Privacy Policy
Information about collection and processing of your personal data.
Care and transparency are the basis for a trusting cooperation with our customers. We therefore inform you about how we process your data and how you can exercise the rights to which you are entitled under the General Data Protection Regulation. Which personal data we process and for what purpose may depend on the contact channel or the existence of a contractual relationship.
We have created different categories for you. So you can read the section that interests you with just one click. Basically the following applies:
1. Who is responsible for data protection?
The responsible party is:
ITA Shipping GmbH
Hugh-Greene-Weg 4
22529 Hamburg
T: 040 73 445 66-0
Represented by the Directors Mark Winkelmann and Peter Weber
2. How can you contact the data protection officer?
If you have any questions about data protection, please contact our data protection officer:
Dr. Klaus zu Hoene – intersoft consulting services AG
Data Protection Officer
Beim Strohhause 17, 20097 Hamburg
Datenschutz@letmeship.com
3. Data processing on our website and other online offers
When our website is accessed, log files are created to analyse errors and security incidents. These are only stored for a few days to weeks and are then automatically deleted. This serves our interest in ensuring the secure and reliable operation of the website and our IT systems.
We use an external service provider to host our website. The log files are stored there.
We use cookies on our websites to enable the use of certain functions. Cookies are files that are stored on your computer’s hard drive. Information is stored in the cookie that results in each case in connection with the specific end device used. This makes it possible to clearly identify the browser when the website is called up again. However, this does not mean that we gain direct knowledge of your identity. The use of cookies serves to make the use of our services more pleasant and customised for you on an ongoing basis.
Most browsers accept cookies automatically. However, you can also set your browser so that no cookies are stored on your end device or a message always appears before a new cookie is created. In your cookie settings in the footer (at the bottom of the website), you also have the option of deciding for yourself which cookies that are not “technically necessary” you wish to accept and which you do not.
You can change these settings at any time and also deactivate previously activated cookies at any time by deselecting the individual cookie groups, e.g. “Functional”, “Statistics” or “Marketing” and thus revoke your consent. This makes the use of cookies transparent for you. Please note, however, that deactivating certain cookies or deactivating cookies completely may mean that you will not be able to use all the functions of our website to their full extent.
Insofar as the use of cookies is technically necessary for the operation of our website, the use of cookies is permitted without the consent of the website visitor. However, we also use third-party cookies to offer you special functions and content as well as for analysis and marketing purposes. For such non-essential cookies, the consent of the website visitor is required in accordance with § 25 para. 1 TTDSG in conjunction with Art. 6 para. 1 lit. a) GDPR. You can revoke your consent to the setting of cookies and the processing of your data at any time with effect for the future. To do this, click on the blue data protection symbol at the bottom left of our website and change your input.
If you subscribe to our electronic newsletter, your personal data will be processed for the purpose of regularly sending you our newsletter on the basis of Art. 6 para. 1 subpara. 1 lit. a) GDPR. The registration process is logged on the basis of our legitimate interests in accordance with Art. 6 para. 1 subpara. 1 lit. f) GDPR and serves as proof of consent to receive the newsletter.
Registration for our newsletter takes place in a so-called double opt-in procedure. This means that after registering, you will receive an e-mail asking you to confirm your registration. This confirmation is necessary to ensure that no-one can register using other people’s e-mail addresses. Subscriptions to the newsletter are logged in order to be able to prove the registration process in accordance with legal requirements. This includes storing the time of registration and confirmation as well as the IP address. Changes to your data stored by the mailing service provider are also logged.
If you do not give your consent, we will unfortunately not be able to provide you with our newsletter. Automated decision-making is not carried out.
The newsletters contain a so-called “web-beacon”, i.e. a pixel-sized file that is retrieved from the server of the dispatch service provider when the newsletter is opened. As part of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval, is initially collected. This information is used for the technical improvement of the services based on the technical data or the target groups and their reading behaviour based on their retrieval locations (which can be determined with the help of the IP address) or the access times in accordance with Art. 6 para. 1 subpara. 1 lit. f) GDPR. The statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. This information is anonymised; it is not possible to identify your email address. The evaluations help us to recognise the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
Your personal data will be passed on to external third parties: HubSpot Germany GmbH, Am Postbahnhof 17, 10243 Berlin.
We use HubSpot as a service provider for newsletters and contact forms; the transmitted data is processed by HubSpot in the USA. To ensure the security of your data, we have concluded an order processing contract with HubSpot accordingly, which also contains the EU standard contractual clauses.
All information about the service provider we have integrated for contact forms and newsletters can be found at the provider’s website:
HubSpot Privacy Policy: http://legal.hubspot.com/de/privacy-policy
HubSpot data processing agreement: http://legal.hubspot.com/de/dpa
HubSpot terms and conditions: https://legal.hubspot.com/terms-of-service
You have the right to withdraw your consent at any time with effect for the future. To do so, use the unsubscribe link at the end of each newsletter or send an email to marketing@letmeship.com. The legality of data processing up to the point of cancellation remains unaffected.
Your personal data that you provide to us when you subscribe to the newsletter will be stored by us until you withdraw your consent to receive the newsletter and will be removed from the mailing list after you unsubscribe.
We offer contact forms on our website that you can use to get in touch with us. All your personal data and other information that you provide to us via the contact form on our website will only be collected and processed for the purpose of processing and responding to your enquiry.
If you contact us, you give your consent for data processing in accordance with Art. 6 para. 1 subpara. 1 lit. a) GDPR.
If you are interested in an offer, your personal data will be processed for the purpose of initiating a contract in accordance with Art. 6 para. 1 subpara. 1 lit. b) GDPR. Your data will be forwarded to us by e-mail via our provider. If you do not provide it, we will unfortunately not be able to contact you and process your request. Automated decision-making is not carried out.
Your personal data will be forwarded to external third parties: HubSpot Germany GmbH, Am Postbahnhof 17, 10243 Berlin.
We use HubSpot as a service provider; the transmitted data is also processed by HubSpot in the USA. To ensure the security of your data, we have concluded an order processing contract with HubSpot, which also contains the EU standard contractual clauses.
You have the right to withdraw your consent at any time with effect for the future. To do so, click on the blue data protection symbol at the bottom left of our website and change your input. The legality of the data processing carried out until the revocation remains unaffected.
Your personal data, which you communicate to us via the contact form, will be stored by us for the duration of the processing of your request and kept until the expiry of the corresponding legal deadlines.
We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Google Tag Manager is a tool that allows us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create any user profiles, does not store any cookies and does not carry out any independent analyses. It is only used to manage and display the tools integrated via it. However, Google Tag Manager records your IP address, which may also be transmitted to Google’s parent company in the United States.
The Google Tag Manager is used on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the fast and uncomplicated integration and management of various tools on its website. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user’s terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time. To do so, click on the blue data protection symbol at the bottom left of our website and change your entry.
This website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin 4, Ireland. By using Google Analytics 4, it is possible to assign data, sessions and interactions across multiple devices to a pseudonymous user ID and thus to analyse the activities of a user across devices.
Google Analytics uses cookies that enable your use of the website to be analysed. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, your IP address will be truncated by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google Inc. server in the USA and truncated there.
Any personal data will be transferred to the USA under the EU-US Data Privacy Framework on the basis of the adequacy decision of the European Commission. You can download the certificate here here.
The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. Google will use this information on behalf of the operator of this website to analyse your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. Our legitimate interest in data processing via Google Analytics also lies in these purposes. The legal basis for our use of Google Analytics is Art. 6 para. 1 sentence 1 lit. a GDPR. You can revoke your consent at any time with effect for the future. To do this, click on the blue data protection symbol at the bottom left of our website and change your input.
The data sent by us and linked to cookies or user identifiers (e.g. user ID) are automatically deleted after 14 months. Data that has reached the end of its retention period is automatically deleted once a month.
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by installing the browser add-on to deactivate Google Analytics and installing it.
Opt-out cookies prevent the future collection of your data when you visit this website. To prevent Universal Analytics from collecting data across different devices, you must opt out on all systems used. If you click here, the opt-out cookie will be set: Deactivate Google Analytics
You can find more information on the terms of use of Google Analytics and data protection at Google at https://www.google.com/analytics/terms/de.html or at https://policies.google.com/?hl=de.
This website uses Google Ads, a service provided by Google Ireland Ltd (Gordon House, Barrow Street, Dublin 4, Ireland; hereinafter referred to as “Google”).
We use the conversion tracking function, for which Google Ads places cookies on your computer if you have reached our website via an advert placed by Google. The data collected by the cookie is not user-related and is therefore not used for personal identification. The cookies lose their validity after 30 days. The data is collected for the purpose of creating conversion statistics for Google Ads customers. We only receive information about the total number of users who clicked on our advert and were subsequently redirected to a website with a conversion tracking tag.
The purpose of the collection is to provide you with targeted advertising. The legal basis for this is your consent in accordance with Art. 6 para. 1 subpara. 1 lit. a) GDPR and Section 25 para. 1 TTDSG, insofar as the consent within the meaning of the TTDSG relates to the setting of cookies or access to information on your terminal device.
You have the right to withdraw your consent at any time with effect for the future. To do so, click on the blue data protection symbol at the bottom left of our website and change your entry. The legality of the data processing until the revocation remains unaffected.
In addition to us, Google must be named as the recipient of the data. The data will be deleted as soon as it is no longer required for our recording purposes.
Consent is also required by Google in accordance with its policy: https://www.google.com/about/company/user-consent-policy.html.
Further information about the collection and processing of your data by Google and your rights as a data subject in this regard can be found in Google’s privacy policy at http://www.google.com/policies/privacy/?hl=de.
We use the remarketing technology of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. This technology allows users who have already visited our websites and online services and are interested in what we offer to be addressed again by targeted advertising on the pages of the Google Partner Network. The adverts are displayed using cookies, which are small text files that are stored on the user’s computer. The text files can be used to analyse user behaviour when visiting the website and then used for targeted product recommendations and interest-based advertising.
We use conversion tracking from Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA on our website. Microsoft Bing Ads stores a cookie on your computer if you have reached our website via a Microsoft Bing advert. In this way, Microsoft Bing and we can recognise that someone has clicked on an ad, has been redirected to our website and has reached a predetermined target page (conversion page). We only learn the total number of users who clicked on a Bing advert and were then forwarded to the conversion page. No personal information about the identity of the user is communicated.
If you do not want information about your behaviour to be used by Microsoft as explained above, you can refuse the setting of a cookie required for this – for example, by using a browser setting that generally deactivates the automatic setting of cookies. You can also prevent the collection of data generated by the cookie and related to your use of the website and the processing of this data by Microsoft by clicking on the following link: https://account.microsoft.com/privacy/ad-settings/signedout?lang=de-DE to declare your objection. Further information on data protection and the cookies used by Microsoft and Bing Ads can be found on the Microsoft website at https://privacy.microsoft.com/de-de/privacystatement
Data is collected and stored on our website using Bing Ads technologies, from which user profiles are created using pseudonyms. This is a service provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. This service enables us to track the activities of users on our website if they have reached our website via adverts from Bing Ads. If you reach our website via such an advert, a cookie is placed on your computer. A Bing UET tag is integrated on our website. This is a code that is used in conjunction with the cookie to store some non-personal data about the use of the website. This includes, among other things, the time spent on the website, which areas of the website were accessed and which ad the user used to access the website. Information about your identity is not recorded.
The information collected is transferred to Microsoft servers in the USA and stored there for a maximum of 180 days. You can prevent the collection of data generated by the cookie and related to your use of the website as well as the processing of this data by deactivating the setting of cookies. This may limit the functionality of the website under certain circumstances.
In addition, Microsoft may be able to track your usage behaviour across several of your electronic devices through so-called cross-device tracking and is therefore able to display personalised advertising on or in Microsoft websites and apps. You can deactivate this behaviour at http://choice.microsoft.com/de-de/opt-out.
You can find more information about Bing’s analytics services on the Bing Ads website ( https://help.bingads.microsoft.com/#apex/3/de/53056/2 ). You can find more information on data protection at Microsoft and Bing in Microsoft’s privacy policy ( https://privacy.microsoft.com/de-de/privacystatement ).
This site uses so-called web fonts provided by Google for the standardised display of fonts. When you call up a page, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.
For this purpose, the browser you are using must connect to Google’s servers. This informs Google that this website has been accessed via your IP address. The use of Google Web Fonts is
based on Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future. To do this, click on the blue data protection symbol at the bottom left of our website and change your input.
If your browser does not support web fonts, a standard font will be used by your computer.
Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://policies.google.com/privacy?hl=de.
On the basis of your consent (regarding the analysis, optimisation and economic operation of our online offer within the meaning of Art. 6 para. 1 subpara. 1 lit. a. GDPR) HubSpot, a platform for inbound marketing and sales. HubSpot uses cookies. The information generated by the cookie about the use of the online offer by the user is usually transferred to a HubSpot server in the USA and stored there. You can revoke your consent at any time with effect for the future. To do this, click on the blue data protection symbol at the bottom left of our website and change your input.
HubSpot will use this information on our behalf to analyse the use of our online offering by users, to compile reports on the activities within this online offering and to provide us with further services associated with the use of this online offering and the use of the Internet. Pseudonymised user profiles can be created from the processed data. We only use HubSpot with activated IP anonymisation. This means that the IP address of users is truncated by HubSpot within member states of the European Union or in other signatory states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a HubSpot server in the USA and truncated there. The IP address transmitted by the user’s browser is not merged with other HubSpot data. Users can prevent the storage of cookies by selecting the appropriate settings in their browser software. Further information on the use of data by HubSpot, setting and objection options can be found on the HubSpot website: https://legal.hubspot.com/privacy-policy
Videos from Vidyard are integrated on this website. The operator of this video player is Buildscale, Inc. in Kitchener, Canada. When you visit one of our pages equipped with a Vidyard plugin, a connection to the Vidyard servers is established. The Vidyard server is informed which of our pages you have visited.
The use of Vidyard is in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
Further information on the handling of user data can be found in Vidyard’s privacy policy at https://www.vidyard.com/privacy/
We use the consent management service Usercentrics, of Usercentrics GmbH, Sendlinger Str. 7, 80331 Munich, Germany (Usercentrics). This enables us to obtain and manage the consent of website users for data processing. The processing is based on our legitimate interest (Art. 6 para. 1 lit. f GDPR) in providing our website with services requiring consent, which is why a consent management service is required. The following data is processed:
Date and time of access Browser information Device information Geographical location Cookie preferences URL of the page visited
The functionality of the website is not guaranteed without the processing.
Usercentrics is the recipient of your personal data and acts as a processor for us.
The processing takes place in the European Union. Further information on objection and removal options vis-à-vis Usercentrics can be found at: https://usercentrics.com/de/datenschutzerklaerung/
The data will be deleted after 3 years.
Please refer to our general information on deleting and deactivating cookies above.
We would like to get in touch with you and other interested parties, customers and users. We use various social networks for this purpose. You can find out which individual social networks we use in the following section.
As a rule, data is collected which is used for market research and advertising purposes. Such data includes the assignment of your visit to our website to your user account with the social network or the assignment by means of your stored cookies or your IP address. This is usually done by creating user profiles and the resulting interests. This makes it possible to display customised advertising, both within and outside the social network. As a result, cookies may be stored on your computer when you use social networks. However, we would like to point out that we generally have no influence on what data is collected.
Through our social media presence, we would like to provide you with information in the simplest and fastest way possible or give you the opportunity to share such information. Therefore, unless you have consented to data processing on the respective platform, the legal basis is our legitimate interest in accordance with Art. 6 para. 1 subpara. 1 lit. f) GDPR. If you have given your consent on the respective platform, your consent is the legal basis for processing in accordance with Art. 6 para. 1 subpara. 1 lit. a) GDPR and Section 25 para. 1 TTDSG, insofar as the consent within the meaning of the TTDSG relates to the setting of cookies or access to information on your terminal device. You have the right to withdraw your consent at any time with effect for the future. The lawfulness of the data processing until the revocation remains unaffected.
If you revoke your consent, ask us to delete your data or if the purpose for storing the data no longer applies, we will delete your data, unless mandatory legal provisions prevent this. Cookies stored by you will remain on your end device until you delete them.
The data processed as a result of your visit to our presence on social media websites is classified as data processing initiated by us and is therefore subject to joint responsibility with the operator of the social media website in accordance with Art. 26 GDPR. Joint controllership is limited to those processing operations where the purpose and means of processing are decided jointly. If you wish to assert your rights as a data subject, you can do so both against us and against the operator of the social media website.
Furthermore, we would like to point out that your data may also be processed outside the European Union and that you therefore run the risk of not being able to enforce your rights properly.
Facebook (Link)
On our website, we use a link to our presence on the social network Facebook (Facebook fan page) to interact with Facebook users who visit the fan page. For this Facebook fan page, we are joint controllers with Facebook Ireland Ltd (4 Grand Canal Square, Dublin 2, Ireland; hereinafter: “Facebook”) in accordance with Art. 26 of the General Data Protection Regulation (GDPR). The joint controllership agreement can be found at the following link https://www.facebook.com/legal/terms/page_controller_addendum
We hereby inform you about the type and scope of personal data that is processed when you use our Facebook fan page.
Our purpose in processing your personal data is to provide visitors with a modern information platform and an opportunity to interact on Facebook. The basis for processing is therefore our legitimate interest in accordance with Art. 6 para. 1 subpara. 1 lit. f) GDPR. The interests of the users are always taken into account. Information on the legal basis for processing on Facebook can be found at http://www.facebook.com/about/privacy/legal_bases/
When you visit our Facebook fan page, Facebook collects and processes personal data on the basis of legitimate interest in accordance with Art. 6 (1) (1) (f) GDPR. Some of this data is provided to us in summarised form via the so-called “Insights” (Facebook user statistics). A cookie is stored on the user’s device for this purpose. The purpose of this is to be able to use this information again at a later date. The cookie remains active for a period of two years if it is not deleted. Further information from Facebook on the use of cookies can be found in the Facebook cookie policy at https://de-de.facebook.com/policies/cookies/. The transmission of these user statistics takes place exclusively in anonymised form and there is no possibility for us to access the underlying data.
If you have consented to data processing on Facebook, your consent is the legal basis for processing in accordance with Art. 6 para. 1 subpara. 1 lit. a) GDPR and § 25 para. 1 TTDSG, insofar as the consent within the meaning of the TTDSG relates to the setting of cookies or access to information on your terminal device.
Data transfer to the USA is based on the EU standard contractual clauses, details of which can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum
If you are already logged in to Facebook via your personal user account, the information about your visit to our website is automatically forwarded to Facebook. It is then possible for Facebook to assign the visit to the website to your account. If you do not wish your data to be transmitted and stored by Facebook, please log out of your Facebook account.
LinkedIn (Link)
On our website, we use a link to the social network LinkedIn, which is operated exclusively by LinkedIn Ireland Unlimited Company (Wilton Place, Dublin 2, Ireland); hereinafter referred to as “LinkedIn”.
The link is identified by the LinkedIn logo (not a LinkedIn plugin). When you click on the LinkedIn logo, your browser establishes a direct connection to the LinkedIn servers. If you are already logged in to LinkedIn via your personal user account, the information about your visit to our website is automatically forwarded to LinkedIn. It is then possible that LinkedIn will assign the visit to the website to your account.
If you have consented to data processing at LinkedIn, your consent pursuant to Art. 6 para. 1 subpara. 1 lit. a) GDPR and § 25 para. 1 TTDSG, insofar as the consent within the meaning of the TTDSG relates to the setting of cookies or access to information on your terminal device, is the legal basis for the processing. You have the right to withdraw your consent at any time with effect for the future. The legality of the data processing until the revocation remains unaffected.
The data transfer to the USA is based on the EU standard contractual clauses, details of which can be found here: https:
//www.linkedin.com/legal/l/eu-sccs We would like to point out that we have no knowledge of the content of the transmitted data or its use by LinkedIn. The following link leads to LinkedIn’s privacy policy: http://de.linkedin.com/legal/privacy-policy
LinkedIn Insight Tag
Our website also uses Insight Tag technology, which is operated exclusively by LinkedIn Ireland Unlimited Company (Wilton Place, Dublin 2, Ireland); hereinafter referred to as “LinkedIn”. The purpose of the Insight tag is to enable us to optimise our campaigns, retarget website visitors and learn more about our target audience. The LinkedIn Insight tag creates a unique LinkedIn browser cookie in a visitor’s browser and enables the collection of the following data for this cookie: metadata such as IP address, timestamp and page events (e.g. page views). The log files (i.e. URL, referrer URL, IP address, device and browser properties and the time of access) are also recorded by LinkedIn. After seven days, the direct identifiers of LinkedIn members are deleted; the remaining data is pseudonymised and deleted after 180 days.
LinkedIn does not share any personal data with us, but only provides summarised reports on the website target group and display performance. LinkedIn members can control the use of their personal data for advertising purposes in their account settings. You have the option to object to the analysis of usage behaviour and targeted advertising by LinkedIn here: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
The legal basis for the processing of the data is your consent in accordance with Art. 6 para. 1 lit. a) GDPR and § 25 para. 1 TTDSG, insofar as the consent within the meaning of the TTDSG relates to the setting of cookies or access to information on your terminal device. You have the right to withdraw your consent at any time with effect for the future. The legality of the data processing carried out until the revocation remains unaffected.
You can find more information about the LinkedIn pixel at: https://www.linkedin.com/help/linkedin/answer/65521. You can find LinkedIn’s privacy policy at https://www.linkedin.com/legal/privacy-policy and https://www.linkedin.com/help/linkedin/answer/87150/linkedin-marketinglosungen-und-die-datenschutz-grundverordnung-dsgvo-?lang=de.
Data transfer to the USA is based on the EU standard contractual clauses, details of which can be found here: https://www.linkedin.com/legal/l/eu-sccs
Social network; service provider: Instagram Inc, 1601 Willow Road, Menlo Park, CA, 94025, USA, parent company: Facebook, 1 Hacker Way, Menlo Park, CA 94025, USA; Website: https://www.instagram.com; Privacy Policy: https://instagram.com/about/legal/privacy.Details for information on how they handle your personal data, please refer to Instagram’s privacy policy: https://help.instagram.com/519522125107875.
LinkedIn Sales Navigator
We actively use the LinkedIn Sales Navigator service of LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland (“LinkedIn”) to find, approach, communicate or initiate business contacts.
For this purpose, we process the data provided to us by LinkedIn. This is usually profile information, in particular name, company, position in the company, professional experience, education and the activities and other contacts of the respective member. If communication takes place following an active approach, the content of this communication is processed by us. It is also possible that we transfer this data to our CRM system and merge or link it with data already available there.
The legal basis for addressing and communicating with business contacts via LinkedIn’s InMail function is the consent of the LinkedIn member, for users from the European Union in accordance with Art. 6 para. 1 lit. a) GDPR, provided that this was given when registering on LinkedIn. Each member can revoke their consent at any time by adjusting their communication settings accordingly in the data protection settings at https://www.linkedin.com/psettings/data-sharing or by using the link in each InMail to revoke consent. The legal basis for the processing of profile information in the advanced search and the comparison with our CRM data and an export of LinkedIn profile information to our CRM is our legitimate interest – for users from the European Union in accordance with Art. 6 para. 1 lit. f) GDPR – in effectively finding interesting members as potential business contacts and in maintaining a CRM system with correct and complete data records. If a member sends us an enquiry or a business relationship already exists, the legal basis for users from the European Union may also be Art. 6 para. 1 lit. b) GDPR. Further information on data protection at LinkedIn can be found at https://de.linkedin.com/legal/privacy-policy.
If we process your personal data, you have the following rights as a data subject:
- a right to information about the processed data and to a copy,
- a right to rectification if we process incorrect data about you,
- a right to erasure, unless there are exceptions as to why we still store the data, e.g. retention obligations or limitation periods
- a right to restriction of processing,
- the right to withdraw consent to data processing at any time,
- the right to object to processing for reasons of public or legitimate interest,
- a right to data portability,
the right to lodge a complaint with a data protection supervisory authority if you believe that we are not processing your data properly. The Hamburg Commissioner for Data Protection and Freedom of Information is responsible for us. However, if you are in another federal state or not in Germany, you can also contact the data protection authority there.
4. Data processing of business partners
If you have an enquiry, request a quote from us or conclude a contract with us, we process your personal data. In addition, we also process your personal data to fulfil legal obligations, to protect a legitimate interest or on the basis of your consent.
Depending on the legal basis, the following categories of personal data are involved:
- Company name
- First name, surname
- Official address
- Business communication data (telephone, e-mail address)
- Contract master data, in particular contract number, term,
- Cancellation period, type of contract
- Invoice data/sales data
- Payment details/account information
- Account information, in particular registration and logins
In the course of contract initiation, we also use data provided to us by third parties. Depending on the type of contract, the following categories of personal data are involved:
- Information on creditworthiness (via credit agencies)
We process personal data that we receive from our customers.
Or/And
We receive personal data from the following organisations:
- Credit agencies
- Publicly accessible sources: Commercial or association registers, debtor directories, land registers
- Other Group companies
- Company Websites
With your consent (Art. 6 para. 1 a GDPR), we process your data for the following purposes:
- To process and respond to your request
- Sending of the subscribed newsletter incl. personalised profiling and tracking
- Marketing and advertising – creating customer profiles
- Publication of a customer reference (name and image)
For the fulfilment or initiation of a contract (Art. 6 para. 1 b GDPR)
- Contract-related contact
- To process and respond to your request
- Execution of the shipping order
- Ongoing customer support, service centre
- Account management
- Receivables management
- Shipment tracking: Delivery / shipment completion / notification of problems
- Forwarding to the relevant service provider for contract fulfilment
For the fulfilment of legal obligations (Art. 6 para. 1 c GDPR)
As a company, we are subject to various legal obligations. In order to fulfil these obligations, it may be necessary to process personal data.
- Control and reporting obligations, such as customs regulations or the Anti-Terrorism Regulation
- Prevention/defence against criminal acts
- IATA guidelines
We process your data to protect our legitimate interests (Art. 6 para. 1 f GDPR) for the following purposes:
- Direct advertising and market and opinion research
- Optimum customer care / contact relationship, also with the contact persons at our business partners
- Optimisation of our business processes, e.g. by maintaining a supplier or prospective customer database, also as part of “Customer Relationship Management”;
- Reduction of default risks by consulting and exchanging data with credit agencies and to determine score values (profiling)
- Assertion and defence of legal claims
In order to fulfil our contractual and legal obligations, your personal data will be disclosed to various public or internal bodies and external service providers.
Companies within the Group:
The LetMeShip Group maintains a centralised customer data management system that can be accessed by employees of all affiliated companies in order to offer you the full range of our services from a single source. You can view the companies in the LetMeShip Group at this link www.letmeship.com.
External service providers
- IT service providers (e.g. maintenance service providers, hosting
service provider)
- Service provider for file and data destruction
- Printing services
- Telecommunications
- Payment service provider
- Advice and consulting
- Service provider for marketing or sales
- Credit agencies
- Authorised dealer
- OTRS
- i-TMS
- Carriers
- MyTNT
- Opal
- Service provider for telephone support (call centre)
Public bodies
In addition, we may be obliged to transfer your personal data to other recipients, such as authorities to fulfil legal reporting obligations.
- Tax authorities
- Customs authorities
- Authorities responsible for reporting violations of the IATA guidelines
Countries outside the European Union (and the European Economic Area “EEA”) handle the protection of personal data differently than countries within the European Union. We also use service providers located in third countries outside the European Union to process your data. There is currently no decision by the EU Commission that these third countries generally offer an adequate level of protection.
We have therefore taken special measures to ensure that your data is processed in third countries just as securely as within the European Union. We conclude standard data protection clauses provided by the Commission of the European Union with service providers in third countries. These clauses provide suitable guarantees for the protection of your data with service providers in the third country.
If you wish to inspect the existing guarantees, you can contact us at Datenschutz@letmeship.com.
We store your personal data for as long as is necessary to fulfil our legal and contractual obligations.
If storage of the data is no longer necessary for the fulfilment of contractual or legal obligations, your data will be deleted unless further processing is necessary for the following purposes:
- Fulfilment of retention obligations under commercial and tax law. These include retention periods from the German Commercial Code (HGB) or the German Fiscal Code (AO). The retention periods are 10 years.
- Preservation of evidence within the framework of the statutory limitation periods. According to the limitation provisions of the German Civil Code (BGB), these limitation periods can be up to 30 years in some cases; the regular limitation period is three years.
If we process your personal data, you have the following rights as a data subject:
- a right to information about the processed data and to a copy,
- a right to rectification if we process incorrect data about you,
- a right to erasure, unless there are still exceptions as to why we still store the data, e.g. retention obligations or limitation periods
- a right to restriction of processing,
- the right to withdraw consent to data processing at any time,
- the right to object to processing for reasons of public or legitimate interest,
- a right to data portability,
the right to lodge a complaint with a data protection supervisory authority if you believe that we are not processing your data properly. The Hamburg Commissioner for Data Protection and Freedom of Information is responsible for us. However, if you are in another federal state or not in Germany, you can also contact the data protection authority there.
5. DATA PROCESSING FOR APPLICATION PROCEDURES
We process your personal data to the extent that this is necessary to carry out the application process. This includes the following data categories:
Standard information
- Applicant master data (first name, surname, address, job position)
- Qualification data (cover letter, CV, previous activities, professional qualifications)
- (Employment) references and certificates (performance data, assessment data, etc.)
Other information
- Voluntary information, such as an application photo, information on severe disability or other information that you voluntarily provide us with in your application.
In principle, we only process the personal data that we receive from you as part of the application process.
In some cases, we receive personal data from the following sources
- Service provider for applicant placement
We process your personal data in particular in compliance with the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG) as well as all other relevant laws.
Data processing for the purposes of the application relationship (Art. 6 para. 1 sentence 1 lit. b) GDPR)
Personal data of applicants may be processed for the purposes of the application procedure if this is necessary for the decision on the establishment of an employment relationship with us.
The necessity and scope of the data collection depends, among other things, on the position to be filled. If your desired position involves the fulfilment of particularly confidential tasks, increased personnel and/or financial responsibility, more extensive data collection may be necessary. For example, we ask our applicants to provide us with a police clearance certificate. In order to protect data privacy, such data processing will only take place either after the selection of applicants has been finalised, immediately before you are hired or only after you have been hired.
Data processing on the basis of your consent (Art. 6 para. 1 sentence 1 lit. a) GDPR)
If you have given us your voluntary consent to the collection, processing or transfer of certain personal data, this consent forms the legal basis for the processing of this data.
In the following cases, we process your personal data on the basis of your consent:
- Inclusion in the applicant pool, i.e. we store the application documents beyond the current application procedure for consideration in subsequent application procedures.
On the basis of the legitimate interest of the controller (Art. 6 para. 1 sentence 1 lit. f) GDPR)
In certain cases, we process your data to protect our legitimate interests or those of third parties:
- For the defence of legal claims in proceedings under the General Equal Treatment Act (AGG). In the event of a legal dispute, we have a legitimate interest in processing the data for evidence purposes.
Your data is mainly processed by our HR department and the head of the department that fills your position. However, other internal and external departments may also be involved in the processing of your data.
Internal positions, depending on the job advertisement
- Personnel department
- Team leader
- Authorised signatories
- Management Board
External service providers
- IT service providers (e.g. maintenance service providers, hosting service providers, HR software)
- Service provider for file and data destruction
We attach great importance to processing your data within the EU/EEA. However, we may use service providers who process data outside the EU/EEA. In these cases, we ensure that an appropriate level of data protection comparable to the standards within the EU is established at the recipient before your personal data is transferred. This can be achieved, for example, by means of EU standard contracts or binding corporate rules or special agreements to which the company may be subject.
We store your personal data for as long as is necessary for the decision on your application. If an employment relationship between you and us does not materialise, we may continue to store data if this is necessary for the defence against possible legal claims. As a rule, your data will be deleted within 8 months of the end of the application process.
If an employment relationship does not materialise, but you have given us your consent to continue storing your data, we will store your data until you withdraw your consent, but for a maximum of one year. We may also store your data for a longer period for the purpose of defence against possible legal claims if there is a specific reason for doing so.
If we process your personal data, you have the following rights as a data subject:
- a right to information about the processed data and to a copy,
- a right to rectification if we process incorrect data about you,
- a right to erasure, unless there are exceptions as to why we still store the data, e.g. retention obligations or limitation periods
- a right to restriction of processing,
- the right to withdraw consent to data processing at any time,
- the right to object to processing for reasons of public or legitimate interest,
- a right to data portability,
the right to lodge a complaint with a data protection supervisory authority if you believe that we are not processing your data properly. The Hamburg Commissioner for Data Protection and Freedom of Information is responsible for us. However, if you are in another federal state or not in Germany, you can also contact the data protection authority there.