keyboard_arrow_up

NAME AND ADDRESS OF THE CONTROLLER

The controller in the sense of the General Data Protection Regulation and other national data protection laws in the member states as well as other data protection law provisions is:


Rhenus Donauhafen Krems Gesellschaft m.b.H. & Co KG
Karl Mierka Str. 7-9, A-3500 Krems
Tel.Nr. 0043 2732 73571-0
Fax: 0043 2732 73571-251
e-mail: donauhafen@rhenus.com

 

ADDRESS AND CONTACT DATA OF THE DATA PROTECTION OFFICER

Data Protection Officer
Rhenus-Platz 1
59439 Holzwickede
Germany
Email: dataprotection@de.rhenus.com
Website: www.rhenus.group


We would like to provide you with the following notes and information regarding the way that we carefully protect your private details and the extensive level of confidentiality when handling your data:

 

MAKING AVAILABLE THE WEBSITE AND GENERATING LOG FILES

1. Anonymous data collection

In principle, you can use our websites without informing us who you are. We only learn about technical data like the name of your Internet service provider, the website from which you come and the corporate websites that you visit. This information is assessed with the date and time details for internal statistical purposes related to advertising, website analysis and for designing our websites to meet needs. You remain completely anonymous as a user in this process. No pseudonymised user profiles are generated.

2. The purpose and legal basis of data processing

The temporary storage of the IP address by the system is necessary in order to enable the website to be sent to the user’s computer. The user’s IP address must be stored for the duration of the session. The legal basis for temporarily storing the data is found in Article 6 Para. 1 f) of the GDPR.

3. The length of time that data is stored

The data is deleted as soon as it is no longer necessary to achieve the purpose for which it was gathered. When gathering data to make available the website, deletion occurs once the session in question has ended.

4. Opportunity to object and to have the data removed

The logging of data for making available the website and storing data in log files is absolutely necessary to operate the Internet site. There is therefore no opportunity for the user to object to this.

CONTACT FORM AND EMAIL CONTACT

1. Description and scope of managing the data

There is a contact form on our website and it can be used to make contact electronically. If a user makes use of this facility, the data entered on the input form is sent to us and stored. This data involves:

  • subject
  • first name
  • last name
  • email address
  • name of the company
  • address of the company
  • country/Region
  • phone number
  • details of your delivery
  • free text
  • time of the request
  • IP address

Alternatively, it is possible to make contact via the email address that is made available. In this case, the user’s personal data that is sent with the email is stored.  

2. The purpose and legal basis of data processing

Within the scope of your contacting us, we process your personal data on the basis of the following legal principles for the following purposes:

The processing of the personal data from the contact form or your email serves us solely to process the contact and in case of follow-up questions. The legal basis for the processing of the data is our legitimate interest in answering your request in accordance with Article 6 Para. 1 f) of the GDPR and, if applicable, Article 6 Para. 1 b) of the GDPR, if your request is aimed at the conclusion of a contract.

The other personal data processed when the email is sent is used to prevent any misuse of the contact form and guarantee the security of our IT systems.  The legal basis for the processing of personal data is Article 6 Para. 1 f) of the GDPR.

3. The length of time that data is stored

The data is deleted as soon as it is no longer required to achieve the purpose for which it was gathered. This is the case for any personal data from the input form in the contact form and the data that is sent by email when the relevant conversation with the user has been concluded. The conversation has been ended when the circumstances suggest that the facts of the case in question have been finally resolved.

The personal data, which is also gathered during the sending procedure, is deleted after a period of seven days, at the very latest.

4. Recipients of the data

In our contact form you can select the topic on which you would like to make an inquiry. Inquiries on the topic "General" are handled by the central specialist department. If necessary, we will forward your inquiry to the responsible Rhenus company for internal processing. This company will process the data you have provided in order to contact you regarding your inquiry.

Enquiries on all other topics are automatically forwarded for internal processing to the stored contact mail of the relevant Rhenus company and processed there. This company will process the data you have provided in order to contact you regarding your inquiry.

5. Opportunity to object and to have the data removed

In the case of Article 6 Para. 1 f) GDPR, you can object to the processing of your personal data at any time. Please note that in this case your request cannot be processed further. You can declare your objection by sending an email to our email address given above.

Friendly Captcha

We use Friendly Captcha on our website, a service provided by Friendly Captcha GmbH, Am Anger 3-5, 82237 Wörthsee, Germany.

Friendly Captcha is a privacy-friendly protection solution to make it more difficult for automated programs and scripts (so-called “bots”) to use websites. Friendly Captcha thus protects websites from misuse. For this purpose, we have integrated a program code from Friendly Captcha in certain areas of our website, e.g. in a contact form. This causes the visitor's end device to establish a connection to the Friendly Captcha servers in connection with the protected area (e.g. sending a contact form). The visitor's browser receives a calculation task from Friendly Captcha. The complexity of the calculation task depends on various risk factors. The visitor's end device solves the calculation task, which requires certain system resources, and sends the calculation result to our web server. This contacts the Friendly Captcha server via an interface and receives a response as to whether the puzzle has been solved correctly by the end device.

In addition, the visitor's browser transmits connection data, environmental data, interaction data and functional data to Friendly Captcha. Friendly Captcha evaluates this data and determines how likely it is that it is a human user or bot and transmits the result to our web server.

Friendly Captcha does not store any personal data about the visitor. Data that could identify the visitor (such as IP addresses) is anonymized using one-way hashing. Friendly Captcha does not use HTTP cookies and does not store any data in the persistent browser memory.

The legal basis for the use of Friendly Captcha is Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in protecting the website from abusive, automated crawling and spam.

You can find further information at: https://friendlycaptcha.com/de/legal/privacy-end-users/

THE RIGHTS OF DATA SUBJECT

1. Right of access

You can request confirmation from us as to whether personal data concerning you is being processed by us. If such processing has taken place, you can request information from us about the following:

(1) the purposes for which the personal data is being processed;

(2) the categories of personal data that are being processed;

(3) the recipients or the categories of recipients to whom the personal data related to you has been disclosed or is still being disclosed;

(4) the planned time span for storing the personal data related to you or, if specific details on this are not possible, the criteria for determining the time span for storage;

(5) the existence of any right to correct or delete the personal data related to you, a right to restrict the processing of the data by the controller or a right to object to this processing of data;  

(6) the existence of a right to make a complaint to a supervisory authority;

(7) all the information that is available about the origin of the data, if the personal data is not being gathered from the person involved;

You can receive a free copy of your data from us. If you are interested in further copies, we reserve the right to charge you for the additional copies.

2. Right to rectification

You have the right to have the controller correct and/or complete any data, if the personal data that is being processed and concerns you is incorrect or incomplete. The controller must make the correction immediately.

3. Right to restriction of processing

You may demand restrictions on the processing of the personal data related to you in the following situations:

(1) if you dispute the correctness of the personal data related to you for a period that enables the controller to check the correctness of the personal data;

(2) if the processing of the data is illegal and you reject any deletion of your personal data and demand that restrictions are placed on the use of your personal data instead;

(3) if the controller no longer requires the personal data for the purposes of processing it, but you require it to assert, exercise or defend legal claims; or

(4) if you have lodged an objection to the processing according to Article 21 Para. 1 of the GDPR and it is not yet clear whether the legitimate reasons presented by the controller override your reasons.

4. Right to erasure

You may demand from the controller that the personal data related to you is deleted immediately and the controller shall be obliged to delete this data immediately if one of the following reasons applies:

(1) the personal data related to you is no longer required for the purposes for which it was gathered or processed in some other way;

(2) you withdraw your consent, on which the processing of the data was based according to Article 6 Para. 1 a) or Article 9 Para. 2 a) of the GDPR, and there is no other legal basis for processing the data;

(3) you lodge an objection against any processing of the data according to Article 21 Para. 1 of the GDPR and there are no overriding legitimate reasons for the processing of the data or you lodge an objection to the processing of the data according to Article 21 Para. 2 of the GDPR;

(4) the personal data related to you has been processed illegally;

(5) the deletion of the personal data related to you is necessary to fulfil a legal obligation according to the laws of the Union or the law of the member states, to which the controller is subject;  

(6) the personal data related to you was gathered in relation to information society services according to Article 8 Para. 1 of the GDPR.

a) Exceptions

There is no right to have the data deleted if the processing of the data is required:

(1) to exercise the right of free expression and information;

(2) to meet a legal obligation, which requires the processing of the data according to the laws of the Union or the member states, to which the controller is subject, or to perform a task that is of public interest or takes place in connection with exercising any state authority that has been transferred to the controller;

(3) for reasons of public interest in the field of public health according to Article 9 Para. 2 h) and i) as well as Article 9 Para. 3 of the GDPR;

(4) for archiving purposes that are in the public interest, scientific or historical research purposes or for statistical purposes according to Article 89 Para. 1 of the GDPR, if the right cited in paragraph a) will probably make the achievement of the goals of this processing of data impossible or will serious impair it; or

(5) to assert, exercise or defend legal claims.

5. Right to data portability

You have the right to receive the personal data related to you, which you have made available to the controller, in a structured, conventional and machine-readable format. You also have the right to transfer this data to a different controller without any obstruction by the first controller, to which the personal data was made available, if

(1) the processing of the data is based on consent in line with Article 6 Para. 1 a) of the GDPR or Article 9 Para. 2 a) of the GDPR or on a contract according to Article 6 Para. 1 b) of the GDPR and

(2) the processing of the data takes place using automated procedures.

When exercising this right, you also have the right to ensure that the personal data related to you is directly transferred from one controller to a different controller, if this is technically feasible. The freedoms and rights of other persons may not be impaired by this process.

The right to data portability shall not apply to any processing of personal data that is necessary to perform a task that is in the public interest or takes place in connection with exercising any state authority that has been transferred to the controller.

6. The right to object

You have the right to lodge an objection at any time to the processing of the personal data related to you, if this takes place according to Article 6 Para. 1 e) or f) of the GDPR, for reasons arising from your particular situation; this shall also apply to any profiling supported by these stipulations. In this case we will no longer process your data. The latter does not apply if we can prove that there are compelling reasons for processing worthy of protection which outweigh your interests or if we need your data to assert, exercise or defend legal claims.

If the personal data related to you is processed to provide direct marketing, you have the right to lodge an objection to the processing of the personal data related to you for the purpose of this kind of advertising at any time; this shall also apply to profiling, if it is connected to this kind of direct marketing. If you object to the processing of the data for the purposes of direct marketing, the personal data related to you will no longer be processed for these purposes.

7. The right to cancel the declaration of consent under data protection law

You have the right to cancel your declaration of consent provided under data protection law at any time. By cancelling your consent, the legitimacy of the processing of the data that was performed on the basis of your consent until your cancellation shall not be affected.

8. The right to lodge a complaint to a supervisory authority

Regardless of any different administrative law or judicial remedy, you have the right to lodge a complaint with a supervisory authority, particularly in the member state of your place of residence, your place of work or the place of the alleged breach, if you believe that the processing of the personal data related to you breaches the GDPR.