We greatly appreciate your interest in our company. Data protection holds a particularly high priority for the management of Sovtransavto Deutschland GmbH Internationale Spedition. The use of the internet pages of Sovtransavto Deutschland GmbH Internationale Spedition is generally possible without providing any personal data. However, if a data subject wishes to use special services of our company via our website, processing of personal data may be required. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject.
The processing of personal data, such as the name, address, email address, or telephone number of a data subject, is always carried out in accordance with the General Data Protection Regulation (GDPR) and in compliance with the country-specific data protection regulations applicable to Sovtransavto Deutschland GmbH Internationale Spedition. Through this privacy policy, our company aims to inform the public about the nature, scope, and purpose of the personal data we collect, use, and process. Furthermore, this privacy policy informs data subjects about their rights.
As the data controller, Sovtransavto Deutschland GmbH Internationale Spedition has implemented numerous technical and organizational measures to ensure the most complete protection possible for the personal data processed via this website. However, internet-based data transmissions can generally have security gaps, so absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us via alternative means, such as by telephone.
1. Definitions
The privacy policy of Sovtransavto Deutschland GmbH Internationale Spedition is based on the terminology used by the European legislator in adopting the General Data Protection Regulation (GDPR). Our privacy policy should be easy to read and understand for both the public and our customers and business partners. To ensure this, we would like to explain the terminology used in advance.
In this privacy policy, we use, among others, the following terms:
a) Personal data
Personal data refers to all information relating to an identified or identifiable natural person (hereinafter “data subject”). A natural person is considered identifiable if they can be directly or indirectly identified, particularly through association with an identifier such as a name, an identification number, location data, an online identifier, or one or more special characteristics that express the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
b) Data subject
A data subject is any identified or identifiable natural person whose personal data is processed by the data controller.
c) Processing
Processing refers to any operation or series of operations performed on personal data, whether automated or not, including collecting, recording, organizing, structuring, storing, adapting or altering, retrieving, consulting, using, disclosing by transmission, dissemination, or otherwise making available, aligning or combining, restricting, deleting, or destroying.
d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of limiting its future processing.
e) Profiling
Profiling refers to any automated processing of personal data that involves using that data to evaluate certain personal aspects relating to a natural person, particularly to analyze or predict aspects concerning work performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
f) Pseudonymization
Pseudonymization is the processing of personal data in such a way that it can no longer be attributed to a specific data subject without additional information, provided that this additional information is stored separately and subject to technical and organizational measures that ensure that the personal data is not assigned to an identified or identifiable natural person.
g) Controller or data controller
The controller or data controller is the natural or legal person, public authority, agency, or other entity that alone or jointly with others determines the purposes and means of processing personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for their designation may be provided for by Union or Member State law.
h) Processor
A processor is a natural or legal person, public authority, agency, or other entity that processes personal data on behalf of the controller.
i) Recipient
A recipient is a natural or legal person, public authority, agency, or other entity to whom personal data is disclosed, whether or not they are a third party. However, authorities that may receive personal data in the context of a specific investigative task under Union or Member State law are not considered recipients.
j) Third party
A third party is a natural or legal person, public authority, agency, or other entity other than the data subject, the controller, the processor, and those authorized to process personal data under the direct responsibility of the controller or processor.
k) Consent
Consent is any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them.
2. Name and Address of the Data Controller
The data controller in terms of the General Data Protection Regulation, other data protection laws applicable in the European Union member states, and other data protection-related provisions is:
Sovtransavto Deutschland GmbH Internationale Spedition
Hansestraße 95
51149 Cologne
Germany
Tel.: +49 2203 9257 0
Email: info@sovtransavto.de
Website: www.sovtransavto.de
3. Collection of General Data and Information
Each time the website of Sovtransavto Deutschland GmbH Internationale Spedition is accessed by a data subject or an automated system, a range of general data and information is collected and stored in the server log files. The following data may be collected:
- The types and versions of the browser used
- The operating system used by the accessing system
- The website from which an accessing system reaches our website (so-called referrer)
- The subpages accessed on our website
- The date and time of access
- An Internet Protocol (IP) address
- The internet service provider of the accessing system
- Other similar data and information used for security purposes in case of cyberattacks
Sovtransavto Deutschland GmbH Internationale Spedition does not use this data to draw conclusions about the data subject. Instead, this information is used to:
- Correctly deliver the content of our website
- Optimize our website and its advertising
- Ensure the long-term functionality of our IT systems and website
- Provide law enforcement authorities with necessary information in case of a cyberattack
These anonymized data and information are statistically analyzed to improve data protection and security in our company and ensure the highest possible level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.
4. Registration on Our Website
The data subject has the opportunity to register on the website by providing personal data. The type of personal data collected depends on the respective input form used for registration. The data entered by the data subject is collected and stored exclusively for internal use by the data controller and for its own purposes. The controller may pass the data on to one or more processors (e.g., a parcel service), who will also use the data exclusively for an internal purpose.
Registrants can request their stored personal data at any time and have it corrected or deleted, provided no legal retention obligations exist. The data controller will provide information upon request.
5. Contact Options via the Website
The website of Sovtransavto Deutschland GmbH Internationale Spedition contains information required by law that enables quick electronic contact with our company and direct communication with us. This also includes a general address for electronic mail (email address). If a data subject contacts the data controller via email or a contact form, the personal data transmitted by the data subject is automatically stored. Such personal data, voluntarily provided by the data subject to the data controller, is stored for processing or for contacting the data subject. This personal data is not passed on to third parties.
6. Routine Deletion and Blocking of Personal Data
The data controller processes and stores personal data of the data subject only for the period necessary to achieve the storage purpose or as required by European directives, regulations, or other laws applicable to the data controller.
If the storage purpose ceases to apply or a legally prescribed storage period expires, the personal data is routinely blocked or deleted in accordance with legal requirements.
7. Rights of the Data Subject
a) Right to Confirmation
Every data subject has the right, granted by European directives and regulations, to obtain confirmation from the data controller as to whether personal data concerning them is being processed. If a data subject wishes to exercise this right, they may contact an employee of the data controller at any time.
b) Right to Access
Every data subject affected by the processing of personal data has the right, granted by European directives and regulations, to obtain information from the data controller at any time and free of charge about the personal data stored concerning them, along with a copy of this information. Additionally, European directives and regulations grant the data subject access to the following information:
- The purposes of the processing
- The categories of personal data being processed
- The recipients or categories of recipients to whom the personal data has been or will be disclosed, particularly in third countries or international organizations
- If possible, the planned duration of data storage or, if this is not possible, the criteria for determining this duration
- The existence of the right to rectify or erase personal data concerning them, to restrict processing by the controller, or to object to such processing
- The existence of a right to lodge a complaint with a supervisory authority
- If the personal data was not collected from the data subject: all available information on the source of the data
- The existence of automated decision-making, including profiling, pursuant to Article 22(1) and (4) of the GDPR, and, in such cases, meaningful information about the logic involved, as well as the significance and intended consequences of such processing for the data subject
Furthermore, the data subject has the right to obtain information on whether personal data has been transferred to a third country or an international organization. If so, they have the right to be informed of the appropriate safeguards in connection with the transfer. If a data subject wishes to exercise this right of access, they may contact an employee of the data controller at any time.
c) Right to Rectification
Every data subject affected by the processing of personal data has the right, granted by European directives and regulations, to request the immediate correction of inaccurate personal data concerning them. Additionally, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary statement, taking into account the purposes of the processing. If a data subject wishes to exercise this right to rectification, they may contact an employee of the data controller at any time.
d) Right to Erasure (“Right to be Forgotten”)
Every data subject affected by the processing of personal data has the right, granted by European directives and regulations, to request the immediate deletion of personal data concerning them from the controller, provided one of the following reasons applies and processing is not required:
- The personal data is no longer necessary for the purposes for which it was collected or otherwise processed.
- The data subject withdraws consent on which the processing was based according to Article 6(1)(a) or Article 9(2)(a) of the GDPR, and there is no other legal basis for the processing.
- The data subject objects to the processing pursuant to Article 21(1) of the GDPR, and there are no overriding legitimate grounds for processing, or the data subject objects to processing pursuant to Article 21(2) of the GDPR.
- The personal data was processed unlawfully.
- The erasure of the personal data is required to fulfill a legal obligation under Union or Member State law to which the controller is subject.
- The personal data was collected in relation to the offer of information society services pursuant to Article 8(1) of the GDPR.
If any of the above reasons apply and a data subject wishes to have personal data stored by Sovtransavto Deutschland GmbH Internationale Spedition deleted, they may contact an employee of the data controller at any time. The employee of Sovtransavto Deutschland GmbH Internationale Spedition will arrange for the deletion request to be fulfilled immediately.
If the personal data has been made public by Sovtransavto Deutschland GmbH Internationale Spedition and our company is obligated as the controller under Article 17(1) of the GDPR to delete the personal data, Sovtransavto Deutschland GmbH Internationale Spedition will take reasonable measures, including technical ones, taking into account available technology and implementation costs, to inform other controllers processing the published personal data that the data subject has requested the deletion of all links to, copies, or replications of this personal data, as long as processing is not required. The employee of Sovtransavto Deutschland GmbH Internationale Spedition will take the necessary steps in each individual case.