Data protection
Respect and Responsibility are core values for us at Scania. They form the foundation when we interact with you in your role as our valued customer, a driver of our vehicles, a co-worker in our global organisation, a trusted business partner/supplier or when visiting our websites, premises or events.
The data controller responsible for your personal data is Scania CV AB, unless otherwise stated in a privacy statement specific to a market or a service as accessible through www.scania.com.
We process your personal data when it is needed to:
- deliver our products and services,
- support and assist you when you use our products and services,
- fulfil and follow up contractual obligations, ours as well as yours,
- fulfil legal obligations and legitimate requests from law enforcement and other authorities,
- provide information about our products and services as well as upcoming events,
- improve quality and develop existing, as well as new, products and services as well as our organization.
We strive to always handle and protect your personal data with respect and integrity. Sometimes we utilize trusted business partners to help us deliver our products and services. In those cases when we need to share your personal data with our business partners, we ensure that they treat your personal data with the same respect and integrity as we do.
In this privacy statement we would like to inform you what personal data we process, why we are doing it and how we ensure that your rights and your privacy is respected. Further information about how your personal data is processed may in specific cases be found in more detailed privacy notices, contracts and service descriptions. You will in these cases find the information when accessing the application/system/service. If you have any questions or concerns you are always welcome to contact us here or talk to your Scania contact.
DownloadWe use cookies and other similar technologies (collectively referred to as ‘cookies’) on all of our websites relating to the domain ‘scania.com’ and sub-domains thereto. You may freely choose whether you wish to accept cookies on your device or not. Scania needs your consent to place and use cookies on your device, with the exception of such cookies that are strictly necessary for the safety and proper functioning of our website. We will only use other categories of cookies if you have allowed us to do so by checking the corresponding boxes.
If you at a certain point in time have chosen not to accept Scania’s use of cookies, or if you have previously accepted our use of cookies and wish to modify your choices, you can go back and adjust your cookie choices at any time by clicking on ‘Cookie Settings’ at the bottom of our website which will redirect you to our cookie consent management platform. By doing so and adjusting your choice of cookies, Scania will automatically cease or initiate our usage of applicable cookies corresponding with your new and updated choices. You may also at any time manually clear your device of cookies previously placed by us, for further information on this, please read the section referred to as ‘Manage Cookie Settings’ below.
Below, you will find further information on cookies, including; what cookies are, which cookies we use, what our purpose is for using them, the retention period of each cookie, and how you go about blocking or deleting cookies.
| Cookie | Domain | Purpose | Saved information | Storage duration | Transfer of data |
|---|---|---|---|---|---|
| autodo_cmp | used.scania.co.tz | Consent to cookie usage | Consent cookie settings | 365 days | No |
| SUPSID | used.scania.co.tz | Session cookie | Expires after session | No | |
| _gid | co.tz | Recognition of the user in order to merge the data from visits | These cookies are used to collect information about how visitors use our website. We use the information to compile reports and to help us improve the website. The cookies collect information in a way that does not directly identify anyone, including the number of visitors to the website and blog, where visitors have come to the website from and the pages they visited. Read Google's overview of privacy and safeguarding data | 24 hours | No |
| _ga | co.tz | Recognition of the user in order to merge the data from visits | These cookies are used to collect information about how visitors use our website. We use the information to compile reports and to help us improve the website. The cookies collect information in a way that does not directly identify anyone, including the number of visitors to the website and blog, where visitors have come to the website from and the pages they visited. Read Google's overview of privacy and safeguarding data | 2 years | No |
| _ga_XXXXX | co.tz | This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors | 2 years | No | |
| _dc_gtm_XXXXX | co.tz | Google Analytics Cookie. This cookie is used by DoubleClick - Google Tag Manager to identify visitors based on age, gender or interest | 1 Minute | No | |
| IDE | co.tz | Cookie, that is used to show Google ads on non-Google sites | 1 Minute | No | |
| SID | co.tz | These cookies are set via embedded youtube-videos | 2 years | No | |
| AEC | co.tz | This cookie is used to ensure that requests within a browsing session are made by the user, and not by other sites | 6 months | No | |
| HSID | co.tz | Security cookie to confirm visitor authenticity, prevent fraudulent use of login data and protect user data from unauthorized access | 2 years | No | |
| SOCS | co.tz | This cookie is used to store a user’s state regarding their cookies choices | 13 months | No | |
| CONSENT | co.tz | This cookie is used to store a user’s state regarding their cookies choices | 2 years | No | |
| NID | co.tz | NID is used by Google to match ads to the visitor's Google search. With the help of the cookie, Google remembers most frequent search queries or previous interactions of the visitor with ads. This way, visitors always get tailored ads. The cookie contains a unique ID that Google uses to collect personal settings of the visitor for advertising purposes | 2 years | Yes | |
| __Secure-1PAPISID | co.tz | Builds a profile of website visitor interests to show relevant and personalized ads through retargeting | 2 years | Yes | |
| __Secure-1PSID | co.tz | Builds a profile of website visitor interests to show relevant and personalized ads through retargeting | 2 years | Yes | |
| __Secure-3PSIDCC | co.tz | Builds a profile of website visitor interests to show relevant and personalized ads through retargeting | 2 years | Yes | |
| __Secure-3PSID | co.tz | Builds a profile of website visitor interests to show relevant and personalized ads through retargeting | 2 years | Yes | |
| __Secure-3PAPISID | co.tz | Builds a profile of website visitor interests to show relevant and personalized ads through retargeting | 2 years | Yes | |
| SSID | co.tz | These cookies are used by Google to display personalized advertisements on Google sites, based on recent searches and previous interactions. SSID, APISID and SAPISID cookies enable Google to collect user information for videos hosted by YouTube | 2 years | Yes | |
| APISID | co.tz | These cookies are used by Google to display personalized advertisements on Google sites, based on recent searches and previous interactions. SSID, APISID and SAPISID cookies enable Google to collect user information for videos hosted by YouTube | 2 years | Yes | |
| SAPISID | co.tz | These cookies are used by Google to display personalized advertisements on Google sites, based on recent searches and previous interactions. SSID, APISID and SAPISID cookies enable Google to collect user information for videos hosted by YouTube | 2 years | Yes | |
| 1P_JAR | co.tz | Based on recent searches and previous interactions, custom ads are shown on Google sites | 1 Month | Yes | |
| OTZ | co.tz | Links activities of website visitors to other devices that are previously logged in via the Google account. In this way, advertisements are tailored to different devices | 1 Month | Yes | |
| _gcl_au | co.tz | This cookie persists Google Ads information in a first party cookie when the user lands on the site from an ad. A part of a conversion linker ads function | A unique ID for the visitor | 90 days | Yes |
| s_ecid | co.tz | Stores the Experience Cloud ID (ECID) or MID. Set by HTTP response. The MID is stored in s_ecid=MCMID format. Set after the client sets the AMCV cookie. It allows persistent first-party ID tracking and is used as a reference ID if the AMCV cookie expires. This cookie is not applicable to third-party cookie implementations. SameSite is set to “Lax.” | Stores the Experience Cloud ID (ECID) or MID. Set by HTTP response. The MID is stored in s_ecid=MCMID format. Set after the client sets the AMCV cookie. It allows persistent first-party ID tracking and is used as a reference ID if the AMCV cookie expires. This cookie is not applicable to third-party cookie implementations. SameSite is set to “Lax.” | 2 years | Yes |
| s_cc | co.tz | Determines if cookies are enabled. Set by JavaScript. | Determines if cookies are enabled. Set by JavaScript. | Expires after session | Yes |
| s_sq | co.tz | Used by Activity Map. It contains information about the previous link clicked by the visitor. Set by JavaScript. | Used by Activity Map. It contains information about the previous link clicked by the visitor. Set by JavaScript. | Expires after session | Yes |
| s_vi | co.tz | Stores a unique visitor ID and timestamp. Set by HTTP response. Each visitor ID is associated with a visitor profile on Adobe servers. Visitor profiles are deleted after 1 year of inactivity, regardless of any visitor ID cookie expiration. The Secure flag is set when SameSite is “None” and connection is HTTPS. SameSite is “Lax” by default for first-party cookies. SameSite is “None” when using third-party cookies, such as on omtrdc.net or 2o7.net. Set SameSite to “None” when using a single CNAME to track multiple domains or properties. | Stores a unique visitor ID and timestamp. Set by HTTP response. Each visitor ID is associated with a visitor profile on Adobe servers. Visitor profiles are deleted after 1 year of inactivity, regardless of any visitor ID cookie expiration. The Secure flag is set when SameSite is “None” and connection is HTTPS. SameSite is “Lax” by default for first-party cookies. SameSite is “None” when using third-party cookies, such as on omtrdc.net or 2o7.net. Set SameSite to “None” when using a single CNAME to track multiple domains or properties. | 2 years | Yes |
| s_fid | co.tz | Stores the fallback unique visitor ID and timestamp. Set by JavaScript if the standard s_vi cookie cannot be set due to third-party cookie restrictions. Not used for first-party cookie implementations. | Stores the fallback unique visitor ID and timestamp. Set by JavaScript if the standard s_vi cookie cannot be set due to third-party cookie restrictions. Not used for first-party cookie implementations. | 2 years | Yes |
| s_ac | co.tz | Helps determine the correct domain to set AppMeasurement cookies. Contains the static value "1". Once this cookie is set, it is deleted immediately. | Helps determine the correct domain to set AppMeasurement cookies. Contains the static value "1". Once this cookie is set, it is deleted immediately. | Immediate | Yes |
| OPC | used.scania.co.tz | This cookie stores information about whether tabs or accordions are open or closed, as well as the screen width. | 3 Days | No |
Use of Google Analytics
This website uses Google Analytics, a web analytics service provided by Google, Inc. ("Google").
We use Google Analytics to analyze and regularly improve the use of our website. The statistics obtained enable us to improve our offer and make it more interesting for you as a user.
Google Analytics uses cookies, which are text files placed on your computer, to help the website analyze how users use the site.
Google also processes your personal data in the USA. Before giving your consent in accordance with Art. 49 (1) a GDPR, we would like to point out in particular that without an adequacy decision and without suitable guarantees, there may not be an adequate level of data protection in the USA, as data protection laws do not comply with the requirements of the GDPR, and in particular data subject rights may not be enforced. The setting of cookies only takes place if you give us your consent. The legal basis is Art. 6 para. 1 sentence 1 lit. a GDPR ("consent"). This consent is voluntary. You can refuse it without giving reasons, without having to fear any disadvantages because of it. You can also withdraw this consent at any time with future effect under Cookie Settings, without any disadvantages for you.
The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. In the event that IP anonymization is activated on this website, however, your IP address will be truncated beforehand by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. This website uses Google Analytics with the extension "_anonymizeIp()". This means that IP addresses are processed in a shortened form, which means that they cannot be traced back to a specific person. Insofar as the data collected about you is related to a person, this is therefore immediately excluded and the personal data is thus immediately deleted. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there.
On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator.
The IP address transmitted by your browser as part of Google Analytics will not be merged with other data from Google.
Information of the third party provider: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.
User conditions: www.google.com/analytics/terms/de.html,
Overview of data protection: www.google.com/intl/de/analytics/learn/privacy.html,
as well as the data protection declaration: www.google.de/intl/de/policies/privacy.
Inquiry and contact form
When you contact us by e-mail or via a contact form, the data you provide will be processed by us. Mandatory data are only offer content, name, phone number, your message and e-mail address. You can provide further personal data on a voluntary basis if you wish (if you want us to send you information material by post, we need your address). Your personal data will be stored by us to answer your questions and to fulfill your requests. We delete the data accruing in this context after the storage is no longer necessary or restrict the processing if there are legal retention obligations.
The legal basis is Art. 6 para. 1 sentence 1 lit. b, f GDPR ("pre-contractual negotiation", "legitimate interest").
Google Tag Manager
This website uses the Google Tag Manager from Google. Google Tag Manager is a solution that marketers can use to manage website tags via an interface. The Tag Manager tool itself (which implements the tags) is a cookie-less domain and does not collect any personal data. The tool takes care of triggering other tags, which in turn may collect data. Google Tag Manager does not access this data. If a deactivation has been made at the domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager.
Google also processes your personal data in the USA. Before giving your consent pursuant to Art. 49 (1) (a) of the GDPR, we would like to point out in particular that, in the absence of an adequacy decision and suitable safeguards, there may not be an adequate level of data protection in the USA, as data protection laws do not comply with the requirements of the GDPR and, in particular, data subjects' rights may not be enforced.
The legal basis is Art. 6 para. 1 sentence 1 lit. a GDPR ("consent"). This consent is voluntary. You can refuse it without giving reasons, without having to fear any disadvantages because of it. You can also withdraw this consent at any time with future effect under Cookie Settings, without any disadvantages for you.
Google Maps
On this website we use the offer of Google Maps from Google. This allows us to show you interactive maps directly on the website and enables you to use the map function comfortably.
We offer you the opportunity to communicate directly with the provider via the map. Only if you give us your consent, the provider receives the information that you have called up the corresponding website of our online offer. In addition, the data mentioned in the section "Collection of personal data when visiting our website" of this declaration will be transmitted. This occurs regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not want the assignment with your profile at Google, you must log out before activating the button. Google stores your data as usage profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.
Google also processes your personal data in the USA. Before giving your consent pursuant to Art. 49 (1) (a) of the GDPR, we would like to point out in particular that, in the absence of an adequacy decision and suitable safeguards, there may not be an adequate level of data protection in the USA, as data protection laws do not comply with the requirements of the GDPR and, in particular, data subjects' rights may not be enforced.
The above will only take place if you give us your consent. The legal basis is Art. 6 para. 1 sentence 1 lit. a DS-GVO ("consent"). This consent is voluntary. You can refuse it without giving reasons, without having to fear any disadvantages because of it. You can also revoke this consent at any time with future effect under Cookie Settings without any disadvantages for you.
For more information on the purpose and scope of data collection and processing, please refer to the provider's privacy policy. There you will also find further information about your rights in this regard and setting options for protecting your privacy: www.google.de/intl/de/policies/privacy.
Duration of processing
The maximum duration of storage depends on the purpose for which the data processing serves. The duration of storage depends in particular on the period for which storage is required to fulfill the purpose. In addition, the data is processed for the fulfillment of legal obligations (e.g. commercial and tax retention obligations pursuant to Section 257 of the German Commercial Code ("HGB"), Section 147 of the German Fiscal Code ("AO") for up to ten years).
Recipients of the data
We transmit your data to the specialist departments within SCANIA as far as this is necessary.
The authorization basis for any further data transfer within the SCANIA Group is Art. 6 para. 1 sentence 1 lit. f GDPR ("legitimate interest"). Accordingly, data processing is lawful if the processing is necessary to protect our legitimate interests, unless the interests or fundamental rights of the data subject prevail. Recital 48 of the recitals to the GDPR specifies the legitimate interest for transfers within a group of companies. According to this, the transfer within a group of companies for internal administrative purposes with regard to the processing of customer data qualifies as a legitimate interest of us within the meaning of Art. 6 (1) sentence 1 lit. f GDPR.
In some cases, we use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions and are regularly monitored. All requirements of Art. 28 GDPR are observed.
Location of the data processing measures
All processing of your personal data takes place either in Germany or in member states of the European Union. A transfer of your personal data by us to countries outside the member states of the European Union (so-called third countries) or to other international organizations does not take place in principle, unless otherwise stated in this document.
If Scania transfers personal data to service providers outside the EU, this will only be done if the third country has been confirmed by the EU Commission to have an adequate level of data protection or if other adequate data protection guarantees (e.g. binding corporate data protection regulations or an agreement of the standard contractual clauses of the EU Commission) are in place or if the consent of the data subject is available (Art. 44 et seq. GDPR).
Security / Technical and organizational measures
We take all necessary technical and organizational measures, taking into account the requirements of Articles 24, 25 and 32 GDPR, to protect your personal data against loss, destruction, access, alteration or dissemination by unauthorized persons and against misuse.
Thus, we comply with the legal requirements for pseudonymization and encryption of personal data, confidentiality, integrity, availability and resilience of systems and services related to processing, availability of personal data and the ability to quickly restore it in the event of a physical or technical incident, as well as the establishment of procedures for regular review, assessment and evaluation of the effectiveness of technical and organizational measures to ensure the security of processing.
Furthermore, we also comply with the requirements of Art. 25 GDPR with regard to the principles of "privacy by design" (data protection through technology design) and "privacy by default" (data protection through data protection-friendly default settings).