§ 1 INTRODUCTION
The protection of your personal data is very important to us, Scandlines Deutschland GmbH (hereinafter “Scandlines”). Scandlines has therefore taken steps to ensure the protection of your personal data and to comply with applicable data protection laws, including the EU Data Protection Regulation (“GDPR”).
Scandlines is the data controller with respect to processing your personal data. You can find contact details for Scandlines at the bottom of this page.
This data protection statement specifies which personal data will be collected when commercial freight customers of Scandlines book ferry transits via the Cargo webpage or the Scandlines Freight App of Scandlines (hereinafter referred to jointly as the “website”).
This data protection statement also specifies the purposes for which your personal data will be processed and explains the rights to which you are entitled in this respect. Personal data are any individual details about the personal or factual circumstances of an identified or identifiable natural person. This includes, for example, name, address, telephone number and e-mail address, IP address and any other data, which can be traced back to you.
§ 2 CATEGORIES OF DATA SUBJECTS
Scandlines may via the website collect information of the following categories of data subjects:
• Commercial customers of Scandlines (if a natural person)
• Employees of commercial customers
• Drivers of freight carriers
(each of the above “you”).
§ 3 COLLECTION AND USE OF DATA
Every time the website is accessed, your browser will transfer the following information to us for technical reasons:
• the website from which access was made (referrer URL),
• the name and URL of the retrieved file,
• the date and time of access,
• the amount of data transferred,
• the access status (information about the data retrieval process, e.g. whether it was successful or not, etc.),
• the type/version of browser you are using,
• the IP address of the requesting Internet-enabled device.
This data will only be used to enable the technical operation of the website and evaluated by us exclusively for statistical purposes. This use is justified under art. 6(1)f of the GDPR as it is necessary for fulfilling our legitimate interest in providing, operating and improving the website. This information will not be stored in a manner that relates to a particular person and it will not be combined with other data sources. Your IP address will be promptly deleted following your visit to our website.
When booking ferry transits via the website, Scandlines may actively collect the following personal data:
• email address, phone number and name of the person conducting the booking process
• name and contact details of the relevant freight carrier driver or sub-contractor, if applicable
• license plate number, or trailer registration number of relevant freight carrier
• any data you have chosen to provider your user administration, e.g. username and password
The above data is only processed and used by Scandlines to the extent necessary for fulfilling the ferry transit agreement with you or the entity for which you act (art. 6(1)b GDPR) and/or to manage (including necessary communication) and perform the booked ferry transit for you (art. 6(1)f GDPR).
§ 4 – COOKIES
For further information relating to cookies, please see our cookie policy that is published on each of our websites.
§ 5 – RECIPIENTS OF YOUR PERSONAL DATA
Scandlines may share your personal data with companies within the Scandlines group (namely Scandlines Danmark ApS and Scandlines Gedser-Rostock ApS) where necessary for the above mentioned purposes, in particular in order to perform the ferry transit for you.
§ 6 – RETENTION PERIOD
The technical data transferred from your device will usually be deleted after the end of your visit to our website.
Information you provided to us via the website will in general only be stored for the time period it is required to fulfil the contract with you or the entity you act for. Where statutory longer retention periods apply, the data may be stored for a longer period in compliance with these obligations and also in case of an individual legitimate interest (e.g. in case of a legal dispute).
§ 7 GOOGLE ANALYTICS
The website uses Google Analytics, a web analysis service provided by Google Inc. (“Google”). Google Analytics uses so-called “cookies”, i.e. text files which are saved on your computer and make it possible to analyze your use of the website. The information generated by the cookie on your use of the website will generally be transmitted to a Google server in the USA and stored there. IP anonymization is activated on the website. Therefore, within Member States of the European Union or in other countries that are party to the Agreement on the European Economic Area, Google will first shorten your IP address. Only in exceptional cases will your complete IP address be transferred to a server belonging to Google in the USA and shortened there. The legal basis for such transfers to the US is the EU-US Privacy Shield Framework
On our behalf, Google will use that information to evaluate your use of the website, to compile reports about website activities and to provide other services associated with the use of the website and the Internet to us.
The IP address transmitted by your browser within Google Analytics will not be merged with other data of Google. You can prevent the installation of cookies by setting your browser software accordingly. However, please note that you may not be able to use all functions of the website to their full extent if you do so. You can also prevent the collection of the data generated by the cookie relating to your use of the website (including your IP address) for Google, as well as the processing of that data by Google, by downloading and installing the browser plug-in available via the following link: https://tools.google.com/dlpage/gaoptout?hl=en-GB.
For further information relating to cookies, please see our cookie policy that is published on each of our websites.
§ 8 YOUR RIGHTS
In accordance with the applicable data protection laws you have a number of rights, which you can exercise by contacting Scandlines using the contact information below.
Please note that we require certain key information from you in order to be able to provide you with the services you need. If you would like such information to be partially or completely deleted it is therefore possible that you will no longer be able to use certain services on the website or you will only be able to use them in part.
Right of access
You have the right to request access to the personal data, which Scandlines processes about you, including retention period, with whom we have shared your personal data etc.
Right to rectification and erasure
If the personal data Scandlines processes about you is incorrect, incomplete or misleading, you have the right to have such data rectified, completed or blocked.
You may also in some cases have the right to have your personal data erased.
Right to limiting the processing of your personal data
You may in some case have the right to request Scandlines to limit the processing of your personal data.
If you have such a right and you chose to exercise this right, Scandlines may only store your personal data or process your personal data for the purposes of establishing, exercising or defending a legal claim or protecting a third party or vital public interests, unless we obtained your consent.
Right to object
In some cases, you may object to our processing of your personal data as a matter of principle. You can also object to our processing of your data for the purposes of direct marketing.
Right to data portability
You may in certain cases have the right to data portability, and either receive your personal data or have your personal data transferred to another data controller.
Right to complain
You can contact Scandlines at any time if you believe that Scandlines is processing your personal data in violation of applicable data protection laws.
However, if you cannot find a solution with Scandlines or do not wish to contact Scandlines, you can submit a complaint to a competent data protection authority.
§ 9 CONTACT
Your questions and suggestions on the topic of data protection are very welcome and important to us. You can contact us by writing an email to: compliance@scandlines.com.
Last update: 18.11.2019