At HARPAIN SHIPPING GMBH, ABC-Straße 15, 20354 Hamburg, („Harpain“), we respect your privacy. The protection of your personal data (such as your name, email address or telephone number) is therefore of particular importance to us. Our data protection practice complies with the provisions of the General Data Protection Regulations (GDPR) of the European Union as well as with additional legal requirements.
The “controller” within the meaning of the General Data Protection Regulations (GDPR) and of other national data protection and privacy laws of the EU Member States as well as other data protection provisions is:
The data protection officer for the aforementioned is:
Mr. Henrik Harpain
We value your trust. Should you have any questions regarding the collecting, processing or use of your personal data, in the case of revocation of consent, information, correction, blocking or deletion of data, please contact:
HARPAIN SHIPPING GMBH, ABC-Straße 15, 20354 Hamburg
1. Scope of the processing of personal data
As a matter of principle, we only collect and use the personal data of our users as much as is necessary to provide a functional website as well as our contents and services. The collecting and use of the personal data of our users regularly takes place only on a legal basis. An exception applies in such cases in which a legal basis is not apparent and the processing of the data can only be authorized via a consent.
2. Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject to process his or her personal data, Art. 6 para. 1 Lit. a of the GDPR serves as legal basis.
In the processing of personal data required to fulfill a contract whose contracting party is the data subject, Art. 6 para. 1 Lit. b of the GDPR serves as legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures and actions.
Insofar as the processing of personal data is necessary in order to fulfill a legal obligation to which our company is subject, Art. 6 para 1 Lit. c of the GDPR serves as legal basis.
If the processing of data is necessary to safeguard a legitimate interest of our Company or of a third party, and if the interests, fundamental rights and fundamental freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 Lit. f of the GDPR serve as legal basis for the processing.
3. Data erasure and storage period
The personal data of the data subject will be erased or blocked as soon as the purpose of storing the data ceases to apply. Furthermore, data may be stored if doing so has been provided for by European or national lawmakers in EU regulations, laws or other provisions to which the controller is subject. The data will likewise be blocked or erased if a storage period stipulated by the aforementioned rules expires, unless it is necessary to continue storing the data in order to conclude or fulfill a contract.
As a basic principle, you are able to use our internet site without providing your personal data.
Webserver log files
Every time our internet pages are accessed, information transmitted from your browser is automatically saved in webserver log files. In particular, this information includes the name of your provider, your anonymized IP address, your browser type, your operating system, internet sites you have previously visited, and the server request time. Neither this data nor other associated personal data of the user are stored.
The legal basis for the temporary storage of data is Art. 6 para. 1 Lit. f of the GDPR.
The temporary storage of the IP address by the system is necessary in order to make it possible for the website to be delivered to the user’s computer. To do this, the user’s IP address must remain stored for the duration of the session. The log files are stored in order to ensure the functionality of the website. In addition, the data helps us optimize the website and safeguard the security of our information technology systems. In this context, no analysis of the data is conducted for marketing purposes.
The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. As relates to the collection of data for the provision of the website, this is the case when the respective session has ended.
The collection of data for the provision of the website as well as the storage of data in log files is absolutely necessary for the operation of the website. For this reason, there is no option to object on the user’s side.
The recording, processing and use of personal data is carried out by us as well as other companies in the Corporate Group or by external service providers who are contracted by us and both contractually and legally bound to data protection. In these cases, we ensure that Group companies and these external service providers abide by the relevant legal data protection rules.
Otherwise, no third parties have access to your personal data. We will only forward data to the responsible authority in the event of official or legal demands as well as legal obligations to transmit data. This also applies in the event of a court order for transmission. In the case of an official, legal or judicial obligation to transmit data, we will examine in each individual case whether the transmission complies with the basic principles of the GDPR and/or the applicable national law.
We have implemented extensive security provisions and measures to protect personal data stored by us from unauthorized access, misuse, altering, misappropriation, destruction and loss. However, we must point out that unencrypted data transfer via the internet cannot provide any guarantee that access to your data by third parties is prohibited. Complete protection of your data during unencrypted transfer from your system to our server is not possible in technical terms.
If your personal data is processed, then you are a “data subject” within the meaning of the GDPR. You have the following rights vis-à-vis the controller:
In order to exercise your rights as a data subject, please contact our Data Protection Officer (cf. Section II of this Data Privacy Statement). As an alternative, you may also contact a customer service representative or other contact person you know at Harpain.
If an individual exercises his or her rights in accordance with the GDPR, we will not charge any fees. However, a reasonable fee may be charged if your inquiry is demonstrably abusive improper or if you make a repeated inquiry without relevant justification.
We may need to collect information on you that will enable us to clearly identify you as a data subject. In doing so, we will endeavor not to complicate or even hinder your request. Rather, we want to make sure that none of your personal data falls into the hands of unauthorized persons.
Our internet sites may contain hyperlinks (i.e., electronic cross-references) with which internet sites from other companies can be called up. This Data Privacy Statement does not apply to these linked internet sites belonging to other companies.
It may be necessary to adapt our Data Protection Statement to changing framework conditions of a factual and legal nature. The Data Privacy Statement published on our pages is kept up to date.
As of: August 2019