Data protection declaration

1. Data protection at a glance

General information

The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data are all data by which you can be personally identified. For detailed information on data protection, please refer to our data protection declaration listed below this text.

Data collection on this website

Who is responsible for data collection on this website?

The data processing on this website is carried out by the website operator. You can find its contact details in the section “Note regarding the responsible entity” in this data protection declaration.

How do we collect your data?

Your data are collected, on the one hand, by you providing them to us. This can, for example, be data you enter into a contact form.

Other data are collected automatically or after your consent when you visit the website by our IT systems. These are primarily technical data (e.g. internet browser, operating system or time of page access). The collection of these data occurs automatically as soon as you enter this website.

What do we use your data for?

Part of the data is collected to ensure the error-free provision of the website. Other data may be used to analyze your user behavior. If contracts can be concluded or initiated via the website, the data transmitted will also be processed for contract offers, orders or other service requests.

What rights do you have regarding your data?

You have the right at any time to obtain, free of charge, information about the origin, recipients and purpose of your stored personal data. You also have the right to request the correction or deletion of these data. If you have given consent to the processing of data, you can revoke this consent at any time with effect for the future. You also have the right, under certain circumstances, to request the restriction of the processing of your personal data. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.

For this as well as for further questions on the subject of data protection, you can contact us at any time.

Analysis tools and tools from third parties

When visiting this website, your surfing behavior may be statistically evaluated. This happens mainly with so-called analysis programs.

Detailed information on these analysis programs can be found in the following data protection declaration.

2. Hosting

We host the contents of our website with the following provider:

External hosting

This website is hosted externally. The personal data collected on this website are stored on the servers of the host(s). These may especially include IP addresses, contact inquiries, meta and communication data, contract data, contact data, names, website accesses and other data generated via a website.

External hosting is carried out for the purpose of fulfilling contracts with our prospective and existing customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of a secure, fast and efficient provision of our online offering by a professional provider (Art. 6 para. 1 lit. f DSGVO). If the corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information on the user’s end device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Our host(s) will process your data only to the extent necessary to fulfill its/their performance obligations and will follow our instructions regarding these data.

We use the following host:

hosting.de GmbH
Franzstr. 51
52064 Aachen

Order processing

We have concluded a contract for order processing (AVV) for the use of the service mentioned above. This is a contract required under data protection law which ensures that the processor processes the personal data of our website visitors only in accordance with our instructions and in compliance with the DSGVO.

3. General information and mandatory information

Data protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations as well as this data protection declaration.

When you use this website, various personal data are collected. Personal data are data by which you can be personally identified. This data protection declaration explains which data we collect and what we use them for. It also explains how and for what purpose this happens.

We point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data from access by third parties is not possible.

Note regarding the responsible entity

The responsible entity for the data processing on this website is:

E.L.V.I.S. Europäischer Ladungs-Verbund Internationaler Spediteure Aktiengesellschaft
Röntgenstr. 4
63755 Alzenau

Telephone: 06023/50 734-0
E-Mail: info@elvis-ag.eu

The responsible entity is the natural or legal person who alone or jointly with others decides on the purposes and means of the processing of personal data (e.g. names, e-mail addresses or similar).

Storage period

Unless a more specific storage period is stated within this data protection declaration, your personal data will remain with us until the purpose for the data processing ceases to apply. If you assert a legitimate request for deletion or revoke a consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. tax or commercial law retention periods); in the latter case deletion will take place after these reasons cease to apply.

General notes on the legal bases of data processing on this website

If you have consented to the data processing, we process your personal data on the basis of Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO if special categories of data pursuant to Art. 9 para. 1 DSGVO are processed. In the case of an explicit consent to the transfer of personal data to third countries, data processing is also carried out on the basis of Art. 49 para. 1 lit. a DSGVO. If you have consented to the storage of cookies or to access to information in your end device (e.g. via device fingerprinting), processing is additionally based on § 25 para. 1 TDDDG. Consent can be revoked at any time. If your data are necessary for contract performance or the implementation of pre-contractual measures, we process your data on the basis of Art. 6 para. 1 lit. b DSGVO. Furthermore, we process your data if this is necessary for compliance with a legal obligation on the basis of Art. 6 para. 1 lit. c DSGVO. Data processing may also be carried out on the basis of our legitimate interest pursuant to Art. 6 para. 1 lit. f DSGVO. The specific legal bases applicable in each individual case are explained in the following paragraphs of this data protection declaration.

Data protection officer

We have appointed a data protection officer.

secopan gmbh
Am Schönblick 14
71229 Leonberg

Telephone: 07152-56958-0
E-Mail: datenschutz@secopan.de

Recipients of personal data

As part of our business activities, we cooperate with various external entities. In some cases, the transfer of personal data to these external entities is necessary. We only pass on personal data to external entities if this is necessary for the fulfillment of a contract, if we are legally obliged to do so (e.g. disclosure of data to tax authorities), if we have a legitimate interest in the disclosure pursuant to Art. 6 para. 1 lit. f DSGVO, or if another legal basis permits the data disclosure. When using processors, we only pass on personal data of our customers based on a valid contract for order processing. In the case of joint processing, a joint processing agreement is concluded.

Withdrawal of your consent to data processing

Many data processing operations are only possible with your express consent. You can withdraw a consent you have already given at any time. The lawfulness of the data processing carried out up to the withdrawal remains unaffected by the withdrawal.

Right to object to data collection in special cases and to direct advertising (Art. 21 DSGVO)

IF DATA PROCESSING IS BASED ON ART. 6 PARA. 1 LIT. E OR F DSGVO, YOU HAVE THE RIGHT AT ANY TIME TO OBJECT FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION TO THE PROCESSING OF YOUR PERSONAL DATA; THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. THE APPLICABLE LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS DATA PROTECTION DECLARATION. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OUTWEIGH YOUR INTERESTS, RIGHTS AND FREEDOMS, OR THE PROCESSING SERVES THE ESTABLISHMENT, EXERCISE OR DEFENSE OF LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21 PARA. 1 DSGVO).

IF YOUR PERSONAL DATA ARE PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF PERSONAL DATA CONCERNING YOU FOR SUCH MARKETING; THIS ALSO APPLIES TO PROFILING TO THE EXTENT THAT IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION PURSUANT TO ART. 21 PARA. 2 DSGVO).

Right to complain to the competent supervisory authority

In the event of violations of the DSGVO, data subjects have a right of complaint to a supervisory authority, in particular in the member state of their habitual residence, place of work or the place of the alleged infringement. The right to complain is without prejudice to other administrative or judicial remedies.

Right to data portability

You have the right to receive data that we process automatically based on your consent or in fulfillment of a contract, and to have it handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of data to another controller, this will only be done insofar as it is technically feasible.

Access, rectification and deletion

Under the applicable legal provisions, you have the right at any time to obtain information free of charge about your stored personal data, their origin and recipients and the purpose of the data processing and, where applicable, a right to rectification or deletion of these data. For this as well as for further questions on the subject of personal data, you can contact us at any time.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. You can contact us at any time for this purpose. The right to restriction of processing exists in the following cases:

If you contest the accuracy of your personal data stored with us, we generally need time to verify this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.
If the processing of your personal data was/ is unlawful, you can request the restriction of data processing instead of deletion.
If we no longer need your personal data, but you need them for the establishment, exercise or defense of legal claims, you have the right to request the restriction of the processing of your personal data instead of deletion.
If you have lodged an objection pursuant to Art. 21 para. 1 DSGVO, a balancing of interests must be carried out between your interests and ours. As long as it is not yet clear whose interests prevail, you have the right to request the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, these data — apart from their storage — may only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or a member state.

SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries you send to us as site operators. You can recognize an encrypted connection by the change in the address line of the browser from “http://” to “https://” and by the lock symbol in your browser line.

When SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

4. Data collection on this website

Cookies

CookieFirst

Our website uses CookieFirst to obtain your consent to store certain cookies on your device or to use certain technologies and to document this in a data protection-compliant manner. The provider of this technology is Digital Data Solutions B.V. (CookieFirst), Plantage Middenlaan 42A, 1018 DH Amsterdam, Netherlands (hereinafter "CookieFirst").

When you enter our website, a connection to CookieFirst's servers is established to obtain your consents and other declarations regarding cookie usage. CookieFirst then stores a cookie in your browser to be able to assign the consents you have given or their revocation. In doing so, the IP address (anonymized), the user agent of the browser and operating system as well as the URL from which the consent was given are processed and integrated into CookieFirst. The data collected in this way are stored until you request deletion from us, delete the CookieFirst cookie yourself, or the purpose for the data storage ceases to apply. Mandatory statutory retention obligations remain unaffected.

CookieFirst transmits personal data to third-party providers. These include a CDN from Slovenia, IP geolocation from Romania as well as hosting at OHV in Germany and France. CookieFirst has its registered office in Amsterdam, Netherlands.

The use of CookieFirst is carried out in order to obtain the legally required consents for the use of cookies. The legal basis for this is Article 6(1)(c) GDPR.

Order processing

We have concluded a contract on order processing (AVV) for the use of the above-mentioned service. This is a contract required under data protection law that ensures that this service processes the personal data of our website visitors only on our instructions and in compliance with the GDPR.

Server log files

The provider of the pages automatically collects and stores information in so-called server log files that your browser automatically transmits to us. These are:

browser type and browser version
operating system used
referrer URL
hostname of the accessing computer
time of the server request
IP address

A merging of these data with other data sources is not carried out.

The collection of this data is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website – for this purpose the server log files must be recorded.

Contact form

If you send us enquiries via the contact form, the details you enter in the enquiry form including the contact data you provide there will be stored by us for the purpose of processing the enquiry and in case of follow-up questions. We will not pass on these data without your consent.

The processing of these data is carried out on the basis of Article 6(1)(b) GDPR, provided your enquiry is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Article 6(1)(f) GDPR) or on your consent (Article 6(1)(a) GDPR) if this was requested; the consent can be revoked at any time.

The data you enter in the contact form will remain with us until you request deletion, revoke your consent to storage, or the purpose for the data storage ceases to apply (e.g. after your enquiry has been finally dealt with). Mandatory statutory provisions – in particular retention periods – remain unaffected.

Enquiries by e-mail, telephone or fax

If you contact us by e-mail, telephone or fax, your enquiry including all resulting personal data (name, enquiry) will be stored and processed by us for the purpose of processing your request. We will not pass on these data without your consent.

The data you send to us via contact enquiries will remain with us until you request deletion, revoke your consent to storage, or the purpose for the data storage ceases to apply (e.g. after your matter has been finally dealt with). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.

5. Analysis tools and advertising

Google Tag Manager

We use Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool that allows us to integrate tracking or statistics tools and other technologies on our website. Google Tag Manager itself does not create user profiles, does not store cookies and does not perform independent analyses. It only serves to manage and deploy the tools that are integrated via it. However, Google Tag Manager does collect your IP address, which can also be transmitted to the parent company of Google in the United States.

The use of Google Tag Manager is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in a quick and uncomplicated integration and management of various tools on its website. If a corresponding consent has been requested, processing will be carried out exclusively on the basis of Article 6(1)(a) GDPR and § 25(1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user's device (e.g. device fingerprinting) within the meaning of the TDDDG. The consent can be revoked at any time.

The company holds a certification under the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA intended to ensure compliance with European data protection standards for data processing in the USA. Any company certified under the DPF undertakes to comply with these data protection standards. Further information can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.

Google Analytics

This website uses features of the web analytics service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyze the behavior of the website visitors. The website operator receives various usage data, such as page views, dwell time, operating systems used and the origin of the user. These data are assigned to the respective user's device. No assignment to a user ID takes place.

Furthermore, with Google Analytics we can record, among other things, your mouse and scroll movements and clicks. Google Analytics also uses various modeling approaches to supplement the collected data sets and uses machine learning technologies in data analysis.

Google Analytics uses technologies that enable the re-identification of the user for the purpose of analyzing user behavior (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is usually transferred to and stored on a Google server in the USA.

The use of this service is based on your consent pursuant to Article 6(1)(a) GDPR and § 25(1) TDDDG. The consent can be revoked at any time.

The data transfer to the USA is based on the standard contractual clauses of the European Commission. Details can be found here: https://business.safety.google/adscontrollerterms/sccs/.

IP anonymization

Google Analytics IP anonymization is activated. As a result, your IP address will be shortened by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide further services related to website and internet use to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

Browser plugin

You can prevent the collection and processing of your data by Google by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

More information on how Google Analytics handles user data can be found in Google's data protection declaration: https://support.google.com/analytics/answer/6004245?hl=de.

Order processing

We have concluded a contract on order processing with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

6. Plugins and tools

Google Maps

This site uses the map service Google Maps. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. With the help of this service we can integrate map material on our website.

To use the functions of Google Maps it is necessary to store your IP address. This information is usually transmitted to and stored on a Google server in the USA. The provider of this site has no influence on this data transfer. If Google Maps is activated, Google may use Google Fonts for the uniform display of fonts. When Google Maps is called up, your browser loads the required web fonts into its browser cache to display texts and fonts correctly.

The use of Google Maps is in the interest of an attractive presentation of our online offers and in an easy findability of the places we list on the website. This constitutes a legitimate interest within the meaning of Article 6(1)(f) GDPR. If a corresponding consent has been requested, processing will be carried out exclusively on the basis of Article 6(1)(a) GDPR and § 25(1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user's device (e.g. device fingerprinting) within the meaning of the TDDDG. The consent can be revoked at any time.

The data transfer to the USA is based on the standard contractual clauses of the European Commission. Details can be found here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

More information on how user data are handled can be found in Google's data protection declaration: https://policies.google.com/privacy?hl=de.

Friendly Captcha

We use Friendly Captcha (hereinafter "Friendly Captcha") on this website. The provider is Friendly Captcha GmbH, Am Anger 3-5, 82237 Woerthsee, Germany.

Friendly Captcha is intended to check whether data input on this website (e.g. in a contact form) is made by a human or by an automated program. For this purpose, Friendly Captcha analyzes the behavior of the website visitor based on various characteristics. For the analysis, Friendly Captcha evaluates various information (e.g. anonymized IP address, referrer, visit time, etc.). Further information can be found here: https://friendlycaptcha.com/legal/privacy-end-users/.

The storage and analysis of the data is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in protecting its web offerings from abusive automated scanning and from spam. If a corresponding consent has been requested, processing will be carried out exclusively on the basis of Article 6(1)(a) GDPR and § 25(1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user's device (e.g. device fingerprinting) within the meaning of the TDDDG. The consent can be revoked at any time.

Order processing

7. Own services

Handling of applicant data

We offer you the opportunity to apply to us (e.g. by e-mail, post or via an online application form). Below we inform you about the scope, purpose and use of the personal data collected in the course of the application process. We assure you that the collection, processing and use of your data is carried out in accordance with applicable data protection law and all other legal provisions and that your data will be treated strictly confidentially.

Scope and purpose of data collection

If you send us an application, we process the personal data associated with it (e.g. contact and communication data, application documents, notes in the context of job interviews, etc.), insofar as this is necessary to decide on the establishment of an employment relationship. The legal basis for this is Section 26 BDSG under German law (initiation of an employment relationship), Article 6(1)(b) GDPR (general contract initiation) and – if you have given consent – Article 6(1)(a) GDPR. The consent can be revoked at any time. Your personal data will be passed on within our company only to persons involved in processing your application.

If the application is successful, the data you submitted will be stored in our data processing systems on the basis of Section 26 BDSG and Article 6(1)(b) GDPR for the purpose of carrying out the employment relationship.

In the context of the application procedure, we may also carry out an Internet search about you. This primarily includes Google search, LinkedIn and Xing. The legal basis for this type of processing is our legitimate interest in obtaining an overall impression of publicly accessible information about you in accordance with Article 6(1)(f) GDPR.

Retention period of the data

If we are unable to make you a job offer, you reject a job offer or withdraw your application, we reserve the right to retain the data you have submitted on the basis of our legitimate interests (Article 6(1)(f) GDPR) for up to 6 months from the end of the application procedure (rejection or withdrawal of the application). Afterwards the data will be deleted and the physical application documents destroyed. The retention serves in particular evidentiary purposes in the event of legal disputes. If it is apparent that the data will be required after the expiry of the 6-month period (e.g. due to an impending or pending legal dispute), deletion will only take place when the purpose for further retention ceases to apply.

Longer retention may also take place if you have given a corresponding consent (Article 6(1)(a) GDPR) or if statutory retention obligations oppose deletion.