This information is addressed to all customers/interested parties of our service and other affected parties. We would like to give you an overview of the processing of your personal data by us and your rights under data protection law. Which data is processed in detail and how it is used depends largely on the orders to be executed.
1. Who is responsible for data processing and who can I contact?
Responsible in the sense of the GDPR is:
Torwesten Spedition GmbH & Co. KG
Essen Local Court, HRA 5994
Phone no.: +49 (0)201 8481030
Fax: +49 (0)201 8481034
We, Torwesten Spedition GmbH & Co KG, are responsible for ensuring that the personal data concerning you is only processed in accordance with the applicable data protection regulations (Art. 4 No. 7, Art. 24 Para. 1 GDPR).
Please address any questions regarding data protection to us:
or to our postal address with the addition “Data protection”.
2. What sources and data do we use?
We process data that we receive from the business relationship with you. We receive the data directly from you, e.g. as part of a contract or order placement or in connection with an enquiry. Specifically, we process the following data:
- Master data from the contract documents (e.g. name, address and contact data, bank details)
- Data in connection with the execution of the contract (e.g. subject matter of contract, delivery address, method of payment)
- Correspondence (e.g. correspondence with you), advertising and sales data (e.g. for potentially interesting products)
In addition, when you visit our website www.torwesten-spedition.de or use our contact form, personal data is stored at least temporarily.
3. What do we process your data for (purpose of processing) and on what legal basis?
In the following, we will inform you for what purpose and on what legal basis we process your data:
3.1 Fulfilment of contractual obligations (Art. 6 para. 1 b GDPR)
We process your data for the execution of our contracts with you, i.e. in particular for the execution of your orders. The purposes of the data processing depend in detail on the requested service.
Beer is our business. We transport it in compliance with all brewery standards. The tankers are cleaned after each transport.
As soon as we receive a request from you, we create a process about it. The delivery/transport quantities and destinations are decisive for pricing. Once the order has been placed, transport documents are drawn up from which, in addition to the delivery quantity and destination, the persons involved are also derived. The signed transport documents are taken to the activity for settlement. Incoming payments are posted to the invoices. The entire process is first carried out on paper and later archived via a merchandise management system.
All processes are related to the processing of the order and serve exclusively for the documentation required under commercial law.
3.2 As part of the balancing of interests (Art. 6 para. 1 f GDPR).
We may also use your data on the basis of a weighing of interests to protect the legitimate interests of us or third parties. This is done for the following purposes:
- Supporting our employees in customer consulting and support as well as in sales and marketing
- General business management and further development of our services
- Assertion of legal claims and defence in legal disputes
- Ensuring IT security and IT operations
- Integration of trade credit insurers and their information to determine creditworthiness or default risks
Our interest in processing is of an economic nature (efficient performance of tasks, distribution, avoidance of legal risks). As far as the concrete purpose permits, we process your data pseudonymised.
3.3 On the basis of your consent (Art. 6 para. 1 a GDPR)
If you have given us your consent to the processing of personal data, the respective consent is the legal basis for the use stated there (e.g. direct debit authorization, etc.). You can revoke your consent at any time with effect for the future. This also applies to declarations of consent which you may have given us prior to the application of the GDPR. This also applies to consents which you have given us in connection with filling out the contact form – or which are in connection with payment transactions.
3.4 Based on legal requirements (Art. 6 para. 1 c GDPR)
We are subject to various legal obligations, i.e. legal requirements (e.g. commercial code, tax laws). The tax office has the right to audit. The business transactions can be viewed as part of these checks. We also provide tax and legal advice. The data may also become relevant in this context.
4. Who gets my data?
A passing on of your data takes place only, as far as a legal basis permits this. Within our company, those departments receive your data that need it to fulfil our contractual and legal obligations or to fulfil their respective tasks.
- Public bodies and institutions (e.g. tax authorities) in the event of a legal or official obligation, and
- Other bodies for which you have given us your consent for data transmission (e.g. payment transactions, commercial credit inquiries, creditworthiness checks pp.)
- The driver, supplier and consignee of the beer, which result from the transport documents and which are at least signed for the documentation of the professional delivery.
5. How long will my data be stored?
If necessary, we process your personal data for the duration of our business relationship, which also includes the initiation and execution of a contract. In addition, we are subject to various storage and documentation obligations, including those arising from the German Commercial Code (Handelsgesetzbuch) and the Tax Code (Abgabenordnung). The time limits for storage and documentation specified there are between two and ten years.
Finally, the storage period is also assessed on the basis of the statutory limitation periods, which, for example, are laid down in §§ 195 et seq. of the German Civil Code. BGB can generally be three years, but in certain cases up to 30 years.
6. Are data transferred to a third country or to an international organisation?
We will only transfer your data to countries outside the European Economic Area if this is necessary or legally required for the execution of your orders or if you have given us your consent.
7. What other data is processed when I visit our website?
When using our Internet pages, we process your personal data for various purposes, depending on whether you use our Internet pages for information purposes only or contact us.
7.1 Informational visit to the website
Our website is primarily intended for information purposes only. In the case of purely informational use, i.e. if you do not send us any information via our online contact forms, we first collect – for technical reasons – such personal data that your browser transmits to our server. When you access our website email@example.com, the browser used on your terminal device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file. An evaluation of the data, except in anonymous form for statistical purposes, does not take place.
The following data is collected and stored when you access our website:
- Date and time of retrieval
- Access status/http status code, IP address of the requesting computer, website from which the access is made (referrer URL)
- Browser used and, if applicable, the operating system of your computer as well as the name of your asses provider.
The data mentioned are processed by us for the purpose of ensuring a smooth connection to our website as well as a comfortable use of this. The data is also used to guarantee and evaluate the technical security and stability of our systems. Any further processing of this data will not take place. In particular, there is no comparison with other data statuses.
The legal basis for the processing is Art. 6 para. 1 sentence 1f GDPR or § 15 para. 1 sentence 1 German Telemedia Act (TMG). Our legitimate interest lies in guaranteeing the technical security and stability of our systems.
The aforementioned information is stored for security reasons (e.g. to clarify acts of abuse or attacks on our web server) for a maximum period of 7 days and then deleted. Data, the further storage of which is necessary for evidence purposes, are excluded from deletion until the respective incident has been finally clarified.
The personal data collected when you visit our website will not be passed on to third parties or other parties.
7.2 Use of our contact form
Via our website you have the possibility to contact us via the contact form provided there or via the e-mail address given in the imprint. When you contact us via the contact form by e-mail, personal data will be collected from you. This includes
- Your name
- Your address
- Your phone number
- Your email address
- Further information about your inquiry
The separately marked data fields are mandatory information (name and e-mail address), which we need to answer and process your request. Failure to provide this information means that you will not be able to send us an enquiry via the contact form. At the same time, by using a button, you declare that you agree to the use of your personal data to process the request.
The personal data provided by you via the contact form or by e-mail will only be collected and processed by us if this is necessary for the processing, answering and settlement of your contact request. The legal basis for data processing is Art. 6 Para. 1 S. 1b GDPR, insofar as it concerns the initiation and, if necessary, execution of a contract. In all other respects, the legal basis is Art. 6 Para. 1 S. 1f GDPR; our legitimate interest lies in answering and processing your enquiry, for which the stored data is necessary.
Information is stored in the cookie, which results in each case in connection with the specifically used terminal device. This does not mean, however, that we will gain immediate knowledge of your identity.
In addition, we also use temporary cookies to optimise user-friendliness, which are stored on your terminal device for a specified period of time. If you visit our site again to use our services, it is automatically recognized that you were already with us and which inputs and settings you have made, so that you do not have to enter these again.
The data processed by cookies are necessary for the purposes mentioned to safeguard our legitimate interests and those of third parties in accordance with Art. 6 Para. 1 S. 1f GDPR.
Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. However, if you disable cookies completely, you may not be able to use all the features of our website.
9. Data Security
We use the SSL (Secure-Socket-Layer) method in conjunction with the highest level of encryption supported by your browser during your visit to our website. As a rule, this is a 256 BIT encryption. If your browser does not support 256 BIT encryption, we use 128 BIT v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.
We also use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
10. What other data protection rights do I have?
Under the respective legal conditions, you have the right to information (Art. 15 GDPR, § 34 BDSG) in the version valid as of 25.05.18 to correction (Art. 16 GDPR), deletion (Art. 17 GDPR; § 35 BDSG), restriction of processing (Art. 18 GDPR) and data transferability (Art. 20 GDPR). You also have the right to appeal to a data protection supervisory authority (Art. 77 GDPR, § 19 BDSG).
11. Am I obliged to provide data?
As part of our business relationship, you must only provide personal data that is necessary for the establishment, performance and termination of a business relationship or which we are legally obliged to collect. Without this data we will normally have to refuse to conclude a contract or execute an order or will no longer be able to execute an existing contract and may have to terminate it.
12. To what extent is there automated decision-making in individual cases?
As a matter of principle, we do not use automated decision-making pursuant to Art. 22 GDPR for the establishment and implementation of the business relationship.
13. To what extent is my data used for profile creation?
We do not process your data with the aim of evaluating certain personal aspects.
14. Which rights of objection do I have (Art. 21 GDPR)?
You have the right, for reasons arising from your particular situation, to object at any time to the processing of personal data concerning you on the basis of Art. 6 para. 1 f GDPR (data processing on the basis of a weighing of interests).
If you file an objection, we will no longer process your personal data unless we can prove that there are compelling reasons for the processing which outweigh your interests, rights and freedoms, or the processing serves the assertion, exercise or defence of legal claims.
15. Topicality and change of this data security explanation
This data protection declaration is currently valid and as of May 2018. As a result of the further development of our website and offers on it or due to changed legal or official requirements, it may be necessary to amend this data protection declaration. You can call up and print out the current data protection declaration at any time on the website at firstname.lastname@example.org