Customer portal myZUFALL

Privacy Policy

The following information gives you an overview of how ZUFALL processes your personal data, for what purpose this is done and what rights you have. Personal data is any data by which you can be personally identified. For detailed information on the subject of data protection, please refer to our Privacy Policy below.

We understand data protection as a customer-oriented quality feature. ZUFALL will treat your personal data confidentially and in accordance with the statutory data protection regulations and this Privacy Policy. In doing so, we adhere to the principle of data economy and process only as little personal data as necessary. The data you transmit to us is protected by appropriate technical and organizational measures to protect it from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security measures are continuously monitored and improved in accordance with technological developments and organizational possibilities.

As a matter of principle, ZUFALL will not share, sell, assign or otherwise disseminate your personal data to third parties, unless this is required by law, is necessary in the context of contract processing or you have expressly consented to data processing by third parties.

We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of the data against access by third parties is not possible.

Note on the controller

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

The contact details of the controller can be found in the legal notice of this website.

In case of doubt, contact:

Friedrich Zufall GmbH & Co. KG Internationale Spedition
Robert-Bosch-Breite 11
37079 Göttingen

Phone: +49 551 607-0
Fax +49 551 666-08
Email: goettingen@zufall.de

Data protection officer required by law

We have appointed a data protection officer for the companies of the ZUFALL logistics group.

Gunnar Heunisch
Robert-Bosch-Breite 11
37079 Göttingen

Phone: +49 (0) 551 607-487
Email: datenschutz@zufall.de

If the appointment changes, you will find the responsible data protection officer on the homepage you visit under “Data protection”.

Storage duration

Unless a more specific storage period has been specified within this Privacy Policy, your personal data will remain with us until the purpose for the data processing no longer applies. If you assert a legitimate request for deletion or revoke consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case, the data will be deleted after these reasons no longer apply.

Note on data transfer to the United States

Among other things, tools from companies based in the USA are integrated on our website. When these tools are active, your personal data may be transferred to the US servers of the respective companies. We would like to point out that the US is not a secure third country in the sense of EU data protection law. US companies are obliged to hand over personal data to security authorities without you, as the data subject, being able to take legal action against this.
It can therefore not be ruled out that US authorities (e.g. intelligence services) process, evaluate and permanently store your data located on US servers for surveillance purposes. We have no influence on these processing activities.

Information, deletion and correction

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of data processing and, if applicable, a right to deletion or correction of this data. For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time at the address given in the legal information or via datenschutz@zufall.de.

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke already given consent at any time. To do so, simply send an informal message by email to datenschutz@zufall.de. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Right to object to data collection in special cases and to direct marketing (Art. 21 GDPR)

Under the conditions of Art. 21 GDPR, you have the right to object to the processing of personal data concerning you at any time. If the conditions for an effective objection are met, we may no longer process the data. The above general right to object applies to all processing purposes described in this privacy policy that are processed on the basis of Art. 6 (1) (f) GDPR.
After exercising your right to object, we will no longer process your personal data for these purposes unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing serves the purpose of asserting, exercising or defending legal claims.

If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing. This also applies to profiling, insofar as it is associated with such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct marketing (objection pursuant to Art. 21 (2) GDPR)..

Right to lodge a complaint with the competent supervisory authority

In the event of violations of the GDPR, data subjects have a right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged violation. This right is without prejudice to other administrative or judicial remedies.

For Lower Saxony, this is the State Commissioner for Data Protection of Lower Saxony, Prinzenstraße 5, 30159 Hanover, email: poststelle@lfd.niedersachsen.de.

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract to be handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. For this purpose, you can contact us at any time at the address given in the legal notice or via datenschutz@zufall.de. The right to restrict processing exists in the following cases:

If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the review, you have the right to request the restriction of the processing of your personal data. If the processing of your personal data happened or is happening unlawfully, you may request the restriction of data processing instead of deletion.
If we no longer need your personal data, but you need it to exercise, defend or enforce legal claims, you have the right to request restriction of the processing of your personal data instead of deletion. If you have lodged an objection pursuant to Art. 21 (1) GDPR, a balancing of your and our interests must be carried out. As long as it has not yet been determined whose interests prevail, you have the right to demand the restriction of the processing of your personal data.

If you have restricted the processing of your personal data, this data may - apart from being stored - only be processed with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or a Member State.

Objection to advertising emails

The use of contact data published within the scope of the legal notice obligation for the transmission of not expressly requested advertising and information materials is hereby objected to. The operators of the site expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam emails.

Microsoft Teams

We use Microsoft Teams. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. For details on data processing, see the Microsoft Teams privacy policy:https://privacy.microsoft.com/de-de/privacystatement.

Change of the Privacy Policy

The content of our Privacy Policy is reviewed regularly. Zufall reserves the right to modify the Privacy Policy at any time with or without notice. If we change the content of this Privacy Policy, we will announce these changes on our website.

Data collection on our website www.zufall.de

Thank you for visiting our website and for your interest in our company. Below you will find information on the use of the www.zufall.de site.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the browser address bar changes from “http://” to “https://” and by the lock symbol in your browser bar. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Server log files

The provider of the pages collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

Browser type and browser version
Operating system used
Referrer URL
Host name of the accessing computer
Time of the server request
IP address

This data is not merged with other data sources.

The collection of this data is based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website - for this purpose, the server log files must be recorded.

External hosting

This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster’s servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contractual data, contact data, names, website accesses and other data generated via a website.

The hoster is used for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 (1) (b) GDPR) and in the interest of the secure, fast and efficient provision of our online offer by a professional provider (Art. 6 (1) (f) GDPR). Our hoster will only process your data to the extent necessary to fulfill its service obligations and will follow our instructions regarding this data.

Cookies

Our Internet pages use so-called “cookies.” Cookies are small text files that do not harm your device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted after the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or until they are automatically deleted by your web browser.

In some cases, cookies from third-party companies may also be stored on your device when you access our site (third-party cookies). These enable us or you to use certain services of the third-party company.

Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them. Other cookies are used to evaluate user behavior or display advertising.

Cookies that are necessary to carry out the electronic communication process (necessary cookies) or to provide certain functions that you have requested (functional cookies) or to optimize the website are stored on the basis of Art. 6 (1) (f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies has been requested, the storage of the cookies in question is based exclusively on this consent (Art. 6 (1) (a) GDPR); consent can be revoked at any time.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies in certain cases or in general and activate the automatic deletion of cookies when closing the browser. When cookies are disabled, the functionality of this website may be limited.

If cookies are used by third-party companies or for analysis purposes, we will inform you about this separately within the framework of this privacy policy and, if necessary, request your consent.

You can also find detailed information in our cookie policy, which you can view via the fingerprint icon on the page.

Cookie consent with Usercentrics

This website uses the cookie consent technology of Usercentrics to obtain your consent to the storage of certain cookies on your device or to the use of certain technologies and to document this in accordance with data protection law. The provider of this technology is Usercentrics GmbH, Rosental 4, 80331 Munich, Germany, website:
https://usercentrics.com/de/ (hereinafter “Usercentrics”).

When you access our website, the following personal data is transferred to Usercentrics:
Your consent(s) or the revocation of your consent(s)
Your IP address
Information about your browser
Information about your device
Time of your visit to the website

Furthermore, Usercentrics stores a cookie in your browser in order to be able to assign the consent granted to you or its revocation. The data collected in this way is stored until you request us to delete it, delete the Usercentrics cookie yourself or the purpose for storing the data no longer applies. Mandatory legal storage obligations remain unaffected. The use of Usercentrics is done to obtain legally required consents for the use of certain technologies. The legal basis for this is Art. 6 (1) line 1c GDPR.

Analysis by WiredMinds

Our website uses the pixel-counting technology of WiredMinds GmbH (www.wiredminds.de) to analyze visitor behavior. The IP address of a visitor is processed in that way. The processing takes place exclusively for the purpose of collecting company-relevant information such as the company name. IP addresses of natural persons are excluded from further use (whitelist procedure). The IP address is not stored in LeadLab under any circumstances. When processing data, it is our particular interest to safeguard the data protection rights of natural persons. Our interest is based on Art. 6 (1) (f) GDPR. At no time does the data we collect allow us to draw conclusions about an identifiable person.

WiredMinds GmbH uses this information to compile anonymous usage profiles relating to visitor behavior on our website. The data obtained in this process is not used to personally identify the visitor to our website.

Opt-out link:

Exclude from tracking (To exclude you permanently from tracking by WiredMinds LeadLab on this website, a technically necessary cookie is set.)

Web statistics AWStats

In order to statistically evaluate our site, we use the program AWStats. This program evaluates log files created by web servers based on visitor requests. The data cannot be assigned to a specific person and is deleted after statistical evaluation.

Social media plugins and tools

YouTube with enhanced privacy

This website embeds videos from YouTube. The operator of the pages is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in extended data protection mode. According to YouTube, this mode causes YouTube to not store information about visitors to this website before they watch the video. The transfer of data to YouTube partners, on the other hand, is not necessarily excluded by the extended data protection mode. Therefore, YouTube - regardless of whether you watch a video - connects to the Google DoubleClick network.

As soon as you start a YouTube video on this website, a connection to YouTube’s servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

Furthermore, after starting a video, YouTube may store various cookies on your device or comparable recognition technologies (e.g. device fingerprinting). In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to collect video statistics, improve user experience, and prevent fraud attempts.

If necessary, further data processing operations may be triggered after the start of a YouTube video, over which we have no control.

The data transfer to YouTube takes place exclusively on the basis of your consent pursuant to Art. 6 (1) (a) GDPR; the consent can be revoked at any time with effect for the future.

For more information about privacy at YouTube, please see their privacy policy at: https://policies.google.com/privacy?hl=de.

Links to our social media profiles

Incidentally, we do not use any social media plug-ins on www.zufall.de. On our website you will only find links to our pages on: Facebook, Instagram, YouTube, Twitter, Xing, LinkedIn and Kununu.

For more information on the purpose and scope of data collection and processing by the respective provider when you enter their site, please refer to the privacy policies of these providers. There you will also receive further information about your rights in this regard and setting options for protecting your privacy.

Thank you for visiting our website and for your interest in our company. Below you will find information related to the use of the www.ausbildung-bei-zufall.de site.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the browser address bar changes from “http://” to “https://” and by the lock symbol in your browser bar. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Server log files

The provider of the pages collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

Browser type and browser version
Operating system used
Referrer URL
Host name of the accessing computer
Time of the server request
IP address

This data is not merged with other data sources.

The collection of this data is based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website - for this purpose, the server log files must be recorded.

Cookies

Our Internet pages use so-called “cookies.” Cookies are small text files that do not harm your device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted after the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or until they are automatically deleted by your web browser.

In some cases, cookies from third-party companies may also be stored on your device when you access our site (third-party cookies). These enable us or you to use certain services of the third-party company.

Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the display of videos). Cookies that are necessary to carry out the electronic communication process (necessary cookies) or to provide certain functions that you have requested (functional cookies) or to optimize the website are stored on the basis of Art. 6 (1) (f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies has been requested, the storage of the cookies in question is based exclusively on this consent (Art. 6 (1) (a) GDPR); consent can be revoked at any time.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies in certain cases or in general and activate the automatic deletion of cookies when closing the browser. When cookies are disabled, the functionality of this website may be limited.

If cookies are used by third-party companies or for analysis purposes, we will inform you about this separately within the framework of this privacy policy and, if necessary, request your consent.

You can also find detailed information in our cookie policy, which you can view via the fingerprint icon on the page.

Cookie consent with Usercentrics

This website uses the cookie consent technology of Usercentrics to obtain your consent to the storage of certain cookies on your device or to the use of certain technologies and to document this in accordance with data protection law. The provider of this technology is Usercentrics GmbH, Rosental 4, 80331 Munich, Germany, website:
https://usercentrics.com/de/ (im Folgenden „Usercentrics“).

When you access our website, the following personal data is transferred to Usercentrics:
Your consent(s) or the revocation of your consent(s)
Your IP address
Information about your browser
Information about your device
Time of your visit to the website

Furthermore, Usercentrics stores a cookie in your browser in order to be able to assign the consent granted to you or its revocation. The data collected in this way is stored until you request us to delete it, delete the Usercentrics cookie yourself or the purpose for storing the data no longer applies. Mandatory legal storage obligations remain unaffected. The use of Usercentrics is done to obtain legally required consents for the use of certain technologies. The legal basis for this is Art. 6 (1) line 1c GDPR.

Web statistics AWStats

In order to statistically evaluate our site, we use the program AWStats. This program evaluates log files created by web servers based on visitor requests. The data cannot be assigned to a specific person and is deleted after statistical evaluation.

Social media plugins and tools

Facebook plugins (Like & Share button)

Plugins of the social network Facebook are integrated on this website. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. However, according to Facebook, the collected data is also transferred to the US and other third countries.

You can recognize the Facebook plugins by the Facebook logo or the “Like” button on this website. An overview of the Facebook plugins can be found here: https://developers.facebook.com/docs/plugins/?locale=de_DE.

When you visit this website, a direct connection is established between your browser and the Facebook server via the plugin. Facebook thereby receives the information that you have visited this website with your IP address. If you click the Facebook “Like” button while logged into your Facebook account, you can link the content of this website on your Facebook profile. This allows Facebook to associate your visit to this website with your user account. We would like to point out that we, as the provider of the sites, have no knowledge of the content of the transmitted data or its use by Facebook. For more information, please see Facebook’s privacy policy at: https://de-de.facebook.com/privacy/explanation.

If you do not want Facebook to be able to associate your visit to this website with your Facebook user account, please log out of your Facebook user account.

The use of Facebook plugins is based exclusively on your consent pursuant to Art. 6 (1) (a) GDPR; the consent can be revoked at any time with effect for the future.

YouTube with enhanced privacy

This website embeds videos from YouTube. The operator of the pages is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in extended data protection mode. According to YouTube, this mode causes YouTube to not store information about visitors to this website before they watch the video. The transfer of data to YouTube partners, on the other hand, is not necessarily excluded by the extended data protection mode. Therefore, YouTube - regardless of whether you watch a video - connects to the Google DoubleClick network.

As soon as you start a YouTube video on this website, a connection to YouTube’s servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

Furthermore, after starting a video, YouTube may store various cookies on your device or comparable recognition technologies (e.g. device fingerprinting). In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to collect video statistics, improve user experience, and prevent fraud attempts. If necessary, further data processing operations may be triggered after the start of a YouTube video, over which we have no control. The data transfer to YouTube takes place exclusively on the basis of your consent pursuant to Art. 6 (1) (a) GDPR; the consent can be revoked at any time with effect for the future.

For more information about privacy at YouTube, please see their privacy policy at: https://policies.google.com/privacy?hl=de.

Thank you for visiting our website and for your interest in our company. Below you will find information on use of the www.myzufall.de site.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the browser address bar changes from “http://” to “https://” and by the lock symbol in your browser bar. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Server log files

The provider of the sites automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

Browser type and browser version
Operating system used
Referrer URL
Host name of the accessing computer
Time of the server request
IP address

This data is not merged with other data sources.

The collection of this data is based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website - for this purpose, the server log files must be recorded.

Cookies

Our Internet pages use so-called “cookies.” Cookies are small text files that do not harm your device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted after the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or until they are automatically deleted by your web browser.

In some cases, cookies from third-party companies may also be stored on your device when you access our site (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for processing payment services).

Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. the display of videos). Cookies that are necessary to carry out the electronic communication process (necessary cookies) or to provide certain functions that you have requested (functional cookies) or to optimize the website are stored on the basis of Art. 6 (1) (f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies has been requested, the storage of the cookies in question is based exclusively on this consent (Art. 6 (1) (a) GDPR); consent can be revoked at any time.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies in certain cases or in general and activate the automatic deletion of cookies when closing the browser. When cookies are disabled, the functionality of this website may be limited.

If cookies are used by third-party companies or for analysis purposes, we will inform you about this separately within the framework of this privacy policy and, if necessary, request your consent.

You can also find detailed information in our cookie policy, which you can view via the fingerprint icon on the page.

Cookie consent with Usercentrics

This website uses the cookie consent technology of Usercentrics to obtain your consent to the storage of certain cookies on your device or to the use of certain technologies and to document this in accordance with data protection law. The provider of this technology is Usercentrics GmbH, Rosental 4, 80331 Munich, Germany, website:
https://usercentrics.com/de/ (hereinafter “Usercentrics”).

When you access our website, the following personal data is transferred to Usercentrics:
Your consent(s) or the revocation of your consent(s)
Your IP address
Information about your browser
Information about your device
Time of your visit to the website

Furthermore, Usercentrics stores a cookie in your browser in order to be able to assign the consent granted to you or its revocation. The data collected in this way is stored until you request us to delete it, delete the Usercentrics cookie yourself or the purpose for storing the data no longer applies. Mandatory legal storage obligations remain unaffected. The use of Usercentrics is done to obtain legally required consents for the use of certain technologies. The legal basis for this is Art. 6 (1) line 1c GDPR.

Web statistics AWStats

In order to statistically evaluate our site, we use the program AWStats. This program evaluates log files created by web servers based on visitor requests. The data cannot be assigned to a specific person and is deleted after statistical evaluation.

Social media plugins and tools

We do not use any social media plugins on www.myzufall.de. On our website you will only find links to our pages on: Facebook, Instagram, YouTube, Twitter, Xing, LinkedIn and Kununu.

For more information on the purpose and scope of data collection and processing by the provider when you enter their site, please refer to the privacy policies of these providers below. There you will also receive further information about your rights in this regard and setting options for protecting your privacy.

Contact form and user registration

If you send us inquiries via the contact form, e.g. for a daily price inquiry or shipment tracking or register as a user with ZUFALL, the information you provide in the inquiry form, including the contact data you enter there, will be stored by us for the purpose of processing the inquiry and in case of follow-up inquiries and, if necessary, passed on to affiliated companies. Please send us only the information required to process your request.

The required information requested during registration must be provided in full. Otherwise, we must reject the registration.

The processing of this data is based on Art. 6 (1) (b) GDPR, as your inquiry is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interests (Art. 6 (1) (f) GDPR), as we have a legitimate interest in the effective processing of requests addressed to us.

The data you send to us by contact request or as part of user registration will remain with us until you request us to delete it or the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.

Use of the customer area portal.myzufall.de

To register for the customer portal, you can request user access from your customer advisor. With these credentials, you can log in to the site to use additional features of the site.

The data entered during registration is processed for the purpose of implementing the user relationship established by the registration and, if necessary, for initiating further contracts (Art. 6 (1) (b) GDPR).

The data collected during registration will be stored by us as long as you are registered on this website and will then be deleted. Statutory retention periods remain unaffected.

For more information on using the portal, please refer to the associated user manual, which is available on request from your customer advisor.

Thank you for visiting our website and for your interest in our company. Below you will find information related to the use of the site www.seefracht-zufall.de

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the browser address bar changes from “http://” to “https://” and by the lock symbol in your browser bar. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Server log files

The provider of the pages collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
Browser type and browser version
Operating system used
Referrer URL
Host name of the accessing computer
Time of the server request
IP address

This data is not merged with other data sources.

The collection of this data is based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website - for this purpose, the server log files must be recorded.

Cookies

Our Internet pages use so-called “cookies.” Cookies are small text files that do not harm your device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted after the end of your visit. Permanent cookies remain stored on your device until you delete them yourself or until they are automatically deleted by your web browser.

In some cases, cookies from third-party companies may also be stored on your device when you access our site (third-party cookies). These enable us or you to use certain services of the third-party company.

Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them. Cookies that are necessary to carry out the electronic communication process (necessary cookies) or to provide certain functions that you have requested (functional cookies) or to optimize the website are stored on the basis of Art. 6 (1) (f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies has been requested, the storage of the cookies in question is based exclusively on this consent (Art. 6 (1) (a) GDPR); consent can be revoked at any time.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies in certain cases or in general and activate the automatic deletion of cookies when closing the browser. When cookies are disabled, the functionality of this website may be limited.

If cookies are used by third-party companies or for analysis purposes, we will inform you about this separately within the framework of this privacy policy and, if necessary, request your consent.

You can also find detailed information in our cookie policy, which you can view via the fingerprint icon on the page.

Cookie consent with Usercentrics

This website uses the cookie consent technology of Usercentrics to obtain your consent to the storage of certain cookies on your device or to the use of certain technologies and to document this in accordance with data protection law. The provider of this technology is Usercentrics GmbH, Rosental 4, 80331 Munich, Germany, website:
https://usercentrics.com/de/ (im Folgenden „Usercentrics“).

When you access our website, the following personal data is transferred to Usercentrics:
Your consent(s) or the revocation of your consent(s)
Your IP address
Information about your browser
Information about your device
Time of your visit to the website

Furthermore, Usercentrics stores a cookie in your browser in order to be able to assign the consent granted to you or its revocation. The data collected in this way is stored until you request us to delete it, delete the Usercentrics cookie yourself or the purpose for storing the data no longer applies. Mandatory legal storage obligations remain unaffected. The use of Usercentrics is done to obtain legally required consents for the use of certain technologies. The legal basis for this is Art. 6 (1) line 1c GDPR.

Web statistics AWStats

In order to statistically evaluate our site, we use the program AWStats. This program evaluates log files created by web servers based on visitor requests. The data cannot be assigned to a specific person and is deleted after statistical evaluation.

Social media plugins and tools

YouTube with enhanced privacy

This website embeds videos from YouTube. The operator of the pages is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in extended data protection mode. According to YouTube, this mode causes YouTube to not store information about visitors to this website before they watch the video. The transfer of data to YouTube partners, on the other hand, is not necessarily excluded by the extended data protection mode. Therefore, YouTube - regardless of whether you watch a video - connects to the Google DoubleClick network.

As soon as you start a YouTube video on this website, a connection to YouTube’s servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

Furthermore, after starting a video, YouTube may store various cookies on your device or comparable recognition technologies (e.g. device fingerprinting). In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to collect video statistics, improve user experience, and prevent fraud attempts. If necessary, further data processing operations may be triggered after the start of a YouTube video, over which we have no control. The data transfer to YouTube takes place exclusively on the basis of your consent pursuant to Art. 6 (1) (a) GDPR; the consent can be revoked at any time with effect for the future.

For more information about privacy at YouTube, please see their privacy policy at: https://policies.google.com/privacy?hl=de.

Links to our social media profiles

Incidentally, we do not use any social media plug-ins on www.zufall.de. On our website you will only find links to our pages on: Facebook, Instagram, YouTube, Twitter, Xing, LinkedIn and Kununu.

For more information on the purpose and scope of data collection and processing by the respective provider when you enter their site, please refer to the privacy policies of these providers. There you will also receive further information about your rights in this regard and setting options for protecting your privacy.

If you send us inquiries by email, telephone or fax, your details, including all personal data arising from them (name, inquiry), will be stored by us for the purpose of processing your request and for the case of follow-up inquiries and, if necessary, passed on to affiliated companies. Please provide us only the information required to process your request.

The processing of this data is based on Art. 6 (1) (b) GDPR, as your inquiry is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interests (Art. 6 (1) (f) GDPR), as we have a legitimate interest in the effective processing of requests addressed to us. Your data will remain with us until you ask us to delete it or the purpose for storing the data no longer applies (e.g. after we have completed processing your inquiry). Mandatory statutory provisions - in particular statutory retention periods - remain unaffected.

Data processing

Among other things, we use online conferencing tools to communicate with our customers. The tools we use are listed below in detail. When you communicate with us via video or audio conferencing over the Internet, your personal data is collected and processed by us and the provider of the respective conferencing tool.
In doing so, the conference tools collect any data that you provide/enter to use the tools (email address and/or your phone number). Furthermore, the conferencing tools process the duration of the conference, start and end (time) of participation in the conference, number of participants and other “context information” related to the communication process (metadata).
Furthermore, the provider of the tool processes all technical data required for the handling of online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and connection type.

If content is exchanged, uploaded or otherwise made available within the tool, this is also stored on the servers of the tool providers. Such content specifically includes cloud recordings, chat/instant messages, voicemails uploaded photos and videos, files, whiteboards, and other information shared while using the service.

Please note that we do not have full control over the data processing operations of the tools used. Our options are largely determined by the corporate policy of the respective provider. For further information on data processing by the conference tools, please refer to the privacy policies of the respective tools used, which we have listed below this text.

Purpose and legal basis

The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 (1) line 1b GDPR). Furthermore, the use of the tools serves to generally make communication with us or our company easier and faster (legitimate interest within the meaning of Art. 6 (1) (f) GDPR). Insofar as consent has been requested, the tools in question are used on the basis of this consent; consent can be revoked at any time with effect for the future.

Storage duration

The data collected directly by us via the video and conference tools will be deleted from our systems as soon as you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies. Stored cookies remain on your device until you delete them. Mandatory statutory retention periods remain unaffected.

We have no influence on the storage period of your data, which is stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.

Conference tools used

We use the following conferencing tools:

Microsoft Teams

We use Microsoft Teams. The provider is Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA. For details on data processing, see the Microsoft Teams privacy policy: https://privacy.microsoft.com/de-de/privacystatement.

Data processing through social networks

We maintain publicly accessible profiles on social networks. The social networks used by us in detail can be found below.
Social networks such as Facebook, Twitter, etc. can generally analyze your user behavior extensively when you visit their website or a website with integrated social media content (e.g. Like buttons or advertising banners). Visiting our social media sites triggers numerous processing operations relevant to data protection. In detail these are:

If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. However, your personal data may also be collected under certain circumstances if you are not logged in or do not have an account with the respective social media portal. In this case, this data collection takes place, for example, via cookies that are stored on your device or by recording your IP address.

With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed to you inside and outside of the respective social media presence. If you have an account with the respective social media network, the interest-based advertising may be displayed on all devices on which you are or were logged in.

Please also note that we cannot track all processing on the social media portals. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media portals. For details, please refer to the terms of use and privacy policies of the respective social media portals.

Legal basis

Our presence on social media sites is designed to ensure the broadest possible appearance on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) (f) GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which are to be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 (1) (a) GDPR).

Controller and assertion of rights

If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. In general, you can assert your rights (information, correction, Deletion, restriction of processing, data portability and complaint) both against us and against the operator of the respective social media portal (e.g. against Facebook).
Please note that despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are largely determined by the corporate policy of the respective provider.

Storage duration

The data collected directly by us via the social media presence will be deleted from our systems as soon as the purpose for storing it no longer applies, you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies. Stored cookies remain on your device until you delete them. Mandatory legal provisions - in particular retention periods - remain unaffected.
We have no influence on the storage period of your data, which is stored by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).

Social networks in detail
Facebook

We have a profile on Facebook. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, the collected data is also transferred to the US and other third countries.
We have entered into a joint processing agreement (Controller Addendum) with Facebook. This agreement specifies the data processing operations for which we or Facebook is responsible when you visit our Facebook page. This agreement can be viewed at the following link:
https://www.facebook.com/legal/terms/page_controller_addendum.

You can adjust your advertising settings yourself in your user account. To do so, click on the following link and log in:https://www.facebook.com/settings?tab=ads.

For details, see Facebook’s privacy policy: https://www.facebook.com/about/privacy/.

Twitter
We use the short messaging service Twitter. The provider is Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland.

You can adjust your Twitter privacy settings yourself in your user account.
To do so, click on the following link and log in: https://twitter.com/personalization.

For details, see Twitter’s privacy policy: https://twitter.com/de/privacy.

Instagram
We have a profile on Instagram. The provider is Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. For details on their handling of your personal data, please refer to Instagram’s privacy policy: https://help.instagram.com/519522125107875.

XING
We have a profile on XING. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. For details on how they handle your personal data, please refer to XING's privacy policy: https://privacy.xing.com/de/datenschutzerklaerung

LinkedIn
We have a profile on LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

If you wish to disable LinkedIn advertising cookies, please use the following link:https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
For details on how they handle your personal data, please refer to LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy.

YouTube
We have a profile on YouTube. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. For details on how they handle your personal data, please refer to YouTube’s privacy policy: https://policies.google.com/privacy?hl=de.

In the context of marketing, we comply with the legal requirements of the GDPR and the UWG.

If you have given us your consent for advertising purposes, you can revoke this consent at any time without giving reasons via datenschutz@zufall.de

If you receive advertising from us in the context of existing customer relationships in accordance with the provisions of § 7 (3) UWG - this is the case if we would like to inform you about the sale of a similar product or service, you have not objected to the sending of advertising messages and we have your contact details from you in connection with the performance of the contract - you can object to the use at any time at datenschutz@zufall.de.

If you receive advertising from us on the basis of a balance of interests pursuant to Art. 6 (1) (f) GDPR, you can object to this at any time via datenschutz@zufall.de.

Newsletter

Our newsletter informs you about current topics, such as changes at the ZUFALL logistics group or news from the logistics industry. The information is intended to simplify the cooperation between you and ZUFALL logistics group, as well as to guarantee a uniform level of knowledge.

Newsletter data

If you would like to receive the newsletter offered on the website, we require an email address from you as well as information that allows us to verify that you are the owner of the email address provided and that you agree to receive the newsletter. Further data is not collected or only on a voluntary basis within the scope of your consent (Art. 6 (1) (a) GDPR). We use this data exclusively for sending the requested information.

We use the double opt-in procedure to prove your consent, i.e. you will receive a confirmation link from us to the email address you provided after registering on the website. Only by confirming the registration link will you be added to the newsletter distribution list. If you do not confirm the link within 30 days, we will delete your data.

The processing of the data entered in the newsletter registration form is based exclusively on your consent (Art. 6 (1) (a) GDPR). You can revoke your consent to the storage of the data, the email address and their use for sending the newsletter at any time, for example via the “unsubscribe” link in the newsletter. The legality of the data processing activities already carried out remains unaffected by the revocation.

The data you provide for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted by us as well as by our service providers after you unsubscribe from the newsletter. Data stored by us for other purposes (e.g. email addresses for the user area) remain unaffected by this.

After you have unsubscribed from the newsletter distribution list, your email address may be stored by us or the newsletter service provider in a blacklist to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 (1) (f) GDPR). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.

Newsletter2Go

This website uses the software Newsletter2Go for sending newsletters. The provider is Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany.

Newsletter2Go is a service with which, among other things, the sending of newsletters can be organized and analyzed. The data you enter for the purpose of receiving the newsletter will be stored on Sendinblue’s servers in Germany. Sendinblue GmbH is prohibited from selling your data and using it for purposes other than sending newsletters. Sendinblue GmbH is a German, certified provider, which was selected according to the requirements of the General Data Protection Regulation and the German Federal Data Protection Act.

Data analysis through Newsletter2Go

With the help of Newsletter2Go, it is possible for us to analyze our newsletter campaigns. For example, we can see whether a newsletter message was opened, with which type of device (PC, tablet, mobile) it was accessed, in which region the opening took place, and which links, if any, were clicked. In this way, we can determine, among other things, which links have been clicked on particularly often.

Newsletter2Go also allows us to divide (“cluster”) newsletter recipients based on different categories. Newsletter recipients can be subdivided according to their place of residence, for example. In this way, newsletters can be better adapted to the respective target groups.

For detailed information on Sendinblue features, please refer to the following link: https://de.sendinblue.com/informationen-newsletter-empfaenger/?rtype=n2go

In the course of order processing, in particular the transport and logistics services we provide, for payment processing and for the management of customer data, it is necessary to process and store personal data. All data that you provide to us in the context of order processing, such as client, shipment and recipient information (e.g. name and address of the sender, name and address of the recipient, contact details, description of goods, number of items, weight, value of the shipment) is processed by us exclusively for the purpose of fulfilling the contract. In this case, the legal basis for the data collection and processing is the fulfillment of the contract concluded with you (Art. 6 (1) (b) GDPR).

In accordance with legal requirements, certain shipping data is made available to the relevant authorities for the purposes of customs clearance and taxation as well as for security checks. The legal basis for this is the legal obligation to process data pursuant to Art. 6 (1) (c) GDPR.

In order to provide the services we offer, your data may be passed on to other companies involved in the transport process (e.g. carriers, courier services, customs service providers). The data will only be passed on to other companies within or outside the ZUFALL logistics group if this is also necessary for the purpose of fulfilling the contract.

The stored data is subject to the statutory retention and deletion periods.

If you visit us in person on site, we process your personal data as part of visitor registration. For this purpose, we primarily process your last name, first name, company/service provider, activity, date and time of entry, date and time of exit, number of the visitor badge issued, vehicle license plate number and your signature, thereby pursuing our legitimate interest in recording and monitoring non-company persons on our premises and ensuring traceability in the event of a fire. The legal basis for this is Art. 6 (1) (f) GDPR.

Insofar as we record your data as a visitor, this data will only be passed on to third parties within the scope of our legal obligations and will only be processed in paper form. Your data will be erased after 12 months, unless it is subject to further legal retention obligations.

We process personal data of our business partners, suppliers and service providers when contacting them, commissioning services or in the event of deliveries of goods, and when carrying out business relationship activities. As a rule, these are the contact details provided to us by the internal contact persons.

This data is processed exclusively for the purpose for which you have provided us with the data in the first place. When naming a contact person, the purpose is the implementation of specific contractual measures. When providing a business card, the purpose is a subsequent contact to discuss common business interests. The legal basis for the processing is Art. 6 (1) (b) GDPR, insofar as the data is processed for the initiation or implementation of a contractual relationship. In addition, the data processing is based on Art. 6 (1) (f) GDPR, as we have a legitimate interest in maintaining our business relationships.

A safety briefing may be required for services performed by you or your employees on our premises. We will document this safety briefing. The name of your employee, the date of the briefing, the company address and the signature of the instructed person are processed.

The stored data is subject to the statutory retention and deletion periods.

Handling of applicant data
In job advertisements, we regularly provide information about current vacancies. We offer you the opportunity to apply for these positions with us (e.g. by email, postal mail or via online application form).
By sending the application documents via the portal ausbildung-bei-zufall.de (online application), you agree to our data protection provisions. In this case, the transmission of your application documents will be encrypted and forwarded to the responsible person. If we receive your application documents by other means, we will send you a confirmation of receipt and a reference to our data protection principles. Please note that the transmission is usually not encrypted when you send us your application documents by email.

Scope and purpose of data collection
When you send us an application, we process your associated personal data (e.g. contact and communication data, application documents, notes taken during interviews) to the extent necessary to decide whether to establish an employment relationship. The legal basis for this is Art. 88 GDPR in conjunction with § 26 BDSG (initiation of an employment relationship), Art. 6 (1) (b) GDPR (general contract initiation) and - if you have given your consent - Art. 6 (1) (a) GDPR.

Insofar as you provide us with special categories of personal data within the scope of the application process, such as an existing severely disabled status or health data that is necessary for the assessment of your employability for a specific position, the processing of this data provided on your initiative is carried out in accordance with Art. 9 (2) (b) (h) GDPR, § 26 (3) BDSG.

Your personal data will only be shared within our company to persons who are involved in processing your application. Your personal application data will only be shared with other companies in the ZUFALL logistics group with your prior, express consent. Your consent can be revoked at any time with effect for the future. Your application data will not be used for any other purpose or shared with third parties.

If the application is successful, the data submitted by you will be stored in our data processing systems on the basis of Art. 88 GDPR in conjunction with § 26 BDSG for the purpose of implementing the employment relationship in our data processing systems.

Retention period for the data
If we are unable to make you a job offer, if you reject a job offer or withdraw your application, we reserve the right to retain the data you have provided on the basis of our legitimate interests (Art. 6 (1) (f) GDPR) for up to 6 months from the end of the application process (rejection or withdrawal of the application).
Subsequently, the data is deleted and the physical application documents are destroyed. The storage especially serves evidence purposes in the event of a legal dispute. If it is apparent that the data will be required after the 6-month period has expired (e.g. due to an impending or pending legal dispute), the data will not be deleted until the purpose for continued storage no longer applies.

Longer storage can also take place if you have given a corresponding consent (Art. 6 (1) (a) GDPR) or if legal storage obligations oppose the deletion.

Inclusion in the applicants pool
If we do not make you a job offer, it may be possible to include you in our applicants pool. In case of acceptance, all documents and information from the application will be transferred to the applicants pool in order to contact you in case of suitable vacancies.

Inclusion in the applicant pool takes place exclusively on the basis of your express consent (Art. 6 (1) (a) GDPR). The submission of the consent is voluntary and is not related to the current application process. The data subject may revoke their consent at any time. In this case, the data will be irrevocably deleted from the applicant pool, unless there are legal reasons for retention.

The data from the applicant pool will remain with us until you ask us to delete it or the purpose for storing the data no longer applies.

As at: September 14, 2020

Source: individual text modules from eRecht24