1. name and contact details of the controller and the company’s data protection officer
This Data Protection Policy applies to data processing by:
mw1 Logistikzentrum GmbH
Gewerbepark Kachtenhausen 1 – 10
32791 Lage, Germany
T +49 (0) 5232 9980-0
F +49 (0) 5232 9980-250
Managing Director: Jens Grotebrune
The company’s Data Protection Officer mw1 Logistikzentrum GmbH can be contacted at the above-mentioned address, FAO the Data Protection Officer or by sending an e-mail to firstname.lastname@example.org.
2. collection and storage of personal data and type and purpose of its use
a) When visiting the website
When visiting our website www.mw1group.com, the browser used on your device automatically sends information to our website server. This information is temporarily stored in a log file. The following information is collected with no further action on your part and is stored until its automatic erasure:
- IP address of the requesting computer,
- date and time of access,
- name and URL of the retrieved file,
- website from which the website is accessed (referrer URL),
- browser used and, if applicable, the operating system of your computer and name of your access provider.
We process this data for the following purposes:
- ensuring a smooth connection with the website,
- ensuring the convenient use of our website,
- evaluation of system security and stability and
- for further administrative purposes.
b) When using our contact form
If you have questions of any kind, you can contact us using the form available on our website. You will need to provide a valid e-mail address so that we know who has made the request and are able to send a response. Further information can be provided voluntarily. The data processing required to contact us takes place in accordance with Art. 6 (1) sentence 1 point a) GDPR on the basis of your voluntary consent. The personal data we collect for the use of the contact form is automatically erased after your request has been processed.
3. disclosure of data
We only disclose your data to third parties if:
- you have given your express consent for us to do so in accordance with Art. 6 (1) sentence 1 point a) GDPR
- disclosure pursuant to Art. 6 (1) sentence 1 point f) GDPR is required for the establishment, exercise or defence of legal claims and there is no reason to believe that you have an overriding interest in not disclosing your data,
- there is a legal obligation to disclose the data pursuant to Art. 6 (1) sentence 1 point c) GDPR, and
- this is lawful and necessary for the performance of the contractual relationship with you in accordance with Art. 6 (1) sentence 1 point b) GDPR.
The involvement of service providers subject to our instructions is usually required for performance of the contract, including data centre operators, transport or shipping service providers and other parties involved in contractual performance. External service providers who process data on our behalf are carefully selected and strictly bound by contract, for example by strict technical and organisational measures and additional monitoring. Your data is only transferred if you have granted your explicit consent to do so or on the basis of a legal provision.
Your data will not be transferred to third countries outside of the EU/EAA or an international organisation unless appropriate safeguards are in place. These include the EU standard contractual clauses and an adequacy decision by the EU Commission.
A transfer is permissible notwithstanding:
- for the purpose of transport services, freight forwarding services and customs clearance to transport companies and forwarding agencies affiliated with us,
- for the purpose of credit checks performed by contractual credit rating agencies before conclusion of the contract,
- in the event of payment irregularities/default, receivables data may be forwarded to a debt collection agency
4. payment processing
Payment data, such as account or credit card data, contact and identification data, is collected for the purpose of payment processing in connection with forwarding orders. The CVC code is requested for the authorisation of the credit card payment for each payment transaction. This is not stored and is used solely to process the payment.
6. analysis tools
The tracking methods we use as described below are performed on the basis of Art. 6 (1) sentence 1 point f) GDPR. By using these tracking methods, we aim to ensure that our website is designed according to users’ needs and to continuously optimise the website. We also use the tracking methods to statistically record the use of our website and evaluate it for the purpose of optimising our service for you. These interests are to be regarded as legitimate within the meaning of the aforementioned provision. The respective data processing purposes and data categories are defined by the corresponding tracking tools.
a) Google Analytics
We use Google Analytics, a web analytics service provided by Google Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”), for the purpose of designing and continuously optimising our websites as required. Pseudonymised usage profiles are created and cookies (see Section 4) are used within this context. The information generated by the cookie about your use of this website, such as the
- browser type/version,
- operating system used,
- referrer URL (the previously visited website),
- host name of the accessing computer (IP address),
- time of the server request,
are transferred to a Google server in the US and stored there. The information is used to evaluate the use of the website, compile reports on website activity and provide other services related to website activity and internet usage for the purpose of market research and the customisation of these websites. This information may also be transferred to third parties if required by law or if third parties are commissioned to process this data. Under no circumstances will your IP address be associated with any other data provided by Google. The IP addresses are anonymised, so identification is not possible (IP masking). You can prevent the cookies from being installed by changing the corresponding settings in your browser software. However, please be aware that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie which is related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser plug-in available via the following link (https://tools.google.com/dlpage/gaoptout?hl=de). As an alternative to the browser add-on, especially for browsers on mobile devices, you can disable the collection by Google Analytics by clicking on the following link:
An opt-out cookie will be placed which prevents the future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you will need to reactivate the opt-out cookie again. For more information about privacy related to Google Analytics, see the Google Analytics Help Center (https://support.google.com/analytics/answer/6004245?hl=de).
b) Google Adwords conversion tracking
7. video surveillance
(1) Some of our facilities are video-monitored in non-public areas. This in particular applies to the entrances and ramps and areas which need to be specially protected due to the storage or transhipment of particularly valuable goods.
(2) The purpose of this video surveillance is to regularly exercise our rights as occupier of the premises, the clarification, prevention and prosecution of criminal offences, the preservation of evidence in the event of an incident and the settlement of claims and complaints. This video surveillance is carried out regularly, balancing the legitimate interests of the company, such as the maintenance of domiciliary rights and the prevention of crime, with the protection of our employees, customers, prospective customers and other contractors. It is not used to monitor behaviour or performance under any circumstance. We have identified the video-monitored areas by displaying signs. The legal basis for the processing is Art. 6 (1) point f) GDPR in conjunction with Section 4 German Federal Data Protection Act (BDSG).
8. data protection in the case of applications and during the application process
(1) As a potential employer, we would be happy to hear from you and offer you the opportunity to contact us electronically, for example by e-mail or on our website https://www.mw1group.com/en/career/. We require personal data for your application (such as your last name, first name, address, e-mail, the position you are applying for and details of your personal application). We collect and process the personal data which you submit in your application solely for the purpose of the application process.
(2) We collect your personal data relevant to the application process and the personal data you submit to us during the course of the application process. In order to evaluate your application carefully, we may also need additional data, e.g. information about your previous professional career.
(3) If you apply online, you will enter your personal data in the online forms or send us the forms by e-mail and upload the related documents. For applications via other channels, we collect the relevant information from your application and save your application documents in our system.
(4) If a contract of employment is concluded with an applicant, the transferred data will be stored for the purpose of establishing the employment relationship in compliance with the statutory provisions. If no contract of employment is concluded, the application documents will be automatically erased six months after notification of the rejection decision, provided that erasure does not conflict with any other legitimate interests of the Controller. Other legitimate interests in this sense include, for example, a burden of proof in a procedure under the General Equal Treatment Act (AGG).
(5) You can also ask us to erase your data. Please contact the above mentioned contact address to request erasure in compliance with the legal retention periods in regard to your application data.
9. facebook profile
(1) We have a profile on the social network Facebook in order to communicate with our active customers and prospective customers and inform them about our range of services. We provide a link to our profile at facebook.com/mw1group. When accessing the Facebook network, the terms and conditions and the data processing guidelines of the operator Facebook apply. No transfer of data between our website and Facebook takes place.
10. integration of google maps
(1) We use the service Google Maps on our website. This allows us to show you interactive maps directly within the website and allow you to conveniently use the map feature.
(2) When you visit our website, Google is informed that you have accessed the corresponding subpage of our website. The data specified in Section 3 of this policy is also transferred. This takes place regardless of whether you are logged into a user account provided by Google or whether you have no user account. If you are logged into Google, your data will be directly associated with your account. If you do not wish Google to associate the data with your profile, you must log out before activating the button. Google stores your data as a user profile and uses it for advertising and market research purposes and/or the customised design of its website. This type of evaluation takes place (even in the case of users who are not logged in) in particular to provide interest-based advertising and to inform other users on the social network about your activities on our website. You have a right to object to the creation of these user profiles by directing this objection to Google.
11. right to object
If your personal data is processed on the basis of legitimate interests in accordance with Art. 6 (1) paragraph 1 point f) GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this relating to your particular situation or if you are objecting to direct marketing. In the latter case, you have a general right of objection, which will be implemented by us with no need to inform us of your particular situation. If you would like to exercise your right of withdrawal or objection, please send an e-mail to email@example.com.
12. data security
During your visit to our website, we use the popular Secure Socket Layer (SSL) method in conjunction with the highest level of encryption supported by your browser. This is usually 256-bit encryption. If your browser does not support 256-bit encryption, we will use 128-bit v3 technology instead. You will be able to identify whether individual areas of our website are encrypted by the display of a key or padlock icon in the lower status bar of our browser. We also implement appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction and unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
13. rights of the data subject
You have the right:
- to request information about the personal data processed by us in accordance with Art. 15 GDPR. In particular, you may request information about the processing purposes, the category of the personal data, the categories of recipients to whom your data has been disclosed, the planned storage period, the right of rectification, erasure, restriction of processing or objection, the right to lodge a complaint, the origins of your data if not collected by us, and the existence of any automated decision-making, including profiling and, where appropriate, meaningful information about the details;
- to request the immediate rectification of incorrect personal data or the completion of incomplete personal data stored by us in accordance with Art. 16 GDPR.
- to request the erasure of your personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest, and for the establishment, exercise or defence of legal claims in accordance with Art. 17 GDPR.
- to request a restriction of processing your personal data in accordance with Art. 18 GDPR if you contest the accuracy of this data and the processing is unlawful, but you have rejected the erasure of the data and we no longer require the data, but you need the data for the establishment, exercise or defence of legal claims or if you have objected to data processing in accordance with Art. 21 DSGVO.
- to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or have the data transferred to another controller in accordance with Art. 20 GDPR.
- to withdraw any consent you previously granted to us at any time in accordance with Art. 7 (3) GDPR. As a result, we will no longer be permitted to continue the data processing based on this consent in the future and
- to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can usually address your complaint to the supervisory authority located at your habitual place of residence or workplace or at the registered address of the Controller.
People under 18 years of age should not transfer any personal data to us without the consent of their legal guardian. In accordance with Art. 8 GDPR, children under the age of 16 should only grant such consent with the approval of their legal guardian. Personal data of minors is not deliberately collected and processed.