Privacy policy

Privacy policy according to Art. 13 and 14 DSGVO

The following information provides an overview of how we process your personal data when you use the website.

We use the English version exclusively to provide a readable version to non-German speaking visitors to our page. In the event of any ambiguity or difference between the German privacy information and the English version, the German version shall prevail for the interpretation and understanding of the information.

I. Who is responsible for the data collection on this website?

The responsible body for data processing on this website is according to Art. 4 No. 7 DSGVO:

TYN-e GmbH
Vorstand: Markus B. F. Graf (CEO), Eberhard Wizgall (CTO)
Albrecht-Villinger-Straße 10
71332 Waiblingen
Phone: +49 (0) 71 51 5 66 – 8 04
VAT number: DE365474011

We do not require a data protection officer. Please also contact the responsible office if you have any questions.

II. Cooperation with third parties

In some cases, we use external service providers and partners to process your data. These have been carefully selected and commissioned by us. The partners are either bound by our instructions within the framework of commissioned processing or have reached other agreements with us regarding data protection, for example because we process the data under joint responsibility. We also work with partners who are professionally bound to secrecy, such as tax advisors, lawyers and other service providers.

III. Automated decision making

We do not use automatic decision-making or profiling.

IV. Your rights as a data subject of a data processing

If we process personal data from you, you can – within the framework of the legal requirements – assert various rights against us with regard to data and information about yourself:

1. Your general data subject rights

  • You can request information (Art. 15 DSGVO) about your personal data stored by us at any time.
  • In addition, you can request that incorrect data be corrected (Art. 16 DSGVO),
  • Or that personal data are restricted for further processing (Art. 18 GDPR).
  • It may also be requested that data be deleted (Art. 17 GDPR).
  • You also have the right to have your data transferred to a third party or you (Art. 20 DSGVO).
  • Insofar as we use your data on the basis of consent (Art. 6 para. 1 sentence 1 lit. a DSGVO, ivm. Art. 7 DSGVO and § 25 para. 1 TTDSG), you have the right to revoke this consent at any time with effect for the future. Please address the revocation informally to the controller named in section I..

2. Your right to object, according to Art 21 DSGVO

If we use your data with a legitimate interest, you can object to the use at any time. Insofar as the objection is justified in individual cases due to your particular situation, we will delete your data. We will not delete the data if we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims. Please address the objection to the controller named in item 1.

3. Establishing the identity

We reserve the right to clarify whether you are also the person entitled to assert these rights, in particular to assert rights of access. We are obliged under Art.12 GDPR to clarify the identity of the person asserting rights.

The text of the law relating to the standards referred to in items 1 to 3 above can be found at in Chapter III.

4. Right of complaint to the supervisory authority:

If you wish to complain about the handling of your personal data, you have the right under Art 77 DSGVO to complain to a data protection supervisory authority about the processing of personal data by us. The supervisory authority responsible for us is the State Commissioner for Data Protection and Freedom of Information in Baden-Württemberg:

V. Deletion of personal data

In principle, we delete personal data as soon as the purpose for processing no longer applies or the statutory retention periods have expired. The legal basis for storing the data is Art. 6 para.1 p.1 lit. c) DSGVO in the case of statutory retention periods and, if applicable, also a legitimate interest pursuant to Art. 6 para.1 p. 1 lit. f) DSGVO if we require the data to protect our rights. If necessary, we will also inform you about the deletion directly there in relation to individual processing operations. We basically distinguish between processing situations as follows:

VI. Data processing during the use of the website

When you visit the website, personal data is processed, whether you contact us by e-mail, via a contact form, request services or reservations. We analyze usage behavior, place advertisements on social networks and integrate third-party offers into our website. In addition to our website, you may also use social media linked or connected through the website. We set out below how we process this data.

1. Server for the operation of the site

Our website and the services we operate are hosted on servers located in the EU. Your personal data will only be transferred to third countries to the extent outlined.

2. Server log files

We also store the usage processes during simple use of the site or when you otherwise transmit information to us, temporarily and regardless of what you do, in a log file. In doing so, we store

  • the date and time of access
  • the duration of the access
  • the IP address
  • the operating system of the computer from which access is made
  • der verwendete Webbrowser, über den der Zugriff erfolgt
  • the web browser used to access the site
  • the subpages that are used
  • the language settings

The legal basis for the storage is Art. 6 paragraph I p.1 lit. f) DSGVO. The storage of the IP address and other data is necessary to ensure the functionality of the website and to guarantee the security of the website. We only store the IP address for the duration of your visit, possibly up to 7 days after the visit, a personal evaluation does not usually take place. The collection of data to provide the website and the storage of data in log files is necessary for the operation of the website.

3. Contact via e-mail or the contact form

If you contact us via the contact form or by e-mail, we store the communication (e-mail address, e-mails, contact data and IP address of the end device and your request) until your request has been dealt with or used, in order to answer queries and document the communication. Insofar as contracts exist or legal retention periods apply, the personal data will also be stored for longer.

When contacting us by e-mail, third parties may be able to view the e-mails if they are not encrypted. You can find out whether your e-mails are encrypted via your e-mail provider. Therefore, contacting us via the contact form is the more secure way.

When contacting us via the contact form, it is necessary to provide the contact information with the e-mail address and name so that we can get in touch with you. Insofar as we require further information, we will request this. The legal basis for the use of the personal data that you provide in the e-mail or via the contact form is Art. 6 para. 1 lit. f) DSGVO a legitimate interest to correspond with you about the request. If the contact is aimed at the conclusion of a contract or if the contact is made in the context of a contract, the legal basis for the processing of personal data is Art. 6 para. 1 lit. b) DSGVO. the contract initiation or implementation.

4. Cookies and Trackingtools

Cookies are text files that are automatically stored in the browser on your computer with a string of characters specific to your computer, so that your browser is recognized when you return to our site.

Cookies are set with your consent according to § 25 para.1 TTDSG in conjunction with Art.7 DSGVO, if it is about cookies that are used for statistical purposes or marketing. Only if the cookies are absolutely necessary for the operation of the website in order to provide the service requested by you, they are also set without consent according to § 25 Abs.2 Nr. 2 TTDSG i.e. without your consent.

We base the further processing of the information obtained from the cookies on your consent pursuant to Art. 6 (1) sentence 1 lit. a) DSGVO and on our legitimate interest pursuant to Art. 6 (1) sentence 1 lit. f) DSGVO, depending on which legal basis can be used in the individual case.

You can find more information on the use of cookies, in which the individual categories and the notes on the providers are explained in more detail in each case, here: Cookie settings

a. Borlabs Cookie Essential

In order to save your consent and to be able to retrieve the preferences you have selected during a new visit, it is mandatory to save the status of your consent in a cookie. Here, we rely on our obligation to manage the preferences you have chosen, the legal basis for the placement of the cookie in your terminal is § 25 Abs.2 Nr. 2 TTDSG. The further processing we base on Art. 6 para.1 lit.f DS-GVO our legitimate interest to store your cookie preferences. This is necessary to use the website.

b. WooCommerce

Sets a session cookie in the browser’s local storage that controls the session. This script is deleted as soon as the browser is closed. The legal basis for the placement of the script in the browser of your end device is § 25 Abs.2 Nr. 2 TTDSG. The further processing is based on Art. 6 para.1 lit.f DS-GVO our legitimate interest to ensure the use of the website secure and trouble-free.

c. Reservation system

You can make reservations on our website to express interest in a vehicle without obligation and to stay informed about further developments. In doing so, we ask for your e-mail address, your name, your address data (street, house number and postal code with city), the IP address of the terminal device, as well as the date and time of the reservation. The telephone number is optional. The mandatory information requested during registration must be provided in full. Otherwise we will reject the reservation.

As part of the reservation, we will contact you by e-mail and send you information to inform you about the state of affairs and to prepare the contract for the conclusion of a purchase contract or other contract then subject to a fee. These data are necessary to prepare the decision to conclude a contract and to keep you informed about the development of your reservation and to make you the offer.

We use and in the implementation of the reservation the support of Woocomerce. These also set cookies in your computer around the reservation. The legal basis for the setting of the cookie is in this case your consent according to § 25 Abs.2 TTDSG and in the further course according to Art 6 Abs.1 S. 1 lit.a DSGVO.

The legal basis for data processing in the context of the reservation and for sending information about the models is the contract initiation and execution of a contract according to Art 6 para. 1 lit b. DSGVO. Insofar as there are legal retention periods, the data we process this information due to a legal obligation under Art. 6 para.1 p. 1 lit. c DSGVO.

d. Data transmission to the USA

If you select statistics and or marketing, your personal data will be processed by Google and Facebook/Meta/Instagram, also in the USA with your consent. This consent can be revoked at any time with effect for the future.
In the USA (but also in other third countries outside the EU), your data is not secure according to a ruling of the ECJ (ECJ – C311/18 of 16.07.2020) and you will not find sufficient legal protection if you suspect a violation of the law. U.S. companies are required by U.S. law to give U.S. authorities access to European users’ data. You are unlikely to learn that your data is being processed by U.S. authorities. Furthermore, from a European perspective, you will also not get sufficient legal protection should processing of your personal data by U.S. authorities take place; they can, for example, access communications via submarine cables between the U.S. and Europe without further consultation. To avoid this access, you must prevent data processing for marketing and statistical purposes.

You can prevent data processing in the USA by switching off cookies for statistical and marketing purposes in our Consent Tool.

Cookie Einstellungen

e. Use of Google

In cooperation with Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA (hereinafter Google), we use Google Tag Manager, Google Analytics and Google Optimize. These services all run in the Google Marketing Platform. This platform allows us to optimize and interlock our website analytics.

Since Google also processes the data in the USA, Google invokes the standard data protection clauses issued by the EU Commission pursuant to Art. 46 (2) c) DS-GVO. Google wants to ensure the level of data protection of the DS-GVO with additional security measures, even if this is not guaranteed.

In doing so, Google relies on additional security measures, such as encryption mechanisms, which ensure the data protection level of the GDPR. The legal framework is presented by Google here: . We additionally rely on your consent to collect the information via our website and app.

f. Google Tag Manager

The Google Tag Manager records interactions that are made on the website, controls them and sends them on to the connected tools such as Google Analytics. The tag manager itself does not store any data, but it may forward personal data, such as the IP address of the computer, to tracking tools or other tools, and these can be stored and analyzed there. “Tags” – similar to keywords in the table of contents of a book – make it easier to find and edit applications in the website, which can then be controlled via a central user interface. This makes our work much easier and allows us to keep track of the tools we use. If a deactivation of the tag manager was made, this remains for all tracking tags that were implemented with the Google Tag Manager.

You can prevent this tracking procedure by switching off cookies for statistical and marketing purposes in our Consent Tool.

The legal basis for setting the cookie is according to § 25 Abs.1 TTDSG with your consent. The further processing is based on Art. 6 para.1 p. 1 lit. a DSGVO.

g. Google Analytics

We use Google services to measure the use of our online offers, to test new variants of our website, to play out advertising and to advertise ourselves. For the analysis of the offers on our site we use Google Analytics, so we want to monitor and improve the acceptance and use of the editorial offer but also our other offers.

Purpose of usage analysis among our users of the website:

The purpose of the deployment is to analyze the entire customer lifecycle from first contact to occasional use to close customer loyalty. Furthermore, we can test the adaptations of our site in different phases via A/B tests.

We analyze the use of our offerings to determine which content and offerings are used how often and for how long. In this way, we want to align our offerings with the interests of our users and see which offerings need to be improved in order to gain greater acceptance. As far as editorial content is concerned, it is in our interest to examine the reading habits on the various channels used and to find out how often, for how long and from which location which content is read.

We also use Google Signals, which links session data from websites and apps to users who are logged into their Google account and have activated personalized advertising. This makes it possible for us to address these persons via personalized advertising and to track activity on our offers across devices. For this purpose, we create statistics and form pseudonymized profiles of the users of our offer. This technology also allows us to track how these users behave across devices and create usage statistics based on demographic characteristics such as age and gender. These are supplemented by artificial intelligence to generate plausible results for us. You can find more information on this at Google.

Furthermore, we create a browser- or app-based identifier for a single, pseudonymized user based on a device ID through which we derive Google’s usage history from individual events. More

If you reject the device ID and the setting of cookies, no data is available to us. Google Analytics closes this gap by modeling the behavior of these users.

Categories of data collected:

For our statistics, we collect pseudonymous information (i.e. information that cannot be related to the individual person), such as gender, age. Furthermore, we store the type of device, the screen resolution and the browser used to access our site. Last but not least, the access times and the duration of the access are recorded.

For accesses originating from the EU, IP address data is only used to derive location data and then immediately deleted on Google servers in the EU. They are not logged, are not accessible and are not used for further use cases. Google describes more about this procedure in the explanations on data protection in the EU

As far as we collect location data (geo-data), the city, the geo-data of the city or the location from which the access is made is also stored.

The storage period

We store the specified data for a total of 14 months. After that, they are deleted or stored anonymously by us. Data without personal reference can be processed longer.

Setting to Google tools:

Via our Consent Tool, you can object to the tracking at any time and revoke your consent with effect for the future. Furthermore, you can object to the data collection by Google Analytics via a Google tool:

If you want to influence the advertising that is displayed to you, you can do so as a logged-in Google user in your account under .

Furthermore, Google explains how the data is processed.:

You can find out how Google processes your data at

h. Facebook Pixel

We advertise our offers on Facebook/Meta, via Facebook and thus play out ads for our offers based on the interests of our users. The so-called “Facebook pixel” is used within our online offer. This is a code of the social network Facebook, which is operated by Meta Platforms Ireland Ltd, 4 Grand Canal Square Grand Canal Harbour Dublin 2 Ireland (“Facebook”), parent company Meta Inc, 1 Hacker Way, Menlo Park, CA 94025, USA.

In Facebook’s data policy you can find the information about what data is processed by Facebook.

The cooperation between us happens in relation to the Facebook Business Tools on the basis of a shared responsibility agreement according to Art 26 DSGVO.

Your data will also be processed via Facebook in the USA. Here, Facebook refers to the standard data protection clauses of the EU according to Art. 46 DSGVO and declares them applicable for data processing in the USA.  Furthermore, Facebook also refers to additional security measures. Furthermore, Facebook refers to this information. We additionally rely on your consent.

When Facebook provides matching, measurement and analysis services, we process this data under joint responsibility with Facebook. You can find out how these are structured in Facebook’s terms and conditions  as well as in the terms of use.

When you visit our website, the Facebook pixel generates a connection to your end device directly through Facebook and makes it possible to save a cookie on the end device or in the browser with which you visit our site. If you are logged into Facebook, the visit to our offer is stored in your Facebook profile.

With the help of the Facebook pixel, it is possible for Facebook to suggest visitors to our offer as a target group for the display of advertisements, even across devices. We use the Facebook pixel to display our ads on Facebook only to those users who are also interested in our offer. This is possible because Facebook creates usage profiles and target groups are formed, to which we can deliver our target group advertising after defining them. The delivery to potentially interested users is behavior-based advertising.

Facebook also stores the IP address of the user. This makes it possible for us to track via the IP address from which device (based on the IP address) the actual user accesses our offer. You can find out what other data Facebook processes under the terms of use

The processing of data by Facebook takes place within the framework of the Facebook data policy.

For more information on how the Facebook Pixel works and how Facebook ads are displayed in general, see Facebook’s data policy (see above) and the information about ads

These cookies are set with your consent according to § 25 Abs.1 TTDSG in connection with Art.7 DSGVO. The data processing of the information obtained via this cookie is based on Art 6 Abs.1 S. 1 lit. a DSGVO, with your consent.

You can revoke this consent at any time via our consent tool in which the consents are recorded.

If you wish to object to processing by Facebook, you can disable the advertising function in our Consent tool.

Cookie Einstellungen

Furthermore, you can set the advertising settings via Facebook in your account so that Facebook restricts tracking. However, you can also go to the cookie management page, deselect the cookies for Facebook or disable them in the browser settings.

i. Instagram

Furthermore, we publish images and text on Instagram, a service operated by Meta Platforms Ireland Ltd, 4 Grand Canal Square Grand Canal Harbour Dublin 2 Ireland (“Instagram”), parent company Meta Inc, 1 Hacker Way, Menlo Park, CA 94025, USA. We use it to embed articles, images and other information in the pages.

If you are logged in to your Instagram account, you can link the content of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate the visit to our pages with your user account. You can find out which data is collected in the Instagram privacy policy

Instagram also transfers data to the USA, for this purpose. Instragram relies on the standard contractual clauses according to Art. 46 DSGVO and from Germany to the USA on the adequacy decisions issued by the European Commission, which you can find in this EU standard contractual clause. We additionally rely on your consent as.

You can object to the data processing by Instagram and Facebook by changing the settings in or by deselecting the settings in our Consent Tool.

VII. Operation of the Instagram account

We have included an Instagram button on the website that links to Instagram pages. Instagram is an application for sharing photos and images. This offer is operated by Instagram Inc. (1601 Willow Road, Menlo Park, CA, 94025, USA) part of the Meta Group. Your data will be transferred to Instagram in the USA.

If you are logged in to Instagram with your account, by pressing the button you can view content, especially images from  link to your Instagram profile. Instagram can thereby connect the visit to our site with your user account and log it. We have no influence on how your personal data is handled on Instagram. For more information on how your personal data is handled, please see Instagram’s privacy policy:

If you do not want Instagram to store data about your visit to our website, you must log out of it and delete the cookies in the browser you are using.

VIII. Change of the privacy policy

Insofar as legal or technical changes make it necessary to adapt the data protection declaration, we will change it and adapt individual clauses or the entire declaration to the given circumstances. We will always place the current data protection declaration online at this point and archive the old declarations. If required, we will make the old data protection declarations available to you.