1. Name and address of the data controller
The data controller in the definition of the EU General Data Protection Regulation and other, national data protection laws of the Member States as well as further data protection regulations is:
Seabridge Transport GmbH
Ludwig-Erhard-Str. 14
20459 Hamburg
Germany
Phone: +49 40 374933-0
E-Mail: info(at)seabridge.de
Website: www.seabridge.de
2. Contact of the data protection officer
Die Datenschutzbeauftragte des Verantwortlichen ist:
Celin Kock
Email: kock(at)seabridge.de
Telefon: 040-374933-74
3. General information on data processing
3.1. Scope of processing of personal data
We only collect and use the personal data of our users to the extent necessary to fulfill our contracts. Once the contractual obligations have been fulfilled, we will only process the data with your consent. An exception applies in those cases where a prior consent cannot be obtained for objective reasons or where processing of the data is permitted by law.
3.2. Legal basis for the processing of personal data
In the case that we obtain a declaration of consent from the data subject for processing of personal data, Art. 6 (1) lit. a) EU General Data Protection Regulation (GDPR) applies as the legal basis for the processing of personal data.
In the processing of personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) lit. b) GDPR applies as the legal basis. This also applies to processing that is required to carry out pre-contractual actions.
Insofar as processing of personal data is required to fulfill a legal obligation imposed on our company, Art. 6 (1) lit. c) GDPR applies as the legal basis.
If processing is necessary to safeguard a justified interest of our company or of a third party, and if the interests, fundamental rights and freedoms of the data subject do not prevail over the interest mentioned first, Art. 6 (1) lit. f) GDPR applies as legal basis for processing.
3.3. Data deletion and storage duration
The personal data of the data subject will be deleted or blocked as soon as the purpose of the storage ceased to apply. Storing of the data can also take place beyond this point of time, if this has been provided for by the European or national legislator in directives, laws or other regulations under EU law, that apply to the data controller. Blocking or deletion of the data also takes place when a storage period prescribed by the said standards expires, unless a further data storing is necessary for conclusion or fulfillment of a contract.
4. Provision of the website and creation of logfiles
4.1. Description and scope of data processing
Each time our website is accessed, our system automatically collects data and information from the computer system of the calling computer. The following data is collected here:
a) Information about the browser type and version used
b) The operating system of the user
c) The Internet service provider of the user
d) The IP address of the user
e) Date and time of access
f) Websites from which the user’s system reaches our website
The data will also be stored in the log files of our system. A storage of this data together with other personal data of the user does not take place.
4.2. Legal basis for data processing
The legal basis for the temporary storage of data and log files is Art. 6 (1) lit. f) GDPR.
4.3. Purpose of data processing
The temporary storage of the IP address by the system is necessary to allow delivery of the website to the computer of the user. To do this, the user’s IP address must be kept for the duration of the session.
Storage in log files is necessary to ensure the functionality of the website. In addition, the data is used to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
These purposes justify our legitimate interest in the processing of data according to Art. 6 (1) lit. f) GDPR.
4.4. Duration of storage
The data will be deleted as soon as it is no longer necessary for the purpose of its collection. In the case of collecting the data for providing the website, this is the case when the respective session is completed. If the data is stored in log files, this is the case after one month at the latest. Further storage is possible. In this case, the IP addresses of the users are deleted or alienated, so that identification of the calling client is no longer possible.
4.5. Possibility of objection and removal
The collection of the data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.
5. Use of cookies
5.1. Description and scope of data processing
Our website uses cookies. Cookies do not cause any damage to your computer and do not contain any viruses. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user’s computer system. If a user visits a website, a cookie may be stored on the user’s computer system. This cookie contains a characteristic character string that enables a unique identification of the browser when the website is called up again.
We use cookies on our website which enable an analysis of the user’s surfing behavior. When you visit our website for the first time, the user is asked to agree to or reject the setting of cookies. Cookies are only set if the user has actively consented to them.
In this way, the following data can be transmitted:
a) Information about the browser type and version used
b) The user’s device and operating system
c) The Internet service provider of the user
d) The IP address of the user (pseudonymised)
e) Date, time and duration of access
f) Websites from which the user’s system reaches our website
g) Actions carried out on the website
h) The place of access
The user data collected in this way is pseudonymised by technical precautions. Therefore, it is no longer possible to assign the data to the calling user. The data will not be stored together with other personal data of the users.
5.2. Legal basis for data processing
The legal basis for the processing of personal data using cookies is Article 6 (1) lit. a DSGVO bzw. § 25 Abs. 2 Nr. 2 TTDSG.
5.3. Purpose of data processing
The use of the analysis cookies is for the purpose of improving the quality of our website and its contents. Through the analysis cookies, we learn how the website is used and so we can constantly optimize our service offer.
5.4. Duration of storage, objection and removal options
Cookies are stored on the computer of the user and transmitted from this computer to our Website. Therefore, as a user, you have full control over the use of cookies. By changing the settings in your internet browser, you can disable or restrict the transmission of cookies. Already saved cookies can be deleted at any time. This can also be done automatically. If cookies are disabled for our website, it may not be possible to use all the functions of the website to the full extent.
Cookie-Consent with Borlabs Cookie
Cookie banner and cookie notice According to the current ruling of the BGH, an active cookie banner is required if cookies (of whatever kind) are used. Our website uses the cookie consent technology of Borlabs Cookie to obtain your consent to the storage of certain cookies in your browser and to document them in compliance with data protection regulations. The provider of this technology is Borlabs – Benjamin A. Bornschein, Georg-Wilhelm-Str. 17, 21107 Hamburg (hereinafter Borlabs).
When you enter our website, a Borlabs cookie is stored in your browser in which the consents you have given, or the revocation of these consents are stored. This data will not be passed on to the provider of Borlabs Cookie.
The collected data will be stored until you request us to delete it or delete the Borlabs cookie itself or the purpose for data storage no longer applies. Mandatory statutory retention periods remain unaffected. Details on the data processing of Borlabs cookie can be found under https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/
Borlabs cookie consent technology is used to obtain the legally required consents for the use of cookies. The legal basis for this is Art. 6 para. 1 sentence 1 lit. c GDPR.
6. Erweiterungen von Drittanbieter
6.1. Description and scope of data processing
A few services on our website, e.g. Supply Chain Management and Tracking & Tracing, are based on the IT solutions of CargoSoft GmbH. The use of these services is password-protected and only possible for registered users, as described under point 8.
When using these services, the users will be forwarded to an exteernal server of CargoSoft GmbH. The data processing takes place only in Germany.
6.2. Legal basis for data processing
The use of the services mentioned here serves solely for the fulfillment of a contract to which the user is a party. The legal basis for processing the data is Art. 6 (1) lit. b) GDPR.
6.3. Purpose of data processing
The use of the services mentioned here always takes place within the framework of a service contract with the user and is required for the provision of specific information or working tools for the user.
6.4. Duration of storage
The user accounts are stored as long as they are necessary for the fulfillment of a contract with the user.
6.5. Possibility of objection and removal
As a user, you always have the option to request deleting of your access data for the a/m services. You can change the data stored about you at any time. A simple message to us by e-mail is sufficient. After deleting your account, you will no longer have access to the password-protected sections of our website.
7. Registrierung und Anmeldung
7.1. Description and scope of data processing
The use of our website is mostly possible without registration or login. Only for a few services for the regular customers, such es e.g. Supply Chain Management and Tracking & Tracing, a user registration is required.
An online registration for the a/m password-protected areas is not possible. The allocation of access data is carried out exclusively by our responsible employee within the framework of the service contract. A user account is created that contains only a user name and assignment to a company. The username may or may not include personal information.
When logging in, the following data is also saved in the log file:
a) the IP address of the user
b) date and time of registration
7.2. Legal basis for data processing
A registration and login serve exclusively the fulfillment of a contract of which the user is the contracting party. The legal basis for processing the data is Art. 6 (1) lit. b) GDPR.
7.3. Purpose of data processing
A registration or login of the user always takes place within the framework of a service contract with the user and is necessary for the provision of certain information or working tools for the user.
7.4. Duration of storage
The user accounts are stored as long as they are necessary for the fulfillment of a contract with the user.
The additional data stored in the logfiles when logging in will be deleted after one month at the latest. Further storage is possible. In this case, the IP addresses of the users are deleted or alienated, so that identification of the calling client is no longer possible.
7.5. Possibility of objection and removal
As a user, you have the option of canceling the registration at any time. You can change the data stored about you at any time. A simple message to us by e-mail is sufficient. After deleting your account, you will no longer have access to the password-protected sections of our website.
8. Kontaktformular und E-Mail-Kontakt
8.1. Description and scope of data processing
A contact form is available on our website, which can be used for electronic contact. If a user makes use of this option, the data entered in the input form will be transmitted to us and saved. These data are:
a) Salutation
b) Name
c) Company name
d) E-mail address
A storage of this data together with other personal data of the user does not take place. For the processing of the data in the context of the sending process your consent is obtained and referred to this privacy policy.
Alternatively, contact via the provided e-mail address is possible. In this case, the user’s personal data transmitted by e-mail will be stored.
The a/m data will not be disclosed to third parties. The data is used exclusively for processing the conversation.
8.2. Legal basis for data processing
In case the user has given his concent to the data processing, the legal basis for the processing of the data is Art. 6 (1) lit. a) GDPR.
The legal basis for the processing of the data transmitted in the course of sending an e-mail is Art. 6 (1) lit. f) GDPR. If the e-mail contact aims to conclude a contract, then additional legal basis for the processing is Art. 6 (1) lit. b) GDPR.
8.3. Purpose of data processing
The processing of the personal data from the contact form serves us only to process the conversation. In the case of contact via e-mail, this also justifies our legitimate interest in the processing of the data.
The other personal data gathered during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
8.4. Duration of storage
The data will be deleted as soon as it is no longer necessary for the purpose of its collection. For the personal data gathered from the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the relevant issues have been finally clarified.
Legal storage obligations remain unaffected by the above.
8.5. Possibility of objection and removal
The user has the possibility at any time to revoke his consent to the processing of the personal data. If the user contacts us by e-mail, he may object to the storage of his personal data at any time. In such a case, the conversation can not be continued.
For the revocation of your consent or the contradiction to the storage of your personal data, a simple message by e-mail is sufficient. All personal data stored in the course of making contact will be deleted in this case, as long as the deletion is technically feasible and does not contradict the statutory retention periods.
9. Verwaltung der Daten von Kunden, Lieferanten und Subunternehmen
9.1. Description and scope of data processing
As part of the sales activities and service provision, we come into knowledge of personal data of employees of customers, suppliers and subcontractors. These data are:
a) Name and Surname
b) Business telephone number
c) Business e-mail address
d) If applicable, address (in the case of a private individual or entrepreneur)
e) Bank details (in the case of a private individual or entrepreneur)
This data is stored in the master data of the participants as well as in the work files of the respective job order.
If necessary, the data may be passed on to the other parties involved in the respective job order, if this is necessary for the execution of the contract. A transfer of the data to uninvolved third parties does not take place.
9.2. Legal basis for data processing
Data processing is necessary for the performance of pre-contractual measures or fulfillment of a contract of which the user is a party and for the fulfillment of legal obligations. The legal basis for processing the data is Art. 6 (1) lit. b), c) and f) GDPR.
9.3. Purpose of data processing
The collection and storage of personal data of employees of customers, suppliers and subcontractors is essential for smooth communication and service provision.
After termination of the contract storage of the data due to legal requirements is still required.
9.4. Duration of storage, objection and removal options
The data is retained for legally binding retention obligations and other legal obligations for 10 years after completion of the respective order or after termination of the contractual relationship with the party involved. A premature deletion of the data is not possible.
10. Rechte der betroffenen Person
In case your personal data have been processed, you have the following rights as a data subject toward us as the data controller in accordance with GDPR:
10.1. Right of information
You may request the data controller to confirm if your personal data is processed by us.
If such processing is available, you can request the following information from the data controller:
(1) the purposes for which the personal data are processed;
(2) the categories of personal data being processed;
(3) the recipients or categories of recipients to whom the personal data relating to you have been disclosed or are still being disclosed;
(4) the planned duration of the storage of your personal data or, if specific information is not available, criteria for determining the duration of storage;
(5) the existence of a right to rectification or removal of your personal data, a right to restriction of processing by the data controller or a right to object to such processing;
(6) the existence of a right of appeal to a supervisory authority;
(7) all available information on the source of the data if the personal data is not collected from the data subject;
(8) the existence of automated decision-making including profiling under Article 22 (1) and (4) GDPR and, at least in these cases, meaningful information about the logic involved, and the scope and intended impact of such processing on the data subject.
You have the right to request information, whether your personal date is being transmitted to a third country or an international organization. In this connection, you can request the appropriate guarantees in accordance with Art. 46 GDPR in regard to the data transfer.
10.2. Right to rectification
You have a right to rectification and / or completion toward the data controller, if the processed personal data is incorrect or incomplete. The data controller must make the correction without delay.
10.3. Right to restriction of processing
You may request the restriction of the processing of your personal data under the following conditions:
(1) if you claim inaccuracy of your personal data for a period of time that enables the data controller to verify the accuracy of your personal information;
(2) the processing is unlawful and you refuse the deletion of the personal data and instead demand the restriction of the use of the personal data;
(3) the data controller no longer needs the personal data for the purposes of processing, but you need it to assert, exercise or defend legal claims; or
(4) if you have objected to the processing pursuant to Art. 21 (1) GDPR and it is not yet certain whether the legitimate reasons of the data controller outweigh your reasons.
If the processing of your personal data has been restricted, this data may only be used with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State.
If the restriction of processing of your personal data under the a/m conditions is restricted, you will be informed by the data controller before the restriction is lifted.
10.4. Right to delete
a. deletion obligations
You may require the data controller to delete your personal information without delay, and the data controller is required to delete that information immediately if one of the following is true:
(1) Personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
(2) You revoke your consent for the processing acc. Art. 6 (1) lit. a) or Art. 9 (2) lit. a) GDPR and there is no other legal basis for processing.
(3) You lodge an objection to the data processing as per Art. 21 (1) GDPR and there are no prior justifiable reasons for the processing, or you lodge an objection to the data processing as per Art. 21 (2) GDPR.
(4) Your personal data have been processed unlawfully.
(5) The deletion of your personal data shall be required to fulfill a legal obligation under Union law or the law of the Member States to which the data controller is subject.
(6) The personal data concerning you were collected in relation to information services offered pursuant to Art. 8 (1) GDPR.
b. Information to third parties
If the data controller has made your personal data public and is obliged to delete this data acc. to Article 17 (1) of the GDPR, it shall take appropriate measures under consideration of the available technical means and implementation costs, to inform all further involved data controllers that you as a concerned person requested deletion of all links to your personal data or of copies or replications of such personal data.
c. exceptions
The right to remove does not apply if the processing is necessary
(1) to exercise the right to freedom of expression and information;
(2) to fulfill a legal obligation that requires processing under Union or Member State law to which the data controller is subject or for the performance of a task of public interest or in the exercise of official authority conferring on the data controller has been;
(3) for reasons of public interest in the field of public health pursuant to Art. 9 (2) lit. h) and i) and Art. 9 (3) GDPR;
(4) for archival purposes of public interest, scientific or historical research purposes or for statistical purposes acc. Article 89 (1) GDPR, to the extent that the law referred to in subparagraph (a) is likely to render impossible or seriously affect the achievement of the objectives of that processing, or
(5) to assert, exercise or defend legal claims.
10.5. Right to information
If you have the right of rectification, removal or restriction of processing to the data controller, he is obliged to notify all recipients to whom your personal data have been disclosed of this correction or deletion of the data or restriction of processing, unless this proves to be impossible or involves a disproportionate effort.
You have a right to be informed about these recipients.
10.6. Right to data portability
You have the right to receive personally identifiable information you provide to the data controller in a structured, common and machine-readable format. In addition, you have the right to transfer this data to another person without hindrance by the data controller for providing the personal data, provided that
(1) the processing is based on a consent acc. Art. 6 (1) lit. a) GDPR or Art. 9 (2) lit. a) GDPR or on a contract acc. Art. 6 (1) lit. b) GDPR
and
(2) the processing is done by automated means.
In exercising this right, you also have the right to facilitate that your personal data are transmitted directly from one data controller to another, insofar as this is technically feasible.
Freedoms and rights of other persons may not be affected by this.
The right to data portability does not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority delegated to the data controller.
10.7. Contradictory legal
You have the right at any time, for reasons that arise from your particular situation, to object against the processing of your personal data being processed pursuant to Art. 6 (1) lit. e) or f) GDPR; this also applies to profiling based on these provisions.
The data controller will no longer process your personal data unless he can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purpose of enforcing, exercising or defending legal claims.
If your personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct mail.
If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes. Regardless of Directive 2002/58 / EC, you have the option, in the context of the use of information society services, of exercising your right to object through automated procedures that use technical specifications.
10.8. Right to revoke the consent declaration to data processing
You have the right to revoke your consent declaration to data processing at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.
10.9. Right to complain to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you shall have the right to complain to a supervisory authority, in particular in the Member State of your residence, place of work or place of alleged infringement, if you believe that the processing of your personal data violates the GDPR.
The supervisory authority to which the complaint has been submitted shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy pursuant to Article 78 of the GDPR.