Data protection information

Privacy policy

In the following data protection information, we would like to explain to you what types of your personal data (hereinafter also referred to as "data") we process, for what purposes, on what legal basis and to what extent.

Information about the controller

The responsible body for the collection and processing of your personal data is the

Central agency for PTI
FSD Fahrzeugsystemdaten GmbH
Wintergartenstraße 4
01307 Dresden.

Contact via

Data Protection Officer

If you have any questions or would like to contact us about data protection, please contact our data protection officer. Her contact details are:

FSD Fahrzeugsystemdaten GmbH
Data Protection Officer
Wintergartenstraße 4
01307 Dresden.

Contact via oder Tel.: +49 (0) 351 / 652888176

Use of our websites

Depending on the purpose of the website, it is possible to visit it with or without expressly providing personal data. Personal data is collected insofar as this is necessary for technical and functional reasons for the use of our websites. The following data is automatically collected and logged each time you access our website:

• Date and time of access
• Name of the requested file
• Website from which the file was requested
• Access status (e.g. file transferred, file not found)
• the web browser you are using and the operating system of your device
• the IP address of the requesting device

When visiting our websites, the IP address is stored in the server log without anonymisation.

The stored IP addresses are generally not evaluated and deleted after 62 days. The server logs are only analysed in the event of technical problems and are not stored on a central server or in a central database.

The legal basis for the temporary collection and storage of the data and the log files is our legitimate interest according to Art. 6 (1) lit. f GDPR and serves to detect security validations, intrusion attempts, data losses and breaches by third parties as well as to ensure a smooth connection setup of the website and other administrative purposes.

The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website.

Registration on websites

If a website requires registration, the following data are required alternatively and sometimes cumulatively:

• User name
• E-mail address
• Password

We use Joomla for the administration of the registrations. Joomla is a content management system that is used as a so-called website editing system. Details on Joomla can be found at

This data is used exclusively for the administration of user access.

The legal basis for processing the data during registration is your consent in accordance with Art. 6Abs. 1 lit. a GDPR. You may revoke your consent at any time. An informal communication by e-mail is sufficient for the revocation. The legality of the data processing already carried out remains unaffected by the revocation.


When contacting us (e.g. via contact form, e-mail or telephone), we process the information of the inquiring persons to the extent necessary to answer the contact requests.

As a central body according to StVG, the answering of contact queries may result from the fulfilment of a public law obligation incumbent upon us within the meaning of Art. 6 para. 1 c GDPR.

The answering of contact queries in the context of contractual or pre-contractual relationships is carried out to fulfil our contractual obligations or to answer (pre)contractual queries and otherwise on the basis of legitimate interests in answering the queries. Accordingly, the data processing is based on the legal grounds Art. 6 para. 1 p. 1 lit. b. GDPR or Art. 6 para. 1 p. 1 lit. f. GDPR.

Social Plugins

We completely refrain from using social plugins for the well-known networks.


To enable certain functions of some websites (e.g. personalised access), we use so-called session cookies. These are small text files that are stored on your device and deleted after you close your browser. They are used exclusively for the operation of the website and its functions. As technically necessary cookies, session cookies do not require your consent.

We do not set technically unnecessary cookies.


On some websites, the open source software MATOMO ( is used for statistical analysis of visitor access without the use of cookies. We host MATOMO ourselves and do not collect any personal data for the statistical evaluations. Your IP address is immediately anonymised during this process by automatically masking the last two bytes so that you as a user remain anonymous to us. We do not transfer any of the data collected by MATOMO to third parties.


We use Skribble for the digital signature of contracts and documents. Skribble operates on our behalf. As part of the digital signature, the following personal data about you is particularly collected and processed, depending on the document:

• Communication data (first name/last name, email address, IP address)
• Your digital signature via Skribble
• Telephone number for the advanced electronic signature (AES) for the purpose of delivering a confirmation SMS and depositing it in the signature

The processing of the data is necessary for the submission and acceptance of the digital signature and serves the secure and verifiable electronic signing of (contract) documents. The legal basis for the processing of personal data is Art. 6 para. 1 lit. b) and f) GDPR.

Your personal data will be stored as long as necessary to achieve the stated purposes and as long as statutory and/or contractual retention obligations apply. Skribble AG is based in Switzerland and is subject to Swiss and European data protection law according to the GDPR. There is a contract for order processing. For more information on data processing by Skribble, please follow the link:

Server location

The personal data is stored within the EU, a transfer of your data to third countries does not take place.

Recipients of personal data

Only those persons in our company have access to your personal data who need it for the purposes stated in each case. Your data will only be passed on to external recipients if this is permitted by law or if we have your consent. Below you will find an overview of the relevant recipients:

Processors: We sometimes use external service providers to process our business transactions (e.g. for IT, technical infrastructure, maintenance). These are carefully selected and checked by us and only work according to our instructions. They have been contractually obligated to comply with the provisions of data protection law in accordance with Art. 28 GDPR.

Public bodies: Authorities or state institutions, insofar as this is necessary to fulfil a legal obligation. The legal basis for the disclosure is then Art. 6 para. 1 p. 1 lit. c GDPR.

Data transfer to a third country

No data is transferred to countries outside the EU or the EEA (so-called third countries).

Deletion deadlines

The data processed by us will be deleted in accordance with the legal requirements as soon as their consents permitted for processing are revoked or other permissions cease to apply (e.g. if the purpose of processing this data has ceased to apply or it is not required for the purpose).

If the data are not deleted because they are required for other and legally permissible purposes, their processing will be limited to these purposes. I.e. the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law or whose storage is necessary for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person.

Within the scope of our data protection notices, we may provide users with further information on the deletion as well as on the retention of data that specifically applies to the respective processing operations.

Security measures

In accordance with Article 32 of the GDPR, we take appropriate technical and organisational measures to ensure a level of protection appropriate to the risk, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of the processing, as well as the different probabilities of occurrence and the level of risk to the rights and freedoms of natural persons.

The measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as the access, input, transfer, safeguarding of availability and their separation. Furthermore, we have a data protection management system that ensures the exercise of data subjects' rights, the deletion of data and responses to the compromise of data. Furthermore, we already take the protection of personal data into account during the development or selection of hardware, software and procedures in accordance with the principle of data protection, through technology design and through data protection-friendly default settings.

Data subjects' rights

You have the following rights as a data subject:
1. Right to information
Pursuant to Art. 15 GDPR, you can request information on whether we process personal data, including vehicle data from your main inspection reports. If this is the case, you have the right to information about this personal data and other information related to the processing.
2. Right of rectification
You have a right of rectification and/or completion vis-à-vis the controller if the personal data processed concerning you are inaccurate or incomplete. The controller shall make the rectification without undue delay.

In the case of data processing for scientific, historical or statistical research purposes: Your right to rectification may be limited to the extent that it is likely to make impossible or seriously prejudice the achievement of the research or statistical purposes and the limitation is necessary for the fulfilment of the research or statistical purposes.
3. Right to restriction of processing
Under the conditions of Art. 18 GDPR, you have the right to request the restriction of the processing of personal data concerning you. An example of this is if you dispute the accuracy of your data. You can then demand the restriction of processing for the duration of the verification of the accuracy of the data.
4. Right to erasure
You have the right to demand the deletion of your data if the conditions set out in Art. 17 GDPR apply. According to this, you can, for example, demand the deletion of your data insofar as it is no longer necessary for the purposes for which it was collected or we process your data on the basis of your consent and you revoke this consent. Please note that your right of deletion may be subject to restrictions. For example, we may not delete data if there are legal obligations to retain data or if the processing is necessary to comply with a legal obligation or to assert, exercise or defend legal claims.
5. Right to information
If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to notify all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.

You have the right against the controller to be informed about these recipients.
6. Right to data portability
Where data processing is based on consent or the performance of a contract and is also carried out using automated processing, you have the right to receive your data in a structured, commonly used and machine-readable format and to transfer it to another data processor.

According to Art. 20 (3) sentence 2 GDPR, this right is not available to you if the data processing serves the performance of public tasks or is carried out in the exercise of official authority vested in the controller.
7. Right to object
You have the right to object at any time on grounds relating to your particular situation to the processing of personal data relating to you in accordance with Article 21 of the GDPR, provided that the processing is carried out on the basis of Article 6(1)(e) or (f) of the GDPR, in particular if the processing is not necessary for the performance of a contract with you. Unless it is an objection to direct marketing, when exercising such an objection, we ask you to explain the reasons why we should not process your data as we have done. In the event of your justified objection, we will review the merits of the case and either cease or adapt the data processing or show you our compelling legitimate grounds for continuing the processing.
8. Right of withdrawal consent
If the data processing is based on consent, you have the right, in accordance with Art. 7 (3) GDPR, to revoke the data processing within the scope of consent with effect for the future at any time and free of charge.
9. Right to complaint
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or the place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR.

An overview of the respective data protection commissioners of the federal states as well as their contact details can be found under the following link:

Your contact with us for exercising your rights: If you wish to exercise any of your rights or receive more information about them, please send an e-mail to or write to the address given above under "Responsible body".
Links to other websites
These web pages may contain links to external websites. We are not responsible for the privacy practices or the content of websites outside our company. For this reason, we recommend that you carefully read the privacy statements of these external websites.

This privacy policy also applies to the following referring websites:

Status: 01 June 2023