Privacy Protection

Privacy Protection

Dear Visitors to our Internet Portal,

In order to make your visit to our webpages safe and enjoyable, we would like to inform you how we handle your data.

Data Protection Notice Pursuant to Art. 13 and 21 GDPR

Data Controller

Niedersachsen Ports GmbH & Co. KG, Hindenburgstraße 26-30, 26122 Oldenburg, Germany, is responsible for the collection and processing of data. 
We generally only collect data required by law. 
The specification of data such as phone number and e-mail address is voluntary. There are no negative consequences for not providing these data. Not furnishing these data may however result in subsequent communication being delayed or encumbered.

 

What is the Legal Basis on Which Niedersachsen Ports is Processing the Data?

 

  • Data Processing for the Fulfillment of Contracts:
    We process the collected data pursuant to art. 6 para. 1 letter b GDPR for the fulfillment of contracts. This also includes the associated customer support, contacting, and support of interests.
    If necessary, personal data will be passed to the companies participating in the execution of this agreement.
    The data required for the fulfillment of a contract are stored for the duration of the business relationship and are deleted no later than six months after the end or the termination of such contract. The data will not be deleted if there are accounts receivables still outstanding after the end or termination of the contract that must be recovered. If statutory retention periods exist, the affected data are archived for the duration of these periods.
  • Data Processing on the Basis of Consent
    If you have given separate consent, a corresponding processing of data will occur on the basis of art. 6 para. 1, letter a GDPR. You may withdraw your consent at any time without any effect on the legality of previously performed processing. If the consent is withdrawn, we will seize to process the corresponding data. You have the right to object to the data processing. For further details, please see the item "Rights of a Data Subject". 

 

Whom Does Niedersachsen Ports Transfer the Data to?

We only transfer your data to third parties as long as a statutory privacy entitlement exists to do so (e.g. pursuant to the above-mentioned legislation).
We may also disseminate your data to external service providers (such as IT service providers), who are assisting us in the processing of data in the context of subcontracted processing. These service providers are strictly bound by our instructions. 
We will neither sell your personal data to third parties nor market them in any other way.

 

What are Your Rights as a Data Subject?

Data subjects have the right to obtain from the Data Controller information about the personal data concerning them and the right to correction of incorrect data, or their deletion if one of the reasons named in art. 17 GDPR applies, for example, if the data are no longer needed for the pursued purposes. There is also the right to restrict the processing, if one of the prerequisites named in art. 18 GDPR applies and in instances, where the right to data portability pursuant to art. 20 GDPR applies. If data are collected based on art. 6, para. 1, letter e (processing of data to comply with regulatory tasks or to protect the public interest), or letter f (data processing for the protection of legitimate interests), the data subject has the right, for reasons arising from their specific situation, to object to the processing of such data at any time. At that point, we will seize to process those personal data, unless there are provable compelling reasons for the processing that need to be protected and that outweigh the interests, rights and freedoms of the data subject, or if the processing is performed to assert, exercise or defend legal claims.

 

The Right to Appeal to a Regulatory Authority

Each data subject has the right to appeal to a regulatory authority if they think that the processing of the data concerning them violates privacy law. The right to appeal may be asserted in particular towards a regulatory authority in the Member State of residence of the data subject or at the location of the alleged infringement. 

The competent regulatory authority for Niedersachsen is:

 

Denis Lehmkemper
Der Landesbeauftragte für den Datenschutz Niedersachsen
Prinzenstraße 5
30159 Hannover

T    0511-120 4500
F    0511-120 4599
poststelle@lfd.niedersachsen.de

 

Notice of Right of Objection

If data are collected on the basis of art. 6 para. 1, letter e (processing of data to comply with regulatory tasks or to protect the public interest) or Letter f (processing of data for the protection of legitimate interests), you have the right, for reasons arising from your specific situation, to object to the processing of such data at any time. At that point, we will seize to process those personal data, unless there are provable compelling reasons for the processing that need to be protected and that outweigh the interests, rights and freedoms of the data subject, or if the processing is performed to assert, exercise or defend legal claims. If possible, kindly address your objection to: dbleckmann@datenschutz-nord.de. 

For questions concerning the topic of data protection (privacy), please do not hesitate to contact our Data Protection Officer:

Dominik Bleckmann
Datenschutz Nord GmbH        
Konsul-Smidt-Straße 88           
28217 Bremen                 

T   0421 696632349
F   0421 696632 11
dbleckmann@datenschutz-nord.de
www.datenschutz-nord-gruppe.de

We appreciate your visit on our web pages. Below we would like to inform you about the handling of your data pursuant to art. 13 General Data Protection Regulation (GDPR).

Data Controller
Niedersachsen Ports GmbH & Co. KG, Hindenburgstraße 26-30, 26122 Oldenburg, Germany, is responsible for the collection and processing of data.

Storage of the IP address
We save the IP address transmitted from your web browser strictly for the purpose for which it is intended for a period of seven days with the interest of recognizing, quarantining and remove attacks on our web pages. After this period has expired, we will delete or anonymize the IP address. Legal basis is art. 6 para 1, letter f GDPR.

Usage Data
When you visit our web pages, our web server makes a temporary record of so-called usage data saved as a log for statistical purposes to improve the quality of our web pages. This set of data consists of

  • the page from which the file was requested,
  • the name of the file,
  • date and time of the request,
  • the data quantity transferred,
  • the access status (file transferred, file not found),
  • the description of the type of web browser used,
  • the IP address of the requesting computer, which is truncated so that an identification and reference to a person can no longer be recovered.

The aforementioned log data will only be stored as anonymized data.

 

1. Data Security

In order to protect your data against unauthorized access as comprehensively as possible, we take technical and organizational measures. On our pages we rely on an encryption process. Your information is transferred from your computer to our server and vice versa via the Internet using a TLS encryption. You can tell this by the fact that the lock icon in the status bar of your browser is closed and the address bar begins with https://.

 

2. Data Transfer to Third Parties

Within the context of subcontracted processing pursuant to art. 28 GDPR, we transfer your data to service providers who assist us in operating our websites (e.g. hosting) and related processes. Our service providers are strictly bound by our instructions and have signed corresponding contracts they must abide by. 

Data Transfer to Third Countries

Sometimes we forward personal data to a third country outside the EU. If we use providers in unsafe third countries and you give your consent, the transfer to an unsafe third country will be based on art. 49 para. 1 letter a GDPR. You can revoke your consent at any time. Please follow this link and make the appropriate settings via our banner.

 

3. Cookies

We use cookies on our websites. Cookies are small text files that are stored on your device and can be dumped. A distinction is made between session cookies that are deleted as soon as you close your browser and permanent cookies that are stored beyond the individual session. Cookies may contain data that make a recognition of the utilized device possible. Sometimes, cookies may just contain information about certain settings that cannot be traced back to the individual user. 

On our websites, we use session cookies. The processing is performed based on art. 6 para. 1 letter f GDPR and with the emphasis on optimizing and/or enabling user guidance and adjusting the display of our website.

You can set up your browser to let you know, when cookies are placed. This makes the use of cookies transparent for you. In addition, you can also delete cookies and prevent the placement of new cookies at any time via the corresponding browser setting. Please note that after those tweaks, our web pages may not be displayed properly and that it may be technically impossible to have some of the functions at your disposal.

 

4. Embedded Videos 

We embed videos on our web pages that are not stored on our servers. In order for an access of our web pages with embedded videos not to result in contents of the third-party provider to load automatically, we only show locally stored preview thumbnail pictures of the videos as a first step. This means that the third-party provider cannot obtain any information.

Only after you click on the preview thumbnail, the contents of the third-party provider are loaded. This allows the third-party provider to receive the information that you have launched our site and the technically required usage data within this context. This also enables the third-party provider to implement tracking technologies. We cannot influence the further data processing by the third-party provider. By clicking the preview thumbnail, you give us permission to load contents of the third-party provider. 

The embedding occurs based on your consent, if you have given your consent by clicking on the preview thumbnail. Please note that embedding of many videos will result in your data being processed outside the EU or EEA, and in particular in the USA. There is a risk that government agencies may access the data for security and surveillance purposes without you being informed about it or being able to appeal. If we use providers in unsafe third countries and you consent, the transfer to an unsafe third country will be based on art. 49, para. 1, letter a of the GDPR.
 

Service ProviderMaximum Duration of StorageAdequate Privacy (Data Protection) LevelRevocation of Consent
Google (Youtube) Processing can also occur outside of the EU/EEA. Insufficient data protection level. The transfer occurs based upon article 49, para. 1, letter a of the GDPR.Once you click on a preview thumbnail, the contents of the third-party provider are immediately loaded. If you do not agree with such loading on other web pages, please refrain from clicking on the preview thumbnails again.

 

5. Tracking Tools

Matomo
To collect statistical data, we process your anonymized IP address using Matomo. For more information, please visit https://matomo.org/faq/general/how-is-the-visitor-config_id-processed.

 

6. Contact Form

You may get in touch with us via a web form. For you to be able to use our contact form, we require your name and your e-mail address. Feel free to share further information, but this is not required.
Legal basis for processing is art. 6, para. 1, letter f GDPR. Your data will only be processed to respond to your request. There will be no dissemination to third parties.

Online Job Applications

We process your personal data in accordance with the applicable data protection regulations based on Section 26 of the German Federal Data Protection Act (BDSG). We process the data you disclose to us in the context of your online application solely for candidate selection. Data processing for any other purpose does not occur.

The volume of data you transmit in connection with your online application is completely up to you. Online applications are electronically routed to our HR department and then processed as soon as possible. The data is encrypted during transfer.  Usually, we will forward applications to the respective head of a department in house. Beyond that, there will be no dissemination of your data. Your details will be treated confidentially within our company. If your application does not result in a hire, your documents will be deleted after 6 months.

 

7. Your Rights as a User

For the processing of your personal data, the GDPR affords you certain rights as a website user:

  1. Right to Information (Art. 15 GDPR):
    You have the right to demand confirmation as to whether or not personal data concerning you are being processed. If so, you have a right to be informed about these personal data and about any information detailed under art. 15 GDPR.
  2. Right to Correction and Deletion (Art. 16 and 17 GDPR):
    You have the right to demand immediate correction of incorrect personal data concerning you and to demand completion of incomplete personal data, if applicable.
    You also have the right to require that personal data concerning you will be deleted immediately, if one of the reasons detailed in art. 17 GDPR applies, e.g., if the data are no longer needed for the (initially) pursued purposes.
  3. Right to Limitation of Processing (Art. 18 GDPR): 
    You have the right to demand only limited processing, if one of the prerequisites listed in art. 18 GDPR is met, e.g. if you have objected against the processing - for the duration of a potentially needed verification.
  4. Right to Data Portability (Art. 20 GDPR):
    In certain cases that are detailed in art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, well-established and machine-readable format or to demand the transmission of these data to a third party.
  5. Right to Objection (Art. 21 GDPR):
    If data are collected on the basis of art. 6 para. 1 letter f (processing of data for the protection of legitimate interests), you have the right, for reasons arising from your specific situation, to object to the processing of such data at any time. At that point, we will seize to process those personal data, unless there are provable compelling reasons for the processing that need to be protected, which outweigh the interests, rights and freedoms of the data subject, or if the processing is performed to assert, exercise or defend legal claims.
  6. Right to Appeal to a Regulatory Authority
    Pursuant to art. 77 GDPR, you have the right to appeal to a regulatory authority if you think that the processing of the data concerning you violates privacy law. The right to appeal may be asserted in particular towards a regulatory authority in the Member State of your residence, your place of work, or at the location of the alleged infringement.

 

8. Contact Details Data Protection Officer

Our corporate data protection officer is available for information, or to take suggestions regarding privacy protection:

Dominik Bleckmann
Datenschutz Nord GmbH
Konsul-Smidt-Straße 88
28217 Bremen

T   0421 696632349
F   0421 696632 11
dbleckmann@datenschutz-nord.de
www.datenschutz-nord-gruppe.de

Information Pursuant to art. 13 General Data Protection Regulation for Job Applicants (in effect as of May 25, 2018)

Compliance with privacy laws and regulations is a high priority for our company. Below, we would like to inform you about how we collect your personal data:

 

Data Controller

The company you have applied to is responsible for the data collection and processing: Niedersachsen Ports GmbH & Co. KG, Hindenburgstraße 26-30, 26122 Oldenburg, Germany. 

 

Data Required by Niedersachsen Ports

During the job application process, we will process data we require from you within the context of the application. This data may consist of contact information and any other data in connection with the application process (curriculum vitae (CV), school report cards, qualifications, answers to questions, etc.).  The legal basis for this results from section 26 of the German Federal Data Protection Act.

 

Data Deletion

If no statutory retention period exists, the data will be deleted as soon as a storage is no longer required, or when the legitimate interest of the storage has expired. If the application does not result in a hire, this point in time is usually six months after completion of the application process. If you are not hired, but your application is still of interest to us, we will ask your permission to keep your application on hand for future vacancies. 

 

Confidential Treatment of Your Data

Naturally, we will treat your data confidentially and shall not forward them to third parties. We may retain service providers that are strictly bound by our instructions and may assist us in areas such as electronic data processing or in archiving and destroying of documents. With such providers, separate contracts for job processing have been concluded. 

 

Your Privacy Rights

As a data subject, you have the right of information about the personal data concerning you and you have the right to have incorrect data corrected, or the right to have data deleted, if one of the reasons named in art. 17 GDPR applies, for example, if the data are no longer needed for the pursued purposes. There is also the right to restrict the processing, if one of the prerequisites named in Art. 18 GDPR applies and in instances, where the right to data portability pursuant to Art. 20 GDPR applies. 

Each data subject has the right to appeal to a regulatory authority if they think that the processing of the data concerning them violates privacy law. The right to appeal may be asserted towards a regulatory authority in the Member State of residence or work of the data subject or at the location of the alleged infringement. 

 

Contact Details of the Regulatory Authority

Denis Lehmkemper
Der Landesbeauftragte für den Datenschutz Niedersachsen
Prinzenstraße 5
30159 Hannover
T: 0511-120 4500
F: 0511-120 4599
poststelle@lfd.niedersachsen.de

 

Our Data Protection Officer

You also have the right to contact our data protection officer at any time, who must maintain secrecy regarding your request. Our Data Protection Officer:

Dominik Bleckmann
Datenschutz Nord GmbH
Konsul-Smidt-Straße 88
28217 Bremen

T   0421 696632349
F   0421 696632 11
dbleckmann@datenschutz-nord.de
www.datenschutz-nord-gruppe.de

When you visit our social media sites, it may be necessary to process data relating to you. We would therefore like to inform you hereafter pursuant to Article 13 of the General Data Protection Regulation (GDPR) about the handling of your data and about your rights resulting from this.

Responsibility

We, Niedersachsen Port GmbH & Co. KG, are operating the following social media sites:

You can find our contact details in the Imprint.

In addition to us, each operator of the social platform is also responsible for the processing of your personal data. As far as we can influence this and parameterize the data processing, we work within the scope of the possibilities available to us toward the privacy-compliant handling by the operator of the social media platform. In connection with this, please also observe the privacy policies of each of the social media platforms.  

 

Social Plug-Ins

We enable you to use social plug-ins. For reasons of data protection, however, we only embed the social plug-ins used by us in deactivated form. Therefore, when you visit our websites, no data is transmitted to social media services.

However, you have the possibility to activate and use the social plug-ins embedded in our websites. To facilitate this, we use a solution that ensures that during a first step, any data and functions required to display the social plug-ins are made available from our web server.  Only when you decide to activate the respective social plug-in and click on the corresponding preview image or symbol, will your browser establish a connection to the servers of the operator of the respective social media service in a second step.

Once you activate a plug-in, the social media service will receive in particular your IP address and, among other things, and is made aware of your visit to our websites. This is done regardless of whether you have an account with the respective social media service. If you are logged in, the data can be directly associated with your social media profile.

Overall, we have no influence on whether and to what extent the respective social media service processes personal data after activation. However, it is likely that the social media service will use your data to create usage profiles and use them for the purpose of personalized advertising. In addition, your data will be used to inform other users of the social media service about your activities on our websites.

The embedding occurs based on your consent pursuant to art. 6 para. 1 p. 1 letter a GDPR, if you have given your consent by clicking on the preview image. Please note that embedding many social plugins will result in your data being processed outside the EU or EEA. In some countries, there is a risk that government agencies may access the data for security and surveillance purposes without you being informed about it or being able to appeal. If we use providers in unsafe third countries and you consent, the transfer to an unsafe third country will be based on art. 49 para. 1 letter a GDPR.

If you no longer wish the processing of your personal data by the activated social plug-ins, you can prevent future processing by no longer clicking on the preview image or symbol of the respective social plug-in.

 

Data Processing by Us

The data you enter on our social media pages, such as user names, comments, videos, images, likes, public messages, etc., are published by the social media platform and are never processed by us for any other purpose. We only reserve the right to delete content if this is necessary. We may share your content on our site if this is a feature of the social media platform and communicate with you through the social media platform.

If you submit a request to us on the social media platform, depending on the content, we may also refer to other, secure communication channels that guarantee confidentiality. For instance, you have the opportunity to send us your inquiries at any time to the address stated in the imprint or to info(at)nports.de. It is your own responsibility to choose the appropriate communication path.

The legal basis for the processing of your data is art. 6 para. 1 p. 1 letter f GDPR and art. 49 para.1 letter a. The data processing takes place in the legitimate interest of carrying out public relations work for our company and communicating with you.

Some social media platforms generate statistics based on usage data and information about your interaction with our social media site. We cannot influence or prevent the execution and provision of these statistics. However, we do not use optional statistics from the social media platform.

We process this information pursuant to art. 6 para. 1 p. 1 letter f GDPR in the legitimate interest to validate the utilization of our social media pages and to improve our content for target audiences.

We occasionally use Facebook to play targeted advertising.  

To do this, we use audience definitions provided to us by Facebook. We only use anonymous audience definitions - that is, we define characteristics based on general demographic information, behavior, interests and connections, for example. Facebook uses the latter to play suitable ads to its users. The legal basis for this is the consent that Facebook has obtained from its users. If you wish to recall this consent, please use the revocation options provided by Facebook, as Facebook is responsible for this processing. Occasionally, we or Facebook may also use publicly available data to define audiences. In that instance, the legal basis for this processing art. 6 para. 1 letter f GDPR, and art. 49 para. 1 letter a. Here, our legitimate interest is to define the audience as suitably as possible. For the definition of audiences, we never use sensitive categories of personal data that are included in art. 9 and 10 GDPR.

We do not use audience definition based on location data. We do not disseminate personal data with the operator of the social media platform within the scope of the audience definition.

Occasionally, we may use information about the visit to or interaction with other sites (so-called re-marketing) to define the audience. We also use cookies for this purpose. In these cases, however, we obtain the consent of the users on the respective other sites in advance via an authorization banner and inform about the data processing at this point. You can revoke this consent at any time by calling up the consent banner of the corresponding website again.

If you would like to object to a particular data processing, over which we have an influence, please do so using the contact data mentioned in the imprint.

 

Duration of Storage

We will delete your personal data if it is no longer necessary for the aforementioned processing purposes and if no legal obligations to store such data prevent deletion.

Data Processing by the Operator of the Social Media Platform

The operator of the social media platform uses web tracking methods. Web tracking may also occur regardless of whether or not you are registered with the social media platform.

We would therefore like to point out to you that it cannot be excluded that the provider of the social media platform will use your profile and behavioral data to evaluate your habits, personal relationships, preferences, etc. In this regard, we have no influence on the processing of your data by the provider of the social media platform, so that the use of the social media platform is at your own responsibility.

Further information on data processing by the provider of the social media platform, configuration options for the protection of your privacy, as well as further possibilities of objection and, if available and concluded, the agreement according to art. 26 GDPR can be found in the privacy statement of the provider:

 

Your Rights as a User

As a website user, you have the possibility to assert the following rights both vis-a-vis us and towards the provider of the social media platform, if the conditions are met:

Right to Information (Art. 15 GDPR):
You have the right to demand confirmation as to whether or not personal data concerning you are being processed. If so, you have a right to be informed about these personal data and about any information detailed under art. 15 GDPR.

Right to Correction and Deletion (Art. 16 and 17 GDPR):
You have the right to demand immediate correction of incorrect personal data concerning you and to demand completion of incomplete personal data, if applicable. 
You also have the right to require that personal data concerning you will be deleted immediately, if one of the reasons detailed in art. 17 GDPR applies, e.g., if the data are no longer needed for the (initially) pursued purposes.

Right to Limitation of Processing (Art. 18 GDPR):
You have the right to demand only limited processing, if one of the prerequisites listed in art. 18 GDPR is met, e.g. if you have objected against the processing - for the duration of a potentially needed verification.

Right to Data Portability (Art. 20 GDPR):
In certain cases that are detailed in art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, well-established and machine-readable format or to demand the transmission of these data to a third party.

Right to Objection (Art. 21 GDPR):
If data are processed on the basis of our legitimate interest pursuant to art. 6 para. 1 p. 1 letter f GDPR, you have the right, for reasons arising from your specific situation, to object to the processing of such data at any time. At that point, we will seize to process those personal data, unless there are provable compelling reasons for the processing that need to be protected, which outweigh your interests, rights and freedoms, or if the processing is performed to assert, exercise or defend legal claims.

If the data are processed on the basis of the legitimate interest for the purpose of direct advertising, you have your own right of objection, which you may assert at any time without giving reasons and whose exercise leads to the termination of the processing for the purpose of direct advertising. 

The Right to Appeal to a Regulatory Authority
You have the right to appeal to a regulatory authority pursuant to art. 77 GDPR, if you think that the processing of the data concerning you violates privacy law. The right to appeal may be asserted in particular towards a regulatory authority in the Member State of your residence, your place of work, or at the location of the alleged infringement.


Contact Details of Our Data Protection Officer

Our external data protection officer will be happy to provide you with information on the subject of privacy/data protection under the following contact details:

Dominik Bleckmann
Datenschutz Nord GmbH        
Konsul-Smidt-Straße 88           
28217 Bremen                

T   0421 696632349
F   0421 696632 11
dbleckmann@datenschutz-nord.de
www.datenschutz-nord-gruppe.de

When contacting our data protection officer, please also indicate the responsible body, which is mentioned in the imprint.