Thursday January 16, 2025

Information on the collection and processing of your personal data

 

Care and transparency is the basis for a trusting cooperation with our customers. We therefore inform you about how we process your data and how you can exercise your rights under the General Data Protection Regulation (GDPR). Which personal data we process for what purpose depends on the respective contractual relationship.

 

1. Who is responsible for the processing?

The controller is:

CEP-Research GmbH  

Hugh-Greene-Weg 4 
D-22529 Hamburg 
Phone:  +49 40 380 879 - 20 
Fax: +49 40 38 0 879 - 77 
info@cep-research.com

Management: Mark Winkelmann

                              

2. How can I contact the data protection officer?

You can reach our data protection officer (DPO) as follows:

Dr. Klaus zu Hoene – intersoft consulting services AG

Data Protection Officer

Beim Strohhause 17, 20097 Hamburg

dataprotection@cep-research.com

 

3. Which personal data do we use?

If you have an enquiry, have us prepare an offer or conclude a contract with us, we will process your personal data. In addition, we process your personal data, among other things, to fulfil legal obligations, to protect a legitimate interest or on the basis of a consent given by you.

Depending on the legal basis, the categories of personal data are as follows:

  • Name, Surname
  • Company / Department / Job title
  • Business address
  • Business contact data (telephone, e-mail address)
  • Contract master data, especially contract number, duration, period of notice, type of contract
  • Invoice data
  • Account information, in particular registration and logins
  • Payment data / account data
  • Data on creditworthiness

In the course of contract initiation, we also use data provided to us by third parties. Depending on the type of contract, the following categories of personal data are involved:

  • Information on creditworthiness (via a credit agency)

 

4. From which sources does the data come?

We process personal data that we receive from our customers, service providers and our suppliers.

We also obtain your data from the following sources:

  • Credit agency
  • Publicly accessible sources: commercial or association registers
  • Other Group companies

 

5. For what purposes do we process your data and on what legal basis?

We process your personal data in particular in compliance with the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG) as well as all other relevant laws.

 

a. Data processing on the basis of a consent given by you (Art. 6 para. 1 lit. a GDPR)

If you have given us your voluntary consent to the collection, processing or transfer of certain personal data, then this consent forms the legal basis for the processing of this data.

 

In the following cases we process your personal data on the basis of your consent:

  • Sending an e-mail newsletter
  • Personalized newsletter tracking
  • Market research (e.g. customer satisfaction surveys)
  • Marketing and advertising of customer profiles
  • Publication of a customer reference (name and picture)

 

b. For the performance of a contract (Art. 6 para. 1 lit. b GDPR)

We use your personal data for the execution of the order/purchase contract/treatment contract/rental contract. Within this contractual relationship we will process your data in particular to carry out the following activities:

Contract-related contact, contract management, ongoing customer service, service center, warranty claims, receivables management, contract termination management.

Further information for the purposes of data processing can be found in the respective contract documents and general terms and conditions.

 

c.To fulfil legal obligations (Art. 6 para. 1 lit. c GDPR) or in the public interest (Art. 6 para. 1 lit. e GDPR)

As a company we are subject to various legal obligations. The processing of personal data may be necessary to fulfil these obligations.

  • Control and reporting obligations
  • Creditworthiness, age and identity checks
  • Prevention of criminal acts

 

d. On the basis of a legitimate interest of the controller (Art. 6 para. 1 lit. f GDPR)

In certain cases we process your data to protect our legitimate interests or that of third parties:

  • Direct advertising and opinion research
  • Central customer data management within the Group
  • Consultation and data exchange with credit agencies
  • To determine creditworthiness and default risks
  • Ensuring IT security and operation

 

6. To whom will your data be passed on?

In order to fulfil our contractual and legal obligations, we will pass on your data to different public and internal places, as well as external service providers.

Companies within the Group:

(ITA Consulting GmbH…)

External Service Providers:

  • IT service providers (e.g. maintenance service providers, hosting service providers)
  • Service provider for file and data destruction
  • Printing services
  • Telecommunications
  • Payment service providers
  • Consulting
  • Service Provider for Marketing or Sales
  • Credit agencies
  • Authorized dealers
  • Service provider for telephone support (Call-Center)
  • Web hosting service provider
  • Letter shops
  • Auditors and accountants

Public bodies and authorities:

Furthermore, we may also be obliged to transfer your data to other recipients, such as public authorities to fulfil legal notification obligations.

  • Tax authority
  • Customs
  • Social insurance agency

 

7. Will your data be transferred to countries outside the European Union (so-called third countries)?

Countries outside the European Union (and the European Economic Area "EEA") handle the protection of personal data differently from countries within the European Union. We also use service providers located in third countries outside the European Union to process your data. There is currently no decision by the EU Commission that these third countries generally offer an adequate level of protection.

We have therefore taken special measures to ensure that your data are processed in third countries as securely as within the European Union. We conclude the standard data protection clauses provided by the Commission of the European Union with service providers in third countries. These clauses provide appropriate guarantees for the protection of your data with service providers in third countries.

Our service providers in the USA are also certified according to the EU-US Privacy Shield Agreement.  

If you wish to review the existing guarantees, you can contact us at info@cep-research.com.  

 

8. For how long do we store your data?

We store your personal data for as long as necessary to fulfil legal and contractual obligations.

If the storage of your data is no longer necessary to fulfil the legal or contractual obligations, we will delete your data unless the transfer is necessary for one of the following purposes:

  • Fulfilment of commercial and tax storage obligations. Storage periods from the German Commercial Code (HGB) or the Tax Code (AO) are to be named. (…)
  • Preservation of evidence within the framework of the statutory limitation provisions. According to the statute of limitations of the German Civil Code (BGB), these statutes of limitations can in some cases be up to 30 years, the regular statute of limitations is three years.

 

9. What rights do you have in connection with the processing of your data?

Every data subject has the right of access under Article 15 GDPR, the right to rectification under Article 16 GDPR, the right to erasure under Article 17 GDPR, the right to restriction of processing under Article 18 GDPR, the right to object under Article 21 GDPR and the right to data portability under Article 20 GDPR.

 

a. Right to object

You can object to the use of your data for advertising purposes at any time without incurring any costs other than the transmission costs according to the basic rates.

 

  • What right do you have in the event of data processing for legitimate or public interest?

Pursuant to Art. 21 para. 1 GDPR, you have the right to object at any time to the processing of personal data concerning you on the basis of Art. 6 para.1 lit. e GDPR (data processing in the public interest) or Article 6 para.1 lit. f GDPR (data processing to protect a legitimate interest), this also applies to profiling based on this provision.

In the event of your objection, we will no longer process your personal data unless we can prove compelling grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

 

  • What right do you have in the event of data processing for direct marketing?

If we process your personal data for direct marketing purposes, you have the right pursuant to Art. 21 para. 2 GDPR to object at any time to the processing of personal data concerning you for the purpose of such advertising, this also applies to profiling insofar as it is associated with such direct marketing.

In the event of your objection to processing for direct marketing purposes, we will no longer process your personal data for these purposes.

 

b. Revocation of consent

You can revoke your consent to the processing of your personal data at any time. Please note that the revocation is only valid for the future.

                                                         

c. Right to information

You may request information as to whether we have stored personal data about you. If you wish, we will inform you of the data concerned, the purposes for which the data is processed, to whom this data is disclosed, how long the data is stored and what further rights you are entitled to with regard to this data.

 

d. Further rights

In addition, you have the right to have your data corrected or deleted. If there is no reason for further storage, we will delete your data, otherwise we will restrict processing. You may also request that we provide all personal information that you have provided to us in a structured, current and machine-readable format either to you or to a person or company of your choice.

 

In addition, there is a right to lodge a complaint to the responsible data protection supervisory authority (Art. 77 GDPR in conjunction with § 19 BDSG).

 

e. Assertion of your rights

To exercise your rights, you can contact the controller or the data protection officer using the contact details provided or the human resources department at info@cep-research.com. We will process your enquiries immediately and in accordance with legal requirements and inform you of the measures we have taken.

 

10. Is there an obligation to provide your personal data?

In order to enter into a business relationship, you must provide us with the personal data that is necessary for the execution of the contractual relationship or that we are required to collect by law. If you do not provide us with this data, it is not possible for us to carry out and process the contractual relationship.

 

11. How do we collect data on our website?

When someone visits our website we collect and process standard internet log information about your visit. The data is collected automatically by our IT systems and by cookies. Cookies are small text files that store Internet settings from the websites you visit. They are widely used to make website features work or operate more efficiently.

We use the following cookies:

  • JSESSIONID: This cookie is part of the Java Servlet technology. It is stored in memory and is used to identify the user session. It is valid for a session lifespan and It expires automatically at the end of the session.
  • cep_remember: Stores information needed to autologin a user with his/her username & password (voluntary opt-in functionality). It does not contain any IP or any additional information.
  • disable_ip_login_p: Contains a boolean value used by IP autologin procedure. It tells the server whether user does not want the server to perform IP autologin so they can be able to use regular login.

 

The data is collected only to ensure the proper functioning of the website.

 

12. Changes to this information

If the purpose or manner of processing your personal data changes significantly, we will update this information in time and inform you about the changes.

 

SUPPLIERS

ONOMOTION cycles into new ownership

UPS-branded ONOMOTION e-cargo bikes in Hamburg

German cargo bike start-up ONOMOTION is heading for new ownership to save its products and brand after being forced to declare insolvency at the start of this month.  read more

 

Myflexbox hits key network milestone and signs deals with DHL and Stasher

Jonathan Grothaus (myflexbox) with DHL's Ralf Schweighöfer (right)

Carrier agnostic parcel locker provider myflexbox has hit a key milestone with the roll out of its 400th parcel station in Germany, taking the total number of stations in its network to 1,000, while the company continues to expand thanks to new partnerships with DHL Express and luggage storage firm Stasher.  read more

 

Fortna signs strategic global deals with Packsize and Sitma

Packsize custom-sized packaging boxes

Logistics automation and software firm Fortna has announced new strategic partnerships with Packsize and Sitma, expanding the company’s ability to deliver end-of-line packaging solutions that improve efficiency, reduce costs, and promote sustainability for its customers.  read more

 

KEBA wins GLS contract for European parcel locker expansion

(from left) Johan Holstein (GLS), Cesar Lapuerta (KEBA), Sheila Sastre (GLS), Robert Zehetner (KEBA)

Global automation solutions provider KEBA has announced a new strategic partnership with European parcel service provider GLS Group, which will see the roll out of “future-proof” parcel lockers across Europe from December 2024.  read more

 

Posten Bring and SwipBox extend lockers partnership across Scandinavia

Courier fills Bring parcel locker

The new agreement with Danish parcel lockers company will strengthen Posten Bring’s presence in Scandinavia, bringing convenient parcel lockers closer to customers in all three countries.  read more

 

Quadient and Decathlon expand parcel locker partnership in France

A Quadient Decathlon locker in France

Global parcel locker firm Quadient has announced the expansion of its long-term partnership with multi-specialist sports brand Decathlon, with nearly 150 lockers added to the retailer’s stores over the past 12 months.  read more

 

Escher technology powers Austrian Post branch network

Austrian Post retail branch in Vienna

Postal technology specialist Escher Group has signed a new deal with Austrian Post, which will see the company’s next-generation Omnichannel Retail Platform used to power the operator’s post office network.  read more

 

Vanderlande buys Siemens Logistics’ airport business for €300 million

Vanderlande has signed an agreement to buy Siemens Logistics’ airport firm for €300 million – a deal which will bring together two rival businesses to create a new powerhouse in airport logistics automation.  read more

 

Vanderlande secures DHL Group contract and triumphs at industry awards

 

Descartes Systems Group acquires Sellercloud for US$110m

Canadian logistics software firm Descartes Systems Group has announced the acquisition of inventory and order management platform Sellercloud for US$110 million to meet customer demand for solutions that support the full lifecycle of domestic and cross-border e-commerce shipments.  read more

 

Bloq.it software to power Locker Italia open parcel locker network

 

More Supplier News:

parcelLab and Metapack partner for seamless retail deliveries

Quadient to roll out lockers at 50 railway stations across northern England

Planzer and LOXO roll out joint AV pilot project in Bern, Switzerland

Fortna develops automated storage solution for Reuter in Germany

Vanderlande to supply automated fulfilment solution to Kappahl Group

Körber brings in Carrybots and wins Beiersdorf contract

Vanderlande delivers robot technology to DHL

ShipEngine launches ShipEngine for Platforms in the UK

Quadient expands UK parcel locker network to East of England Co-op stores

Körber extends software offering with MercuryGate acquisition

Blue Yonder speeds up with acquisitions and new contracts

Cartken raises $22.5m to develop autonomous delivery robots

Events
Product Showcase
EXPERT ANALYSIS

European CEP Market trends 2023-2024

Philippe Masquelier (pictured), managing director of Effigy Consulting, examines the main developments in the European Courier, Express and Parcel (CEP) market and among carriers, based on the specialist market research company’s latest European CEP Market Report.  read more

PODCASTS

Listen to insights from senior executives in our series of audio interviews, published in cooperation with our content partner The Postal Hub Podcast,

          +++++

Delivery technology and out-of-home delivery

          +++++

Electrifying Falkenklev Logistik's delivery fleet

          +++++

Archive: click here for more Podcasts

PEOPLE
FEEDBACK

Please send your feedback to:

info@cep-research.com.