Privacy policy

Privacy policy of VDL Sachsen Holding GmbH & Co. KG

Welcome to our website and thank you for your interest in our company. Protecting your personal data is very important to us. We process your data in accordance with the applicable legal provisions on the protection of personal data, in particular the EU General Data Protection Regulation (GDPR) and the national implementing legislation applicable to us. Our privacy policy provides you with all the relevant information regarding the processing of your personal data by VDL Sachsen Holding GmbH & Co. KG and the rights to which you are entitled.  

Personal data is information that makes it possible to identify a natural person. In particular, this includes your name, date of birth, address, telephone number and email address as well as your IP address. Anonymous data refers to data that cannot be related to an individual user. 


Controller and data protection officer

VDL Sachsen Holding GmbH & Co. KG
Winklhoferstr. 20
09116 Chemnitz, Saxony, Germany

Phone: +49 (0) 3 71 65 62 12 00
Fax: +49 (0) 3 71 65 62 12 01

Contact details for the data protection officer:

Your rights as a data subject

In this section, we would like to start by informing you about your rights as a data subject. These rights are set out in Arts. 15–22 GDPR. They include: 

  • The right of access (Art. 15 GDPR)
  • The right to erasure (Art. 17 GDPR)
  • The right to rectification (Art. 16 GDPR)
  • The right to data portability (Art. 20 GDPR)
  • The right to restrict data processing (Art. 18 GDPR)
  • The right to object to data processing (Art. 21 GDPR).

To exercise these rights, please contact The same applies if you have any questions regarding data processing within our company. You also have the right to lodge a complaint with a data protection supervisory authority. 


Rights of objection

Please note the following in connection with rights of objection: 

If we process your personal data for direct marketing purposes, you have the right to object to this data processing at any time without giving reasons. This also applies to profiling to the extent that it is connected with direct marketing. 

If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes. Objections are free of charge, and no formal requirements apply to them, but ideally they should be sent to:

If we process your data to protect legitimate interests, you may object to this processing at any time on grounds relating to your particular situation; this also applies to profiling based on these provisions[DE1] 

In this case, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or unless the processing is necessary for the establishment, exercise or defence of legal claims.


Purposes and legal grounds of data processing

The provisions of the GDPR and all other applicable data protection regulations are complied with when processing your personal data. Legal grounds for data processing are provided by Art. 6 GDPR in particular. 

We use your data to initiate business, to comply with contractual and legal obligations, to perform the contractual relationship, to offer products and services and to strengthen the customer relationship, which may also include analyses for marketing purposes and direct marketing.

Your consent also constitutes permission under data protection law. We will inform you about the purposes of the data processing and about your right of withdrawal. If the consent also relates to the processing of special categories of personal data, we will explicitly point this out to you in the consent.

Special categories of personal data within the meaning of Art. 9(1) GDPR are processed only if this is necessary under legal regulations and there is no reason to assume that you have an overriding legitimate interest in excluding the processing.


Sharing data with third parties

We will share your data with third parties only within the framework of the statutory provisions or with the corresponding consent. In all other cases, data will not be shared with third parties unless we are required to do so under mandatory legal provisions (disclosure to external bodies such as supervisory authorities or law enforcement agencies). 

Within our company, we ensure that your data is received only by those persons who need it to comply with contractual and legal obligations. This includes parent companies, subsidiaries and sister companies of VDL Sachsen Holding GmbH & Co. KG insofar as they require the data to comply with their contractual and legal obligations.

Service providers and partners support our company in fulfilling its tasks in many cases. This applies in particular to transport, delivery, research and billing services. We have concluded the necessary data protection agreements with all our service providers and partners.


Transfers to a third country / intention to transfer to a third country

No data is transferred to third countries (outside the European Union and the European Economic Area).


Data retention period

We store your data for as long as it is needed for the respective processing purpose. Please note that numerous retention periods require that data (must) continue to be stored. This applies in particular to retention obligations under commercial or tax law (such as the German Commercial Code, German Fiscal Code, etc.). The data is routinely deleted after its purpose has been achieved, provided that there are no further retention obligations.

In addition, we may retain data if you have given us permission to do so or if there is a legal dispute and we use evidence under statutory limitation periods, which can be up to thirty years; the standard limitation period is three years. 


Secure transfer of your data

We implement appropriate technical and organisational security measures to provide the data stored by us with the best possible protection against accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Security levels are continually reviewed in cooperation with security experts and adapted to new security standards.

The exchange of data from and to our website is always encrypted. We offer HTTPS as the transfer protocol for our website, using the current encryption protocols in each case. There is also the option to use alternative communication channels (such as post).


Obligation to provide data

Diverse personal data is necessary to establish, perform and terminate the contractual relationship and to comply with the associated contractual and legal obligations. The same applies to the use of our website and the various functions that it provides. 

We have summarised the relevant details for you in the section mentioned above. In certain cases, data must also be collected or made available due to legal requirements. Please note that it is not possible to process your enquiry or perform the underlying contractual relationship unless this data is provided. 


Category, source and origin of the data

The context in the particular case determines which data we process, and this depends on whether, for example, you enter an enquiry in our contact form, send us an application or submit a complaint. 

Please note that we may also provide information about special processing situations separately in a suitable place, for example when uploading application documents or when a contact request is made. 


We collect and process the following data when you visit our website:

  • Name of the Internet service provider
  • Information about the website from which you access our website
  • Web browser and operating system used
  • The IP address assigned by your Internet service provider
  • Files requested, volume of data transferred, downloads/file exports
  • Information about the web pages that you visit on our site, including the date and time
  • For reasons of technical security, this data is stored in accordance with Art. 6(1)(f) GDPR; after seven days at the latest, it is anonymised by truncating the IP address so that it is no longer possible to relate the data to an individual user.
  • Statistical evaluations of this data are carried out using 1&1 WebAnalytics (see below).


We collect and process the following data in the context of a contact enquiry:

  • Last name, first name
  • Postcode for determining who is responsible
  • Provided contact details (email, phone if applicable)
  • Information on requirements and interests


We collect and process the following data in the context of online applications:

  • Last name, first name
  • Postcode and town/city to determine who is responsible
  • Contact details (email)
  • Documents provided (CV, cover letter, references, photo, etc.)


Applicant portal (Art. 6(1)(a) and (b) GDPR)

Thank you for your interest in working for VDL Sachsen Holding GmbH & Co. KG or one of its sister companies. We understand the importance of your data and process the personal data that you provide in the application form only for the purpose of conducting the application procedure in a correct and effective manner and to contact you as part of the application process. No data will be shared with third parties without your consent. 

You will be asked to provide personal data as part of the application form. In doing so, we apply the principle of data economy and data reduction by requiring you to provide us only with the data that we need to review your application documents fully, such as your CV, or that we are legally obliged to collect. This mandatory information is marked with an *(asterisk). Unfortunately, we are unable to review your application documents without this mandatory information, which is why our application system does not allow you to upload your application documents in this case. You do, of course, have the option to provide voluntary information in the application form.  Your IP address is also processed out of technical necessity and for legal protection.

We implement appropriate security measures to safeguard the security and confidentiality of your data in the best possible manner. Your application documents are transmitted to us in encrypted form through our application system.

We store your data for the above-mentioned purpose until the application procedure has been completed and the relevant time limits have expired – at the latest six months after a decision has been received. However, you have the option of us storing your application documents for longer and checking them against other vacancies that match your profile. 

We need your consent to do this, and you can provide it by clicking the tick box before uploading your application documents. We will store your data for 12 months in this case. You can, of course, withdraw your consent at any time without stating reasons and with effect for the future by calling us on +49 (0) 371 - 65 62 12 00, by sending an email to or by writing to VDL Sachsen Holding GmbH & Co. KG, Winklhoferstr. 20, 09116 Chemnitz, Saxony. 


Contact form / contact by email (Art. 6(1)(a) and (b) GDPR)

Our website includes a contact form, which can be used to contact us electronically. If you write to us via the contact form, we will process the data that you provide in the contact form in order to contact you and respond to your questions and requests. 

In doing so, we follow the principle of data economy and data reduction by requiring you to provide only the data that we absolutely need to contact you. That is your name, your email address, your postcode for assigning your enquiry to the responsible press service company and the message field itself. Your IP address is also processed out of technical necessity and for legal protection. You may provide a phone number if you wish. If you contact us by email, we will process the personal data provided in the email solely for the purpose of dealing with your enquiry.


Automated decisions in individual cases

We do not use automated processing to make decisions.


Cookies (Art. 6(1)(f) GDPR / Art. 6(1)(a) GDPR in the case of consent)

Our web pages use cookies in various places. They are used to make our website more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser (locally on your hard drive).  These cookies allow us to analyse how users use our website. This helps us design the website content according to visitors’ needs. In addition, the cookies enable us to measure the effectiveness of a particular advert and to have it placed according to the topics users are interested in, for example. 

Most of the cookies we use are known as session cookies, which are automatically deleted after your visit. Persistent cookies are automatically deleted from your computer when their expiry date (usually six months) is reached, or you can delete them yourself before the expiry date. Most web browsers accept cookies automatically. However, you can usually change the settings of your browser if you prefer not to send the information. Please note that if you deactivate the setting of cookies, you may not be able to use all the functions of our website to their full extent.


Privacy policy for the use of 1&1 WebAnalytics

Our website uses 1&1 WebAnalytics, a web analytics service provided by 1&1 Internet SE, Elgendorfer Strasse 57, 56410 Montabaur, Germany (“1&1”). 1&1 evaluates user behaviour on our web pages using its 1&1 WebAnalytics service and logs the following usage data:

  • Referrer (the site visited prior to our website)
  • Requested web page or file
  • Browser type and version
  • Operating system used
  • Type of device used
  • Time of access
  • IP address in anonymised form (used only to determine the location of the access)

Cookies are not used according to 1&1. The information regarding your use of our website is usually transmitted to a 1&1 server and stored there in anonymised form. 1&1 compiles anonymous reports on website activity using the usage data collected. According to 1&1, your IP address is also anonymised by 1&1 WebAnalytics and processed only in truncated form to exclude any connection being established to you as an individual.

For more information on data protection aspects in relation to 1&1 IONOS Webhosting and WebAnalytics, please use the following link (in German):


Links to other providers

Our website may also contain (clearly recognisable) links to websites belonging to other companies. In cases where there are links to websites belonging to other providers, we have no influence on their content. For this reason, we are also unable to provide any guarantees or assume any liability for this content. The respective provider or operator of the pages is always responsible for their content. 

The linked pages were reviewed for potential legal violations and identifiable infringements at the time of linking. Illegal content could not be identified at the time of linking. However, monitoring the content of the linked pages on an ongoing basis cannot be reasonably expected unless there is concrete evidence of legal infringements. Such links will be removed immediately if we become aware of legal infringements.