Data protection

1. How our company handles your personal data

Thank you for your interest in our company. We take the protection of your personal data very seriously.

We would like to use this Data Privacy Statement to inform you in a general, transparent and understandable way about how we ensure our company handles your personal data in a legally compliant manner pursuant to the General Data Protection Regulation (“GDPR”).

Our webpage at www.e3spedition.com constitutes a telemedia service. As a telemedia service provider as per § 13(1) TMG (Telemediengeset, the German Telemedia Act), we are obliged to notify visitors to our webpages, at the outset of their use thereof, of the manner, scope, and purpose of our collection and utilisation of personal data.

E3 Spedition-Transport GmbH has, as the entity responsible for such data processing, implemented numerous technological and organisational measures to ensure that the personal data processed through this Internet page are afforded protection that is as continuous and unbroken as possible.

It is possible, in principle, to use our Internet page without providing any personal data such as your first and last names, etc. If, however, you (as the data subject) wish to avail yourself of a service through our Internet page, personal data may be required. The processing of personal data is required, for example, for the following purposes:

• correspondence / an application process

in which case we generally obtain your consent, pursuant to Art. 6(1) first sentence lit. (a) GDPR regarding data processing and your agreement with this Data Privacy Statement.

Alternatively, you have the option of contacting us, for example by telephone. Our data processing is always conducted in accordance with the General Data Protection Regulation. The legal basis for our processing of data is Art. 6(1), sentence 1, lit. f GDPR. The data controller’s legitimate interest lies in the aforementioned listed purposes.

2. Definitions

This Data Privacy Statement is based on the terminology used by the European directive- and regulation-issuing authority in its enactment of the General Data Protection Regulation (GDPR). Our Data Privacy Statement is intended to be easily read and understood by both the public and our customers and business partners. To ensure that this is the case, we wish to explain in advance the terminology used.

In this Data Privacy Statement we have used the following terms, among others:

a) Personal data

Personal data are defined as any information that relates to an identified or identifiable natural person (hereinafter a “data subject”). Any natural person who can be directly or indirectly identified, in particular by attribution of an identifier such as a name or identification number, is regarded as identifiable.

Location data, or by attribution of an online identifier or of one or more special characteristics that are expressions of the physical, physiological, genetic, psychological, financial, economic, cultural or social identity of that natural person.

b) Data subject

A data subject is any identified or identifiable natural person whose personal data are processed by the party responsible for that processing.

c) Processing

Processing is defined as any operation or set of operations which is performed in connection with personal data, whether or not by an automated process, such as collecting, recording, organising, structuring, storing, adapting or altering, retrieving, querying, using, disclosing by means of transfer, disseminating or otherwise making available, aligning or linking, restricting, erasing or destroying.

d) Restriction of processing

Restriction of processing is defined as the marking of stored personal data with the aim of limiting its processing in the future.

e) Profiling

Profiling is defined as any type of automated processing of personal data consisting in the use of those personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects relating to the person’s work performance, financial position, health, personal preferences, interests, reliability, behaviour, habitual residence or change of residence.

f) Pseudonymisation

Pseudonymisation is defined as the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, inasmuch as such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributable to an identified or identifiable natural person.

g) Controller or processing controller

A controller or processing controller is defined as the natural or legal person, public authority, institution or other entity which, alone or jointly with others, determines the purposes for which and the means by which personal data are processed. If the purposes and means of such processing are provided for by European Union or Member State law, the controller or the specific criteria by which the controller is designated may be provided for by European Union or Member State law.

h) Processor

A processor is defined as a natural or legal person, public authority, institution or other entity that processes personal data on behalf of the controller.

i) Recipient

A recipient is defined as a natural or legal person, public authority, institution or other entity to which personal data are disclosed, irrespective of whether it is a third party. Public authorities which may receive personal data pursuant to a specific investigative assignment in accordance with European Union or Member State law are not, however, regarded as recipients.

j) Third party

A third party is defined as a natural or legal person, public authority, institution or entity other than the data subject, controller, processor, or persons who are authorised to process personal data under the direct responsibility of the controller or processor.

k) Consent

Consent is defined as any freely given, case-specific, informed and unambiguous expression of intent by the data subject by which the data subject, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

The controlling entity for data processing on this website is:

E3 Spedition-Transport AS
Transitvej 16
DK 6330 Padborg
E-mail: gdpr(at)e3spedition.com

The controlling entity is the natural person or legal person who, alone or jointly with others, determines the purposes for which and the means by which personal data are processed (e.g. names, e-mail addresses or the like).

Data protection officer:

Our data protection office can be reached at the following address:

DSS IT Security GmbH
Beethovenstraße 2A
DE 23617 Stockelsdorf
E-mail: E3(at)it-security.gmbh

1. Cookies

We use cookies on our page. These are small files which your browser creates automatically and which are stored on your terminal device (laptop, tablet, smart phone or the like) when you visit our page. Cookies cause no damage to your terminal device and contain no viruses, trojans, or other malware.

Information associated with the specific terminal device being used is stored in the cookie. This does not mean, however, that we thereby obtain direct knowledge of your identity.

a) Transient cookies are automatically deleted when you close your browser. These include in particular session cookies. These store what is referred to as a session ID, by which your browser’s various queries can be assigned to one common session. This enables your computer to be recognised again if you return to our website. Session cookies are deleted when you log out or close your browser.

b) Persistent cookies are deleted automatically after a specified period, which may differ by cookie. You can delete the cookies in your browser’s security settings at any time.

c) You can configure your browser settings according to your preferences and, for example, block third-party cookies or all cookies. “Third-party cookies” are defined as cookies that are placed by a third party, and hence not by the actual website currently being visited. We wish to point out that deactivating cookies may mean that not all of this website’s functions may be available for your use.

The data processed by cookies are required for the purposes referred to of protecting our legitimate interests and those of third parties pursuant to Act. 6(1), first sentence, lit. (f) GDPR.

Most web browsers accept cookies automatically. You can, however, configure your browser in such a way that no cookies are stored on your computer or that a message always appears before a new cookie is created. Complete deactivation of cookies may result, however, in your inability to use all of the functions of our website.

2. Logfiles

The provider of the pages automatically collects and stores information in what are referred to as logfiles, which your browser automatically provides us with. This data consists of:

• browser type / browser version
• the operating system used
• referrer URL
• host name of the accessing computer
• time of the server query

These data are not attributable to specific persons. These data are not merged with other data sources. We reserve the right to inspect these data subsequently if we become aware of concrete indications that they have been used unlawfully.

The aforementioned data are processed by us for the following purposes:

• To ensure that a connection to the website is established smoothly
• To ensure that our website can be used comfortably
• To analyse system security and stability
• For other administrative purposes.

The legal basis for such processing is provided for in Art. 6(1), sentence 1, lit. f GDPR. Our legitimate interest lies in the purposes listed above for which data are collected. Under no circumstances will we ever use the collected data for the purpose of drawing conclusions about the person to whom they pertain.

3. Contact form

If you send us requests through our contact form, your information, as obtained from the request form, including the contact information you provide therein, will be stored by us for the purpose of processing your request and in the event that there are follow-up questions. We do not disclose these data without your consent.

When you use our contact form for questions of any sort, we offer you the option of contacting us through a form embedded on the website. This requires that you provide us with a valid e-mail address, your first and last names, and the name of your company so that we know from whom the request came and are able to respond to it. Data processing for the purpose of making contact with us is conducted pursuant to Art. 6(1) first sentence lit. (a) GDPR on the basis of your freely given consent. The personal data we collect when you use the contact form are automatically deleted once the task of responding to your request has been completed.

The personal data we collect when you use the contact form are automatically deleted once your request has been dealt with.

4. Application process

You can send us an application through our Internet page. For this purpose we use what we refer to as an applicant’s form. We need the information entered into the required fields so that we know from whom the request came and are able to respond to it. Data processing for the purpose of making contact with us is conducted pursuant to Art. 6(1) first sentence lit. (a) GDPR on the basis of your freely given consent. The personal data we collect are automatically deleted once the task has been dealt with.

5. Requests for quotation through our Internet page / Correspondence

You can send us a request for a quotation through our Internet page. Various contact addresses and e-mail addresses are displayed depending on the type of request you submit. On that page you can then contact our local office directly. Data processing for the purpose of requesting a quotation through us is conducted pursuant to Art. 6(1) first sentence lit. (a) GDPR on the basis of your freely given consent and communication.

6. Contact by minors

For persons less than 16 years of age we need a written statement of consent from their parents or legal guardians before they contact us. Without such a statement of consent we cannot respond to any request from them, and we must delete the associated data immediately.

8. Recipients of your data

When you contact us through this webpage, your request is received by one of our employees in our central office. That request is then referred to the appropriate department according to the nature of the request. Our employees have been instructed in the handling of personal data.

We transfer your personal data to third parties only if:

• you have expressly consented to such transfer per Art. 6(1) first sentence lit. (a) GDPR;
• the transfer is, per Art. 6(1) first sentence lit. (f), required for the assertion of claims and there is no reason to assume that you have an overriding legitimate interest in non-disclosure of your data;
• transfer of the data is necessary for compliance with a legal obligation per Art. 6(1) first sentence lit. (c) GDPR; or
• it is permitted by law and is, per Art. 6(1) first sentence lit. (b) GDPR, required for performance of contractual agreements with you.

9. The purpose of collecting, processing and using your data

All personal data that you have provided us with are used only for the purpose for which you made those data available to us. (Purpose limitation)

You can visit our webpage without having your personal data collected by us. We do need your data, however, when you wish to contact us, for example by sending us a request. This then establishes the legal basis for our use of the data in order that we can exercise our rights and fulfil our duties arising from our business relationship with you.

The data you send to us are not disclosed to market or opinion research institutions or used to create user profiles.

10. Social media plug-ins (links)

On our website we use, on the basis of Art. 6(1) first sentence 1 lit. (f) GDPR, plug-ins to the social networks Facebook, YouTube, LinkedIn and Instagram to make our company better known through them. The underlying promotional purpose is to be regarded as a legitimate interest within the meaning of the GDPR. These social networks are operated exclusively by third-party providers, some of which have their registered seats outside the EU. Some third-party providers may fail to provide an adequate level of data privacy. These browser plug-ins and links are marked in our Internet presence with logos or other references.

a) Facebook / Links

Facebook’s social media plug-ins are used on our website for the purpose of personalising the use of Facebook. For this purpose we use the “Like” and “Share” buttons. These are features offered by Facebook. When you retrieve a page on our website that contains such a plug-in, your browser establishes a direct connection to Facebook’s servers. Your browser is provided with the contents of the plug-in directly by Facebook and instals them into the webpage. Installation of the plug-ins enables Facebook to obtain the information that your browser has retrieved the associated page from our website, even if you do not have a Facebook account or are not currently logged into Facebook.

Your browser transfers this information (including your IP address) directly to one of Facebook’s servers in the U.S.A., where it is stored. If you are logged into Facebook, then Facebook can associate the visit to our website with your Facebook account directly. When you interact with the plug-ins, for example by clicking on the “Like” or “Share” buttons, the information to that effect is likewise sent directly to a Facebook server and stored there. That information is also published on Facebook and displayed to your Facebook friends. Facebook is able to use this information for the purpose of advertising, market research, and tailoring the Facebook pages to their users’ needs. To that end Facebook creates use, interest, and relationship profiles to, for example, analyse your use of our website with an eye to the advertisements that are displayed to your on Facebook, to inform other Facebook users of your activities on our website, and to provide other services connected to the use of Facebook.

If you do not want Facebook to associate the data collected through our web presence with your Facebook account, then you must log out of Facebook before your visit to our website. For information concerning the purpose and scope of data collection, Facebook’s further processing and use of the data, and your rights and settings options as they relate to the protection of your privacy, please consult Facebooks data privacy notice at https://www.facebook.com/about/privacy.

b) Use of YouTube plug-ins (videos / links)

Stored YouTube videos are embedded into some of our website pages. YouTube is a service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The “Privacy-Enhanced Mode” is activated for all YouTube videos on our webpages. This is provided by YouTube to ensure that YouTube does not store any cookies with personal data on your computer.

Your IP address is transmitted when the webpage is retrieved and to embed the videos. The IP address cannot be attributed to you if you have not or were not already permanently logged into YouTube or another Google service before you accessed the page.

YouTube stores cookies on your computer as soon as you click to start playback of an embedded video, but only cookies which, because Privacy-Enhanced Mode is activated, contain no personally identifiable data. These cookies can be blocked with the appropriate browser settings and enhancements. Further information on the embedding of YouTube videos can be found on YouTube’s information page.

The Privacy Policy published by YouTube can be accessed at the following address: https://www.youtube.com/howyoutubeworks/user-settings/privacy/

c) LinkedIn / Links

LinkedIn is a web-based social network used to maintain existing business contacts and to make new business connections. It has its registered seat in Mountain View, California in the U.S.A. LinkedIn has been owned by Microsoft since December 2016.

The Privacy Policy published by LinkedIn can be accessed at the following address: https://www.linkedin.com/legal/privacy-policy.

d) Instagram / Links

Instagram’s social media plug-ins are used on our page. These are features offered by Instagram. When you retrieve a page on our website that contains such a plug-in, your browser establishes a direct connection to Instagram’s servers. Your browser is provided with the contents of the plug-in directly by Instagram and instals them into the webpage. Installation of the plug-ins enables Instagram to obtain the information that your browser has retrieved the associated page from our website, even if you do not have an Instagram account or are not currently logged into Instagram.

The Privacy Policy published by Instagram can be accessed at the following address: https://privacycenter.instagram.com/policy.

[...] mean also transmission of personal data into a country outside the European Union. The data are transmitted on the basis of your consent pursuant to Art. 6(1) lit. (a) in conjunction with Art. 49(1) lit. (a) GDPR. You had already been informed before you gave your consent that the U.S.A. does not have a level of data privacy equivalent to the standards of the EU. U.S. intelligence services in particular are able to access your data without your knowledge and with no possibility of legal action on your part against such access. The duration of processing is variable and ends when the purpose of the processing is no longer present.

You have the right:

• as per Art. 15 GDPR to obtain information about the personal data concerning you that are processed by us. In particular, you may obtain information about the purposes for which your data are processed, the category of personal data concerned, the categories of recipients to whom your data are or have been disclosed, the planned duration of data storage, the existence of a right to rectification or erasure of your data, to restriction of their processing, or to object to their processing, the existence of a right to lodge a complaint, the origin of your data if they were not collected by us, and the existence of automated decision-making, including profiling, along with, as the case may be, meaningful information concerning the particulars thereof;
   
• as per Art. 16 GDPR to obtain prompt rectification of inaccurate personal data concerning you that are stored by us and their completion when they are incomplete;
   
• as per Art. 17 GDPR to obtain the erasure of personal data concerning you that are stored by us if their processing is not required for exercise of the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the assertion, exercise, or defence of legal claims;
   
• as per Art. 18 GDPR to obtain restriction of the processing of your personal data if you dispute the accuracy of the data, the processing is unlawful but you oppose erasure of the data, or we no longer need the data but you need them for the assertion, exercise, or defence of legal claims; or if, as per Art. 21 GDPR, you have lodged an objection to their processing;
   
• as per Art. 20 GDPR to receive, in a structured, commonly used and machine-readable format, the personal data concerning you that you have provided us with, or to have those data transmitted to another data controller;
   
• as per Art. 7(3) GDPR to withdraw at any time the consent you have given us. As a consequence of withdrawing your consent, we will not be permitted to continue into the future the data processing that was authorised by your consent;
   
• as per Art. 77 GDPR to lodge a complaint with a supervisory authority. As a rule, you can do so with the supervisory authority with jurisdiction of the place where your habitual residence, your place of work, or our registered seat are located.

If your personal data are processed on the basis of legitimate interests as per Art. 6(1) first sentence lit. (f) GDPR, then you have the right, as per Art. 21 GDPR, to object to the processing of your personal data if you have grounds for doing so that relate to your particular situation or if the objection is to direct marketing. In the latter case you have a general right of objection that will be honoured with no reference to your particular situation.

If you wish to exercise your right to withdraw consent or your right of objection, an e-mail message to info(at)e3spedition.com will suffice.

We have taken extensive technical and organisational security measures to protect from unauthorised access or misuse the personal data we have been provided with. Our security procedures are regularly reviewed and adapted to advances in technology. Our employees are trained in data protection and bound to secrecy and observance of data privacy.

In this connection we observe important principles of data protection.

Ensuring:

1. confidentiality 2. accuracy 3. availability and integrity.

Be advised that you have the right to lodge a complaint with a supervisory authority. The competent authority in your case is the supervisory authority with jurisdiction of your place of residence. You are free in addition to seek any other legal remedies before the administrative or civil courts. The supervisory authority with which you have lodged a complaint will notify you of the current status of the process and advise you of possible legal remedies.

This Data Privacy Statement is currently valid and was last revised in June 2023.