1.1 We are pleased that you are visiting our website and thank you for your interest. Below we inform you about how your personal data is handled when you use our website. Personal data refers to any data that can personally identify you.

1.2 The data controller for the processing of data on this website, as defined by the General Data Protection Regulation (GDPR), is Finest People GmbH, Vigilienstraße 12A, 67098 Bad Dürkheim, Germany, email: support@finest-cars.online. The controller is the natural or legal person who determines the purposes and means of processing personal data, either alone or jointly with others.

2.1 When you use our website purely for informational purposes – meaning without registering or otherwise transmitting information – we only collect data your browser sends to the server (so-called "server log files"). These include:

The website visited

Date and time of access

Amount of data transferred in bytes

Referring page

Browser used

Operating system used

IP address (anonymized, if applicable)

The processing is carried out in accordance with Art. 6(1)(f) GDPR based on our legitimate interest in improving the stability and functionality of our website. This data is not disclosed or used in any other way. However, we reserve the right to check the server log files retrospectively if there are specific indications of unlawful use.

2.2 For security reasons and to protect the transmission of personal data and other confidential content (e.g., orders or inquiries), our website uses SSL or TLS encryption. You can recognize an encrypted connection by the "https://" in your browser's address bar and the lock icon.

We use a Content Delivery Network (CDN) provided by:

1&1 IONOS Internet SE, Elgendorfer Str. 57, 56410 Montabaur, Germany

This service helps deliver large media files such as images, scripts, and page content faster via regionally distributed servers. The processing is based on our legitimate interest in improving the stability and performance of our site, pursuant to Art. 6(1)(f) GDPR.

We have entered into a data processing agreement with the provider to ensure the protection of visitor data and to prevent unauthorized disclosure.

To make your visit to our website more attractive and enable the use of certain functions, we use cookies – small text files stored on your device. Some of these cookies are automatically deleted after closing the browser (session cookies), while others remain on your device and enable us or our partners (third-party cookies) to recognize your browser on your next visit (persistent cookies).

Cookies collect and process specific user information such as browser and location data and IP address. Persistent cookies are automatically deleted after a defined period, which may vary by cookie.

If personal data is processed via individual cookies, this is done in accordance with Art. 6(1)(b) GDPR for the performance of a contract, or in accordance with Art. 6(1)(f) GDPR to protect our legitimate interests in the best functionality of the website and a user-friendly and effective site visit.

We may work with advertising partners who help us make our online offering more interesting. In such cases, cookies from partner companies may also be stored on your device when you visit our website (third-party cookies). If we work with such partners, you will be informed separately in this privacy policy.

You can configure your browser to notify you about cookie settings and allow cookies only in individual cases, exclude cookies for specific cases or in general, and activate automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of our website.

5.1 Calendly

To provide an online appointment booking function, we use the services of the following provider:

Calendly, LLC, BB&T Tower, 271 17th St NW, Atlanta, GA 30363, USA

For the purpose of scheduling appointments, your first and last name as well as your email address (and, if applicable, your phone number, if a telephone appointment is requested) are collected in accordance with Art. 6(1)(b) GDPR. Based on our legitimate interest in effective customer management and efficient appointment coordination, this data is also transmitted to the provider pursuant to Art. 6(1)(f) GDPR and stored there for the purpose of organizing appointments.

Your data will be deleted by the provider after the appointment has taken place or after the scheduled time slot has expired.

We have entered into a data processing agreement with the provider to ensure the protection of our website visitors’ data and to prevent unauthorized disclosure to third parties.

For data transfers to the USA, the provider is certified under the EU-U.S. Data Privacy Framework, which ensures compliance with the European level of data protection based on an adequacy decision of the European Commission.

5.2 Contacting Us (via Form or Email)

When contacting us (e.g. via contact form or email), personal data is collected. The specific data collected in the case of a contact form can be seen from the respective form itself.

This data is used exclusively for responding to your inquiry or for establishing contact and the associated technical administration. The legal basis for processing this data is our legitimate interest in responding to your request pursuant to Art. 6(1)(f) GDPR. If the contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6(1)(b) GDPR.

Your data will be deleted once the matter has been conclusively resolved, provided there are no statutory retention obligations to the contrary. This is the case when it can be inferred from the circumstances that the relevant issue has been finally clarified.

Postal Advertising

Based on our legitimate interest in personalized direct marketing, we reserve the right to store your first and last name, postal address, and—if you have provided this information as part of a contractual relationship—your title, academic degree, year of birth, and professional, industry, or business designation pursuant to Art. 6(1)(f) GDPR. This data may be used to send you interesting offers and information about our products via postal mail.

You may object to the storage and use of your data for this purpose at any time by contacting us.

1&1 IONOS WebAnalytics

This website uses the web analytics service of the following provider:

1&1 IONOS Internet SE, Elgendorfer Str. 57, 56410 Montabaur, Germany

Using cookies and/or comparable technologies (tracking pixels, web beacons, algorithms for reading device and browser information), the service collects and stores pseudonymized visitor data, including information from the device used, such as IP address and browser information. This is used to statistically analyze user behavior on our website and create pseudonymized usage profiles. For example, movement patterns (so-called heatmaps) can be analyzed to show the duration of visits and interactions with page content (e.g., text input, scrolling, clicks, and mouse-overs). Pseudonymization generally excludes any direct personal reference. No combination of this data with other personal information occurs.

All processing described above, particularly reading or storing information on the device used, only occurs if you have given us your explicit consent pursuant to Art. 6(1)(a) GDPR. You can revoke your consent at any time with effect for the future by disabling this service in the “cookie consent tool” provided on the website.

We have entered into a data processing agreement with the provider to ensure the protection of visitor data and to prevent unauthorized disclosure to third parties.

Meta Pixel with Advanced Matching

Within our online offering, we use the "Meta Pixel" service in advanced matching mode provided by:

Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland ("Meta")

When a user clicks on one of our Facebook or Instagram ads, the URL of our linked page is extended with a parameter using "Meta Pixel." After redirection, this URL parameter is stored in the user’s browser via a cookie set by our linked page. Additionally, this cookie captures specific customer data—such as email address—that we collect on our website in connection with Facebook or Instagram ad-related actions (e.g., purchases, account logins, or registrations). The cookie is then read and enables the transmission of the data, including this specific customer data, to Meta.

We use "Meta Pixel" with advanced matching to make our ads on Facebook and/or Instagram more effective and to ensure they align with users’ interests or certain characteristics (e.g., interests in particular topics or products, determined by visited websites) that we share with Meta (so-called "Custom Audiences").

We also analyze the effectiveness of our ads by tracking whether users were redirected to our website after clicking on an ad (conversion). Compared to the standard version of "Meta Pixel," the advanced matching feature helps us measure the effectiveness of our campaigns more accurately by capturing additional attributed conversions.

All transmitted data is stored and processed by Meta, allowing it to be linked to the respective user profile. Meta may use the data for its own advertising purposes in accordance with its data usage policy (https://www.facebook.com/about/privacy/). This may enable Meta and its partners to display ads on and outside of Facebook.

All the above-mentioned processing, particularly the setting of cookies to read information from the device used, only occurs if you have given your explicit consent pursuant to Art. 6(1)(a) GDPR. You can revoke your consent at any time with future effect by disabling the service in the “cookie consent tool” provided on the website.

We have concluded a data processing agreement with the provider to ensure the protection of our website visitors' data and to prevent unauthorized disclosure to third parties.

Information generated by Meta is usually transmitted to a Meta server and stored there; this may also involve transmission to Meta Platforms Inc. servers in the USA.

For data transfers to the USA, the provider is certified under the EU-U.S. Data Privacy Framework, which ensures compliance with the European data protection level based on an adequacy decision by the European Commission.

9.1 Facebook Plugins

Our website uses plugins of the social network Facebook, operated by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

These plugins enable direct interaction with content on the social network. To increase the protection of your data when visiting our website, the plugins are initially deactivated and integrated using a so-called “2-click” or “Shariff” solution. This setup ensures that no connection to the provider’s servers is made when accessing a page on our site that contains such plugins.

Only when you activate the plugin and thereby give your consent pursuant to Art. 6(1)(a) GDPR, does your browser establish a direct connection to the provider’s servers. Regardless of whether you are logged into an existing user profile, certain information about your device (including your IP address), your browser, and your browsing activity is transmitted to the provider and may be processed there.

If you are logged into a user account on the provider’s social network, interactions via the plugin may also be published there and displayed to your contacts.

You may withdraw your consent at any time by deactivating the plugin again with another click. However, this revocation does not affect the legality of data already transferred to the provider.

Data may also be transferred to: Meta Platforms Inc., USA.

We have entered into a data processing agreement with the provider to ensure the protection of our website visitors’ data and to prevent unauthorized disclosure to third parties.

For data transfers to the USA, the provider is certified under the EU-U.S. Data Privacy Framework, which ensures compliance with the European level of data protection based on an adequacy decision by the European Commission.

9.2 Instagram Plugins

Our website uses plugins of the social network Instagram, also operated by Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

These plugins enable direct interaction with content on the social network. To enhance the protection of your data when visiting our website, the plugins are initially deactivated using a so-called “2-click” or “Shariff” solution. This integration ensures that no connection to the provider’s servers is established when accessing a page of our website that includes such plugins.

Only after you activate the plugins and thereby give your consent pursuant to Art. 6(1)(a) GDPR, does your browser establish a direct connection to the provider’s servers. Regardless of whether you are logged into an existing user profile, certain information about your device (including your IP address), your browser, and your site usage history is transmitted to the provider and may be processed there.

If you are logged into an Instagram profile, interactions via the plugin may also be published there and shown to your contacts.

You may revoke your consent at any time by deactivating the activated plugin with another click. However, the revocation does not affect the legality of data that has already been transferred.

Data may also be transferred to: Meta Platforms Inc., USA.

We have entered into a data processing agreement with the provider to ensure the protection of our website visitors’ data and to prevent unauthorized disclosure to third parties.

For data transfers to the USA, the provider is certified under the EU-U.S. Data Privacy Framework, which ensures compliance with the European level of data protection based on an adequacy decision by the European Commission.

9.3 LinkedIn Plugins

Our website uses plugins of the social network LinkedIn, operated by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.

These plugins allow direct interaction with content on the social network. To enhance data protection when visiting our website, the plugins are initially deactivated using a so-called “2-click” or “Shariff” solution. This integration ensures that no connection to LinkedIn servers is established when accessing a page of our website containing such plugins.

Only when you activate the plugins and thereby give your consent in accordance with Art. 6(1)(a) GDPR will your browser establish a direct connection to LinkedIn’s servers. Regardless of whether you are logged into an existing user profile, certain information about your device (such as your IP address), your browser, and your browsing activity may be transmitted to and processed by the provider.

If you are logged into your LinkedIn profile, any interactions performed via the plugin may also be published on your profile and visible to your contacts.

You may revoke your consent at any time by deactivating the plugin with another click. The revocation does not affect the legality of data already transmitted to the provider.

Data may also be transferred to: LinkedIn Inc., USA.

We have entered into a data processing agreement with the provider to ensure the protection of our website visitors' data and to prevent unauthorized disclosure to third parties.

For data transfers to the USA, the provider relies on the European Commission’s Standard Contractual Clauses, which are designed to ensure an adequate level of data protection.

9.4 X Plugins (formerly Twitter)

Our website uses plugins of the social network X (formerly Twitter), provided by Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland.

These plugins enable direct interaction with content on the social network. To protect your privacy, the plugins are initially deactivated and integrated using a “2-click” or “Shariff” solution. This ensures that no connection to X servers is established when loading pages containing such plugins.

Only after you activate the plugin and thereby give your consent in accordance with Art. 6(1)(a) GDPR will your browser connect directly to the provider's servers. Regardless of whether you are logged into an existing user profile, certain information about your device (such as your IP address), your browser, and your browsing behavior may be transmitted to the provider and processed accordingly.

If you are logged into your X account, interactions via the plugin may also be published on your profile and shared with your contacts.

You can withdraw your consent at any time by deactivating the plugin again. The withdrawal does not affect the legality of any data already transmitted.

Data may also be transferred to: X Corp., USA.

We have entered into a data processing agreement with the provider to ensure the protection of our website visitors’ data and to prevent unauthorized disclosure to third parties.

For data transfers to the USA, the provider relies on the European Commission’s Standard Contractual Clauses to ensure compliance with EU data protection standards.

9.5 Google Maps

This website uses the online map service Google Maps (API), provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”).

Google Maps is a web service for displaying interactive (land) maps to visually present geographic information. By using this service, our location is displayed to you and any directions are made easier.

When you access subpages that include a Google Maps map, information about your use of our website (such as your IP address) is transmitted to Google’s servers and stored there. This may also involve transmission to the servers of Google LLC in the USA. This occurs regardless of whether Google provides a user account through which you are logged in or whether no such account exists. If you are logged in to Google, your data will be directly associated with your account. If you do not want your data to be associated with your Google profile, you must log out before activating the map.

Google stores your data (even for users who are not logged in) as usage profiles and evaluates them. The collection, storage, and evaluation are carried out in accordance with Art. 6(1)(f) GDPR on the basis of Google's legitimate interest in displaying personalized advertising, conducting market research, and/or optimizing the design of its websites.

You have the right to object to the creation of these user profiles, and you must contact Google to exercise this right.

If you do not agree with the future transmission of your data to Google in connection with the use of Google Maps, you also have the option to completely deactivate the Google Maps web service by turning off JavaScript in your browser. In that case, Google Maps and the map display on this website will not be usable.

Where legally required, we obtain your consent in accordance with Art. 6(1)(a) GDPR for the above-described processing of your data. You can revoke your consent at any time with effect for the future. To exercise your right of withdrawal, please follow the method of objection described above.

For data transfers to the USA, Google is certified under the EU-U.S. Data Privacy Framework, which ensures an adequate level of data protection based on a European Commission adequacy decision.

9.6 OpenStreetMap

This website uses the online map service provided by:

OpenStreetMap Foundation, St John’s Innovation Centre, Cowley Road, Cambridge, CB4 0WS, United Kingdom.

The online map service is a tool for displaying interactive (land) maps to visually present geographic information. By using this service, our location is displayed to you, and geolocation may be facilitated.

When you access subpages in which the provider’s map is embedded, information about your use of our website (e.g., your IP address) is transmitted to the provider’s servers and stored there.

The processing of your personal data takes place in accordance with Art. 6(1)(f) GDPR based on our legitimate interest in the user-oriented design of our website.

If you do not agree with the future transmission of your data to the provider, you have the option to fully deactivate the online map service by disabling the JavaScript application in your browser. The online map function on this website will then no longer be available.

Where legally required, we obtain your consent in accordance with Art. 6(1)(a) GDPR for the above-described processing of your data. You can revoke your consent at any time with effect for the future. Please follow the objection procedure described above to exercise your revocation.

If data is transferred to the provider's location, an adequate level of data protection is guaranteed by an adequacy decision of the European Commission.

9.7 Microsoft Teams

For the purpose of conducting online meetings, video conferences, and/or webinars, we use the following provider:

Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA.

The provider processes various types of data, depending on what information you provide before or during participation in an online meeting, video conference, or webinar. Your data is processed as a communication participant and stored on the provider’s servers. This may include your registration details (name, email address, phone number [optional], and password) and session data (topic, participant IP address, device information, description [optional]).

In addition, video and audio contributions from participants and voice input in chats may be processed.

For the processing of personal data necessary for the performance of a contract with you (this also applies to processing operations required to carry out pre-contractual measures), Art. 6(1)(b) GDPR serves as the legal basis. Where you have given us your consent to the processing of your data, processing is based on Art. 6(1)(a) GDPR. Consent may be revoked at any time with effect for the future.

Otherwise, the legal basis for the processing of data in the context of online meetings, video conferences, or webinars is our legitimate interest pursuant to Art. 6(1)(f) GDPR in effectively conducting such virtual events.

We have entered into a data processing agreement with the provider to ensure the protection of our website visitors’ data and to prevent unauthorized disclosure to third parties.

For data transfers to the USA, the provider is certified under the EU-U.S. Data Privacy Framework, which ensures compliance with European data protection standards based on an adequacy decision of the European Commission.

9.8 Zoom

For conducting online meetings, video conferences, and/or webinars, we use the following provider:

Zoom Video Communications Inc., 55 Almaden Blvd, Suite 600, San Jose, CA 95113, USA.

The provider processes various types of data, depending on which data you provide before or during participation in an online meeting, video conference, or webinar. Your data as a communication participant is processed and stored on the provider's servers. This may include your registration information (name, email address, phone number [optional], and password) as well as session data (topic, participant IP address, device information, description [optional]).

In addition, video and audio contributions by participants as well as speech input in chats may be processed.

For the processing of personal data necessary for the performance of a contract with you (this also applies to processing operations required for pre-contractual measures), Art. 6(1)(b) GDPR serves as the legal basis. If you have given us consent to process your data, the processing is based on Art. 6(1)(a) GDPR. You may revoke consent at any time with effect for the future.

Furthermore, the legal basis for data processing in the context of online meetings, video conferences, or webinars is our legitimate interest under Art. 6(1)(f) GDPR in effectively conducting such virtual events.

We have entered into a data processing agreement with the provider to ensure the protection of our website visitors' data and to prevent unauthorized disclosure to third parties.

For data transfers to the USA, the provider relies on the Standard Contractual Clauses of the European Commission to ensure compliance with European data protection standards.

10.1 Cookie Consent Tool

This website uses a so-called “cookie consent tool” to obtain valid user consents for cookies and cookie-based applications requiring consent. The “cookie consent tool” is displayed to users upon visiting the site in the form of an interactive interface, through which specific consents for particular cookies and/or cookie-based services can be given by ticking checkboxes.

Through this tool, any cookies/services requiring consent are only loaded if the respective user has provided such consent by checking the corresponding box. This ensures that such cookies are only set on the user's device when consent has been granted.

The tool uses technically necessary cookies to store your cookie preferences. In general, no personal user data is processed in the process.

If, in individual cases, personal data (such as your IP address) is processed for the purposes of storing, assigning, or logging cookie settings, such processing is based on our legitimate interest under Art. 6(1)(f) GDPR in providing legally compliant, user-specific, and user-friendly cookie consent management and in ensuring compliance with our legal obligations.

An additional legal basis for processing is Art. 6(1)(c) GDPR. As the data controller, we are legally required to obtain user consent for the use of non-essential cookies.

Where necessary, we have entered into a data processing agreement with the provider to ensure the protection of our website visitors' data and to prevent unauthorized disclosure to third parties.

Further information about the provider and the settings available in the cookie consent tool can be found directly in the interface on our website.

10.2 Lexoffice

We use the cloud-based accounting software provided by:

Haufe-Lexware GmbH & Co. KG, Munzinger Straße 9, 79111 Freiburg, Germany.

The provider processes incoming and outgoing invoices as well as, where applicable, the banking transactions of our company in order to automatically record invoices, match them with transactions, and generate financial accounting through a partially automated process.

If personal data is processed in this context, it is done pursuant to Art. 6(1)(f) GDPR based on our legitimate interest in the efficient organization and documentation of our business operations.

11.1 Under applicable data protection law, you have the following rights regarding the processing of your personal data, which you may exercise against the data controller. The legal basis for each right is referenced accordingly:

Right of access pursuant to Art. 15 GDPR

Right to rectification pursuant to Art. 16 GDPR

Right to erasure (“right to be forgotten”) pursuant to Art. 17 GDPR

Right to restriction of processing pursuant to Art. 18 GDPR

Right to notification pursuant to Art. 19 GDPR

Right to data portability pursuant to Art. 20 GDPR

Right to withdraw consent granted pursuant to Art. 7(3) GDPR

Right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR

11.2 Right to Object

IF WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTERESTS AS PART OF A BALANCING OF INTERESTS, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION, WITH EFFECT FOR THE FUTURE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL CEASE PROCESSING THE DATA IN QUESTION. HOWEVER, WE RESERVE THE RIGHT TO CONTINUE PROCESSING IF WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OVERRIDE YOUR INTERESTS, FUNDAMENTAL RIGHTS AND FREEDOMS, OR IF THE PROCESSING SERVES TO ASSERT, EXERCISE, OR DEFEND LEGAL CLAIMS.

IF YOUR PERSONAL DATA IS PROCESSED BY US FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH ADVERTISING. YOU MAY EXERCISE THIS RIGHT AS DESCRIBED ABOVE.

IF YOU EXERCISE YOUR RIGHT TO OBJECT, WE WILL IMMEDIATELY STOP PROCESSING THE RELEVANT DATA FOR DIRECT MARKETING PURPOSES.

The duration of the storage of personal data is determined based on the respective legal basis, the purpose of processing, and—if applicable—also according to the relevant statutory retention periods (e.g., commercial and tax-related retention obligations).

When processing personal data based on explicit consent in accordance with Art. 6(1)(a) GDPR, the data will be stored until you revoke your consent.

If statutory retention periods exist for data processed on the basis of contractual or quasi-contractual obligations pursuant to Art. 6(1)(b) GDPR, such data will be routinely deleted after the retention period has expired, provided it is no longer required for the fulfillment of the contract or the initiation of a contract, and/or if there is no further legitimate interest in continued storage on our part.

When processing personal data on the basis of Art. 6(1)(f) GDPR, the data will be stored until you exercise your right to object under Art. 21(1) GDPR, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing is for the establishment, exercise, or defense of legal claims.

If personal data is processed for direct marketing purposes on the basis of Art. 6(1)(f) GDPR, the data will be stored until you exercise your right to object under Art. 21(2) GDPR.

Unless otherwise specified in this statement regarding specific processing situations, stored personal data will generally be deleted once it is no longer necessary for the purposes for which it was collected or otherwise processed.