out of your YouTube account before visiting our websites.

Only when you play the videos, the above described connection to the servers of the provider is established. According to YouTube, this mode only sets cookies as soon as the video is played.

As this is the service of a third party, we have no influence on the processing of such data by YouTube. The purpose and scope of data collection and the further processing and use of the data by YouTube or Google as well as your rights and setting options for the protection of your privacy can be found in the relevant information on data protection at https://www.google.de/intl/de/policies/privacy/

Legal basis for this data processing is you consent, Art. 6 para. 1 lit. a) GDPR, § 25 para. 1 TDDDG. The connection to the YouTube servers is only established when a YouTube video is actively clicked on and you thereby give your consent for your data to be transferred to the provider.

For the USA, the European Commission adopted its adequacy decision on July 10, 2023. Google LLC is certified under the EU-US Privacy Framework. Since YouTube (Google) servers are distributed worldwide and a transfer to third countries cannot be completely ruled out, we have also concluded the EU standard contractual clauses with the provider.

9. No requirement to provide personal data

The provision of your personal data will generally be voluntarily and there is no statutory nor contractual obligation to provide your personal data. We generally do not contractually require provision of your personal data; but note that in any event non-provision of personal data might exclude you from using some of our services or parts thereof.

10. Security

We have reasonable state of the art security measures in place to protect against the loss, misuse and alteration of personal data under our control. For example, our security and privacy policies are periodically reviewed and enhanced as necessary and only authorized personnel have access to personal data. Whilst we cannot ensure or guarantee that loss, misuse or alteration of information will never occur, we use all reasonable efforts to prevent it.

11. Data retention

We strive to keep our processing activities with respect to your personal data as limited as possible. In the absence of specific retention periods set out in this policy, your personal data will be retained only for as long as we need it to fulfil the purpose for which we have collected it and, if applicable, as long as required by statutory retention requirements.

12. Cross border data transfers

Within the scope of our information sharing activities set out above, your personal data may be transferred to other countries (including countries outside the EEA) which may have different data protection standards than your country of residence. Our servers are located in the European Union. We have proper guarantees with the involved third parties in place (e.g. other Hyundai group companies operating the websites on our behalf) to ensure an adequate level of protection for personal data. Please note that data processed in a foreign country may be subject to foreign laws and accessible to foreign governments, courts, law enforcement, and regulatory agencies. However, we will endeavor to take reasonable measures to keep up an adequate level of data protection also when sharing your personal data with such countries.
In the case of a transfer outside of the EEA, this transfer is safeguarded by EU Standard Contractual Clauses or an adequacy decision by the European Commission.

13. Your rights
You have the following rights vis-à-vis us with regard to your personal data:

13.1 General rights
You have the right to request from the controller access to personal data, to rectification, erasure, restriction of processing, objection to processing and data portability. If processing is based on your consent, you have the right to withdraw this consent with effect for the future.

13.2 Rights in data processing based on legitimate interest
In accordance with Art. 21 para. 1 GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Art. 6 para. 1 e GDPR (data processing in the public interest) or on Art. 6 para. 1 f GDPR (data processing to protect a legitimate interest); this also applies to profiling based on this provision. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims.

13.3 Rights in the case of direct marketing
If we process your personal data for direct marketing purposes, you have the right under Art. 21 (2) GDPR to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.
If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes

13.4 Right to lodge a complaint with a supervisory authority
You also have the right to complain to a competent data protection supervisory authority about the processing of your personal data by us.

14. Contacting us

Please submit any questions, concerns or comments you have about this Policy or any requests concerning your personal data by email to dataprotection@hyundai-europe.com.

Our further contact details are disclosed in the imprint and at the top of this Privacy Policy.

You can also contact us via our contact form on this website. When you contact us by e-mail or via a contact form, the data you provide (your e-mail address and your name) will be stored by us in order to answer your questions.

The information you provide when contacting us will be processed to handle your request (Art. 6 para. 1 lit. f) GDPR) and will be erased when your request was completed. Alternatively, we will restrict the processing of the respective information in accordance with statutory retention requirements, if applicable.