Privacy Statement.

Controller within the meaning of the EU General Data Protection Regulation (GDPR):

Mercedes-Benz AG
Mercedesstraße 120
70372 Stuttgart
Deutschland

E-Mail: dialog@mercedes-benz.com

Data Protection Officer:

Mercedes-Benz Group AG
Konzernbeauftragter für den Datenschutz
HPC W079
70546 Stuttgart
Germany

E-Mail: data.protection@mercedes-benz.com

 

1. Data protection and joint controllership

a. We appreciate your visit to our website and your interest in our services. Protecting your personal data is very important to us.

In this Privacy Statement, we explain how we collect and process your personal data, for which purposes and on which legal basis this takes place, and what rights you are entitled to.

In addition, we refer you to the Mercedes-Benz Data Protection Policy:

Mercedes‑Benz Data Protection Policy

b. This Privacy Statement and the Mercedes-Benz Data Protection Policy do not apply to your activities on the websites of other providers that you may access via links on our website.

Please refer to the privacy policies of those providers for information on how they process your personal data.

c. In the context of the analysis and marketing activities described below, we use the following technologies:

  • Google Analytics

Personal data is processed for these purposes only if and to the extent that you have given your consent via our Consent Management System (see section 5.c.).


2. Collection and processing of your personal data

a. Whenever you visit our website, we store certain information about the browser and operating system you are using, the date and time of your visit, the access status (e.g. whether you were able to access a webpage or received an error message), the use of website features, any search terms you may have entered, the frequency with which you access individual webpages, the names of files accessed, the amount of data transferred, the website from which you accessed our website, and the website you visit from our website, whether by clicking links or entering a domain directly into the input field of your browser.

In addition, for security purposes, in particular to prevent and detect attacks on our website or fraudulent activities, we store your IP address and the name of your internet service provider for a period of seven days.

b. We only process other personal data if you provide such data to us, for example as part of a registration, a contact form, a chat, a survey, a competition, or for the performance of a contract.

In such cases, processing takes place only on the basis of your consent or in accordance with applicable legal provisions (see section 7).

c. You are neither legally nor contractually obliged to provide your personal data. However, certain features of our website may depend on the provision of personal data.

If you choose not to provide personal data in such cases, this may result in functionalities not being available or only available to a limited extent.

 

3. Purposes of use

a. We use the personal data collected during your visit to our website to operate it in the most convenient manner possible and to protect our IT systems against attacks and other unlawful activities.

b. If you provide us with additional personal data, for example as part of a registration, contact form, chat, survey, competition, or for the performance of a contract, we use this data for the specified purposes, for customer management, and – where necessary – for the processing and settlement of business transactions, in each case to the extent required.

c. For other purposes (e.g. the display of personalized content or advertising based on your usage behavior), we and, where applicable, selected third parties process your data only if and to the extent that you have given your consent via our Consent Management System.

Further information and options can be found under “Privacy Settings” in the footer of the website.

d. We also process personal data where we are legally obliged to do so (e.g. storage to comply with statutory retention obligations or disclosure based on official or judicial orders).

e. In addition, we process personal data where this is necessary to safeguard our legitimate interests.

Such legitimate interests include ensuring the functionality of our IT systems, improving our website based on usage behavior, and internal administrative or accounting purposes.

 

4. Transfer of personal data to third parties; social plug-ins; use of service providers

a. Our website may contain offers from third parties. If you click on such an offer, we transfer data to the respective provider to the extent necessary (e.g. information that you accessed the offer via our website and, if applicable, further information that you have already provided on our website for this purpose).  

b. Our website may include embedded content or features from social media platforms (e.g. Instagram).

When such content is displayed, a connection to the servers of the respective provider is established. In this context, personal data (e.g. IP address, browser information) may be transmitted to the provider.

If you are logged into your user account with the respective provider, your visit to our website may be associated with your user account.

The processing of personal data by these providers is carried out under their own responsibility and is governed exclusively by their respective data protection policies.

c. If you click on a link to a third-party offer or activate a social plug-in, personal data may be transferred to recipients in countries outside the European Economic Area (EEA) that, from the perspective of the European Union (EU), may not ensure an adequate level of data protection.

Please take this into account before clicking on such links or activating plug-ins.

d. We also use qualified service providers (e.g. IT service providers, marketing agencies) to operate, optimize and secure our website.

We only transfer personal data to such service providers where this is necessary for the provision and use of the website and its functionalities, to safeguard legitimate interests, to comply with legal obligations, or where you have given your consent (see section 7).

Further information on recipients of personal data can be found in our Consent Management System under “Privacy Settings” in the footer of the website.

 

5. Cookies

a. Cookies may be used when you visit our website. Technically, these are so-called HTML cookies as well as similar technologies such as Web/DOM Storage or Local Shared Objects (so-called “Flash cookies”), which we collectively refer to as cookies.

b. Cookies are small files that are stored on your device (desktop, laptop or mobile device) during your visit to a website.

They allow, for example, recognition of whether there has already been a connection between your device and the website, consideration of your preferred language or other settings, provision of certain functionalities, or analysis of your usage behavior.

Cookies may also contain personal data.

c. Whether and which cookies are used depends on the areas and functions of our website that you use and on whether you have given your consent to the use of cookies that are not technically necessary in our Consent Management System.

Further information and options can be found under “Privacy Settings” in the footer of the website.

d. The use of cookies also depends on the settings of your web browser (e.g. Microsoft Edge, Google Chrome, Apple Safari, Mozilla Firefox).

Most browsers are set to accept certain types of cookies automatically; however, you can usually change these settings.

You can delete stored cookies at any time. Web/DOM storage and Local Shared Objects can also be deleted separately. Instructions can be found in the documentation of your browser or device manufacturer.

e. Consent to the use of cookies, as well as their rejection or deletion, is tied to the specific device and browser used.

If you use multiple devices or browsers, you can configure your preferences individually.

f. If you decide against the use of cookies or delete them, some functionalities of our website may not be available or may only be available to a limited extent.

 

6. Security

We implement technical and organizational security measures to protect the data we manage against manipulation, loss, destruction, and unauthorized access.

Our security measures are continuously improved in line with technological developments.

 

7. Legal basis for processing

a. If you have given your consent to the processing of your personal data, this consent constitutes the legal basis for processing (Art. 6(1)(a) GDPR).

b. Processing of personal data for the purpose of initiating or performing a contract with you is based on Art. 6(1)(b) GDPR.

c. If processing is necessary to comply with legal obligations (e.g. retention requirements), it is based on Art. 6(1)(c) GDPR.

d. We also process personal data for the purposes of legitimate interests pursued by us or by third parties (Art. 6(1)(f) GDPR).

Such legitimate interests include ensuring the functionality of our IT systems, improving our website based on usage behavior, and internal administrative or accounting purposes.

When required, we carefully balance our interests against your interests and fundamental rights.

e. The storage and access to information on your device (e.g. cookies) is based on § 25 TDDDG (Germany) or, where applicable, other national implementations of the ePrivacy Directive.

 

8. Deletion of your personal data

Your IP address and the name of your internet service provider, which we store for security purposes, are deleted after seven days.

In all other cases, we delete your personal data as soon as the purpose for which it was collected and processed no longer applies.

Beyond this point, data is only stored where this is required by applicable legal provisions to which we are subject, including retention obligations under EU or national law.

If deletion is not possible in individual cases, the relevant personal data will be restricted in its processing.

 

9. Rights of the data subject

a. As a data subject, you have the right to access (Art. 15 GDPR), rectification (Art. 16 GDPR), erasure (Art. 17 GDPR), restriction of processing (Art. 18 GDPR), and data portability (Art. 20 GDPR).

b. If you have given your consent to the processing of your personal data, you have the right to withdraw this consent at any time.

Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. It also does not affect processing based on another legal basis (see section 7).

c. Right to object
You have the right, on grounds relating to your particular situation, to object at any time to the processing of personal data concerning you that is based on Art. 6(1)(e) or (f) GDPR.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or if the processing serves the establishment, exercise, or defense of legal claims.

Where personal data is processed for direct marketing purposes based on legitimate interests, you also have the right to object at any time without giving reasons.

d. If possible, please address your requests or declarations to the following contact address: dialog@mercedes-benz.com

e. If you believe that the processing of your personal data violates legal requirements, you have the right to lodge a complaint with a competent data protection supervisory authority (Art. 77 GDPR).

 

10. Central registration service of Mercedes-Benz Group AG

The Central Registration Service of Mercedes-Benz Group AG allows you to sign in to websites and applications of the Mercedes-Benz Group and its brands that are connected to this service.

The applicable terms of use contain specific data protection provisions and can be accessed on the respective login pages.

 

11. Data transfer to recipients outside the European Economic Area

a. When using service providers (see section 4.d) or where you have given your consent (see section 3.c), personal data may be transferred to recipients located in countries outside the European Economic Area (EEA) and processed there.

b. In some countries, the European Commission has determined that an adequate level of data protection exists (so-called adequacy decisions).

For recipients in other countries, we ensure an appropriate level of data protection through suitable safeguards, such as EU Standard Contractual Clauses or other legally recognized mechanisms.

Further information can be obtained via the contact details provided in section 9.d.

c. Where you provide your consent via our Consent Management System, this consent also applies to the transfer of personal data to recipients in countries outside the European Economic Area (EEA) that do not provide an adequate level of data protection within the meaning of EU law.

Information on the transferred data, recipients or categories of recipients, and the relevant countries can be found in our Consent Management System, accessible via “Privacy Settings” in the footer of the website.

In these countries, there may be no data protection framework comparable to that of the EEA, including, for example, limited data subject rights (see section 9), the absence of independent supervisory authorities, and/or a lack of effective legal remedies against data processing.

In particular, public authorities (e.g. government agencies) may have broader access to personal data and may process such data for purposes other than those recognized within the EEA.

These risks may not be fully mitigated by contractual or technical safeguards.

Last update: April 2026