DATA PROTECTION
I. Name and address of the controller
The controller as defined in the General Data Protection Regulation (GDPR) of the European Union and other national data protection laws of the Member States of the European Union as well as other data protection regulations is:
R + C Seetransport GmbH & Co. KG
Katharinenstraße 5
28195 Bremen
www.rc-seetransport.com
II. Name and address of the Data Protection Officer
Der Datenschutzbeauftragte des Verantwortlichen ist:
TFO IT
Föhrenholtweg 20
21149 Hamburg
E-Mail: thees[at]tfoit.de
Homepage: www.tfoit.de
III. General information on data processing
We at R + C Seetransport GmbH & Co. KG care about your privacy. You have every right to feel confident that any personal information entrust to us will be handled responsibly. Our policy aims at ensuring full protection of your personal data. Please continue reading if you wish to learn more about our Privacy Policy.
This Privacy Policy regulates the collection, processing and use (hereinafter all collectively referred to as "processing") of your personal data if and to the extent that these take place when you use our website, if you contact us in the course of initiating or executing a contract and/or request information from us. When handling this data, we act in strict compliance with the relevant statutory data protection regulations and the following principles. We observe the principles of data processing according to Article 5 of the GDPR. Your data will only be stored for specified purposes, limited to what is necessary, updated in line with a specific purpose of the collection and processed with appropriate security.
1. Scope of the processing of personal data
We only collect and use personal data of our users insofar as this is necessary to process our contracts. After fulfilling the contractual obligations, we only process this data with your consent. An exception applies in those cases in which prior consent cannot be obtained for practical reasons or where data processing is permitted by law.
2. Legal basis for the processing of personal data
The processing of personal data with the consent of the data subject is based on Article 6 (1) (a) of the GDPR. The processing of personal data that is necessary for the performance of a contract to which the data subject is a party is based on Article 6 (1) (b) of the GDPR. This also applies to processing operations that are required to carry out pre-contractual measures. The processing of personal data that is necessary to fulfil a legal obligation imposed on our company is based on Article 6 (1) (c) of the GDPR. The legal basis for processing that is necessary for the purposes of the legitimate interests pursued by our company or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject, is Article 6 (1) (f) of the GDPR.
3. Data erasure and duration of storage
The personal data of the data subject will be erased or blocked as soon as the purpose of storage no longer applies. Data may also be stored if this is provided for by the European or national legislator in Union regulations, laws or other provisions applicable to our company. Data will also be blocked or erased upon expiry of a storage period prescribed by the standards mentioned, unless further storage of the data is required in order to conclude or perform a contract.
4. Data processing in connection with the provision of transport and logistics services
The provision of transport and logistics services by R + C Seetransport GmbH & Co. KG may sometimes require the processing of personal data. The processing of personal data may be necessary before you conclude a contract with us (e.g. in the context of preparing a quote) and during the execution of the contract.
Personal and business contact data (e.g. surname, first name, company name, physical address, e-mail address, telephone number and/or fax number), the processing of which is essential for the provision of our services, may include the following categories of data. In individual cases, however, it may be necessary to process other categories of data. Such data may include:
Shipping and transport information, e.g. shipping-related contact details of carriers and recipients, their physical address, e-mail address, telephone number, signature on the confirmation of receipt, account details and other information that makes it easier for us to provide our services; it may also include information that is communicated to us with regard to the goods to be transported, but only to the extent that it relates to personal data;
Information that enables us to verify a person's identity;
Name, e-mail address and telephone number of a third person, insofar as we are requested to provide this person with information regarding transport or other service;
Payment information and financial data (e.g. account details); Tax information if you use services that require the processing of tax data;
Other personal data that you or third parties communicate to us in the course of the provision of our services.
If you transmit personal data to R + C Seetransport GmbH & Co. KG, please ensure that this data is relevant, accurate and necessary for the initiation or implementation of the business relationship. In particular, if you transmit data that is related to a third person, you are legally obliged to observe the general principles of data protection.
If we collect freight, deliver goods or provide other services, we may process address information. In individual cases, such address localisation information may also contain GPS data, geocodes, latitude/longitude and graphic representations/images.
Certain transport information is transmitted to authorities in transit or destination countries, for example, for reasons of customs or tax law or to enable them to perform security checks. This transmission depends on the legal regulations in the transit or destination country.
As a rule, such data records contain the following details, although there may be deviations in individual cases due to legal requirements: Name and address of the consignor, name and address of the consignee, description of the transported goods, and in some cases also the quantity of items, weight and value of the cargo.
In individual cases, we transmit personal data to a country other than the one in which the data was collected. Data is primarily transferred for the purpose of providing our services, for example, to other companies or to agents who work on behalf of R + C Seetransport GmbH & Co. KG. Please note that in order to offer you the best possible service, R + C Seetransport GmbH & Co. KG works with a number of partners (e.g. subcontractors such as transport and logistics companies, ports, warehouses, etc.). This, too, may require the transmission of personal information within the framework of what is legally permissible. If necessary, data processing agreements are concluded with third parties.
Please also note that, for technical and legal reasons, R + C Seetransport GmbH & Co. KG will be unable to offer you its services if you object to this data processing and transmission, either in whole or in part.
The countries to which we transmit data may have data protection laws that differ from the standards of the legal system under which you transmitted the data to us. Insofar as we transmit data to other countries, the data is transmitted in accordance with this Privacy Policy.
In we transmit personal data between legal systems whose protection levels differ from one another, we will comply with the stricter legal requirements. We use specific contracts to protect personal data (e.g. the EU Commission's model contracts for data transfer to third countries) and we regularly work with our partners and contractors to jointly ensure compliance with all applicable legal requirements.
For more information on the data that is processed in the course of installing or using our website, please refer to the relevant section of this Privacy Policy.
5. Data protection for applications and the application procedures
The controller collects and processes the personal data of applicants for the purpose of processing the application procedure. The processing may also be carried out electronically. This is the case, in particular, if an applicant submits corresponding application documents to the controller by e-mail or by means of a web form on the website. If the controller concludes an employment contract with an applicant, the submitted data will be stored for the purpose of processing the employment relationship in compliance with legal requirements. If no employment contract is concluded with the applicant by the controller, the application documents are automatically erased two months after notification of the refusal decision, provided that no other legitimate interests of the controller preclude the erasure. Other legitimate interest in this respect is, for example, the burden of proof in proceedings under the General Equal Treatment Act (AGG).
6. Access to your personal information by third parties
Personal data is collected, processed and used by us and, unless we have expressly excluded this, by external service providers commissioned by us and contractually and legally obliged to observe data protection regulations. These external service providers comply with the relevant statutory data protection rules and with obligations resulting from this Privacy Policy. In doing so, we are guided by the legal requirements of the EU General Data Protection Regulation, unless stricter legal requirements are applicable and take priority over those of the GDPR.
Furthermore, no third party has access to your personal data. We will not sell this data or use it in any other way. We will only transmit data to the competent bodies in response to official or legal requirements or if we are subject to statutory transmission obligations. This also applies when such transmission is ordered by a court. In the event of an official, legal or judicial transmission obligation being imposed on us, we will check in individual cases whether the transmission is in accordance with the principles of the EU General Data Protection Regulation and/or the applicable national law and, if necessary, initiate legal action.
7. Security
We have implemented technical and organisational measures to protect your personal data against loss, alteration, theft or access by unauthorised third parties. Our IT systems are designed to ensure that R + C Seetransport GmbH & Co. KG complies with the requirements of Articles 32 et seq. of the EU General Data Protection Regulation.
8. Erasure and blocking
We erase your personal data if the business purpose associated with the data no longer applies or if required by the relevant statutory data protection regulations. If you have given your consent, we will erase your data after you withdraw your consent or the purpose of the consent no longer applies (item 2.).
At your request, we will block your personal data, either in whole or in part, provided that this does not violate an overriding legal interest of R + C Seetransport GmbH & Co. KG in its processing. In order to have your data blocked, please inform us to what extent and for how long your data should be blocked. By doing so and as far as technically possible, you can exclude the processing and use of your data for certain areas.
9. Children and minors
We do not knowingly process any personal data concerning minors under the age of 16, unless we are legally obliged to do so. If we become aware that data has been transmitted to us outside of such a legal obligation without the consent of the parents or other legal guardians, we will erase this data immediately.
IV. Provision of the website and creation of log files
1. Description and scope of data processing
Every time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.
The following data is collected:
- browser type and version used
- operating system of the user
- Internet service provider of the user
- IP address of the user
- date and time of access,
- websites that are accessed by the user's system via our website
The data is also stored in the log files of our system. This data is not stored together with any other personal data of the user.
2. Legal basis for processing
The temporary storage of the data and the log files is based on Article 6 (1) (f) of the GDPR.
3. Purpose of data processing
The temporary storage of the IP address by the system is necessary to enable the delivery of the website to the user's computer. To this end, the user's IP address must be stored for the duration of the session.
Data is stored in the log files to ensure the functionality of the website. In addition, we use the data to optimise our website and to ensure the security of our information technology systems. No data is evaluated for marketing purposes in this context. In respect of such purposes, our legitimate interest in data processing is also laid down in Article 6 (1) (f) of the GDPR.
4. Duration of storage
The data is erased as soon as it is no longer required to achieve the purpose for which it was collected. Where data is collected for the provision of the website, this is the case when the respective session has ended.
Where data is stored in log files, it is erased after seven days at the latest. Further storage is possible. In this case, the IP addresses of the users will be erased or disassociated so that it is no longer possible to assign them to the accessing client.
5. Option to object and erase data
The collection of the data for the provision of the website and the storage of the data in log files is essential for the operation of the website. The user therefore has no option to object to such processing.
6. Use of cookies
Description and scope of data processing
Our website uses cookies. Cookies are text files that are stored on the user's computer system, either in the Internet browser or by the Internet browser. When a user calls up a website, a cookie can be stored on the user's computer system. This cookie contains a unique character sequence that enables the browser to be clearly identified when the website is accessed again.
We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after navigating to our pages. We also use cookies on our website that enable an analysis of the surfing behaviour of the users. In this way, the following data may be transmitted:
- entered search terms
- frequency of page views
- use of website functions
The user data collected in this way is pseudonymised by using technical measures. It is therefore no longer possible to assign the data to the calling user. The data is not stored together with other personal data of the user.
Legal basis for data processing
The processing of personal data using technically necessary cookies is based on Article 6 (1) (f) of the GDPR. The processing of personal data using cookies for analytical purposes, where the user has given their consent, is based on Article 6 (1) (a) of the GDPR.
Purpose of data processing
Analytical cookies are used for the purpose of improving the quality of our website and its content. They tell us how the website is used, thereby allowing us to continuously optimise our offer.
In respect of such purposes, our legitimate interest in the processing of personal data is also laid down in Article 6 (1) (f) of the GDPR.
Duration of storage, option to object and erase data
Cookies are stored on the user’s computer, which transfers them to our website. As a user, you therefore have full control over the use of cookies. You can deactivate or restrict the transfer of cookies by changing the settings in your internet browser.
Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, you may not be able to take full advantage of all functions of the website.
7. Contact form
Description and scope of data processing
On our website we offer users the opportunity to contact us by providing personal data. The data is entered in an input mask, sent to us by e-mail and stored. No data is transferred to third parties.
The following data is collected during the registration process:
Contact (e-mail address, name and surname, company name, company address, telephone number, fax number);
Track & Trace (e-mail address, company name etc. - query in consultation with the Sales and Marketing Department)
Legal basis for processing
The processing of personal data, where the user has given their consent, is based on Article 6 (1) (a) of the GDPR. If the registration serves the performance of a contract to which the user is a party or carrying out pre-contractual measures, the processing of the data is additionally based on Article 6 (1) (b) of the GDPR.
Purpose of data processing
The user is required to register in order to be provided with certain content and services on our website.
Registration of the user is required to perform a contract (track & trace) concluded with the user or to carry out pre-contractual measures.
Duration of storage
The data is erased as soon as it is no longer required to achieve the purpose for which it was collected.
With regard to the data collected during the registration process, this is the case when the registration on our website is cancelled or changed. With regard to the registration process for the purpose of performance of a contract or carrying out pre-contractual measures, this is the case when the data is no longer required for the execution of the contract. Even after the contract has been concluded, we may be required to store personal data of the contractual partner in order to comply with contractual or legal obligations.
Option to object and erase data
As a user, you can cancel your registration at any time. You can request changes to the data stored about you at any time.
For other tools, please contact the controller. If the data is required to perform a contract or to carry out pre-contractual measures, earlier erasure of the data is only possible if there are no contractual or legal obligations that preclude its erasure.
8. Hyperlinks
The website of R + C Seetransport GmbH & Co. KG may contain hyperlinks, i.e. electronic references to other content, including third-party websites. Since R + C Seetransport GmbH & Co. KG is not responsible for the content and legal compliance of third-party websites with data protection law, we ask you to observe the respective privacy policies on the third-party websites.
V. Rights of the data subject
If your personal data is processed, you are a “data subject” within the meaning of the GDPR and you may exercise the following rights against the controller:
1. Right of access
You can request confirmation from the controller as to whether personal data concerning you is being processed by us.
If this is the case, you can request the following information from the controller:
the purposes of the processing of your personal data;
the categories of personal data being processed;
the recipients or categories of recipient to whom your personal data has been or will be disclosed;
the envisaged period for which your personal data will be stored, or, if we are unable to provide you with specific information on this, the criteria used to determine that period;
the existence of the right to rectification or erasure of your personal data, the right to restriction of the processing by the controller or the right to object to such processing;
the right to lodge a complaint with a supervisory authority;
where the personal data is not collected from the data subject, any available information as to its source;
the existence of automated decision-making, including profiling according to Article 22 (1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
You have the right to request information about whether your personal data is being transmitted to a third country or to an international organisation. In the context of such transmission of data, you can request information about the appropriate safeguards in accordance with Article 46 of the GDPR.
2. Right to rectification
You have the right to have your personal data rectified and/or completed by the controller insofar as your personal data being processed is inaccurate or incomplete. The controller must rectify the data without undue delay.
3. Right to restriction of processing
You have the right to request the restriction of the processing of your personal data where one of the following applies:
If you contest the accuracy of your personal data, for a period enabling the controller to verify the accuracy of the personal data;
the processing is unlawful and you oppose the erasure of the personal data and request the restriction of its use instead;
the controller no longer needs the personal data for the purposes of the processing, but you require it for the establishment, exercise or defence of legal claims, or you have objected to processing pursuant to Article 21 (1) of the GDPR pending the verification whether the legitimate grounds of the controller override your grounds.
Where the processing of your personal data has been restricted, such personal data may, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State of the European Union.
If the processing of your personal data has been restricted in accordance with the above requirements, the controller will inform you before the restriction of processing is lifted.
4. Right to erasure
a) Erasure obligation
You have the right to request that the controller erase your personal data without undue delay and the controller will then have the obligation to erase such data without undue delay where one of the following grounds applies:
your personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
you withdraw your consent on which the processing is based according to Article 6 (1) (a) or Article 9 (2) (a) of the GDPR, and where there is no other legal ground for the processing;
you object to the processing pursuant to Article 21 (1) of the GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21 (2) of the GDPR;
your personal data has been unlawfully processed;
your personal data has to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
your personal data has been collected in relation to the offer of information society services referred to in Article 8 (1) of the GDPR.
b) Informing third parties
Where the controller has made your personal data public and is obliged pursuant to Article 17 (1) of the GDPR to erase it, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that you as the data subject have requested the erasure by such controllers of any links to, or copy or replication of, this personal data.
c) Exceptions
The right to erasure does not apply to the extent that processing is necessary:
for exercising the right of freedom of expression and information;
for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
for reasons of public interest in the area of public health in accordance with Article 9 (2) (h) and (i) as well as Article 9 (3) of the GDPR;
for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89 (1) of the GDPR insofar as the right referred to in paragraph a) is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
for the establishment, exercise or defence of legal claims.
5. Right to be informed
If you have exercised your right to rectification, erasure or restriction of processing against the controller, the controller is obliged to communicate such rectification or erasure of your personal data or restriction of processing to each recipient to whom your personal data has been disclosed, unless this proves impossible or involves disproportionate effort. You have the right to be informed about these recipients by the controller.
6. Right to data portability
You have the right to receive your personal data, which you have provided to the controller, in a structured, commonly used and machine-readable format. In addition, you have the right to transmit this data to another controller without hindrance from the controller to which the personal data has been provided, where the processing is based on consent pursuant to Article 6 (1) (a) of the GDPR or Article 9 (2) (a) of the GDPR or on a contract pursuant to Article 6 (1) (b) of the GDPR and where the processing is carried out by automated means. In exercising your right to data portability, you have the right to have the personal data concerning you transmitted directly from one controller to another, where technically feasible. This right must not adversely affect the rights and freedoms of others. The right to data portability does not apply to processing of personal data that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
7. Right to object
You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data which is based on Article 6 (1) (e) or (f) of the GDPR, including profiling based on those provisions.
The controller will no longer process personal data concerning you, unless the controller can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defence of legal claims.
Where personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing.
If you object to processing for direct marketing purposes, personal data concerning you will no longer be processed for such purposes. In addition, in the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you are entitled to exercise your right to object by automated means using technical specifications.
8. Right to withdraw data protection consent
You have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent prior to its withdrawal.
9. Automated individual decision-making, including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects that concern you or similarly significantly affect you.
This does not apply if the decision is necessary for entering into, or performance of, a contract between you and the controller;
is authorised by European Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or if it is based on your explicit consent.
However, such decisions must not be based on special categories of personal data referred to in Article 9 (1) of the GDPR, unless Article 9 (2) (a) or (g) of the GDPR applies and suitable measures to safeguard your rights and freedoms and legitimate interests are in place.
With regard to the cases mentioned in items 1 and 3, all necessary measures will be implemented by the controller to comply with your rights under the GDPR.
10. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data concerning you infringes the GDPR. The supervisory authority with which the complaint has been lodged must inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78 of the GDPR.