Full Privacy Statement
Mercedes-Benz Australia/Pacific Pty Ltd (ACN 004 411 410) (“we”, ”us” or “our”), respects your personal information and privacy and are committed to keeping your personal information safe.
- the kinds of information we collect and hold about you;
- how you can deal with us anonymously;
- the kinds of sensitive information we collect;
- how we collect your personal information;
- the purpose by which and how we collect, use and disclose your personal information;
- cross border disclosure;
- when we will use your personal information for direct marketing;
- how we keep your information secure;
- how to access, update or correct your personal information; and
- how you can make a complaint in relation to how we may have managed your personal information.
Our authorised dealer and agent network is independently owned and operated, and may have privacy policies which differ from ours. Our independent authorised dealers and agents are responsible for their own respective privacy policies and privacy related processes (where relevant in the context). If you have any privacy concerns relating to an independent dealer or agent, please contact the relevant party directly.
1. THE COLLECTION OF PERSONAL INFORMATION
1.1 Information we collect and hold
We collect information that is reasonably necessary for, or directly related to one or more of our functions and activities. The types of personal information we collect include but are not limited to your:
- age and birth date;
- occupation and employment details;
- contact details;
- residential and/or business address, including postcode;
- registration and driver’s licence details;
- other forms of identification used to confirm your identity;
- credit card and bank account details;
- other financial information;
- current and past vehicle information and details;
- location through anti-theft vehicle tracking technology in loan and demonstrator vehicles;
- voice when we record inbound and outbound calls for quality, training and record purposes; and
- image by videos and photos at events, during market research or through security cameras;
- educational qualifications, resume and reference checks;
- personal interests; and
- personal preferences (such as your preferred vehicle specifications).
Where appropriate, we provide you with the option of remaining anonymous when entering into transactions with us, unless such anonymity would be considered unlawful or impracticable. If you elect not to provide us with your personal information, we may not be able to do business with you or consider you for recruitment opportunities.
Generally we do not collect sensitive information. However, we may collect sensitive information about you (for example, health information and criminal record checks if you are applying for a job with us), if we have your express consent (such as for the purpose of confirming your identity) or if the collection is required or authorised by law.
1.2 How we collect your personal information
We take steps to ensure that we collect personal information by lawful means, and obtain your personal information in various ways, including but not limited to:
- when you contact or correspond with us;
- when you phone our customer support and assistance centres or require support;
- when you attend one of our premises or premises of our agents;
- when you visit an authorised dealership to test drive or purchase a vehicle, have your vehicle serviced or repaired or undertake the ID check associated with your use of the Mercedes me connect and smart control information and telematics services. Vehicles that you test drive or loan from us or one of our wholly owned dealerships may also be fitted with anti-theft tracking technology and in this respect we may track your location;
- if you order or purchase a product or service from us;
- if you enquire or apply to be an authorised partner or vendor;
- from third party roadside assistance service providers;
- via our websites (including our microsites) including:
- if you choose to supply the information to us by entering your information into the interactive sections on our websites (for example, enquiry forms, message boards, chat, profile pages, blogs, social networking features and the like). Please be aware that any information you post or disclose on these websites may be available to other site visitors and the general public (depending on the privacy settings you have in place);
- if you choose to create a new login or use your existing login or otherwise provide information through our websites and microsites; when you attend a (product) focus group, review a product or complete a survey;
- via our Apps or the Apps of other related or Mercedes-Benz Group companies (for example, undertaking the ID check associated with your use of the Mercedes me connect and smart control information and telematics services via the App).
- via social media;
- from competitions or promotions you have participated in or our events you have attended;
- from publicly available sources (including but not limited to commercially available sources such as data aggregators and public databases) and also information that you or others may post about yourself online e.g. social media pages. This information may include things like name, demographic, interests and other publically observed data. We (or our service provider on our behalf) may combine this information from information with other information including information we collect directly from you. We may also associate information about your use of our digital services over time with your personal information, e.g. where on any occasion you have logged in, followed a link sent to you by email or where we have otherwise been able to identify you;
- from third party service providers;
- when you apply for work with us and during reference checks;
- from other related or Mercedes-Benz Group companies;
- from Austroads Ltd’s National Exchange of Vehicle and Driver Information Systems if we are conducting a recall; and/or
- from government bodies, enforcement and regulatory authorities.
2. PURPOSE OF COLLECTION, USE AND DISCLOSURE OF PERSONAL INFORMATION
2.1 How we use personal information
Primarily we collect personal information for the purpose declared at the point of collection and so we can provide you with the best possible experience for you, and in order to comply with our legal, regulatory, industry or workplace requirements. More specific purposes include but are not limited to:
- any purpose which we inform you about when we collect your personal information or to which you have provided your consent;
- any purpose relating to buying, selling, repairing and loaning vehicles and parts;
- registering your interest in buying vehicles, servicing vehicles or part sales, including via our microsites;
- providing you with digital services requested by you including the Mercedes me connect and smart control information and telematics services;
- if you wish to own or already own a franchise of our products and/or services;
- any related purpose which would be reasonably necessary or directly related to one or more of our functions or activities;
- customer management including communicating to you about any goods and services, responding to enquiries in relation to products we sell and services we offer and varying our products and services;
- providing support to our customers and authorised dealer network;
- customer assistance, care, contact and information;
- fulfilling and processing orders and administering accounts;
- roadside assistance, vehicle warranty, product issues, service measures and recalls;
- marketing, event and promotional activities (including but not limited to competitions and other promotions);
- informing you of special events or offers;
- reporting, market research, customer surveys, customer analysis and product development;
- accounting, billing or other internal administrative purpose;
- as part of servicing and maintenance of IT systems and applications;
- recruitment purposes;
- to protect our legitimate interests including, for instance, registering a security interest on the Personal Property Securities Register or taking or responding to any legal action;
- conducting background checks, including checking against sanctions lists;
- to comply with industry, legal and regulatory requirements; and/or
- where permitted or required by law, a court or tribunal.
During the course of our day to day business, we may disclose your personal information to third parties outside our organisation, including but not limited to:
- those that you have consented we disclose your personal information to, either impliedly by your conduct, verbally or in writing;
- our authorised network;
- other members that are part of, related to or associated with the Mercedes-Benz Group (many of whom are based overseas see 2.3 below);
- related companies for example, Mercedes-Benz Financial Services Australia Pty Ltd that we share corporate services with, including information technology and human resources, or who provide back of office services to us;
- third party consultants under conditions of confidentiality for business related activities; and/or
- government agencies, enforcement authorities, regulators or other similar entities as required or permitted by law.
2.3 Cross border disclosure
In the ordinary course of our day to day business activities and those of our related and associated entities and service providers, your personal information may be transferred, accessed, processed and/or stored in various countries which include but are not limited to, the European Union (most notably Germany), the USA, Mexico Singapore, India, Philippines, Netherlands, Spain, Brazil, China, Malaysia, United Kingdom and Japan.
Where we arrange for work or services to be undertaken on our behalf, that work is undertaken under conditions of confidentiality and may result in your personal information being transferred, accessed, processed and/or stored (for example, on clouds or servers) in various countries for the purpose of service delivery to us or you.
Unless an exception applies in the Privacy Act, prior to disclosing personal information to overseas recipients we will take reasonable steps in the circumstances to ensure that the overseas recipient adheres to the APPs.
Overseas organisations may be required to disclose information we share with them under a foreign law. In those instances, to the fullest extent permitted by law, we will not be responsible for that disclosure.
2.4 Direct marketing
Direct marketing involves us communicating directly with you to promote the sale of our goods and services. This can be achieved by an array of methods including for example, by mail, telephone, e-mail or SMS/IM/MMS and potentially by third parties on our behalf. We will obtain your consent prior to using or disclosing your personal information for direct marketing purposes.
We do not actively market to children or knowingly collect personal information about children without parental consent. Whilst we do take steps to ensure that children’s privacy and rights are not compromised, it is ultimately the responsibility of parents to monitor their children’s internet usage.
2.4.1 Electronic communications
Where we electronically communicate with you (e.g. by instant messaging, SMS/IM/MMS, and other mobile phone messaging (but excluding voice to voice communications)) for the purpose(s) mentioned above, we comply with the Spam Act 2003 (Cth) as amended from time to time. We take steps to ensure that our electronic communications meet the following conditions, they:
- will only be sent with your consent, which you either provide expressly, or in very limited circumstances, that consent is inferred by your conduct or an existing ongoing business relationship;
- contain accurate information about us and how to contact us; and
- contain a functional unsubscribe facility to allow you to opt out of receiving electronic messages from us in the future.
2.4.2 Do Not Call Register Act 2006 (Cth)
The Do Not Call Register Act 2006 (Cth) allows telephone numbers to be registered if they are used primarily for domestic or private purposes in order to allow you to opt out of receiving most telemarketing calls or marketing faxes. If you have registered your private or domestic number on the register, then we will not contact you for telemarketing purposes for example, offering to sell you goods or services except if you have expressly opted in to receive direct marketing phone calls from us of which you can opt out of at any time.
However, we will still contact you for purposes that are not telemarketing purposes, including but not limited to the following:
- product recall, issue and fault rectification calls;
- appointment reminder and rescheduling calls;
- calls relating to payments;
- calls relating to a contract or the subject matter of contract we have with you; and
- solicited calls.
2.4.3 Opting out - Direct marketing, electronic communications and telephone calls
If you do not wish to receive direct marketing, electronic communications or telephone calls from us for direct marketing purposes, you can opt out at any time. When you opt out, we will stop sending the material until such time as you change your preferences.
If you elect not to receive any direct marketing material from us, you are likely to miss out on special product and service promotions, invitations to events, publications and other items that fall into this category.
2.5 Cookies, Tracking and Retargeting Technologies
Important: When certain web technologies are used, cookies on our websites track your browsing activity. In the process, random identifiers (so called “Cookie IDs”) are used which may be brought into connection with your name, your address or similar personally identifiable information that we may already hold (e.g. from an existing contractual relationship). On this basis, if you have already provided us with personally identifiable information, by consenting to the use certain web technologies you are consenting to us associating your browsing activity on our websites to you personally.
For Analysis and Statistics web technologies, Comfort web technologies and Marketing web technologies, will only use these technologies if you agree. For Technically Required web technologies, by simply using our websites, you consent to their use.
2.5.2 Managing preferences
If you do not wish for us to use certain web technologies (other than those technically required), you can object or “Opt-Out” at any time. We will comply with your objection by placing an Opt-Out cookie in your browser. Please note that for technical reasons, an Opt-Out cookie affects only the browser in which it has been installed. If you delete the cookie or use a different browser or device, you will need to opt out again.
2.5.3 Data transmission outside of Australia
When using web technologies, data may be transmitted to recipients outside Australia.
3. SECURITY OF PERSONAL INFORMATION
3.1 Integrity and quality of personal information
We take reasonable care to ensure that personal information we use, store and subsequently destroy/delete (where relevant) meets certain quality requirements, in that the personal information is accurate, up to date and complete.
3.2 Security of personal information
While care is taken to protect your personal information, unfortunately no data transmission over the internet is guaranteed as being 100% secure. Accordingly, we cannot guarantee the security of any information you send to us or receive from us online. That is particularly true for information you send to us via email as we have no way of protecting the information until it reaches us. Once we receive your personal information, we are required to protect it in accordance with the Privacy Act.
MBAuP follows the Mercedes-Benz Group global policies, guidelines and standards to secure your information. We continually train and remind our staff of the importance of keeping information safe and secure.
We have adopted active security measures to ensure that your personal information is kept safe from misuse, interference, loss, unauthorised access, disclosure and modification, such as:
(a) System security: Our application systems are password protected and can be accessed only by people authorised to do so. Our policies require us to encrypt confidential information, for instance, when you provide information to us using our website or when you send information from your computer to us. Security is inbuilt into the design and operations of our systems through the use of firewalls, ethical hacking and virus scanning tools.
(b) Physical security: Our premises are protected against unauthorised access by way of access card for entry, cameras, alarms and security services.
(c) Data retention: If personal information is no longer required for the purpose for which we are permitted to use, disclose or legally retain it, then we will permanently remove from a record any information by which an individual may be identified in order to prevent future re-identification from the data available. We retain information as long as needed to comply with the law or our own corporate policies and procedures.
Whilst we seek to keep your personal information secure, errors may occur from time to time and we will act quickly to investigate them and implement measures to avoid them from happening again (where possible).
We will at no time sell, rent or trade your personal information to or with any other unrelated entity.
4. ACCESS, CORRECTION, COMPLAINTS AND ENQUIRIES
We take reasonable steps to ensure that information we collect, hold or disclose about you is accurate, complete and up to date.
4.1 Access to information we hold about you
At any time you can request access to information we hold about you. We aim to respond to your request within 30 days. We may charge a reasonable fee for information requests.
Whilst we are obliged to provide you with access to your information, there are exceptions and those are outlined in the Privacy Act. If one of the exceptions applies to your access request, we will (if reasonable in the circumstances) work with you and attempt to provide you with access in a way to meet both of our needs. If it is reasonable in the circumstances, we will also notify you in writing if we have determined to refuse access to your personal information due to one of the exceptions listed above and the reasons for that refusal.
4.2 Correction of information we hold about you
We also encourage you to actively engage with us and let us know when your details change or if your personal information needs correction or updating via our contact information provided below.
4.3 Complaints and enquiries
If you are not happy with the way we have handled your personal information or believe that we have breached the Privacy Act or the APPs, please contact us and we will try our best to resolve the matter with you. For security reasons, we request that complaints, requests for access to or correction of personal information or any enquiries or questions concerning privacy matters be put in writing and either e-mailed or posted to:
The Privacy Officer
Mercedes-Benz Australia/Pacific Pty Ltd
44 Lexia Place
By phone: 1300 300 896
By email: firstname.lastname@example.org
We may also require proof of your identity.
For information about privacy generally, or if your concerns are not resolved to your satisfaction, please contact the Office of the Australian Information Commissioner at www.oaic.gov.au and on 1300 363 992.
5. INFORMATION RELATING TO PROSPECTIVE, CURRENT AND FORMER EMPLOYEES
If an employee has any questions or requests relating to their employee records, then the employee should contact MBAuP’s human resources department.
Last updated: August 2022
In consideration of you viewing this website, customer portal, online marketplace or app (“Platforms”) you agree to be bound by the following terms and conditions:
When using this website, the intellectual property (in particular copyrights, trademark, name and patent rights) of the Mercedes-Benz Group or third parties must be respected. Accessing the website does not grant any license or usage rights to the respective intellectual property of the Mercedes-Benz Group or third parties.
Copyright 2020 Mercedes-Benz Australia/Pacific Pty Ltd ("MBAuP"). The text, images, graphics, sound files, animation files, video files and their arrangement on MBAuP’s and/or Mercedes-Benz Group companies’ Platforms are all subject to copyright and other intellectual property protection laws in Australia and other countries, including but not limited to the Copyright Act 1968 (Cth) and through international treaties. Apart from any use that is permitted under the Copyright Act 1968 (Cth) all rights are reserved. These objects may not be copied for commercial use or distribution, nor may these objects be modified, published or reposted to other Internet sites or mediums. Some MBAuP and/or Mercedes-Benz Group companies’ Platforms also contain images that are subject to the copyright rights of third party providers.
These Platforms include registered trade marks which are the subject of pending applications and trade marks which are otherwise protected by law. Unless otherwise indicated, all trade marks displayed on MBAuP Platforms are subject to the trade mark rights of specific companies within the Mercedes-Benz Group. These include, but are not limited to, each of Mercedes-Benz Group's primary brands (Mercedes-Benz, AMG and Mercedes-Benz Financial Services) and the model name plates, corporate logos and emblems of the Mercedes-Benz Group.
Some of the product information, illustrations and images featured on these Platforms are European and reflect each vehicle’s performance and features under European conditions. Any such information, illustrations and images are indicative and for guidance only. Refer to an authorised Mercedes-Benz retailer for current information. Consequently, some of the information and/or accessories are not available in some countries or which; in order to satisfy local market demand or regulatory controls may only be available in different specifications or configurations.
If you are interested in any vehicle model, paint, option or accessory shown on these Platforms and are unsure of its availability or specification in your locality, you should contact your local MBAuP office or a local authorised retailer for the relevant product or brand, including information of current details and options available in your locality.
Unless otherwise stated, all prices specified are the recommended maximum retail prices. Prices are current at the time of publication and are subject to change at any time and from time to time without notice. Prices may differ based on your delivery location, applicable statutory or administrative charges, and CTP requirements in the purchasers state or territory. Some pricing information presented or used may be sourced from third parties and every effort has been taken to ensure accuracy, however absolute accuracy cannot be guaranteed. Please confirm item availability, specification and pricing prior to purchase.
No Warranties or Representations
The information that is contained on these Platform is for preliminary and general purposes only. MBAuP may at any time and from time to time at its full and complete discretion make any changes to the information that is contained in or on these Platforms. This information is provided by MBAuP "as is" and to the extent permitted by law, is provided without warranty of any kind, expressed or implied, including (but not limited to) any implied warranties of merchantability, fitness for any particular purpose, or non-infringement. While the information provided is believed to be accurate, it may include errors or inaccuracies. As such, no reliance whatsoever should be placed on the information that is contained in or on these Platforms as being accurate, complete and up to date.
MBAuP is not responsible for and will not accept responsibility or liability for any cost, damage, expense or loss (whether direct or indirect) that is or may be incurred as a result of any possible error, misrepresentation and or omission that is, was, or may be contained in or on these Platforms at any time and from time to time.
MBAuP has sought to achieve innovative and informative Platforms. We hope that you will be as enthusiastic as we are about this creative effort. However, you also need to understand that the Mercedes-Benz Group must protect its intellectual property, including its patents, trade marks, designs and copyrights. Accordingly, you are hereby on notice that the Platforms, nor any material contained therein, shall in any way grant or be taken to grant any person a license to Mercedes-Benz Group´s intellectual property or its related rights.
Links to Other Sites
Our Platforms may contain content or links to other websites that are owned by third parties. This content or these links are provided solely for your convenience and do not indicate either express or implied endorsement by MBAuP of the products or services that are provided by that website. When accessing third party content or websites and using those products and services you agree and undertake to do so at your own risk. MBAuP is not responsible for and will not accept responsibility or liability for any cost, damage, expense or loss (whether direct or indirect) that is or may be incurred as a result of any third party content, links or websites.
This website contains forward-looking statements that reflect our current views about future events. The words “anticipate,” “assume,” “believe,” “estimate,” “expect,” “intend,” “may,” ”can,” “could,” “plan,” “project,” “should” and similar expressions are used to identify forward-looking statements. These statements are subject to many risks and uncertainties, including
• an adverse development of global economic conditions, in particular a decline of demand in our most important markets;
• a deterioration of our refinancing possibilities on the credit and financial markets;
• events of force majeure including natural disasters, pandemics, acts of terrorism, political unrest, armed conflicts, industrial accidents and their effects on our sales, purchasing, production or financial services activities;
• changes in currency exchange rates, customs and foreign trade provisions;
• a shift in consumer preferences towards smaller, lower-margin vehicles; a possible lack of acceptance of our products or services which limits our ability to achieve prices and adequately utilise our production capacities;
• price increases for fuel, raw materials or energy; disruption of production due to shortages of materials or energy, labour strikes or supplier insolvencies;
• a decline in resale prices of used vehicles;
• the effective implementation of cost-reduction and efficiency-optimisation measures;
• the business outlook for companies in which we hold a significant equity interest;
• the successful implementation of strategic cooperations and joint ventures;
• changes in laws, regulations and government policies, particularly those relating to vehicle emissions, fuel economy and safety;
• the resolution of pending governmental investigations or of investigations requested by governments and the outcome of pending or threatened future legal proceedings;
• and other risks and uncertainties, some of which are described under the heading “Risk and Opportunity Report” in the latest Annual Report.
If any of these risks and uncertainties materialises or if the assumptions underlying any of our forward-looking statements prove to be incorrect, the actual results may be materially different from those we express or imply by such statements.
We do not intend or assume any obligation to update these forward-looking statements since they are based solely on the circumstances at the date of publication.
Privacy statement on shared analysis and marketing activities in relation to this Mercedes-Benz website can be found here.
Mercedes-Benz Financial Services Australia Pty Ltd - Finance Products and Insurance Solutions
Mercedes-Benz Financial Services Australia Pty Ltd (“MBFSAu”) (AFSL No. and Australian credit licence 247271) offers finance and insurance products and services in Australia and is part of the Mercedes-Benz Group of Companies. Mercedes-Benz Financial and Mercedes-Benz Insurance are registered business names of MBFSAu. Any information, publications, statements or references to finance or insurance made directly on these Platforms are made by MBFSAu and must be read subject to the respective disclaimers, legal notice and privacy statement.
Information contained in summaries of finance products or insurance solutions are subject to change at any time without notice. This may include indicative interest rates, terms available, estimated payments and fees and charges.
If you are interested in any finance product or insurance solution, you should contact your local authorised retailer to obtain confirmation of current details.
The provision of finance or insurance is subject to MBFSAu’s usual credit approval or insurance approval processes. The details provided on these Platforms are not intended, and are not to be construed, as an offer to provide finance or insurance on the terms stated.
Mercedes-Benz Prestige and Classic Motor Vehicle Insurance is arranged by Mercedes-Benz Financial Services Australia Pty Ltd ABN 73 074 134 517 (MBFS) as an agent of the underwriter QBE Insurance (Australia) Limited ABN 78 003 191 035 AFSL 239545 and not as your agent. The insurer of Mercedes-Benz Premier Motor Insurance is Allianz Australia Insurance Limited ABN 15 000 122 850 AFSL 23470 of 10 Carrington Sydney NSW 2000 and in arranging this insurance, MBFS and the authorised dealers act on behalf of Allianz and not as your agent. Neither MBFS nor any of its related companies have any liability in respect of this policy. Please consider the Product Disclosure Statement and Policy Wording booklet of each policy before making a decision. The Target Market Determination for each policy is available by calling us. Any advice here does not take into account your objectives, financial situation or needs. Terms, limits, conditions and exclusions apply. All claims are made to and handled by the relevant insurer and not MBFS.
MBAuP and MBFSAu Platforms may be accessed across the globe however are intended to be accessed by those in Australia. We make no representations that Platforms comply with the laws (including intellectual property laws) of any country outside Australia.
By using our Platforms, you acknowledge and agree not to:
i. post or transmit any obscene, indecent, inflammatory or pornographic material or any other material that may give rise to civil or criminal proceedings;
ii. tamper with or hinder the operation of the Platforms, including extracting any data security or personal information data;
iii. knowingly transmit any viruses, worms, defects, trojan horses or similar disabling or malicious code to the Platforms;
iv. use any robot, spider, site search and retrieval application or other mechanism to retrieve or index any portion of the Platforms;
v. modify, adapt, translate or reverse engineer any portion of the Platform;
vi. remove any copyright, trade mark or other proprietary rights notices contained in or on the Platforms;
vii. reformat or frame any portion of the web pages that are part of the Platforms;
viii. create accounts by automated means or under false or fraudulent pretences;
ix. use the Platforms to violate the security of any computer or other network or engage in illegal conduct;
x. take any action that imposes or that would, in our reasonable opinion, result in an unreasonable or disproportionately large load on our infrastructure;
xi. use the Platforms other than in accordance with this legal notice or any other applicable terms and conditions; or
xii. attempt any of the above acts or engage or permit another person to do any of the above acts.
Should any part of this legal notice be or become invalid, that part shall be severed from these legal notice and shall not affect the validity of the remaining provisions of the legal notice.
This legal notice shall be governed by and construed in accordance with the laws for the time being in force in the State of Victoria Australia and the parties agree to submit to the non-exclusive jurisdiction of the courts and tribunals of that State.
You may not reproduce or communicate any of the content on this website, including files downloadable from this website, without the express permission of MBAuP.
© Mercedes-Benz Australia/Pacific Pty Ltd. All rights reserved.
Last updated October 2023.
Data privacy notice on Risk Management processing activities at Mercedes-Benz Mobility AG (MBM)
This data protection notice describes how Mercedes-Benz Mobility AG processes your personal data for the purposes of Risk Management activities as well as for the credit decision and portfolio risk steering purposes. Protecting your personal data is a high priority for us, and is taken into account for all of our business processes. This data privacy notice provides you with a detailed summary regarding the processing of your personal data in relation to the different Risk Management processes mentioned below.
"Personal data" according to the General Data Protection Regulation of the European Union means all information that relates to a natural person who has been or can be identified. You will also learn what rights you are entitled to regarding the processing of your personal data according to the General Data Protection Regulation of the European Union.
The way we handle personal data is always based on our applicable Data Protection Policy. This can be found on our website https://group.mercedes-benz.com/privacy/.
Who is responsible for processing my personal data, and who can I contact on the topic of data protection?
The (joint) controller responsible for processing your personal data for the Risk Management processes specified below is:
Mercedes-Benz Mobility AG, Siemensstraße 7, 70469 Stuttgart
Joint Controller for the development of risk instruments and internal reporting (“Reporting”), as well as for monitoring and reporting for Portfolio Risk Steering:
Mercedes-Benz Financial Services Australia Pty Ltd (“MBFSAu”)
Level 1 / 41 Lexia Place
Mulgrave, Victoria, Australia 170
Performance of Credit Decision: Depending on the size of the credit request, the decision is taken solely by MBFSAu or jointly with Mercedes-Benz Mobility AG as Joint Controller (contact information see above).
MBFSAu and MBM have concluded a Joint Controller Agreement. Upon request, we provide you with the essential contents of the Joint Controller Agreement.
The contact person for your data protection questions is our data protection officer:
Mercedes-Benz Group AG, HPC E600, 70372 Stuttgart, Germany email@example.com, https://group.mercedes-benz.com/privacy/.
Where does my data come from and what data is processed?
We process personal data under the principles of data reduction and data minimization only to the extent necessary, as permitted due to applicable legal regulations, according to our obligations. Unless otherwise set forth below, the terms "process" and "processing" include, but are not limited to, the collection, use, disclosure and transfer of personal data (see Article 4 No. 2 GDPR).
The data processed for the Risk Management and Credit Decision activities mentioned below is taken from your financing or leasing application incl. corresponding documents, the Account Information Service (PSD2) or is provided by credit agencies or/and public official sources, that are requested by MBFSAu when applying for funding, and is provided by the MBFSAu to MBM:
The following data categories are processed:
- Customer number
- Customer name (only Dealer and Corporate Customers)
- Application information (such as application number, number of vehicles financed)
- Information on private customers (such as region, profession) and commercial customers (such as industry)
- Information on commercial borrowers/borrowers with Private ownership form (such as industry, region, experience in business)
- Contract data (such as contract number, term, financing product, VIN number)
- Vehicle data (such as model, list price, age of vehicle)
- Financial Statements
- Data from salary statements or the Account Information Service (PSD2)
- External credit agency files on the data subject's creditworthiness
- Information on payment history for past financing agreements
For the credit decision making and portfolio risk steering, the aforementioned data is processed with the customer name and application number.
For what purpose and on what legal basis is the data processed?
Data processing by MBM as the responsible party in the Mercedes-Benz group for steering all companies worldwide belonging to the segment “Mercedes-Benz Mobility” for Risk Management, Portfolio Risk Steering and as far as the credit request exceeds the credit decision competence of MBFSAu for the Credit Decision is based on a legitimate interest under Art. 6 (1) (f) GDPR in conjunction with §§ 91 II and III, 93 I German Stock Corporation Act .
Information on the role of MBM and MBFSAu for the data processing can be found under “Who is responsible for processing my personal data, and who can I contact on the topic of data protection?”
The purpose of those Risk Management processes is to use the data in order to create risk models, perform various analysis, make risk situation transparent and steer the MBM.
Such processing includes, but is not limited to:
- Development of risk instruments that are used to determine customer creditworthiness, and thereby minimize the financial risk through an appropriate credit decision
- Calibration of risk provisioning parameter and monthly provisioning calculation as a requirement under the accounting standard IFRS9
- Planning activities with regards to forecasting as well as simulations of developments
- Risk steering of the MBM company which includes: calibration of risk parameter, economic capital calculation, risk adjusted profitability steering, monitoring and reporting to steer and control credit risks, assure quality of credit applications and to analyze the credit portfolio
- Reporting, e.g. monitoring the development of number of sales as well as financing and leasing contracts per vehicle model, monitoring of profitability, monitoring of the share of “green financing” (electric vehicles), monitoring the development of risk KPIs such as delinquencies, credit losses, provisions, quality of the acquisitions, monitoring the performance of the different risk models, etc.
- Market risk analysis especially interest rate and liquidity risk management for the purposes of asset and liability management
- Internal or external audit activities
- Performance of Credit Decision: MBFSAu processes as Data Controller your data for the performance of Credit Decision within its credit decision competence, whereas MBM provides as service provider the IT infrastructure and processes the data as Data Processor on behalf of MBFSAu. As far as the credit request exceeds the credit decision competence of MBFSAu it and MBM process as Joint Controller your data for the performance of Credit Decision.
The data is used for the calibration of risk provisioning parameters, monthly calculation of provisions and risk KPIs, forecasting the cost of credit risk as part of the plan-is comparison processes, economic capital parameter calibration and calculation, risk adjusted profitability steering, creation of various reports and dashboards and market risk analysis, such as interest rate and liquidity risk management.
DMO AG builds precise risk models, makes risk situation transparent, gains specific knowledge about its portfolio, steers the company and perform efficient risk management so that the management can protect the economic interests of MBM.
Will my data be shared?
For the purposes of performing the different Risk Management activities mentioned above, the personal data processed is provided by MBFSAu to MBM.
Auditors and IT suppliers have in certain cases also an access to the personal data.
Since MBM provides as Data Processor the IT infrastructure MBFSAu, the data processed within the Performance of Credit Decision and Portfolio Risk Steering is internally shared with MBM Credit Management Europe Department, MBM Risk Management Department, MBM Regional Credit Committee Europe, MBM BoM.
Will my data be sent to a third country or an international organization?
Your personal data might be transferred to and processed by MBM, its affiliates (i.e. any member of the Mercedes-Benz Group companies) and appointed 3rd parties both inside and outside the MBFSAu.
How long will my data be stored?
The personal data used for the aforementioned risk management and credit decision processes is stored as long as the legitimate interest under Art. 6 (1) (f) GDPR persists. The legitimate interest ends when the contractual agreement between the data subject and the market ends. Four exceptions apply here:
- Retention period is prolonged if outstanding payments are expected from the customer for example if the customer is involved in collection processes and the vehicle(s) have to be repossessed or they are stolen, etc.
- In accordance with the local legal regulations, booking relevant data is kept up to 10 years
- For the purposes of development and reporting, the data from credit checks is processed and joined with information on your payment history. In case no contract comes into force, data is an anonymized upon cancellation of your application.
- For the credit decision, data retention will be handled in accordance with the local legally regulations, which is seven years.
Upon expiry of the retention period, the personal data will be anonymized/deleted and hence it will not be possible anymore to trace back to the original customer.
What rights do I have with MBFSAu or MBM?
According to EU GDPR, you have extensive rights regarding the processing of your personal data. Making you aware of these rights is very important to us:
- Right of access: You can request access to your personal data processed by us (Article 15 GDPR).
- Right to correction of inaccurate data: You have a right to demand from us the immediate correction of your personal data, should it be inaccurate (Article 16 GDPR).
- Right to deletion: You have the right to demand that we delete your personal data. The criteria allow you to demand the deletion of your personal data if we, for instance, no longer need the personal data for the purposes for which it was collected or otherwise processed, if we unlawfully process the data, or if you have rightfully objected to the use of your data, revoked your consent to the same or there is a legal obligation to delete (Article 17 GDPR).
- Right to restriction of processing: You have the right to demand a restriction of the processing of your data. This right especially applies for the duration of the review if you have disputed the accuracy of your personal data, as well as in the case that, for an existing right to deletion, you request restricted processing instead of erasure. Furthermore, there will be restricted processing if the data is no longer required for our purposes, but you still need the data in order to assert, exercise or defend legal rights, as well as if the successful assertion of an objection is in dispute between you and us (Article 18 GDPR).
- Right to data portability: You have the right to receive the personal data you have provided us with in a structured, common, machine-readable format from us (Article 20 GDPR), provided said data has not already been deleted.
- Right to lodge a complaint with a supervisory authority: If you feel that we are violating the GDPR by processing personal data about you, you have the right to lodge a complaint with a supervisory authority, e.g. a data protection agency responsible for your place of residence, workplace or location where the alleged data protection violation occurred.
- Automated decision-making: As an applicant, you have the general right under Art. 22 GDPR to have the automated decision reviewed manually. You can also present your own opinion and contest the decision.
If you wish to assert one of your rights or receive more information, please contact the controller or the joint controllers and/or the data protection officer.
Can I object to the processing of my personal data?
You have the right, for reasons arising from your specific situation, to object at any time to the processing of personal data about you (Article 21 GDPR). We will no longer process your personal data unless we can prove compulsory, legitimate reasons for processing that outweigh your interests, rights and freedoms, or if the processing is required to assert, exercise or defend against legal claims.
If you wish to object to the processing of your personal data, please contact the joint controller and/or the data protection officer. In case of an objection, however, it is possible that we will no longer be able to provide the services agreed with you or not within the agreed scope.
Privacy Statement on shared analysis and marketing activities in relation to this Mercedes-Benz website by Mercedes-Benz Australia/Pacific Pty Ltd (MBAuP); Mercedes-Benz AG (MBAG) and Mercedes-Benz Mobility AG (MBM)
This privacy statement describes how the three entities listed above process your personal data for the purpose of shared analysis and marketing activities on this specific website. Protecting your personal data is a high priority for all of the entities listed above, and is taken into account for all business processes. This privacy statement provides you with a detailed summary regarding the processing of your personal data in relation to the analysis and marketing activities mentioned below.
"Personal data", according to the General Data Protection Regulation of the European Union (GDPR), means all information that relates to a natural person who has been or can be identified. You will also find information on what rights you are entitled to regarding the processing of your personal data according to the GDPR.
The way Mercedes-Benz entities process personal data within, or related to individuals within, the European Union and European Economic Area is always based on the Mercedes-Benz Group Data Protection Policy EU.
Who is responsible for processing my personal data, and whom can I contact on the topic of data protection?
The (joint) controllers responsible for processing your personal data for shared analysis and marketing activities on this specific website are:
Mercedes-Benz Australia/Pacific Pty Ltd
44 Lexia Place, Mulgrave,
Victoria 3170, Australia
70372 Stuttgart, Germany
Mercedes-Benz Mobility AG
70469 Stuttgart, Germany
Data protection officer for MBAG and MBM:
Mercedes-Benz Group AG
Group Data Protection Officer
D-70546 Stuttgart, Germany
MBAuP and MBAG as well as MBAG and MBM have concluded joint controllership agreements according to Art. 26 GDPR. For more information, please see the table below.
Where does my data come from and what data is processed?
Whenever you visit this specific website and if you have consented the following categories of data are stored and shared with MBAG and MBM:
Server-Logfiles: Certain information about the browser, operating system and IP address (only very short-term) you are using; the date and time of your visit; the status of the interaction (e.g. whether you were able to access the website or received an error message)
Clickstream Data: Your usage of the website and its features; any search phrases you entered; how often you visit the website and the campaign from which you accessed this specific website
Online identification features: Your Cookie ID, Web Client or/and App ID
Geo-location data: The country and the city from where you accessed our website (derived from the IP address)
Payment information: Payment method you used while purchasing something on this specific website
MBAuP processes that data about your visit on this specific website together with the other controllers -depending on your consent- using the following technologies:
• For analysis purposes:
- Google Analytics 360
• For marketing purposes:
- Salesforce Interaction Studio
- Salesforce Audience Studio
- Adobe Target
For what purpose and on what legal basis is your personal data processed?
The personal data collected during your visit on this website is used for conducting personalization and targeted advertising measures. Moreover, the website usage behavior is analyzed to improve website usability and enhance digital products and campaigns. In addition, that data is used for statistical reports.
Within the scope of the joint controllership, your personal data is processed based on your consent according to Art. 6 (1) (a) GDPR. Your consent is optional and may be withdrawn at any time through the Consent Management Platform of this specific website. The lawfulness of data processing before such withdrawal remains unaffected by the withdrawal.
Will my data be sent to a third country?
When passing on data to third parties based on your consent, personal data may be provided from within the European Union ("EU") or the European Economic Area (“EEA”) to recipients in countries outside the EU or EEA, i. e., in a so-called third country.
In some third countries, from the EEA's point of view, an adequate level of personal data protection (so-called "adequacy") exists, in compliance with EU standards. With recipients in other third countries, MBAG and MBM agree on the use of EU standard contractual clauses, binding corporate rules or other applicable instruments to create an "adequate level of protection" according to legal requirements. For more information, please contact one of the controllers.
To the extent that you consent within our Consent Management Platform, you also consent to transfer data to recipients in countries outside of the EEA where no “adequate level of protection” exists. You may find information on data transferred, data recipients or categories of data recipients, and the relevant countries in our Consent Management Platform under a (cookie) settings link in the footer at the bottom of the website. Data protection law in these countries may not be fully comparable to that in the European Economic Area. In this case, international data transfer to recipients outside of the European Economic Area (if any) is based on your consent according to Art. 49 (1) (a) GDPR.
How long will my data be stored?
Your personal data will be stored until the purpose for which it was collected and processed has been fulfilled. Beyond this period, data storage only takes place to the extent made necessary by applicable legislation, regulations or other legal provisions in the European Economic Area or in third countries if these have an adequate level of data protection. If personal data must be retained on such basis, the relevant personal data are flagged to restrict their further processing.
In addition to the rights available to you under Australian law, you also have the following rights under GDPR
According to GDPR, you have certain rights regarding the processing of your personal data. Making you aware of these rights is very important to Mercedes-Benz:
Right of access: You can request access to your personal data processed by us (Art. 15 GDPR).
Right to correction of inaccurate data: You have a right to request correction of your personal data, in case it is inaccurate (Art. 16 GDPR).
Right to deletion: You have the right to request deletion of your personal data. The criteria allow you to request the deletion of your personal data if, for example, it is no longer needed for the purposes for which it was collected or otherwise processed. You can also demand the deletion of your personal data if it is unlawfully processed, or if you have rightfully objected to the processing of your data, revoked your consent to the same or there is a legal obligation to delete it (Art. 17 GDPR).
Right to restriction of processing: You have the right to demand a restriction of the processing of your data. This right especially applies for the duration of the review if you have disputed the accuracy of your personal data, as well as in the case that, for an existing right to deletion, you request restricted processing instead of erasure. Furthermore, there will be restricted processing if the data is no longer required for legitimate purposes, but you still need the data in order to assert, exercise or defend legal rights, as well as if the successful assertion of an objection is in dispute between you and MBAG and/or MBM (Art. 18 GDPR).
Right to data portability: You have the right to receive the personal data you have provided in a structured, common, machine-readable format (Art. 20 GDPR), insofar as the data has not been deleted already.
Right to lodge a complaint with a supervisory authority: If you feel that processing of your data is not in line with the GDPR, you have the right to lodge a complaint with a supervisory authority in an EU member state, e.g., a data protection agency responsible for your place of residence, workplace or location where the alleged data protection violation occurred (Art. 77 GDPR).
If you wish to assert one of your rights or receive more information, please contact one of the controllers stated above. Preferably, please contact MBAuP.
Appendix - Details of joint controllership - Data sharing in the field of marketing and analysis on this Mercedes-Benz website in the event of given consent