Privacy policy

This privacy policy provides information about the type, scope and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed of their rights by means of this privacy policy. The processing of personal data, such as the name, address or e-mail address of a data subject, is always carried out in accordance with the General Data Protection Regulation and in accordance with the country-specific data protection regulations applicable in Germany.

1. Terms and definitions used

“Personal data” means any information relating to an identified or identifiable natural person (hereinafter ‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g. cookie) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means. The term is broad and covers practically any handling of data.

“Pseudonymization” means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

“Processor”: a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

2. Responsible for data processing

The Responsivle within the meaning of the General Data Protection Regulation is:

Polhansa Shipping GmbH
Jungfernstieg 38
20354 Hamburg
Germany

Phone: +49 (40) 355 13 10

E-Mail: info@polhansa.de

3. Hosting service

This website is hosted by EDV-Servicepartner e.K., Hamburg, on servers of Strato AG, Berlin. There are corresponding contracts for order processing with EDV Systempartner UG and subcontract processing with Strato AG.

4. Technical implementation and cookies

This website is based on WordPress, themes (website design) and plug-ins (extensions). This website partly uses cookies. These are text files that are placed and stored on a computer system via an internet browser.

Numerous websites and servers use cookies. Many cookies contain a so-called cookie ID; this is a unique identifier of the cookie. It consists of a string of characters that can be used to assign websites and servers to the specific internet browser in which the cookie was stored. This enables the websites and servers visited to distinguish the individual browser of the data subject from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified via the unique cookie ID.

Through the use of cookies, we can provide the users of this website with more user-friendly services that would not be possible without the cookie setting.

By means of a cookie, the information and offers on our website can be optimized for the benefit of the user. As already mentioned, cookies enable us to recognize the users of our website. The purpose of this recognition is to make it easier for users to use our website. For example, the user of a website that uses cookies does not have to re-enter their access data each time they visit the website, as this is done by the website and the cookie stored on the user’s computer system.

This website uses the “Real Cookie Banner” consent tool to manage the cookies used and similar technologies (tracking pixels, web beacons, etc.) and related consents. Details on how “Real Cookie Banner” works can be found at: https://devowl.io/de/rcb/datenverarbeitung/

The legal basis for the processing of personal data in this context is Art. 6 para. 1 lit. c GDPR and Art. 6 para. 1 lit. f GDPR. Our legitimate interest within the meaning of Art. 6 GDPR is the management of the cookies and similar technologies used and the related consents.

The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. The data subject is not obliged to provide the personal data. If they do not provide the personal data, we will not be able to manage their consent.

The data subject can also prevent the setting of cookies by our website at any time by means of a corresponding setting of the Internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common Internet browsers. If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of our website may be fully usable.

5. Collection of general data and information

This website collects a series of general data and information each time the website is accessed by a data subject or an automated system. This general data and information is stored in the server log files. The (1) browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system accesses our website (so-called referrer), (4) the sub-websites which are accessed via an accessing system on our website can be recorded, (5) the date and time of access to the website, (6) an internet protocol address (IP address), (7) the internet service provider of the accessing system and (8) other similar data and information used for security purposes in the event of attacks on our information technology systems.

When using this general data and information, we do not draw any conclusions about the data subject. Rather, this information is required to (1) correctly deliver the contents of our website, (2) optimize the contents of our website and the advertising for it, (3) ensure the long-term functionality of our information technology systems and the technology of our website and (4) provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack. This anonymously collected data and information is therefore evaluated by us both statistically and with the aim of increasing data protection and data security in our company in order to ultimately ensure an optimal level of protection for the personal data processed by us. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.

6. Entering data on our website

The data subject has the option of entering personal data on the controller’s website. Which personal data is transmitted to the controller is determined by the respective input mask used. The personal data entered by the data subject is collected and stored exclusively for internal use by the controller and for the controller’s own contractual purposes. The controller may arrange for the data to be passed on to one or more processors, such as a web host, who will also use the personal data exclusively for internal use attributable to the controller.

Through the aforementioned entries on the website of the controller, the IP address assigned by the Internet service provider (ISP) of the data subject, the date and the time of the entries may also be stored. In addition to the purposes of contract performance, this data is also stored against the background that this is the only way to prevent misuse of our services and, if necessary, to enable criminal offenses to be investigated. In this respect, the storage of this data is also necessary to safeguard the controller. This data is not passed on to third parties unless there is a legal obligation to pass it on or the passing on serves the purpose of criminal prosecution.

The data subject’s voluntary provision of personal data serves to fulfill the contractual relationship between the controller and the data subject, in particular the contractual relationship with customers. The data subject is free to change the personal data provided during registration at any time or to have it completely deleted from the controller’s database, provided that this does not conflict with any contractual obligations.

The controller shall provide any data subject at any time upon request with information about which personal data is stored about the data subject. Furthermore, the controller shall rectify or erase personal data at the request or indication of the data subject, insofar as this does not conflict with any statutory retention obligations.

7. Contact option via the website

Due to legal regulations, our website contains information that enables quick electronic contact to our company and direct communication with us, which also includes a general address for so-called electronic mail (e-mail address). If a data subject contacts the controller by email or via a contact form, the personal data transmitted by the data subject will be stored automatically. Such personal data transmitted on a voluntary basis by a data subject to the controller are stored for the purposes of processing or contacting the data subject. This personal data is not passed on to third parties.

8. SSL encryption

This website uses SSL or TSL encryption to protect your transmitted data in the best possible way. You can recognize such encrypted connections by the prefix “https://” in the page link in the address bar of your browser. Unencrypted pages are marked with “http://”. Thanks to SSL encryption, none of the data you transmit to this website – for example when making inquiries or logging in – can be read by third parties.

9. Administration, financial accounting, contact management

We process data as part of administrative tasks and the organization of our business, financial accounting and compliance with legal obligations, such as archiving. In doing so, we process the same data that we process as part of the provision of our contractual services. The processing bases are Art. 6 para. 1 lit. c. GDPR, Art. 6 para. 1 lit. f. GDPR. Customers, interested parties, business partners and website visitors may be affected by the processing. The purpose and our interest in the processing lies in the administration, financial accounting, archiving of data, i.e. tasks that serve to maintain our business activities, perform our tasks and provide our services. The deletion of data with regard to contractual services and contractual communication corresponds to the information specified in these processing activities.

We may transmit data to the tax authorities, consultants such as tax advisors or auditors as well as other fee offices and payment service providers.

We also store information on suppliers, event organizers and other business partners on the basis of our business interests, e.g. for the purpose of contacting them at a later date. We generally store this mainly company-related data permanently.

10. Google Analytics

On the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR), this website uses Google Analytics, a web analysis service provided by Google LLC (“Google”). GDPR) Google Analytics, a web analysis service of Google LLC (“Google”). Google uses cookies. The information generated by the cookie about the use of the online offer by the user is usually transmitted to a Google server in the USA and stored there.

Google is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports on the activities within this online offer and to provide us with further services associated with the use of this online offer and the use of the Internet. Pseudonymous user profiles can be created from the processed data.

We only use Google Analytics with activated IP anonymization. This means that the IP address of users is truncated by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there.

The IP address transmitted by the user’s browser will not be merged with other Google data. Users can prevent the storage of cookies by setting their browser software accordingly; users can also prevent Google from collecting the data generated by the cookie and relating to their use of the online offer and from processing this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

Further information on the use of data by Google, setting and objection options, can be found in Google’s privacy policy (https://policies.google.com/technologies/ads) and in the settings for the display of advertisements by Google (https://adssettings.google.com/authenticated).

Users’ personal data is deleted or anonymized after 14 months.

11. Google Fonts Local

This website uses “Google Fonts” from Google Inc. The company responsible for the European territory is Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland). Our website only integrates the Google fonts locally, i.e. on our web server – not on Google’s servers. This means that there is no connection to Google servers and therefore no data transfer or storage.

Google Fonts is an interactive directory that contains over 800 fonts provided free of charge by Google. It would be possible to use fonts with the help of Google Fonts in such a way that they are not uploaded to your own server. However, in order to prevent any transfer of information to Google servers in this regard, we have downloaded the fonts to our server. In this way, we act in compliance with data protection regulations and do not forward any data to Google Fonts.

We use Google Fonts for optimization purposes, primarily to improve the use of our website for you and to make its design more user-friendly.

You can find more information about Google Fonts at: https://developers.google.com/fonts/faq?hl=de.

12. Google Maps

This website uses Google Maps to display our location and to provide directions. This is a service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereinafter referred to as “Google”. Through certification in accordance with the EU-US Privacy Shield https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active, Google guarantees that the data protection requirements of the EU are also complied with when processing data in the USA. In order to enable the display of certain fonts on our website, a connection to the Google server in the USA is established when our website is accessed. If you call up the Google Maps component integrated into our website, Google stores a cookie on your end device via your Internet browser. Your user settings and data are processed in order to display our location and create directions. We cannot rule out the possibility that Google uses servers in the USA. The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in optimizing the functionality of our website. The connection to Google established in this way enables Google to determine from which website your request has been sent and to which IP address the directions are to be transmitted. If you do not agree to this processing, you have the option of preventing the installation of cookies by making the appropriate settings in your Internet browser. Details on this can be found above under “Cookies”. In addition, the use of Google Maps and the information obtained via Google Maps is governed by the Google Terms of Use https://policies.google.com/terms?gl=DE&hl=de and the Terms and Conditions for Google Maps https://www.google.com/intl/de_de/help/terms_maps.html.

In addition, Google offers further information at https://adssettings.google.com/authenticated https://policies.google.com/privacy.

13. Social Media Plugins

a) Facebook

This website uses social media functions from Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA. You can share content on the Facebook social network using the Facebook Like buttons integrated on this website. The legal basis for the processing of the data is Art. 6 para. 1 subpara. 1 letter f) GDPR the legitimate interest in optimizing the website offer. When a page with an integrated Facebook Like button is accessed, a connection is always established between the browser used and the Facebook servers. In order to prevent this immediate connection, this website uses a solution in which this transmission only takes place when the Facebook Like button is clicked. Data is only transmitted to Facebook when the Facebook Like button is clicked a second time. If you have a Facebook account, this data can be linked to it. If you do not wish this data to be linked to your Facebook account, please log out of Facebook before visiting our site and delete the cookies in your browser. Facebook has submitted to the “Privacy Shield” data protection agreement between the USA and the EU.

You can find out more about Facebook’s data protection at https://de-de.facebook.com/privacy/explanation.

b) Instagram

This website uses social media functions from Instagram, which is operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”). The plugins are marked with an Instagram logo, for example in the form of an “Instagram camera”. When a page containing such a plugin is accessed, the browser used establishes a direct connection to the Instagram servers. The content of the plugin is transmitted by Instagram directly to the browser and integrated into the page. Through this integration, Instagram receives the information that the browser has accessed the corresponding page of our website, even if you do not have an Instagram profile or are not currently logged in to Instagram. This information (including your IP address) is transmitted directly from your browser to an Instagram server in the USA and stored there. If you are logged in to Instagram, Instagram can directly associate your visit to our website with your Instagram account. If you interact with the plugins, for example by clicking the “Instagram” button, this information is also transmitted directly to an Instagram server and stored there. The information is also published on your Instagram account and displayed there to your contacts. If you do not want Instagram to assign the data collected via our website directly to your Instagram account, you must log out of Instagram before visiting our website. You can find more information on this in Instagram’s privacy policy: https://instagram.com/about/legal/privacy/.

c) LinkedIn

This website uses social media functions of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA.

Each time one of our pages containing LinkedIn functions is accessed, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited our website with your IP address. If you click on the LinkedIn “Recommend” button and are logged into your LinkedIn account, LinkedIn is able to associate your visit to our website with you and your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by LinkedIn.

Further information on this can be found in LinkedIn’s privacy policy at: https://www.linkedin.com/legal/privacy-policy.

14. Routine erasure and blocking of personal data

The controller shall process and store the personal data of the data subject only for the period necessary to achieve the purpose of storage, or as far as this is granted by the European legislator or other legislators in laws or regulations to which the controller is subject to.

If the storage purpose no longer applies or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data is routinely blocked or erased in accordance with the statutory provisions.

15. Rights of the person concerned

Right to information:

You have the right to request confirmation as to whether the data in question is being processed and to request information about this data as well as further information and a copy of the data in accordance with Art. 15 GDPR.

Right to rectification:

You have in accordance with. Art. 16 GDPR, you have the right to request the completion of data concerning you or the rectification of inaccurate data concerning you.

Right to erasure:

In accordance with Art. 17 GDPR, you have the right to demand that the data in question be deleted immediately or, alternatively, to demand that the processing of the data be restricted in accordance with Art. 18 GDPR.

Right to data portability:

You have the right to request to receive the data concerning you that you have provided to us in accordance with Art. 20 GDPR and to request its transmission to other controllers.

Right to lodge a complaint:

In accordance with Art. 77 GDPR, you also have the right to lodge a complaint with the competent supervisory authority.

Right to object:

You can object to the future processing of data concerning you in accordance with Art. 21 GDPR at any time. In particular, you may object to processing for direct marketing purposes.

16. Legal basis of the processing

Art. 6 I lit. a GDPR serves our company as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is party, as is the case, for example, with processing operations that are necessary for the provision of a contractual service or consideration (see Section 5 (3)), the processing is based on Art. 6 I lit. b GDPR. The same applies to such processing operations that are necessary to carry out pre-contractual measures, for example in cases of inquiries about our services. If our company is subject to a legal obligation that requires the processing of personal data, such as for the fulfillment of tax obligations, the processing is based on Art. 6 I lit. c GDPR. Ultimately, processing operations could be based on Art. 6 I lit. f GDPR. Processing operations that are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to safeguard a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject do not prevail. We are permitted to carry out such processing operations in particular because they have been specifically mentioned by the European legislator. In this respect, it took the view that a legitimate interest could be assumed if the data subject is a customer of the controller (Recital 47 Sentence 2 GDPR). If the processing of personal data is based on Article 6 I lit. f GDPR, our legitimate interest is the performance of our business activities for the benefit of our company and our customers.

17. Legal or contractual regulations for the provision of personal data; necessity for the conclusion of the contract

We inform you that the provision of personal data is partly required by law (e.g. tax regulations) or may also result from contractual regulations (e.g. information on the contractual partner). Sometimes it may be necessary for a contract to be concluded for a data subject to provide us with personal data that must subsequently be processed by us. For example, the data subject is obliged to provide us with personal data if our company concludes a contract with them. Failure to provide the personal data would mean that the contract with the data subject could not be concluded.

18. Duration for which the personal data is stored

The criterion for the duration of the storage of personal data is the respective statutory retention period. Once this period has expired, the corresponding data is routinely deleted, provided it is no longer required to fulfill or initiate a contract.

19. Objection to advertising mails

We hereby expressly object to the use of contact data published in the context of the imprint obligation to send unsolicited advertising and information material. The website operator expressly reserves the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.

20. Existence of automated decision-making

As a responsible company, we do not use automated decision-making or profiling.