(1) Personal data involves individual details which refer to a person or which are suitable for establishing a relationship to a person, such as the name, postal address, telephone number, e-mail address, bank details, etc. Personal data can therefore be used to infer the identity of a person. Under certain circumstances, personal data can be used to infer the identity of a person.
(2) The service provider in accordance with § 13 of the German Telemedia Act (TMG) and responsible body according to the German Federal Data Protection Act (BDSG) and the German Data Protection Regulation (GDPR) is:
HAM-LOG-GRUPPE Holding GmbH
Mittelweg 110 b
You have the following rights in relation to our processing of your data:
(1) Right to information in accordance with Art. 15 GDPR concerning the processing of your personal data by us for the purpose of processing, categories of data processed, recipients or categories of recipients, duration of storage or criteria for determining the duration, right to rectification, deletion, restriction of processing or objection to processing, right to lodge a complaint with the supervisory authority, if applicable, information about the origin of the data and the existence of automated decision-making and, if applicable, information about guarantees in accordance with Art. 46 GDPR in the event of transfer to a third country or international organisations;
(2) The right to have inaccurate or incomplete personal data rectified without undue delay in accordance with Article 16 GDPR;
(3) The right to deletion of stored personal data in accordance with Art. 17 GDPR if the data is no longer necessary for the purposes for which it was collected or otherwise processed, if consent has been withdrawn and there is no other legal basis, if objection to processing has been raised and the data may no longer be processed in accordance with Art. 21 (1) or (2) GDPR may no longer be processed, if the data have been processed unlawfully, if erasure is necessary for compliance with a legal obligation or if the data have been collected in relation to services offered by an information society in accordance with Art. 8 (1) GDPR. This does not apply if the processing is necessary for the exercise of the right to freedom of expression and information, compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
(4) Right to restriction of processing in accordance with Art. 18 GDPR if you dispute the accuracy of the data (and for the duration necessary to verify the accuracy), if the processing is unlawful but you object to erasure and request restriction of use instead, if we no longer need the data for the purposes of processing but you need the data to assert, exercise or defend legal claims, or if you object to the processing in accordance with Art. 21 (1) GDPR as long as it has not yet been determined whether our legitimate grounds outweigh your legitimate grounds;
(5) Right to object to the processing of your personal data in accordance with Article 21(2) GDPR (if the data is processed for the purposes of direct marketing) or in accordance with Article 21(1) GDPR (if the processing is carried out in accordance with Article 6(1) Clause 1 e) or f) GDPR, on grounds relating to your particular situation, unless we have compelling legitimate grounds for the processing which override your interests, or the processing is for the establishment, exercise or defence of legal claims). For more information on the right to object, please also see Section 23. below;
(6) Right to data portability in accordance with Art. 20 GDPR, i.e. to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format or also to transfer it to another controller;
(7) Right to revoke consent granted at any time in accordance with Art. 7 (3) GDPR. The revocation has the consequence that we are no longer allowed to carry out the data processing for the future from the time of the revocation. See also section 24 below;
(8) Right to complain to a supervisory authority in accordance with Art. 77 GDPR. You can find the supervisory authority responsible for us under Point 4. above. The right of appeal is without prejudice to other administrative or judicial remedies.
(9) Please direct all requests for information, requests for information or objections to data processing by e-mail to firstname.lastname@example.org or to the address stated under Point 1 Para. 2.
Automated decision-making is not used here.
The address of the supervisory authority responsible for us is
Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit (The Hamburg Commissioner for Data Protection and Freedom of Information), Klosterwall 6 (Block C), 20095 Hamburg
Phone: +49 40 42854-4040, Fax: +49 40 4279-11811
We use so-called cookies on our website. These are small text files that are stored on your device and assigned to the browser you are using. The body that sets the cookie receives certain information about this. Cookies cannot execute programs or transfer viruses to your computer. They do not cause any harm, but serve to make the website as a whole more user-friendly and effective. We mostly use so-called session cookies on this website. They are automatically deleted at the end of your visit to our website. Other cookies remain stored on your device until you delete them. These cookies enable us to recognise your browser on your next visit.
(1) In addition to the purely informational use of our website, we offer various services that you can use if you are interested. For this purpose, you usually have to provide further personal data, which we use to provide the respective service. If additional voluntary information is possible, this is marked accordingly.
(2) When you contact the service provider by e-mail or via the contact form, your e-mail address and, if you so indicate, your name and telephone number will be stored by us in order to answer your questions.
6.1. Links to external social network services
On our web pages, we link to the Xing and LinkedIn social media platforms. This is done via a corresponding icon on our web pages, which is marked with the corresponding logo of the respective social media platform and behind which a corresponding link to our respective social media page is hidden. Social plugins (such as the Facebook “Like” button) are not integrated here.
Our links to social media services do not transmit any data from you to these services. These are normal hyperlinks, via which no data transmission takes place on a regular basis. If you click on the link, you will be redirected directly to our social media presence on the respective social media service. Data is only transmitted if you are logged in to your user account of the corresponding social media service. You can then link or share content from our websites directly with the social media service. The respective social media service may thereby learn which content you have viewed on our websites.
The responsible bodies for the social media services linked by us are exclusively:
These are available online:
Under the aforementioned links, you will also find, among other things, information about setting options for protecting your privacy and about your further rights regarding the collection, processing and use of your data by the respective social media service.
You are responsible for the data transmission to the aforementioned social network services yourself, as you become active yourself by logging into your respective social network account and following the respective link, thereby initiating the subsequent data processing by the respective social network service.
The Controller collects and processes the personal data of applicants for the purpose of handling the application procedure. This data is processed on the basis of § 26 (1) Clause 1 of the German Federal Data Protection Act (BDSG) (decision on the establishment of an employment relationship).
If no employment contract is concluded by the Controller with the applicant, the application documents will be automatically deleted five months after receipt of the application, provided that no other legitimate interests of the Controller prevent such deletion. Other legitimate interests in accordance Art. 6 (1) f) GDPR may, for example, constitute a duty to provide evidence in proceedings under the General Equal Treatment Act (AGG)
On our website, you have the option of sending us an encrypted e-mail with your request using the “Contact” form. Here you can, for example, ask questions about our company, our products or our services.
In order to be able to process your request, we ask you to enter personal data in our input mask. This includes your name as well as your e-mail address and further information such as the subject of your request and your message text. In addition to the mandatory fields, you can also provide additional information. Optionally, you can enter your address and/or telephone number.
This information enables us to respond to your request comprehensively. The communication of the data you provide in this context is expressly on a voluntary basis.
The personal data provided to us from your aforementioned details as well as the time of contacting you will be used exclusively for the purpose for which you provide it to us when contacting us – in particular the processing of your enquiry. The information you provide will only be used to process your enquiry. The data will not be used for other purposes or passed on to third parties without your express consent. Exceptions to this are – insofar as such is necessary to fulfil your enquiry – partner companies of HAM-LOG-GRUPPE Holding GmbH. These can be, for example: our suppliers, transportation and logistics partners and our trading partners. Provided that there are no legal obligations to retain data, your personal data will be deleted after the request has been processed.
The legal basis for the data processing is Art. 6 (1) p. 1 f) GDPR. Our legitimate interest is that we need your data in order to process or respond to your communication.
We secure our website and other systems through appropriate technical and organisational measures against loss, destruction, access, modification or distribution of your data by unauthorised persons. However, despite regular checks, complete protection against all dangers is not possible.
Our website uses the industry standard SSL (Secure Sockets Layer) for encryption. This ensures the confidentiality of your personal information over the Internet. You can tell whether encrypted transmission is taking place by the closed key/lock symbol in your browser display.
Your personal data will only be passed on to third parties,
– if you have given your express consent to this in accordance with Art. 6 (1) p. 1 a) GDPR;
– if the transfer is necessary for the fulfilment of contractual obligations in accordance with Art. 6 para. 1 p. 1 b) GDPR;
– if we are legally obliged to disclose the data within the meaning of Art. 6 (1) c) GDPR;
– if the disclosure of the data is in the public interest within the meaning of Art. 6 ( )1 e) GDPR or;
– if the disclosure of the data is necessary to protect our legitimate interests or the legitimate interests of a third party in accordance with Art. 6 (1) p. 1 f) GDPR, unless your interests in the protection of your data prevail.
We process the following categories of data: master data (such as company, contact person, address, if applicable), communication data, contract data, receivables data, payment and default information, if applicable. Please refer to the information above.
In order to be able to process your requests satisfactorily, it may be necessary for us to pass on your personal data to third party recipients. Third party recipients may be companies of HAM-LOG-GRUPPE Holding GmbH (HAM-LOG-GRUPPE Inhouse GmbH, HAM-LOG-GRUPPE Industrie und Handel GmbH, HAM-LOG-GRUPPE Lagerlogistik GmbH, HAM-LOG-GRUPPE Fachpersonal GmbH and HAM-LOG-GRUPPE, UAB), our suppliers, transport and logistics partners and our trading partners.
Your data will be stored by us for as long as it is needed for the respective purposes on which the processing is based. Beyond that, we only store data insofar as we are legally obliged to do so, e.g. due to statutory retention obligations.
An objection to the processing of personal data concerning you on the basis of Article 6 (1) (e) (data processing for public interest) or (f) (data processing for the protection of legitimate interests based on a balance of interests) is possible at any time in accordance with Art. 21 GDPR. In the event of an objection, the personal data will no longer be processed unless compelling legitimate grounds for the processing are demonstrated which override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.
Please send your objection to the e-mail address datenschutz@ ham-log-gruppe.com
If you have given us your consent to the processing of personal data, you can revoke this consent at any time. Of course, this also applies to declarations of consent given to us before 25th May 2018 (before the GDPR applied). The revocation of consent can only be valid for the future. The lawfulness of the processing is not retroactively eliminated by a revocation.
Please send your revocation by e-mail to datenschutz@ ham-log-gruppe.com
If you have any data protection questions, please do not hesitate to contact our data protection officer at:
Vater Solution GmbH
Herr Maik Preißler
or by e-mail at email@example.com.
Data protection information for interested parties, customers and suppliers in accordance with Art. 13 of the General Data Protection Regulation (GDPR)
Data protection is an important concern for us. Below we inform you how we process your data and what rights you are entitled to.
Who is responsible for data processing and whom can you contact?
Dr. Ralf Kauermann
Ham-Log Group Holding GmbH
Phone: +49 40 44 40 55 60
Fax: +49 40 44 55 620
Data Protection Officer
Vater Solution GmbH
What source do we use for the data?
We process data that we receive from the business relationship with you. We receive the data directly from you, e.g. as part of a pre-contractual enquiry, the conclusion of a contract or the placing of an order.
Processing purposes and legal bases
In accordance with Art. 6 (1) lit. a) GDPR, we process your personal data if you have given us consent to do so. You can revoke your consent at any time without giving reasons with effect for the future.
In accordance with Art. 6 (1) lit. b) GDPR, we process your personal data for the purpose of fulfilling a contract to which you are a contracting party or for carrying out pre-contractual measures in response to your request.
Our contract documents and the other information provided will provide you with further details and additions to the purposes of the processing.
In accordance with Art. 6 (1) lit. c) GDPR, we process your personal data for the fulfilment of our legal obligations, in particular from tax and commercial law, your master data and payment data.
In accordance with Art. 6 (1) 1 lit. f) GDPR, we may process your master data, payment data as well as performance-related data in connection with the following purposes for the fulfilment of the aforementioned legitimate interests of the responsible entity mentioned under 1, e.g. for the assertion of legal claims and defence in legal disputes.
We process your data for the purpose of direct advertising, in particular for sending you our advertising by post. The data processing is based on Art. 6 (1) f) GDPR and in the interest of informing you about new products and services. Each customer has his/her own right to object to this processing, the exercise of which leads to the termination of processing for the purpose of direct advertising. If data is stored exclusively for direct advertising, it will be deleted after the objection has been made.
In the case of business customers, we use the e-mail address of the contact person in accordance with Section 7 (3) of the German Unfair Competition Act (UWG) for the electronic sending of advertising for our own similar goods or services, unless you object. You have the right to object to the use of your e-mail address for direct advertising at any time.
Reference to a right of objection in accordance with Art. 21 GDPR in the case of direct advertising
You have the right to object at any time to the processing of personal data concerning you for the purpose of direct marketing.
If you object to processing for direct marketing purposes, we will no longer process your personal data for these purposes.
Our company is entitled to obtain credit information about your contractual partners.
For this purpose, our company will transmit your name and address to a credit agency. In the event of a negative credit rating, our company may refuse a contractual relationship with you. The legal basis for the processing is a balancing of interests. Our legitimate interest is to assess your creditworthiness and reduce the risk of payment defaults.
Categories of personal data that we process
– Customer master data (such as first and last name)
– Contact details (e.g. e-mail address, address, telephone no.)
– Billing and payment data (such as bank data, invoice data)
– Contract data (e.g. subject matter of the contract, delivery address, method of payment)
– Correspondence (e.g. correspondence with you)
– Advertising and sales data (e.g. products of interest to you)
– IP address
Who receives your data?
We pass on your personal data within our company to the areas that need this data to fulfil contractual and legal obligations or to fulfil their respective tasks (e.g. sales and marketing).
On the basis of a balancing of interests to safeguard our legitimate interests, service providers and vicarious agents employed by us who support us in the processing of contracts may receive data for this purpose. These are service providers from the categories IT services, logistics and printing services.
In addition, data may be disclosed to third parties for the assertion of legal claims and defence in legal disputes, as well as for the prevention and investigation of criminal offences.
Transfer of your data to a third country or to an international organization
No transfer to a third country or to an international organization is planned.
How long do we store your data?
Your personal data will be deleted as soon as it is no longer required for the aforementioned purposes. As far as necessary, we process your personal data for the duration of our business relationship.
In addition, we are subject to various storage and verification obligations, which result from the legal framework conditions, among other matters. The periods specified there for storage or provision of evidence arise, inter alia, from the German Commercial Code, the German Fiscal Code and the German Money Laundering Act, up to ten years.
Ultimately, the storage period is also assessed according to the statutory limitation periods, which, for example, according to §§ 195 et seq. of the German Civil Code (BGB), is generally three years, but can also be longer in certain cases.
Not applied here.
Your data protection rights
You have the right to information under Art. 15 GDPR, the right to rectification under Art. 16 GDPR, the right to deletion under Art. 17 GDPR, the right to restriction of processing under Art. 18 GDPR and the right to data portability under Art. 20 GDPR.
In accordance with Art. 21 GDPR, you have the right to object to the processing of personal data by us. However, this right of objection only applies in the case of very special circumstances of your personal situation, whereby rights of our company may possibly conflict with your right of objection. If you wish to exercise one of these rights, please contact the responsible office mentioned under 1.
Scope of your obligations to provide us with your data
Within the scope of our business relationship, you only have to provide such personal data as is necessary for the establishment and execution of the business relationship and the fulfilment of the associated contractual obligations or which we are legally obliged to collect. Without this data, we will usually have to refuse the conclusion of the contract or the execution of the order or will no longer be able to perform an existing contract and may have to terminate it.
Your right to complain to the competent supervisory authority
You have the right to lodge a complaint with the data protection supervisory authority (Art. 77 GDPR). The supervisory authority responsible for us is (select as appropriate):
Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit (The Hamburg Commissioner for Data Protection and Freedom of Information)
Ludwig-Erhard-Str. 22, 20459 Hamburg
Tel.: 040 428 54 4040
Fax: 040 428 54 4000