Data protection information

Data protection information
In the following, we would like to inform you about the processing of personal data within the framework of our website (www.onlogist.com).

Controller
ONLOGIST GmbH
Managing Directors: Felix Müller, Moritz Pagendarm
Frankenstraße 29
20097 Hamburg
Telefon +49 40 - 74 30 51 81
E-Mail: info@onlogist.com

Data Protection Officer
Christoph Curvers (Rechtsanwalt)
Löwenstraße 7
20251 Hamburg
E-Mail: datenschutz@curvers.de

A. General information on data processing

The protection of your personal data during the processing when you visit our website www.onlogist.com (hereinafter: website) is an important concern for us. We would like to inform you in the following about the form in which your data is requested, electronically stored and processed by us.

1. Personal data
According to Art. 4 (1) GDPR, personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is someone who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Accordingly, personal data is any information about you. This includes, for example, information such as your name, address, telephone number and email address, but also data such as your location, IP address or bank details. It is not necessary for you to disclose personal data in order to use our website. However, in certain cases, for example when you use our portal, we require your name and address and other information for a contract or preliminary contract between us and you or between the user parties so that we can provide the requested services.

2. Processing of personal data
As a matter of principle, we only process the personal data of our users insofar as this is necessary for the provision of a functioning website, the provision of our contents and services. Your personal data is regularly processed only after your consent as a user.

As an exception, this does not apply if the storage and processing of the data is permitted by legal regulations or is technically necessary or required for operational reasons (e.g. fulfilment of contractual modalities). Further cases are listed below in the description of the respective storage processes.

3. Disclosure of personal data to third parties and recipients
Your personal data will not be passed on to other recipients or third parties without your necessary prior consent. ONLOGIST will not pass on your data to third parties unless ONLOGIST is legally obliged to do so.

Surveys of personal data as well as their transmission to state institutions and authorities entitled to receive information are only carried out within the framework of the relevant laws, or if we are obliged to do so by a court decision. ONLOGIST also does not pass on your data to private third parties, except in the case of external service providers (e.g. for sending emails and newsletters) who provide services in the name of and on behalf of ONLOGIST. Our employees and service providers are obligated by us to maintain confidentiality and to protect the personal and company-related data provided to us.

We use third-party extensions in some cases. In the process, personal data may be passed on or automatically transmitted. The nature, scope, purpose and duration of this processing of personal data may vary from case to case. We therefore check carefully in each individual case which third-party services we use on our website and whether personal data is passed on in the process. Accordingly, we include this data processing in the privacy statement as required.

The transfer of personal data by us to third parties takes place in the cases listed separately by us.

4. Automatic collection of technical data (server log files)
Each time you visit our website, our system automatically collects data and information from the computer system of the computer used.

The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.

The following data is stored for organisational and technical reasons:

Names of downloaded files

Your IP address

Information about the type of browser and the version used

Your operating system (name, version)

Your Internet service provider

Date and time of access

Websites from which your system accesses our website

Screen resolution, if applicable

The legal basis for the temporary storage of the data and the log files is our legitimate interest according to Art. 6 (1)(f) GDPR.

We evaluate this technical data in order to further optimise our Internet presence and to make our Internet offers even more attractive. The data will be erased as soon as it is no longer required to achieve the purpose for which it was collected.

This technical data is automatically deleted after 30 days. The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.

5. Purpose
ONLOGIST will process your personal data supplied online only for the purposes set out in section B below and on the basis of the legal bases indicated in each case.

B. Processing of personal data by the company ONLOGIST GmbH on our website

Provision of the website www.onlogist.com for all users and visitors:

1. Processing of your IP address by the web servers
IP addresses are unique numeric addresses under which your computer retrieves data or sends data to the Internet. As a rule, we do not know which person is behind the respective IP address; we cannot normally assign the data to a person that can be specifically determined by us.

Exception: While using our website, you voluntarily provide us with an email address or other information that allows us to identify you. Furthermore, you may be identified if we take legal action against you (e.g. in the event of attacks against our website) and we become aware of your identity in the course of the investigation. Therefore, as a rule, you do not need to worry that we will be able to assign the following data to a person who can be specifically identified by us.

For technical reasons, services on the Internet can only be used if you disclose your IP address. This is processed by the web servers that deliver these web pages. The processing for the delivery of our web pages is not anonymous.

The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer.

The processing of your IP address is based on Art. 6 (1)(f), our legitimate interest is the operation of our website.

2. Encrypted transmission
In the case of online collection and processing of personal data, the information is transmitted in encrypted form (via https) to prevent misuse of the data by third parties. All data entered by you on our pages is transmitted to us in encrypted form, so that it is protected against inspection by third parties. Our website automatically enforces encrypted transmission of all content throughout.

Encryption technologies that correspond to the current state of the art are used. The security measures are continuously revised in line with technological developments.

3. Use of Cookies
When you visit our website, various information is automatically transmitted to us.

The ONLOGIST website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user’s computer system. When a user accesses a website, a cookie may be placed on your terminal device.

Some of the cookies we use are deleted after you close your browser (‘transient cookies’; this also includes session cookies). Other cookies remain on your terminal device (‘persistent cookies’). Some of these allow us to recognise your browser the next time you visit. These cookies contain a characteristic string of characters that enable the browser to be uniquely identified when the website is visited again.

We also store language settings and login information. With the help of these cookies, we can implement an analysis of the surfing behaviour of the users.

The following data can be transmitted in this way:

Entered search terms

Pageview frequency

Use of website functions

You will be informed by us on the website in each case about the setting of cookies and can decide in the context of a consent in individual cases whether or not to accept them.

The legal basis for the processing of personal data using technically necessary cookies is Art. 6 (1)(f) GDPR. Our legitimate interest is to operate a functional and attractive website.

The legal basis for the processing of personal data using other cookies is your consent in accordance with Art. 6 (1)(a) GDPR.

4. Google Analytics
4.1 We use Google Analytics, a web analytics service provided by Google LLC (‘Google’), on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offering within the meaning of Art. 6 (1)(f) GDPR). Google uses cookies. The information generated by the cookie about the use of the online offer by the user is usually transmitted to a Google server in the USA and stored there.

4.2 Google is certified under the Privacy Shield Agreement and thereby offers a guarantee of compliance with European data protection law(https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

4.3 Google will use this information on our behalf for the purpose of evaluating your use of our website, compiling reports on website activity for website operators and providing other services relating to website activity and Internet usage. Pseudonymous usage profiles of the users can be created from the processed data.

4.4 We use Google Analytics to display the ads placed within Google’s advertising services and those of its partners only to those users who have also shown an interest in our online offering or who have certain characteristics (e.g. interests in certain topics or products determined on the basis of the web pages visited) that we transmit to Google (‘remarketing’, or ‘Google Analytics Audiences’). With the help of Remarketing Audiences, we also want to make sure that our ads match the potential interest of the users and are not harassing.

4.5 We use Google Analytics only with IP anonymisation enabled. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there.

4.6 The IP address transmitted by the user’s browser is not merged with other Google data. Users can prevent the storage of cookies by setting their browser software accordingly; users can also prevent the collection of the data generated by the cookie and related to their use of the online offer to Google as well as the processing of this data by Google by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

4.7 You can find out more information about Google’s use of data, setting and objection options on Google’s websites: https://www.google.com/intl/de/policies/privacy/partners (‘Data use by Google when you use our partners’ websites or apps’), https://policies.google.com/technologies/ads (‘Data use for advertising purposes’), https://adssettings.google.com/authenticated (‘Manage information Google uses to show you ads’).

5. Google-Re/Marketing-Services
5.1 We use the marketing and remarketing services (in short ‘Google marketing services’) of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (‘Google’) on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of Art. 6 (1)(f) GDPR).

5.2 Google is certified under the Privacy Shield Agreement and thereby offers a guarantee of compliance with European data protection law(https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

5.3 Google’s marketing services allow us to display advertisements for and on our website in a more targeted manner to present users only with ads that potentially match their interests. If, for example, a user is shown ads for products in which he/she has shown interest on other websites, this is referred to as ‘remarketing’. For these purposes, when our website and other websites on which Google marketing services are active are visited, a Google code is executed directly by Google and ‘Google cookies’ and so-called (re)marketing tags (invisible graphics or code, also known as ‘web beacons’) are embedded in the website. With their help, an individual cookie, i.e. a small file, is stored on the user’s device (comparable technologies can also be used instead of cookies). The cookies can be set by various domains, including google.com, doubleclick.net, invitemedia.com, admeld.com, googlesyndication.com or googleadservices.com. This file records which web pages the user has visited, which content he/she is interested in and which offers he/she has clicked on, as well as technical information on the browser and operating system, referring web pages, time of visit and other information on the use of the online offer. The IP address of the user is also recorded, whereby we inform you within the framework of Google Analytics that the IP address is shortened within member states of the European Union or in other contracting states of the Agreement on the European Economic Area and only in exceptional cases is transmitted in full to a Google server in the USA and shortened there. The IP address is not merged with data of the user within other offers of Google. The above information may also be combined by Google with information from other sources. When the user subsequently visits other websites, he/she can be shown ads tailored to his interests.


5.4 User data is processed pseudonymously as part of the Google marketing services. I.e. For example, Google does not store and process the name or email address of users, but processes the relevant data in a cookie-related manner within pseudonymous user profiles. This means that from Google’s point of view, the ads are not managed and displayed for a specifically identified person, but for the cookie holder, regardless of who this cookie holder is. This does not apply if a user has expressly allowed Google to process the data without this pseudonymisation. The information collected about users by Google marketing services is transmitted to Google and stored on Google’s servers in the USA.

5.5 The Google marketing services we use include the online advertising programme ‘Google AdWords’. In the case of Google AdWords, each AdWords customer receives a different ‘conversion cookie’. Cookies can therefore not be tracked via the websites of AdWords customers. The information obtained with the help of the cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. AdWords customers learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information with which users can be personally identified.

5.6 We may integrate third-party advertisements based on the Google marketing service ‘DoubleClick’. DoubleClick uses cookies to enable Google and its partner sites to serve ads based on users’ visits to this site and other sites on the Internet.

5.7 We may integrate third-party advertisements based on the Google marketing service ‘AdSense’. AdSense uses cookies to enable Google and its partner websites to serve ads based on users’ visits to this website or other websites on the Internet.

5.8 We can also use the ‘Google Optimizer’ service. Google Optimizer allows us to track the effect of various changes to a website (e.g. changes to input fields, design, etc.) as part of ‘A/B testing’. Cookies are placed on users’ devices for these testing purposes. Only pseudonymous data of the users are processed.

5.9 Furthermore, we may use the ‘Google Tag Manager’ to integrate and manage Google’s analytics and marketing services on our website.

5.10 Further information on the use of data for marketing purposes by Google can be found on the overview page: https://policies.google.com/technologies/ads. Google’s Privacy Policy is available at https://policies.google.com/privacy.

5.11 If you wish to object to interest-based advertising by Google marketing services, you can use the setting and opt-out options provided by Google: https://adssettings.google.com/authenticated.

6. Facebook Social Plugins
6.1 We use social plugins (‘plugins’) of the social network facebook.com, which is operated by Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (‘Facebook’), on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer within the meaning of Art. 6 (1)(f) GDPR). The plugins can display interaction elements or content (e.g. videos, graphics or text contributions) and are recognisable by one of the Facebook logos (white ‘f’ on a blue square, the terms ‘Like’, ‘Like’ or a ‘thumbs up’ sign) or are marked with the addition ‘Facebook Social Plugin’. The list and appearance of Facebook social plugins can be viewed here: https://developers.facebook.com/docs/plugins/.

6.2. Facebook is certified under the Privacy Shield Agreement and thereby offers a guarantee of compliance with European data protection law(https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

6.3. When a user calls up a function of this online offer that contains such a plugin, his or her device establishes a direct connection with the Facebook servers. The content of the plugin is transmitted by Facebook directly to the user’s device and integrated by the user into the online offer. In doing so, usage profiles of the users can be created from the processed data. We therefore have no influence on the scope of the data that Facebook collects with the help of this plugin and therefore inform users according to our state of knowledge.

6.4 By integrating the plugins, Facebook receives the information that a user has accessed the corresponding page of the online offer. If the user is logged into Facebook, Facebook can assign the visit to his/her Facebook account. When users interact with the plugins, for example by clicking the Like button or posting a comment, the corresponding information is transmitted from your device directly to Facebook and stored there. If a user is not a member of Facebook, it is still possible for Facebook to obtain and store his or her IP address. According to Facebook, only an anonymised IP address is stored in Germany.

6.5 The purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as the relevant rights and settings options for protecting the privacy of users, can be found in the privacy policy of Facebook: https://www.facebook.com/about/privacy/.

6.6 If a user is a Facebook member and does not want Facebook to collect data about him or her via this online offer and link it to his or her membership data stored with Facebook, he or she must log out of Facebook and delete his or her cookies before using our online offer. Further settings and objections to the use of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/. The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices.

7. Telephone contact
If you contact us by telephone, your telephone number (if transmitted) will be stored as the communication date in the call history. This is used to manifest the call history. The deletion takes place automatically after 90 days.

The legal basis for the processing is your consent or our legitimate interest according to Art. 6 (1)(a) and (f) GDPR.

8. Smashleads
We use the lead generator from smashleads to generate and store personal data, or leads for short. All information about how smashleads stores and uses data can be found here: https://smashleads.de/data-processing.html

9. Recipients of personal data
Personal data is passed on to the following group of recipients:

a. Recipients of personal data are companies with which an order processing contract has been concluded:

PlusServer GmbH
Hohenzollernring 72
50672 Köln

Braun Heider GmbH
Klingholzstr. 18
65189 Wiesbaden

Mailchimp, The Rocket Science Group, LLC
675 Ponce de Leon Ave NE
Suite 5000
Atlanta, GA 30308 USA

STRATO AG
Pascalstraße 10
10587 Berlin

Google Ireland Limited
Gordon House, Barrow Street
Dublin 4
Irland

LinkedIn Ireland Unlimited Company
Wilton Place,
Dublin 2
Irland

Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

NFON AG
Machtlfinger Str. 7
81379 München

ZENDESK
1019 Market St
San Francisco
CA 94103
USA

b. Third parties within the meaning of the GDPR are, for example, companies such as service providers, advertising partners, third-party cookies, etc. (with whom no order processing agreement has been concluded):

1Password
Suite 303, 49 Spadina Ave
Toronto, Ontario, M5V 2J1
Canada

AgenturAdmin
Braun Heider GmbH
Klingholzstr. 18
65189 Wiesbaden"

Google Inc., Amphitheatre Parkway
Mountain View
CA 94043
USA

YouTube, LLC
901 Cherry Ave., San Bruno, CA 94066
USA

LinkedIn Ireland Unlimited Company
Wilton Place
Dublin 2
Irland

C. Rights of the data subjects

As a data subject, you have the following rights:

Right to information about personal data concerning you
According to Art. 15 DSGVO, you have the right to request confirmation from us as to whether personal data concerning you are being processed. If this is the case, you have a right to information about this personal data and to further information mentioned in Art. 15 DSGVO.

Right to rectification
According to Art. 16 DSGVO, you have the right to demand that we correct any inaccurate personal data concerning you without undue delay. Taking into account the purposes of the processing, you also have the right to request the completion of incomplete personal data - also by means of a supplementary declaration.

Right to erasure
You have the right to demand that we delete personal data relating to you without undue delay.We are obliged to delete personal data without undue delay, provided that the relevant requirements of Art. 17 DSGVO are met. For details, please refer to Art. 17 of the GDPR.

Right to restriction of processing
According to Art. 18 DSGVO, you have the right under certain conditions to demand that we restrict processing.

Right to object
According to Art. 21 DSGVO, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(e) or (f) DSGVO; this also applies to profiling based on these provisions.

If you wish to exercise a right to which you are entitled, please contact us as the data controller at the contact details provided above. You will simplify the processing of your request for us if you already provide evidence that proves your identity so that we can assign your request to a specific data subject. If you have any questions about this, please contact us.

If you do not want Google Analytics to be used when you visit our website, you can object to the collection and use of your IP address by Google Analytics at any time with effect for the future. You can find more information on this at http://tools.google.com/dlpage/gaoptout?hl=de.

You can also prevent the use of the aforementioned third-party tools in whole or in part by completely deactivating the acceptance of cookies in your browser or by only accepting cookies that originate from the website you are visiting. However, this may impair your ability to use our website. Alternatively, you can install a so-called browser add-on, which prevents the use of the aforementioned third-party tools.

Existence of a right of complaint to the supervisory authority
According to Art. 77 DSGVO, you have the right to complain to the supervisory authority. This right exists in particular in the Member State of your residence, workplace or the place of the alleged infringement, if you believe that the processing of personal data concerning you violates the GDPR.

Provision of personal data
There is no legal obligation for you to provide personal data. We reserve the right to make changes, please inform yourself regularly.

Please note that users of the mobile app provide the following consents:
I consent to ONLOGIST collecting location and movement data from my smartphone in order to provide job-related information to clients, such as estimated arrival times and driving behavior information. I am aware that this consent is voluntary and can be revoked at any time without giving reasons. I am also aware that no order acceptance can take place without consent.