Data Privacy Policy

Data Protection Officer
Rhenus-Platz 1
59439 Holzwickede
Germany
Email: [email protected]
Website: www.rhenus.group

We would like to provide you with the following notes and information regarding the way that we carefully protect your private details and the extensive level of confidentiality when handling your data:

1. Anonymous data collection

In principle, you can use our websites without informing us who you are. We only learn about technical data like the name of your Internet service provider, the website from which you come and the corporate websites that you visit. This information is assessed with the date and time details for internal statistical purposes related to advertising, website analysis and for designing our websites to meet needs. You remain completely anonymous as a user in this process. No pseudonymised user profiles are generated.

2. The purpose and legal basis of data processing

The temporary storage of the IP address by the system is necessary in order to enable the website to be sent to the user’s computer. The user’s IP address must be stored for the duration of the session. The legal basis for temporarily storing the data is found in Article 6 Para. 1 f) of the GDPR.

3. The length of time that data is stored

The data is deleted as soon as it is no longer necessary to achieve the purpose for which it was gathered. When gathering data to make available the website, deletion occurs once the session in question has ended.

4. Opportunity to object and to have the data removed

The logging of data for making available the website and storing data in log files is absolutely necessary to operate the Internet site. There is therefore no opportunity for the user to object to this.

1. Description and scope of the data processing

We make use of cookies to improve the quality of establishing the link with and the content of our website and to provide user-oriented navigation that is as smooth as possible. We make use of so-called session cookies that are restricted to the time of your visit to the website. They are used to determine which content is viewed from your PC while you continue to surf and they also play a role in increasing your security when surfing. Once you leave our website or do not click on it for a certain time, these short-term cookies are deleted again.  

Cookies cannot do any damage to your PC. They do not cause any security risk in the sense of viruses or spying on your PC. You control how cookies are handled yourself. Please use the help function in your browser to allow, reject, view and delete them.

We make use of cookies in order to make our website more user-friendly. Some elements on our website require us to identify the browser making the request after you move from one site to another. The following data is therefore stored and transmitted in the cookies:

• language settings

We also use cookies that enable an analysis of the surfing behaviour of users. The following data can be transmitted in this way:

• search terms that are entered

2. The purpose and legal basis of data processing

The purpose of using absolutely necessary cookies (technically necessary cookies) is to enable the use of websites for the users. The legal basis for the processing of personal data using absolutely necessary cookies is Article 6 Para. 1 f) of the GDPR.

Some functions of our website are not available without using cookies. It is essential for them that the browser is recognised again after a change of site. We need cookies for the following applications:

• to take over language settings

The user data collected through the cookies required for technical purposes is not used to draw up any user profiles.

Analysis cookies are used for the purpose of improving the quality of our website and its content. The analysis cookies enable us to see how the website is being used and we are then able to continually optimise our services. The following analysis cookies are used:

• to note search terms

The legal basis for the processing of personal data using non-technically necessary cookies (performance cookies) is Article 6 Para. 1 a) of the GDPR (consent).

3. The length of time that data is stored and the opportunity to object and to have the data removed

Cookies are stored on the user’s computer and are transmitted to our site by the latter. As a user, you therefore have full control over the use of cookies. By making changes to the settings in your Internet browser, you can deactivate or restrict the sending of cookies. Any cookies already stored can be deleted at any time. This can take place automatically too. If cookies are deactivated for our website, it may not be possible for you to make full use of all the functions available on the website.

You can subscribe to our free newsletter on our website. There are three ways to register:

1. Directly via the newsletter form on the website.
2. At the invitation of a sales representative - If a contact expresses an interest in the newsletter, they will receive a registration link via our CRM system that refers to the newsletter form on the website.
3. Via the contact form - Detailed information can be found in the "Contact form" section.

The following data is processed as part of the registration via the newsletter form:

• First name and surname
• E-mail address
• Company (optional)
• Location (required to determine the applicable SOI or DOI procedures)

In addition, we store the IP addresses you use and the times of registration and confirmation. The data collected is hosted securely in the Rhenus data centre. The data collected is used exclusively for sending the newsletter within the scope of your consent given in accordance with Art. 6 para. 1 lit. a GDPR. You can revoke your consent at any time. The legality of the data processing operations that have already taken place remains unaffected by the cancellation.

To confirm your enquiry and e-mail address, we use the double or single opt-in procedure depending on the location. The purpose of processing as part of the double opt-in procedure is to verify your registration and to prevent possible misuse of the services or unauthorised use of your data. Data processing in connection with the sending of the confirmation e-mail for your registration and the associated data logging (in the DOI procedure) is carried out in accordance with Art. 6 para. 1 lit. f GDPR due to our legitimate interest in proving your proper registration, as well as due to our legal obligations of proof in accordance with Art. 6 para. 1 lit. c GDPR.

Rhenus Assets & Services GmbH &Co KG supports us as a processor in carrying out the processing. The newsletter is sent with the help of Microsoft Dynamics 365, which is installed on Rhenus' own servers. All data is hosted in Rhenus' own databases.

The stored data is deleted as soon as it is no longer required for the original purpose of collection. The user's email address remains stored as long as the newsletter subscription is active. The newsletter subscription can be cancelled by the user at any time. There is a corresponding unsubscribe link in every newsletter.

If you purchase goods or services via our website and provide your e-mail address, this may be used to send you our newsletter. In this case, you will only receive direct advertising for similar own products or services. The legal basis for sending newsletters in connection with the purchase of goods or services is Section 7 para. 3 UWG or Art. 6 para. 1 lit. f GDPR. Pursuant to Section 7 (3) No. 3 UWG, customers whose email address was disclosed in the context of a sale of goods or services and is used for direct advertising have a right to object. The objection can be declared at any time.

After you unsubscribe from the newsletter distribution list, your e-mail address will be stored in a blacklist to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.

On our website you have several options for jumping to different tools of the Rhenus Group. Some of these require logins / registrations. The respective data protection regulations can be found on the start pages of the tools.

There is a contact form on our website, which can be used for electronic contact. If a user makes use of this option, the data entered in the input mask will be transmitted to us and stored. In the contact form there is the possibility to make a business or a private request.

In the case of a business enquiry, the following data is processed: subject, salutation, first name, last name, e-mail address, name and address of the company, telephone number (optional), free text, time of the enquiry, IP address.

In the case of a private enquiry, the following data is processed: subject, salutation, first name, last name, e-mail address, telephone number (optional), free text, time of the enquiry, IP address.

Alternatively, it is possible to contact us via the e-mail address provided. In this case, the user's personal data transmitted with the e-mail will be stored.

The processing of the personal data from the contact form or your e-mail serves us solely to process the contact and in the event of follow-up questions. The legal basis for the processing of the data is our legitimate interest in answering your request in accordance with Art. 6 (1) (f) GDPR and, if applicable, Art. 6 (1) (b) GDPR, provided that your request is aimed at concluding a contract. The other personal data processed during the submission process serves to prevent misuse of the contact form and to ensure the security of our information technology systems. The legal basis for the processing of personal data is Art. 6 (1)  (f) GDPR.

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected and there are no statutory retention obligations to the contrary. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the facts in question have been conclusively clarified. The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

The personal data from the contact formula is stored in the Customer Relationship Management ("CRM") system Microsoft Dynamics 365 in order to be able to manage contact requests as efficiently as possible. The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland.

The enquiries are processed by the central specialist department of Rhenus Assets & Services GmbH & Co. KG, Rhenus-Platz 1, 59439 Holzwickede, Germany. If necessary, we will forward your request to the responsible Rhenus company for internal processing. The latter processes the data you provide in order to contact you about the enquiry.

In the case of Art. 6 (1) (f) GDPR, you can object to the processing of your personal data at any time. We would like to point out that in this case your request cannot be processed further. You can declare your objection by sending an e-mail to the e-mail address specified in the privacy policy.

Google reCAPTCHA, Google Maps API). If you give your consent through our cookie banner, we will transfer the necessary data to the respective provider (e.g. your IP address).

If you consent to the activation of these services through our cookie banner, it cannot be ruled out that personal data will be transmitted to providers in countries outside the European Economic Area (EEA) which, from the point of view of the European Union ("EU"), do not ensure an "appropriate level of protection" for the processing of personal data in accordance with EU standards. Possible risks that cannot currently be ruled out are in particular:

- Your personal data could possibly be passed on to other third parties beyond the actual purpose (for example: use your data for advertising purposes.)

- You may not be able to sustainably assert or enforce your right to information toward the third-party provider.

- There is possibly a higher probability that incorrect data processing can occur, as the technical and organizational measures taken by third-party providers to protect personal data do not fully meet the requirements of the GDPR in terms of quantity and quality.

- The risk of data transmission to the USA is basically the relatively easy access to data by US authorities, as well as the fact that EU citizens do not have effective legal remedies against the extensive access rights of US authorities to personal data.

Please take this fact into account before you give your consent and thus allow your data to be transmitted.

For more information, please refer to our cookie banner.

The same applies to the social media profiles we operate when you visit our pages at the respective social media provider (Facebook, Instagram, LinkedIn).