1. CONTACT DETAILS OF THE DATA CONTROLLER
“Controller” within the meaning of the General Data Protection Regulation (GDPR), other data protection laws applicable in the member states of the European Union and other provisions with a data protection nature is:
Genthiner Str. 34
Tel.: +49 (0) 30 2295 7438
The data protection officer of sennder can be reached at the above-mentioned address, Attn. Data Protection Officer at firstname.lastname@example.org.
2. INFORMATION THAT WE COLLECT ABOUT YOU
2.1. Access Data and Log Files
When accessing the Websites, a number of general data and information is collected with each access. This general data and information is stored in the log files of the server. The data collected could include the browser types and versions used, the operating system used by the accessing system, the date and time of access, an Internet protocol address (IP address), the Internet service provider of the accessing system and other similar data and information that serve the prevention of attacks on our information technology systems.
2.2. Contact via the Websites
If you contact us by e-mail or via a contact form, the personal data you provide will be stored automatically. Such personal data transmitted on a voluntary basis will be stored for the purposes of processing or establishing the contact. This personal data will not be passed on to third parties.
b) Cookies can also be used to evaluate your user behaviour on the Portal or website (“Analysis”) or store the interests of a user or his behaviour (e.g. viewing certain content, use of functions, etc.) in a user profile. Such profiles are used, for example, to display content to users that corresponds to their potential interests. This procedure is also referred to as "Tracking", i.e. tracking the potential interests of users.
c) Before we use analysis or tracking technologies in the context of which cookies are used or processed, we ask users for their consent, which can be revoked at any time. Before the consent has not been given, only those cookies will be used that are necessary for the operation of the portal and the Services offered. In the case of consent, the legal basis for the processing of personal data is Art. 6 para. 1 a DSGVO.
d) Irrespective of whether the processing is based on consent or legal permission, you have the option at any time to revoke your consent or to object to the processing of your data using cookie technologies. This can be done by sending an email to sennder or by making a corresponding setting setting-section of the website or the Portal.
3. PURPOSE OF PROCESSING YOUR DATA
3.1. We use the collected data to deliver the content of our website correctly, to optimize the content of our website, to ensure the long-term viability of our information technology systems and website technology and to provide law enforcement authorities in the event of a cyber attack the information necessary for criminal prosecution. This anonymously collected data and information is therefore evaluated by sennder both statistically and with the aim of increasing the data protection and data security in our enterprise, to ultimately ensure an optimum level of protection for the personal data we process. These purposes also constitute our legitimate interest in data processing pursuant to Art. 6 para. 1 f DSGVO.
3.2. The collection of data for the delivery of content and the storage of data in log files is required for the operation of the Websites. You therefore have no right of objection.
3.3. If you send us your e-mail address via our contact form, the processing of the personal data from the input mask will be used exclusively to process the establishment of the contact. If you contact us by e-mail, this constitutes the necessary legitimate interest in the processing of the data. Legal basis for the processing of the data would be Art. 6 Abs. 1 f DSGVO.
4.1. If you have given us your express consent or if we have a legitimate interest in (and are legally entitled to do so), we will inform you by e-mail about products and Services from sennder and/or third parties and about news and developments in the logistics industry. The legal basis for these uses are Art. 6 Sec. 1 a or Art. 6 Sec. 1 f GDPR.
4.2. Regardless of whether the sending of such e-mails is based on your consent or legal permission, you have the possibility at any time to object to the further receipt of such e-mails.
5. LEGAL BASIS FOR DATA PROCESSING
5.1. The data collected about you will only be processed by us if there is a reason for doing so and if this is permissible under data protection legislation. We have a legal basis for the processing of your data, if:
a) we have your consent (Art. 6 Sec. 1 a GDPR);
b) we need to process your data for the performance of a contract with you, or at your request before we enter into a contract (Art. 6 Sec. 1 b GDPR);
c) we are under a legal obligation to do so (Art. 6 Sec. 1. c GDPR);
d) it is in the public interest for us to process your data (Art. 6 Sec. 1 e GDPR) and/or
e) we have a legitimate interest in processing your data (Art. 6 Abs. 1 f GDPR).
5.2. If we base the processing of your personal data on our legitimate interest, we will conduct a careful assessment to ensure that our data processing is necessary and that your fundamental rights to privacy are not outweighed by our legitimate interests in data processing.
6. SHARING YOUR DATA
6.1. Sharing your data internally: We only share your data with our personnel and with personnel of other companies of the sennder group if this is necessary for the purposes mentioned in Section 3.
6.2. Sharing your data with third parties: We will share your data with third parties who store your data on their servers. All service providers are contractually obliged to keep your data confidential. The types of third party service providers with whom we share your data include, but are not limited to
§ IT service providers: including cloud providers for data storage purposes;
§ External support service providers.
6.3. Under certain circumstances we may also share your data:
a) if we are required to disclose or share your information in order to comply with a legal obligation or governmental request (and/or if we believe that we are required to do so). This also applies, if we are required by law to respond to police data requests or to share data with other companies and organizations for fraud protection purposes;
b) International data transmission: In some cases, the personal data collected from you may be processed outside the European Economic Area ("EEA"). These countries may not have the same level of data protection as the EEA. However, we are obliged to ensure that the personal data processed by us and our partners outside the EEA are protected in the same way as if they were processed within the EEA. Therefore, if your data is processed outside the EEA, there are certain safeguards in place. We ensure similar protection by ensuring that at least one of the following safeguards is in place:
- Your personal data will be transferred to countries whose level of data protection is considered appropriate by the European Commission;
- we use the standard contractual clauses approved by the EU;
- if your personal data is transferred to third parties based in the USA, data may be transferred to these third parties if they are registered under the Privacy Shield.
7. STORAGE AND DELETION OF DATA
7.1. We will not retain your data for any longer than necessary.
7.2. Data that we collect will be retained for as long as necessary to fulfil the purposes set out in Section 3 above, in accordance with our legitimate interests or for a period specifically required by applicable regulations or laws, such as the retention of data for regular reporting purposes.
7.3. When determining the relevant retention periods, we take the following factors into account, among others:
a) our contractual obligations and rights in relation to the data concerned;
b) legal obligation(s) under applicable law to retain data for a specific period of time;
c) the statute of limitations under applicable law;
d) our legitimate interests, if we have carried out a careful assessment (see Section 3 above);
e) (potential) disputes; and
f) Guidelines of the competent data protection authorities.
7.4. If we no longer need your data for the purposes described, we will delete your data securely.
8.1. We use strong technologies and policies to ensure that your personal data we hold is appropriately protected.
8.2. We take measures to protect your data from unauthorized access and unlawful processing, accidental loss, destruction and damage.
8.3. Unfortunately, the transmission of data over the internet is not completely secure. Although we take steps to protect your personal data, we cannot guarantee the security of the information you transmit to us; any transmission is at your own risk. Once we have received your information, we will apply strict procedures and security features to prevent unauthorized access.
9. YOUR RIGHTS
According to data protection legislation, you may have a number of rights regarding the data we hold about you. If you wish to exercise any of these rights, please contact us at the contact details set out above.
a) The right to be informed. You have the right to be provided with clear, transparent and easily understandable information about how we use your data and what your rights are. For this reason, we provide you with the information in this privacy statement.
b) The right of access. You have the right to access your data (if we process it). This will enable you, for example, to check that we use your data in accordance with data protection law.
c) The right to rectification. You have the right to have your data corrected if it is inaccurate or incomplete. You may request that we rectify any errors in the data we hold.
d) The right to erasure. This "right to be forgotten" enables you to request the deletion or removal of certain data that we have stored about you. This right is not absolute and only applies in certain circumstances.
e) The right to restrict processing (blocking of data). You have the right to “block” or “restrict” the further use of your data. If processing is restricted, we may still store your data, but will not process it further.
f) The right to data portability. You have the right to obtain your personal data in an accessible and transferable format so that you can re-use it for your own purposes across different service providers. However, this is not an absolute right and there are exceptions.
g) The right to lodge a complaint. You have the right to lodge a complaint about the way we handle or process your information with a competent data protection authority.
h) The right to withdraw consent. You have the right to withdraw any consent given to us (if we rely on the consent as a legal basis for the processing of certain data) at any time with effect for the future. The legality of the processing carried out on the basis of the consent prior to the withdrawal remains unaffected.
i) The right to object to processing. You have the right to object to the processing of personal data concerning you based on Art. 6 Sec. 1 e or f GDPR. This also applies, inter alia, to any direct marketing, analysis and tracking based on these provisions.
j) Automated decision in individual cases. You have the right not to be subject to any decision based solely on automated processing, including profiling, that has any legal effect on you or that might similarly significantly affect you. This does not apply if the decision
- is necessary for the conclusion or performance of a contract between you and us;
- is authorised by legislation of the Union or of the Member States and contains adequate measures to safeguard your rights and freedoms and your legitimate interests;
- is based on your explicit consent.
- sennder does not use any of the automatic decision making or profiling described above.
10. CHANGES TO THIS PRIVACY STATEMENT
If you should not be satisfied with our response to any complaint or believe our processing of your data does not comply with data protection legislation, you can make a complaint to:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
Telefonnummer: +49 30 13889-0
sennder is headquartered in Berlin. You may also complain to another competent supervisory authority.