DB Schenker’s data protection principles
The personal privacy and security of the processing of your personal data are important to us. That is why we want to use this policy to tell you which personal data we collect, how and for what purpose we process the data and also what you can do if you have any questions or are not satisfied with our processing of your personal data.
Schenker AB (in this policy referred to as “DB Schenker” or “we”) are responsible for processing your personal data whenever it is DB Schenker collecting the data, e.g. if you order a shipment via our website or ask for a quote. In cases when we have received the data from another controller party (e.g. when you purchased a product from someone who hired DB Schenker to perform the transport or logistics service), that party is primarily responsible for the processing of these personal data. DB Schenker’s role is then to assist the controller party as a processor.
Processing of personal data
An item of personal data is any information which can be directly or indirectly attributed to a physically identifiable person (e.g. name, address, personal ID number, e-mail address, IP address and other identifiers). The collection and processing of personal data that we do is necessary to enable us to perform the services that DB Schenker offers. Personal data are only processed for the intended purposes, e.g. in order to deliver goods or parcels to a particular recipient or to ensure that no unauthorised person collects parcels.
For technical reasons, certain types of data have to be collected and stored when you visit our website, dbschenker.is. This includes the date, time of visit, the pages visited, the browser identifier and the operating system used. These data provide us with information about the number of visitors and how the website is used. The collection process is completely anonymous.
Apart from visits to the website, collection and processing of personal data are carried out:
Examples of items of personal data processed in these instances include name, address, telephone number, e-mail address, ID number and electronic identifiers.
Processing refers to e.g. the collection, reading, use, transfer and erasure of personal data.
Legal basis for processing
All processing of personal data takes place in accordance with applicable legislation, in the first instance the Swedish Personal Data Act (PuL), and from 25 May 2018 onwards the EU General Data Protection Regulation (GDPR)) 1. We process your personal data when we have a legal basis for such processing, e.g.:
By taking appropriate technical and organisational measures, DB Schenker is responsible for ensuring that your personal data are handled in a secure manner and protected from breaches, access, disclosure, loss or other unauthorised processing.
DB Schenker operates in accordance with current and applicable security standards.
We only collect, process and store the personal data necessary to fulfil our obligations.
Personal data kept up-to-date
Since our service to you depends on your personal data being accurate and up-to-date, please inform us of any relevant changes to your personal data. You can contact is.sm.haf.GDPR@dbschenker.com to notify us of the changes. If we come across any incorrect information, we will update it and inform you of this.
Storage period of personal data
The data are stored for the period agreed or decided in relation to the legislation and we ensure that personal data are erased when they are no longer needed for the intended purpose. The period is determined by the purpose and the legal basis for the processing; for this reason no general storage period applies to all processing.
Where required by law, DB Schenker will obtain consent before processing your personal data. You may withdraw your consent at any time by notifying us.
Communication of personal data to a third party
We pass on personal data to third parties whenever we use subcontractors or partners to fulfil the agreement we have with you or the party you purchased a product from and who have hired us to perform a transport or logistics service, and also whenever a breach is suspected and we are responsible for providing the authority with this information. To ensure that data are processed securely and solely to carry out the service ordered and the intended purpose, these third parties are bound by the corresponding statutory obligations that apply to DB Schenker. This is achieved by DB Schenker signing a so-called processor agreement with such a third party.
We only use data processors in the EU or in countries which can provide adequate protection for your data.
You are entitled, in line with what is laid down in applicable legislation, to obtain information about what data we hold on you and what we use the data for. You also have the right to request an update or have any data we hold on you corrected if it is inaccurate. In certain cases specified in the legislation, you also have the right to request that DB Schenker stop processing or erase the data, provided that there is no legitimate and lawful reason requiring us to retain the data. You may also contact us if your data have been processed contrary to legislation or other legal obligations. At the bottom of this text you will find information about how to contact us if you need to make such a request.
In the event that DB Schenker has received your personal data from another controller party, you should in the first instance contact the controller party (e.g. whoever you purchased or ordered a product from).
You are also able to submit a complaint directly to the relevant supervisory authority – in this case the Icelandic authority Persónuvernd.
When you request information about your data or to have your data corrected or erased, we will promptly process your request and carry it out to the extent this is feasible in accordance with other legislation and regulations.
If you have any questions, suggestions or comments about the information in this policy or any questions and suggestions regarding our processing of personal data, please feel free to contact us via the following channels:
Schenker AB útibú á Íslandi
This policy was last updated on 04/05/2018.
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) – also called GDPR
Cookies are small text files that make it possible to recognise your browser and collect information about which of our webpages have been visited. This is a function that DB Schenker uses to produce statistics on user visits, which are then used to improve our services. But no information that is directly linked to you as a person is collected.
Cookies can also be used to save your preferences when you return at a later date or time, making our services easier to use.
Sometimes cookies are used to provide visitors with relevant marketing, based on which of our webpages have been visited.
Cookies are either deleted immediately when you close your browser (session cookies) or are stored to make future visits easier (persistent cookies).
If you do not want cookies to be used or you want to delete existing ones, you can do this in your browser settings.
Web beacons are small, transparent image files that may be in e-mails that we send to you. These are used to track statistics on how many of our sent e-mails arrive, are opened and read. It is possible to opt out of this type of e-mail from us via instructions in these e-mails.
Cookies used on DB Schenker websites
Unifaun: Used to facilitate use of the service, personalise parts of the content and for visitor statistics.