Data Protection
Data Protection
Data Protection
If you use an digital offer the SWMH Logistik GmbH processes your personal data. With this data protection notice, we inform you how and why we process your data and how we ensure that it remains confidential and is protected.
We automatically collect the data that is generated when you access our digital offerings. Otherwise, we collect data on the basis of your input or communications or through the use of cookies or similar technologies.
Providing the content
Product optimization
Applications
Communication
Promotion & Marketing
In order to use our digital offerings, it may be necessary to transfer certain personal data to third countries, i.e. countries in which the GDPR is not applicable law. However, we only permit processing of your data in a third country if the special requirements of Art. 44 GDPR and consequently the guarantee of an adequate level of data protection in the country are met. This means that the third country must either have an adequacy decision from the European Commission or appropriate safeguards pursuant to Art. 46 GDPR or one of the requirements of Art. 49 GDPR. Unless otherwise stated below, we use as appropriate guarantees the applicable Standard Contractual Clauses for the transfer of personal data to processors in third countries.
In order to protect your privacy and to ensure a level of protection appropriate to the risk, we take technical and organizational measures. We take these measures in accordance with the legal requirements, considering the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing, as well as the different probabilities of occurrence and the extent of the threat to the rights and freedom of natural persons, which are reviewed and adapted on a regular basis. The measures ensure the confidentiality, integrity, availability and resilience of your data. This includes, among other things, the use of recognized encryption methods (SSL or TLS) and pseudonymization.
However, we would like to point out that due to the structure of the Internet, it is possible that the rules of data protection and the above-mentioned security measures are not observed by other persons or institutions not within our sphere of responsibility. In particular, data disclosed unencrypted - e.g., if this is done by e-mail - can be read by third parties. We have no technical influence on this.
We delete or anonymize your personal data as soon as it is no longer required for the purposes for which we collected or used it.
However, if necessary, we must continue to store your data until the expiry of the retention obligations and periods issued by the legislator or supervisory authorities, which may result from the German Commercial Code, the German Fiscal Code and the German Money Laundering Act (usually 6 to 10 years). In addition, we may retain your data until the expiry of the statutory limitation periods (i.e. usually 3 years; in individual cases, however, up to 30 years), insofar as this is necessary for the assertion, exercise or defense of legal claims. After that, the corresponding data will be deleted.
You can contact the data protection officer with your request by mail or e-mail, swmh-datenschutz@atarax.de, with your request.
This privacy notice will be adjusted from time to time. The date of the last update can be found at the beginning of this information.
You can obtain an overview of all the tools and cookies we use as well as a withdrawal option by clicking on Privacy Settings in the footer of the respective website.
In the following, you will receive data protection information in detailed form.
We use cookies and similar technologies to provide you with the best experience when using our digital offerings and to help fund us. We use them i.a. für ensuring functionality, for IT security and fraud prevention, usage analysis in order to be able to optimize the products and for marketing and adverstising.
For an overview of the technologies used and withdrawal or objection options, click on Privacy Settings in the footer of the website you are visiting.
If cookies, device identifiers or other personal data are stored or accessed on your terminal for processing operations, this is in accordance with the legal basis stated in Art. 6 of the General Data Protection Regulation.
In order to be able to provide the telemedia service you expressly requested, we also take into account the regulations in Section 25 Telekommunikation-Digitale-Dienste-Datenschutz-Gesetz (TDDDG) and, in particular, on absolute necessity in accordance with Section 25 (2) No. 2 TDDDG.
When you use our offerings, we automatically use absolutely necessary technologies to enable the usability of the functions provided and to ensure the security and stability of our offer:
The processing of the IP address is absolutely necessary to enable the delivery of our offerings to your end device and to measure the efficiency and performance of our offerings. Usage profiles are not created in the process. Our servers store your IP address for up to seven days for the purpose and interest of being able to guarantee the security of our offer. The other data is deleted after 30 days.
The legal basis for the data processing operations is our legitimate interest.
We cannot do without certain cookies and similar technologies, as they are indispensable for our telemedia service and business model - as requested by the user. In addition to data, we need to provide and ensure functionality and security. The following tools and cookies are essential technologies.
The legal basis for the data processing described below is our legitimate interest pursuant to Art. 6 para. 1 p. 1 lit. f) GDPR.
In order to obtain and store your data protection consent, we use "CookieHint and Consent". This is a Joomla! plugin to create a consent banner on the website. In addition, the plugin blocks all types of cookies and scripts on the website in such a way that they are only started after you have given consent.
The Google Tag Manager service is an organizational tool and allows us to control services. The tool only uses the IP address to connect to the server and to function technically. Otherwise, no personal data is processed by way of the tool itself. The Tag Manager ensures that other services are only executed if the conditions (tags) set in the Tag Manager are met for them. In this way, we ensure that, for example, tools that require consent are only loaded after you have given your consent. The Tag Manager does not access the data processed by the tools.
The legal basis for the data processing operations is our legitimate interest.
We use embeds to provide you with content of interest. The respective embedding is performed by the technical procedure of so-called framing. Framing is the process of simply inserting a provided HTML link into the code of a website to create a playback frame on our pages, thereby enabling playback of the content stored on the third-party platform's servers.
This third-party content is loaded subsequent to your consent.
Some of such content also originates from social networks or other companies in the USA. By integrating their content, cookies and similar technologies may be used by them and data may also be transmitted to them in the USA (e.g. your IP address, browser information, cookie ID, pixel ID, page accessed, date and time of access). Details on the integrated content of the individual networks or these companies, which is stored on their servers and for the provision of which your IP address is transmitted to these companies, as well as on the data processing taking place at these companies, which may also include advertising purposes, can be found in the following lines.
You can withdraw your consent in the privacy settings.
We use cookies and tracking tools to optimize our digital offerings based on your utilization. To do this, we measure the development of reach as well as the use of content and function and we use A/B testing to check which variants users like better.
The legal basis for the data processing operations is our legitimate interest.
We aim to constantly develop and improve our products. For this purpose, we require usage analysis that goes beyond mere reach measurement. Usage analysis serves to evaluate the flow of visitors to our online offerings and may include behavior, interests or demographic information about visitors, such as age or gender, as pseudonymous values. With their help, we can recognize, for example, when our digital offerings are most frequently used or which functions are readily reused. This allows us to identify which areas need optimization.
In addition to usage analysis, we also use test procedures, for example, to test different versions of our online offerings or their components.
For these purposes, profiles, i.e. data summarized for a usage process are created and information is stored in and read from a browser or terminal device. The information collected includes, in particular, websites visited and elements used there, as well as technical information such as the browser used, the computer system used, and information on usage times. Only if you have consented to the collection of your location data will it be processed.
The IP addresses of the users are also stored. We use an IP masking method (i.e. pseudonymization by shortening the IP address) for your protection. Generally, the data stored in the context of web analytics, A/B testing and optimization is not clear user data (such as e-mail addresses or names), but pseudonyms, so that neither we nor the providers of the software used, who act for us as processors, know the actual identity of the users.
Your data will be processed on the basis of your consent.
We use Google Analytics (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) to measure and analyze the use of our online offer on the basis of a pseudonymous user identification number. This identification number does not contain any unique data, such as names or e-mail addresses. It is used to assign analysis information to a terminal device in order to recognize which content users have accessed within one or various usage processes, which search terms they have used, have accessed again or have interacted with our online offer. Likewise, the time of use and its duration are stored, as well as the sources of users referring to our online offer and technical aspects of their end devices and browsers. In the process, pseudonymous profiles of users are created with information from the use of various devices, whereby cookies may be used. Google Analytics does not log or store individual IP addresses for EU users. However, Analytics provides coarse geographic location data by deriving the following metadata from IP addresses: City (and the derived latitude and longitude of the city), Continent, Country, Region, Subcontinent (and ID-based counterparts). For EU traffic, IP address data is used exclusively for this derivation of geolocation data before being immediately deleted. They are not logged, are not accessible, and are not used for any other purpose. When Google Analytics collects measurement data, all IP queries are performed on EU-based servers before traffic is forwarded to Analytics servers for processing.
The storage period of the data is 14 months (concerns user and event level data). Aggregated data is anonymized and is not deleted.
Google is our processor, with whom we have concluded the necessary agreements for this purpose. We have also taken measures to ensure appropriate and adequate safeguards for the protection of personal data during third-country data transfers by concluding EU standard contractual clauses and observing additional measures to protect data subjects' rights where necessary.
Your data will be processed on the basis of your consent.
Your data will be processed on the basis of your consent.
If you apply to us as a newspaper delivery person, we will collect your data (e.g. first name, last name, e-mail address, telephone number, address if applicable) if you provide it to us of your own accord. Your personal data will only be used to process your application.
Your personal data will be processed as part of the decision on the possible establishment of an employment relationship with you (§ 26 BDSG, Art. 1 para. 1 p.1 lit a), 88 DSGVO) and if we are legally obliged to do so. Without the personal data, we cannot make a decision about the establishment of an employment relationship with you and fulfill legal obligations. In individual cases, processing may also take place because the personal data is needed to assert or defend legal claims (so-called legitimate interests in processing pursuant to Art. 6 (1) (f) DSGVO) or because you have given your consent (e.g. for further applications for other positions and/or positions at other companies). You can revoke such consent at any time with effect for the future.
As a matter of principle, we delete your personal data as soon as they are no longer required for the aforementioned purposes, usually six months after completion of the application process, provided that it does not result in the establishment of an
employment relationship is established and you do not authorize us to process the data for other applications. In individual cases, we store personal data if this is necessary in order to be able to assert legal claims on the part of the company or to be able to defend against legal claims (statutory limitation periods of up to 30 years).
In the case of unsolicited applications, by submitting the application you consent to your application being stored initially for a period of up to twelve months.
When you contact us, we only collect personal data (e.g. name, e-mail address, telephone number) if you provide us with this information voluntarily. You can send this information to us by email or letter, for example. Your personal data will only be used to contact you or for the purpose for which you have provided us with this data, e.g. to process your inquiries, technical administration of the website and customer management.
Any communication of this information (including information on communication channels such as e-mail address, telephone number) is expressly on a voluntary basis. The data will be used exclusively to process your request if the data processing is necessary for the fulfillment of the contract or if there is a legitimate interest to do so. In the case of a telephone inquiry, your data will also be processed by telephone applications and, in some cases, by a voice dialogue system in order to support us in the distribution and processing of the inquiries.
This data is passed on to our service providers for customer service and is deleted if it is no longer required.
We generally recommend that you only prefer to contact us via WhatsApp if this involves general enquiries about the job as a delivery agent. We expressly advise you not to apply to us via WhatsApp, to provide us with application documents via WhatsApp or to communicate about your application or communicating with us about your application.
If you would like to use WhatsApp to contact us, we recommend that you provide us with another means of contact outside of WhatsApp (e.g. telephone number, e-mail address) so that we can respond to your request in this way. Should you nevertheless wish to receive an answer via WhatsApp, we would like to ask you to explicitly inform us of this and to note the following when doing so:
WhatsApp is a messenger service operated by WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. WhatsApp, like Facebook, is part of Meta with its headquarters at 1 Hacker Way
Menlo Park, California 94025, USA.
WhatsApp does not guarantee an adequate level of data protection in particular for data in the context of an employment relationship or the application for an employment relationship.
Due to the assumed data transfer outside the European Union, the high European level of data protection does not exist.
Possible risks that may not be completely excluded in connection with the data transfer are in particular:
There may also be a higher probability that incorrect data processing may occur and that the protection of personal data does not fully comply with the requirements of the GDPR in terms of quantity and quality.
We use the tool "Microsoft Teams" to conduct telephone conferences, online meetings, video conferences and/or web conferences (hereinafter: "online meetings"). "Microsoft Teams" is a service of Microsoft Corporation (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA). If we want to record online meetings, we will transparently inform you of this in advance and - where necessary - ask for consent. The fact of recording will also be displayed to you in the MS Teams app.
Note: Insofar as you call up the "Microsoft Teams" website, the "Microsoft Teams" provider is responsible for data processing. However, accessing the website is only necessary for the use of "Microsoft Teams" in order to download the software for the use of "Microsoft Teams".
If you do not want to or cannot use the "Microsoft Teams" app, you can also use "Microsoft Teams" via your browser. The service will then also be provided via the "Microsoft Teams" website.
Various types of data are processed when using "Microsoft Teams". The scope of the data also depends on the data you provide before or during participation in an "online meeting".
The following personal data are subject to processing:
Chat content is logged when using Microsoft Teams. Files that users share in chats are stored in the OneDrive for Business account of the user who shared the file. Files shared by team members in a channel are stored on the team's SharePoint site.
Insofar as personal data of employees is processed, Section 26 BDSG is the legal basis for data processing. If, in connection with the use of "Microsoft Teams", personal data is not required for the establishment, implementation or termination of the employment relationship, but is nevertheless an elementary component in the use of "Microsoft Teams", Art. 6 (1) lit. f) DSGVO is the legal basis for data processing. In these cases, our interest lies in the effective implementation of "online meetings".
Otherwise, the legal basis for data processing when conducting "online meetings" is Art. 6 para. 1 lit. b) DSGVO. Online meetings are only recorded if we have informed you of this in advance and you have consented to the recording. The legal basis in this case is Art. 6 para. 1 lit. a DSGVO.
Personal data processed in connection with participation in "online meetings" will generally not be passed on to third parties unless it is specifically intended to be passed on. Please note that the content of "online meetings", as well as personal meetings, is often used to communicate information with customers, interested parties or third parties and is therefore intended to be passed on.
Other recipients: The provider of "Microsoft Teams" necessarily receives knowledge of the above-mentioned data insofar as this is provided for in the context of our order processing agreement with "Microsoft Teams".
Data processing outside the European Union (EU) does not take place as a matter of principle, as we have restricted our storage location to data centres in the European Union. However, we cannot exclude the routing of data via internet servers that are located outside the EU. This may be the case in particular if participants in "Online Meeting" are located in a third country.
As Microsoft is based in the USA, we have concluded an order processing agreement with Microsoft that complies with the requirements of Art. 28 DSGVO. An adequate level of data protection is guaranteed on the one hand by the conclusion of the so-called EU standard contractual clauses. As additional protective measures, we have also configured our system in such a way that only data centres in the EU, the EEA or secure third countries such as Canada or Japan are used to conduct "online meetings".
For more information, please see Microsoft's privacy notice: https://privacy.microsoft.com/de-de/privacystatement
https://www.microsoft.com/de-de/trust-center
However, the data is encrypted during transport over the Internet and thus protected against unauthorised access by third parties.
We generally delete personal data when there is no need for further storage. A requirement may exist in particular if the data is still needed to fulfil contractual services, to check and grant or ward off warranty and, if applicable, guarantee claims. In the case of statutory retention obligations, deletion is only considered after expiry of the respective retention obligation.
In order to show you advertising for our own products, we use the services of advertising partners or cooperate with advertising partners and advertising networks. These use cookies, pixels or similar technical means to display and evaluate advertisements.
Advertisements may be customized for each user, for example, by using browser usage information (such as pages visited, hours of use, length of stay). However, user-related advertisements are also possible. Furthermore, evaluations of the range or for billing purposes can be carried out in pseudonymized form. The details of the services used, cooperation partners and individual possibilities of objection are described below.
Your data will be processed on the basis of your consent.
You can get an overview of all the tools and cookies we use, as well as a revocation option, by clicking on Privacy Settings at the bottom of the website you visit.
To draw attention to our offers, we place ads on Google's search network and banner ads on Google's display network (banners on third-party websites) and use conversion measurement and remarketing from Google Ads and Analytics, respectively. In doing so, we may combine ads with search terms or use custom ads to advertise products and services that you have viewed on our site. Ads remarketing lists allow us to optimize search and display campaigns if you have visited our site before. With conversion measurement, we see the success of interest-based advertising on Google's search network and advertising banners on Google's display network (banners on third-party websites) based on the analysis of user behavior to better target advertising.
For this interest-based advertising, Google analyzes your user behavior with cookies that are set when you click on ads or visit our websites. We and Google then receive information that you clicked on an ad and were redirected to us. Based on these evaluations, we can see which of the advertising measures used are particularly effective and can optimize them as a result.
The statistics that Google provides us with include the number of users who clicked on one of our ads and show which of our websites you were redirected to. In addition, we can target you more specifically if you have already been to our website. We can also track which search terms were clicked on particularly often and which ads lead to the purchase of a subscription, for example.
Due to the marketing tools used, your browser automatically establishes a direct connection with Google's server. We have no influence on the scope and further use of the data collected by Google through the use of this tool and therefore inform you according to our state of knowledge: Through the integration of Ads Advertising, Google receives the information that you have called up the corresponding part of our website or clicked on an advertisement from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, there is the possibility that the provider learns your IP address and stores it.
More information on this can also be found in the notes on website statistics and in the privacy policy of Google.
You can prevent this technology by disabling the use of cookies via your browser settings, deselecting individual types of ads in Google's ad settings, disabling interest-based ads on Google, or disabling cookies from advertising providers using the respective Network Advertising Initiative disabling guide. We and Google then only receive the statistical information about how many users have visited a page and when. This can only be prevented by appropriate browser extensions.
Our website uses Google Audience, a service of Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland; Google Audience uses, among other things, cookies that are stored on your computer as well as other mobile devices (e.g. smartphones, tablets, etc.) and that enable an analysis of the use of the respective devices. The data is in part evaluated across devices. Google Audience receives access to the cookies created in the context of the use of Google Adwords and Google Analytics. In the course of use, data, such as in particular the IP address and activities of the user, may be transmitted to a Google server and stored there. Google may transfer this information to third parties if required by law or if processing of this data by third parties takes place. You can prevent the collection and forwarding of personal data (esp. your IP address) as well as the processing of this data by deactivating the execution of Java Script in your browser or installing a tool such as 'NoScript'. You can also prevent the collection of data generated by the Google cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link (http://tools.google.com/dlpage/gaoptout?hl=de). Further information on data protection when using Google Audience can be found at the following link: https://support.google.com/analytics/answer/2700409?hl=en&ref_topic=2611283
Controller is
SWMH Logistik GmbH
Hultschiner Straße 8
81677 München
You can reach our data protection officer at
atarax Unternehmensgruppe
Luitpold-Maier-Str. 7
D-91074 Herzogenaurach
Phone: +49 9132 79800
Email: swmh-datenschutz@atarax.de.
Right of objection
If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) f GDPR or pursuant to Art. 6 (1)e GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR. In the event of such an objection, we will no longer process your personal data, unless we can prove compelling reasons for processing worthy of protection that outweigh the interests, rights and freedoms of the person concerned or the processing serves to assert, exercise or defend legal claims.
In the case of direct marketing, you have the right to object to the processing of personal data relating to you at any time. If you object to processing for the purposes of direct marketing, the personal data will no longer be processed for those purposes.
Our websites can contain links to websites of other providers. We have no influence on this and do not monitor the compliance of other providers with applicable data protection provisions.
We reserve the right to alter and/or adjust this data protection declaration at any time, taking into consideration the current applicable data protection provisions.