Hubwalter live at IAA Transportation 2026

Hall 25 / C81

Hubwalter live at IAA Transportation 2026

Hall 25 / C81

Hubwalter live at IAA Transportation 2026

Hall 25 / C81

Hubwalter live at IAA Transportation 2026

Hall 25 / C81

Privacy Policy

As of: May 2026

1. General Information

The protection of personal data is important to us. This Privacy Policy informs you about which personal data we process when you visit our website and use our online services, for what purposes this is done, on what legal basis the processing takes place, and what rights you have.

Personal data refers to all information relating to an identified or identifiable natural person, such as name, email address, telephone number, IP address, usage data, or communication content.

This Privacy Policy applies to the HUBWALTER GmbH website at www.hubwalter.com, as well as to the contact, information, press, investor relations, newsletter, and test drive services provided there.

2. Controller

The controller in the sense of the General Data Protection Regulation (GDPR) is:

HUBWALTER GmbH
Ulmer Str. 160
86156 Augsburg
Germany

Represented by the Managing Directors:
Tankred Z. Vogt
Andreas A. Böhm

Phone: +49 821 455 787 0
Email: info@hubwalter.com

3. Data Protection Officer

A Data Protection Officer is currently not appointed.

Should a Data Protection Officer be appointed in the future, their contact details will be published here.

4. General Purposes of Data Processing

We process personal data specifically for the following purposes:

  • Provision and technical operation of the website
  • Ensuring the IT security and stability of our systems
  • Processing of contact inquiries
  • Processing of inquiries regarding test drives, pilot projects, collaborations, and vehicle concepts
  • Communication with customers, prospective customers, suppliers, development partners, investors, media representatives, and other business partners
  • Preparation, execution, and documentation of pre-contractual and contractual measures
  • Investor Relations communication
  • Press and public relations
  • Sending of newsletters or other information, where offered and requested by you
  • Analysis and improvement of our online offering, where effective consent has been provided for this
  • Fulfillment of legal retention, verification, and compliance obligations
  • Assertion, exercise, or defense of legal claims

5. Legal Bases for Processing

We process personal data based on the following legal bases:

  • Article 6(1)(a) GDPR, provided you have given us consent
  • Article 6(1)(b) GDPR, if the processing is necessary for the performance of pre-contractual measures or for the fulfillment of a contract
  • Article 6(1)(c) GDPR, if we are legally required to process.
  • Article 6(1)(f) GDPR, if processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, and your interests, fundamental rights and freedoms do not override them.

Insofar as we store information on your terminal device or access information already stored on your terminal device, this is also done in accordance with the provisions of Section 25 of the Telecommunications-Digital Services Data Protection Act (TDDDG). For technically non-essential cookies, tracking technologies, embedded third-party content or similar technologies, we obtain your consent where required.

6. Hosting and Provision of the Website via Webflow

For the creation, hosting, and provision of this website, we use the Webflow service from Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA.

When you visit our website, Webflow processes technically necessary data, in particular IP addresses, server log files, and cookies or similar technologies that are required for the secure and error-free provision of the website.

When you access our website, the web server automatically processes information that your browser transmits to the server. This may include, in particular:

  • IP address
  • Date and time of access
  • Page or file accessed
  • Referrer URL
  • Browser type and browser version
  • Operating system used
  • Hostname of the accessing computer
  • Amount of data transferred
  • Notification of successful retrieval

Processing is carried out for the technically secure, stable, and error-free provision of our online offering, for system security, error analysis, and prevention of misuse.

The legal basis is Article 6(1)(f) GDPR. Our legitimate interest lies in the secure, stable, and error-free provision of our website.

If cookies or similar technologies are used in connection with Webflow and consent is required for this, processing is carried out exclusively on the basis of Article 6(1)(a) GDPR and Section 25(1) TDDDG. Any given consent can be revoked at any time with effect for the future.

Data transfer to the USA cannot be ruled out. Webflow states that it is certified under the EU-U.S. Data Privacy Framework. Additionally, where necessary, standard contractual clauses of the European Commission or other appropriate safeguards may be used.

If Webflow processes personal data on our behalf, a data processing agreement in accordance with Art. 28 GDPR is concluded with Webflow.

7. Provision of JavaScript and CSS files via Odyn

For the management and delivery of JavaScript and CSS files, the Odyn service may be used on our website.

When you access our website, integrated files are loaded via Odyn's servers. Technically necessary data, in particular IP address, device and browser information, and server log files, may be processed in this process to ensure a secure and high-performance provision of the website.

This use is based on Art. 6(1)(f) GDPR. Our legitimate interest lies in the technically stable, secure, and efficient provision of our online offering.

8. Contact by email, phone, or contact form

If you contact us by email, phone, or via a contact form, we process the data you provide. This may include, in particular:

  • Name
  • Company
  • Role or Position
  • Business contact details
  • Phone number
  • Email address
  • Content of your message
  • Information regarding vehicle interest, pilot projects, test drives, supplier relationships, investor inquiries, or other business concerns

Contact form and other form inquiries are initially stored directly in Webflow. As of now, there is no direct technical connection to a newsletter tool or CRM system. If required, the data stored in Webflow can be exported via CSV file and transferred to a newsletter, CRM, ERP, or comparable system, provided this is necessary and legally permissible for processing the inquiry, further communication, or the preparation or execution of pre-contractual or contractual measures.

We use this data to process your inquiry, to communicate with you, and, if applicable, to prepare or execute a contractual relationship.

The legal basis is Art. 6(1)(b) GDPR, insofar as your inquiry is related to a contract or pre-contractual measures. In all other cases, the legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in the proper processing of business inquiries and communication with interested parties, customers, suppliers, media representatives, investors, and other business partners.

The data will be deleted as soon as the purpose of processing ceases to apply, unless there are legal retention obligations or we require the data for the establishment, exercise, or defense of legal claims.

9. Test Drive, Pilot Customer, and Project Inquiries

If you register your interest via our website for test drives, pilot projects, product demonstrations, or similar offers, or if you contact us regarding these, we process the data you provide for the purpose of reviewing, organizing, and carrying out the respective request.

This may include, in particular:

  • Name
  • Company
  • Position
  • Business contact details
  • Industry
  • Fleet or logistics data, where provided by you
  • Desired application scenarios
  • Information regarding appointment preferences
  • Communication content

Test drive and pilot customer inquiries are initially stored directly in Webflow. A later transfer via CSV file to a newsletter, CRM, ERP, or similar system may occur if this is necessary for processing, qualifying, organizing, or following up on the inquiry.

The legal basis is Art. 6 para. 1 lit. b GDPR, insofar as the processing is necessary for the performance of pre-contractual measures. Additionally, Art. 6 para. 1 lit. f GDPR may be applicable. Our legitimate interest lies in the structured processing of B2B inquiries, market validation, piloting, and project initiation.

If you voluntarily provide us with additional information, we only process it insofar as it is necessary for processing your inquiry.

10. B2B Leads, CRM, ERP, and Business Partner Communication

We may process personal data of contact persons at customers, prospects, suppliers, bodybuilders, industry partners, investors, banks, trade fair contacts, press representatives, and other business partners in CRM, ERP, or similar systems.

This may include:

  • Name
  • Company
  • Position
  • Business contact details
  • Communication history
  • Interests in products, pilot projects, test drives, collaborations, or investor information
  • Trade fair and event contacts
  • Follow-up status
  • Assigned contact persons at Hubwalter

Processing is carried out for maintaining business contacts, handling inquiries, initiating sales and projects, investor relations communication, trade fair and lead follow-up, and internal organization.

The legal basis is Art. 6 para. 1 lit. b GDPR, insofar as processing is necessary for the performance of pre-contractual or contractual measures. Otherwise, the legal basis is Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in structured, efficient, and traceable B2B communication.

The use of CRM, ERP, or comparable systems, where necessary, is based on data processing agreements according to Art. 28 GDPR or another suitable data protection legal basis.

11. Investor Relations

If you contact us in connection with financing rounds, investments, investor events, information requests, or similar investor relations topics, we process the personal data you provide to handle your inquiry and communicate with you.

This may include:

  • Name
  • Company or institution
  • Position
  • Business contact details
  • Interest profile
  • Communication content
  • Participation in investor meetings or events
  • Documentation and follow-up information

The legal basis is Art. 6 para. 1 lit. b GDPR, insofar as the processing is necessary for the implementation of pre-contractual measures. Additionally, processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in professional communication with potential investors, financing partners, and investment companies, as well as in the preparation and documentation of financing processes.

12. Newsletters and electronic information

If we offer a newsletter or similar electronic information, we process your email address and, if applicable, other voluntarily provided data, to send you the requested information.

Newsletter inquiries or registration data are initially collected and stored via Webflow. A transfer via CSV file to a newsletter tool, CRM system, or similar communication system may occur as soon as a corresponding service is set up and insofar as a suitable legal basis exists for this.

Dispatch generally only takes place with your prior consent. The legal basis is Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future, for example, via an unsubscribe link in the respective newsletter or by notifying us.

To document consent, we may store the time of registration, IP address, time of confirmation, and content of the consent. The legal basis is Art. 6 para. 1 lit. c GDPR in conjunction with our documentation obligations, as well as Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in the legally compliant documentation of consents.

If we use an external service provider for sending newsletters, this is done on the basis of a data processing agreement according to Art. 28 GDPR or on another suitable data protection legal basis.

13. Cookies and similar technologies

Our website uses cookies and similar technologies. Cookies are small text files that are stored on your device. Similar technologies can include, for example, local storage, pixels, tags, or scripts.

We differentiate between technically necessary technologies and optional technologies.

Technically necessary technologies are required to provide the website, enable basic functions, implement security features, or save settings you desire. The use of technically necessary technologies is based on Section 25 para. 2 TDDDG. The subsequent processing of personal data is based on Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in the secure and functional provision of our website.

We only use optional technologies, especially for analysis, marketing, external media, or tracking, if you have given your prior consent. The legal basis is Section 25 para. 1 TDDDG as well as Art. 6 para. 1 lit. a GDPR. You can revoke or change your consent at any time with effect for the future.

The specific cookies and technologies used are displayed in the consent management tool with information on provider, purpose, category, storage duration, legal basis, and, if applicable, third-country transfer.

14. Cookie Consent Management with Finsweet Consent Pro

For managing cookies and similar technologies, as well as for storing and documenting consents, we use Finsweet Consent Pro from Finsweet Inc., USA.

With Finsweet Consent Pro, users can manage or adjust their cookie settings themselves at any time, even retrospectively.

When visiting our website, technically necessary data such as IP address, browser information, and consent and preference data may be processed to be able to store, manage, and document the selected privacy settings.

The use is for fulfilling our legal obligations according to Art. 6 para. 1 lit. c GDPR, as well as on the basis of Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in the legally compliant management and documentation of consents. If consent is requested, processing also takes place on the basis of Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 TDDDG.

Consents already given can be revoked or changed at any time with effect for the future.

15. Google Tag Manager

Where we use Google Tag Manager, we utilize this service to manage website tags. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The parent company is Google LLC, USA.

Google Tag Manager is used to centrally integrate and control other services and tags. According to Google, Google Tag Manager itself does not create user profiles or store cookies for analysis or marketing purposes. Nevertheless, when the service is loaded, technical data, particularly IP addresses and device information, may be transmitted to Google.

We only use Google Tag Manager in a manner that is aligned with our consent management. Tags that require consent are only triggered after appropriate consent has been given.

The legal basis for the use of technically necessary tag management may be Art. 6 para. 1 lit. f GDPR. Where Google Tag Manager or services integrated through it access information on the end device or use non-essential cookies or similar technologies, this is done on the basis of Section 25 para. 1 TDDDG and Art. 6 para. 1 lit. a GDPR.

16. Web Analytics with Google Analytics

Where we use Google Analytics, we utilize this service to analyze the use of our website and to improve our online offering. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The parent company is Google LLC, USA.

Google Analytics can process information including page views, user behavior, interactions, device and browser information, approximate location, referrer URL, and technical identifiers. Cookies or similar technologies may be used in this process.

Google Analytics is only used after your prior consent. The legal basis is Section 25 para. 1 TDDDG and Art. 6 para. 1 lit. a GDPR. You can revoke or change your consent at any time with effect for the future.

Where personal data is transferred to the USA, the transfer may take place on the basis of an adequacy decision by the European Commission, provided that the respective recipient is certified under the EU-U.S. Data Privacy Framework. Otherwise, standard contractual clauses or other appropriate safeguards will be considered.

17. Meta Pixel

Where we use Meta Pixel, we utilize this service for measuring and optimizing marketing activities, as well as for evaluating the effectiveness of advertisements. Depending on the usage, the providers are Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland, and Meta Platforms, Inc., USA.

Meta Pixel can process information including page views, interactions, technical device and browser information, IP address, and other event data. This data may be linked to Meta accounts and used for measurement, analysis, and marketing purposes.

Meta Pixel is only used after your prior consent. The legal basis is Section 25 para. 1 TDDDG and Art. 6 para. 1 lit. a GDPR. You can revoke or change your consent at any time with effect for the future.

Where personal data is transferred to the USA or other third countries, this only occurs on the basis of appropriate data protection safeguards or an adequacy decision, where applicable.

18. Embedded Videos and External Media

Our website may embed videos or other external media, particularly for displaying product information, trade fair appearances, press or IAA content.

In this process, personal data may be transmitted to the respective provider, including IP address, device information, browser information, referrer URL, and information about the accessed page. Depending on the provider, cookies or similar technologies may also be set or used.

We generally only embed external media after your consent, if technically non-essential cookies are set or information is read from your end device.

The legal basis is Section 25 para. 1 TDDDG and Art. 6 para. 1 lit. a GDPR.

Possible providers include: YouTube, provider Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Vimeo, provider Vimeo.com, Inc., 330 West 34th Street, 5th Floor, New York, NY 10001, USA; as well as external trade fair, press, or IAA platforms.

If personal data is transferred to the USA, the transfer may be based on an adequacy decision by the European Commission, provided that the respective provider is certified under the EU-U.S. Data Privacy Framework. Otherwise, standard contractual clauses or other appropriate safeguards will apply.

19. Google Fonts and Typefaces

We use fonts in such a way that no connection to Google servers is established when you visit our website. The fonts are provided locally.

As a result, no personal data is transmitted to Google in connection with the display of the fonts.

20. External Links

Our website may contain links to external third-party websites, for example, to trade fair organizers, partners, press platforms, social networks, or other external offerings.

If you click on an external link, you will leave our website. The respective provider is responsible for data processing on the linked pages. Please inform yourself about the applicable data protection notices there.

21. Social Media Presences

We may operate company profiles on social networks or professional platforms, particularly for corporate communications, public relations, investor relations, recruiting, trade fair communication, and networking.

If you visit our social media profiles or interact with us there, personal data may be processed by us and by the respective platform provider. This may include, in particular, profile information, messages, comments, interactions, technical data, and usage data.

The legal basis for our processing is Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in external corporate communications, maintaining business contacts, public relations, and presenting our products and services.

The respective data protection regulations of the platform providers apply to processing by them.

22. Recipients of Personal Data

We only disclose personal data if this is legally permissible or if you have consented.

Recipients may include, in particular:

  • IT and hosting service providers, especially website, form, and hosting service providers
  • Website and maintenance service providers
  • Providers of CRM, ERP, or communication systems
  • Newsletter or email service providers
  • Consent management, analytics, and marketing service providers
  • Trade fair, event, and marketing service providers
  • Lawyers, tax advisors, auditors, and other consultants
  • Banks, investors, or financing partners, to the extent necessary for specific inquiries or processes
  • Authorities, courts, or other public bodies, where a legal obligation exists
  • Suppliers, setup partners, or project partners, to the extent necessary for processing specific project inquiries

Service providers who process personal data on our behalf are engaged based on a data processing agreement in accordance with Art. 28 GDPR, to the extent required by data protection law.

23. Third-country transfers

Personal data is only transferred to countries outside the European Union or the European Economic Area if there is an appropriate legal basis for doing so.

This may particularly be the case when using services from international providers, such as website, hosting, form, video, newsletter, CRM, analytics, marketing, or cloud services.

A transfer may particularly be based on:

  • an adequacy decision by the European Commission, for example, for appropriately certified US companies under the EU-U.S. Data Privacy Framework
  • standard contractual clauses of the European Commission
  • your explicit consent
  • other legally provided safeguards or exceptions

24. Storage duration

We store personal data only for as long as necessary for the respective purposes.

Where legal retention obligations exist, we store the data for the duration of these obligations. Business letters, commercial and tax-relevant documents may, in particular, be subject to commercial and tax law retention obligations.

Data from contact, newsletter, test drive, or project inquiries is deleted as soon as the inquiry has been fully processed and no legal retention obligations or legitimate interests in further storage exist.

We store data from ongoing or prospective contractual, project, investor, or supplier relationships for the duration of the business relationship and beyond, where legal retention obligations exist or the data is necessary for the establishment, exercise, or defense of legal claims.

25. Data Security

We take appropriate technical and organizational measures to protect personal data against loss, destruction, manipulation, unauthorized access, and unauthorized disclosure.

Our website uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the browser's address bar begins with "https://".

26. Your Rights

Subject to legal requirements, you have the following rights:

  • Right to information according to Art. 15 GDPR
  • Right to rectification according to Art. 16 GDPR
  • Right to erasure according to Art. 17 GDPR
  • Right to restriction of processing according to Art. 18 GDPR
  • Right to data portability according to Art. 20 GDPR
  • Right to object according to Art. 21 GDPR
  • Right to withdraw consent according to Art. 7 Para. 3 GDPR
  • Right to lodge a complaint with a data protection supervisory authority according to Art. 77 GDPR

To exercise your rights, you can contact us at any time:

HUBWALTER GmbH
Ulmer Str. 160
86156 Augsburg
Germany
Email: info@hubwalter.com

27. Withdrawal of Consent

If you have given us your consent, you can withdraw it at any time with effect for the future. The lawfulness of processing carried out before the withdrawal remains unaffected.

This applies in particular to consent for newsletters, cookies, tracking, web analytics, marketing pixels, or embedded external media.

28. Right to Object under Art. 21 GDPR

If we process personal data based on Art. 6 para. 1 lit. f GDPR, you have the right to object to this processing at any time for reasons arising from your particular situation.

We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims.

If personal data is processed for direct marketing purposes, you have the right to object at any time to the processing for such purposes. In the event of your objection, your personal data will no longer be processed for direct marketing.

29. Right to Lodge a Complaint with a Supervisory Authority

You have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data violates data protection law.

The data protection supervisory authority responsible for Hubwalter is likely:

Bavarian State Office for Data Protection Supervision (BayLDA)
Promenade 18
91522 Ansbach
Germany
Website: www.lda.bayern.de

30. Objection to Advertising Emails

The use of contact data published within the scope of the imprint obligation or otherwise on this website for sending unsolicited advertising and information materials is hereby objected to.

We reserve the right to take legal action in the event of unsolicited sending of advertising information, especially via spam emails.

31. Updates to this Privacy Policy

We reserve the right to update this Privacy Policy if our website, the services we use, our internal processes, or legal requirements change.