This notice of protection of personal data applies to the BMW Group Partner Portal Internet service (hereinafter "the portal") offered by BMW AG (hereinafter "BMW") on the website https://b2b.bmw.com.

Employees of BMW AG and its affiliated companies may access the portal via the BMW Intranet from the website https://b2b.bmwgroup.net.

All personal data of the user that is collected for purposes of registration for and use of the portal will be processed and used to implement the agreement in accordance with German regulations for the protection of personal data.

Protection of Personal Data

In order to ensure the necessary confidentiality of communication, BMW must collect, process, and transmit personal data.
BMW ensures compliance with internationally accepted data protection standards and sees to it that its personnel who are in charge of processing data comply with security and confidentiality standards.
Data is only collected, transmitted, and processed in the manner described below. If the scope of use should change, BMW will inform the users of this event in an appropriate and timely manner and will obtain their consent where necessary.

Scope of Personal Data Processing

Individuals may use the public area of the portal without disclosing their identity.
Access to the portal's non-public pages is restricted to employees of BMW and its affiliated companies and those partner companies designated by BMW globally. This access requires prior registration.
In order to properly perform our services and to ensure that users are properly identified and authorized, the following information concerning users is collected and stored for our non-public information services:

• the business name, mailing address, and supplier number of the user's employer


• the user's name, job title, organizational unit, telephone number, and e-mail address


• the user's online identification (user name) and password


• the user's application-related personal configuration settings and preferences.

All personal data is collected during registration and must be confirmed by the user. No data is collected from other sources such as public directory services or external information providers.
BMW reserves the right as a provider of this portal to verify thoroughly all information contained in user applications and to reject any request for registration or to block access in whole or in part, even short-term.
BMW will not make personal data available to any third party. However, users may distribute personal data via the communication offering at their own risk and account.

User Directory

For purposes of maintaining its information services, BMW makes a central directory service available to all users.
This directory service contains the personal data that is required for the establishment of communication connections. BMW will keep the scope of this data as narrow as possible.
Personal data will only be included in the central directory service with the prior consent of the affected persons as indicated in the User's Data Protection Consent Statement. Users give their consent voluntarily and may revoke it at any time.

Security and Confidentiality

BMW takes extensive protective measures, both technical and organizational, to prevent potential misuse through, for instance, the following:

• unauthorized modification or disclosure of confidential information


• data loss through unauthorized deletion or system breakdowns.

Logging of Personal Data

BMW's automated data processing of applications that are accessible via the portal also includes the recording of personal data for the following purposes:

• user administration and authentication


• maintaining operation and performing targeted troubleshooting (data security).

Only a small number of select individuals who are bound by data secrecy may access log data.

Transmitting Data Abroad

The BMW AG and its affiliated companies that participate in the portal are located all around the world. Because of this, personal data may be transferred to countries outside the European Union that do not necessarily ensure an adequate level of data protection.

Anonymous Data and Cookies

BMW uses cookies for session handling. This is the only way to reliably assign actions to a particular user and to establish access control. The cookies employed are only used for the duration of one session, and the only personal data they contain is an individual session ID that can be assigned to a registered user for purposes of verifying his identity in the future.

Children's Privacy

The BMW Group's Partner Portal is not accessible to children. BMW does not knowingly collect or record personal data of any child under 13 years of age without obtaining the prior consent of the child's parent or legal guardian. BMW is committed to complying with the US Children's Online Protection Act.

Right to Information and Revocation

BMW enables users to initiate the update, correction, or blocking of their personal information at any time.
Registered users may inform themselves at any time and at no charge about the personal data that has been stored regarding them. A self-service information system is available for this purpose in the non-public area of our information offering. You may also use any of the contact options indicated at the end of this Data Protection Notice.
Any consent that has been issued may be revoked at the Portal Menu 'Revoke Access Agreements' (under 'Personalization') at any time.
Information requests and revocations are handled free of charge.

Contact Information

Please address any questions or suggestions you may have regarding this Data Protection Notice to our hotline.