Data privacy
Unitainer Trading GmbH is delighted that you are interested in our company.
I. Name and address of the person responsible
The person responsible within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:
Unitainer Trading GmbH
Schluisgrove 1
21107 Hamburg
germany
telephone: +49 (0) 40 300 898 0
Fax: +49 (0) 40 300 898 10
email: contact@unitainer.com
II. General information about data processing
II. 1. Scope of processing of personal data
In principle, we only process the personal data of our users to the extent necessary to provide a functional website and our content and services. The processing of our users’ personal data is regularly carried out only with the consent of the user. An exception applies in cases where prior consent cannot be obtained for factual reasons and the processing of data is permitted by law.
II. 2. Legal basis for processing personal data
Insofar as we obtain consent from the data subject for processing personal data, Article 6 (1) lit. a of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
When processing personal data that is necessary to fulfill a contract to which the data subject is a party, Article 6 (1) (b) GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
Insofar as processing of personal data is necessary to fulfill a legal obligation to which our company is subject, Article 6 (1) (c) GDPR serves as the legal basis.
In the event that vital interests of the data subject or another natural person require the processing of personal data, Article 6 (1) (d) GDPR serves as the legal basis.
If processing is necessary to protect a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the person concerned do not outweigh the former interest, Article 6 (1) (f) GDPR serves as the legal basis for processing.
II. 3. Data deletion and storage period
The personal data of the person concerned will be deleted or blocked as soon as the purpose of storage no longer applies. Storage may also take place if this has been provided for by European or national legislators in EU regulations, laws or other regulations to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the above standards expires, unless there is a need to continue storing the data for the conclusion or performance of a contract.
III. Transfer of data to third parties
We only share your personal data with third parties (recipients) if we are entitled to do so in accordance with data protection regulations. Below, we will inform you about the cases in which this may be the case. We may share your personal data with third parties (recipients) if
(1) you have given us your consent to do so for one or more specific purposes (Art. 6 (1) (a) GDPR);
(2) processing is necessary for the performance of a contract with you, or to carry out pre-contractual measures that are carried out at your request (Art. 6 para. 1 S. 1 lit. b GDPR);
(3) processing is necessary to fulfill a legal obligation to which we are subject (Article 6 (1) (c) GDPR);
(4) processing is necessary to protect our legitimate interests or a third party, unless your interests or fundamental rights and which require the protection of your personal data prevail (Art. 6 para. 1 p. 1 lit. f GDPR).
We also work with service providers, so-called contract processors, to whom we transfer your personal data and who process your data for us on our behalf and in accordance with our instructions under Article 28 GDPR. These service providers have been carefully selected and commissioned by us, are bound by our instructions and are regularly checked. Specifically, these are the following service providers:
1&1 Analytics
1&1 web host
IV. Provision of the website and creation of log files
IV. 1. Description and scope of data processing
Each time you visit our website, our system automatically collects data and information from the computer system of the calling computer. The following data is collected here:
(1) Information about the browser type and version used.
(2) Type of device used.
(3) Browser type and version.
(4) the user’s IP address in anonymized form;
(5) date and time of access.
(6) Websites from which the user’s system accesses our website.
(7) Websites that are accessed by the user’s system via our website.
The data is also stored in our system’s log files. This data is not stored together with other personal data of the user.
IV. 2. Legal basis for data processing
The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f GDPR.
IV. 3. Purpose of data processing
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. To do this, the user’s IP address must be stored for the duration of the session.
They are stored in log files to ensure the functionality of the website. We also use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
These purposes also include our legitimate interest in data processing in accordance with Art. 6 para. 1 lit. f DSGVO.
IV. 4. Duration of storage
The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. If the data is collected to provide the website, this is the case when the respective session has ended.
If the data is stored in log files, this is the case after seven days at the latest. Storage beyond this is possible. In this case, the users' IP addresses are deleted or distorted so that it is no longer possible to assign the calling client.
IV. 5. Possibility of objection and removal
The collection of data to provide the website and the storage of data in log files is absolutely necessary for the operation of the website. There is therefore no possibility of objection on the part of the user.
V. Use of cookies
V. 1. What are cookies?
Cookies are small text files that are stored on your device by our website when you visit it. They help us improve your user experience by storing and retrieving certain information to optimize the functionality of the website.
V. 2. Types of cookies on our website
Necessary cookies: These cookies are essential for the operation of our website and enable basic functions such as page navigation and access to secure areas of the website.
Performance cookies: They collect information about how visitors use our website, such as which pages are visited most frequently. This data is used to improve the performance of the website.
Functional cookies: These cookies remember your preferences and settings and provide improved, more personalized features.
Marketing cookies: They are used to deliver relevant advertising in line with your interests and to measure the effectiveness of advertising campaigns.
Consent and control: Performance, functional and marketing cookies are only used with your consent. You have the option to configure your cookie settings the first time you visit our website and can change these settings at any time via the cookie settings on our website.
V. 3. How to manage cookies:
You can manage cookies in your browser settings, including the ability to reject or delete all cookies. Please note, however, that blocking certain types of cookies may affect your experience on our website.
V. 4. Storage period:
Cookies are stored on your device for different periods of time, depending on their type. Some cookies are deleted after you close your browser, while others are stored for a longer period of time.
V. 5. Third party cookies:
Our website may also use third-party cookies to offer additional services and features. For more information about data processing by third-party providers, we refer to their privacy policies.
V. 6. Changes to our Cookie Policy:
We reserve the right to change this Cookie Policy. Changes are published on our website and are effective from the time they are published.
V. 7. Contact:
If you have any questions about the use of cookies on our website, please contact us at contact@unitainer.com
VI. Contact form and email contact
VI. 1. Description and scope of data processing
There are contact forms on our website, which can be used for electronic contact. If a user makes use of this option, the data entered in the input mask will be transmitted to us and stored. This data is:
Name, email address, date, time and contact form specifically requested content
At the time the message is sent, the following data is also stored:
(1) Date and time of registration
Your consent is obtained for the processing of the data as part of the sending process and reference is made to this privacy policy.
Alternatively, you can contact us via the email address provided. In this case, the user’s personal data transmitted by e-mail will be stored. In this context, there is no transfer of data to third parties. The data is used exclusively to process the conversation.
VI. 2. Legal basis for data processing
If the user has given consent, the legal basis for processing the data is Art. 6 para. 1 lit. a GDPR.
The legal basis for processing data transmitted in the course of sending an e-mail is Article 6 (1) (f) GDPR. If the email contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b GDPR.
VI. 3. Purpose of data processing
We process the personal data from the input mask solely to process the contact. In the event of contact by e-mail, this also constitutes the necessary legitimate interest in processing the data.
The other personal data processed during the sending process is used to prevent misuse of the contact form and to ensure the security of our information technology systems.
VI. 4. Duration of storage
The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form and those that have been sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been finally clarified.
The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
VI. 5. Possibility of objection and removal
The user has the option to withdraw his consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.
Since the name, e-mail address and time are automatically transmitted upon receipt of the e-mail, add a one-line request for deletion to your e-mail.
In this case, all personal data that was saved in the course of contacting us will be deleted.
VII. Website analysis services
VII. 1. Google Analytics
VII. 1.1 Description and scope of data processing
This website uses Google Analytics, a web analysis service provided by Google Inc. (“Google”). Google Analytics uses so-called “cookies”, text files that are stored on your computer and which enable an analysis of your use of the website.
VII. 1.2 Legal basis for data processing:
Data processing by Google Analytics is based on your consent in accordance with Art. 6 para. 1 lit. a DSGVO.
VII. 1.3 Purpose of data processing:
The information generated by cookies about your use of this website is used to evaluate your use of the website, to compile reports on website activity and to provide other services related to website usage.
VII. 1.4 Duration of storage:
The storage period of data collected by Google Analytics varies, depending on the type of data stored.
VII. 1.5 Objection and removal option:
You can prevent cookies from being saved by setting your browser software accordingly. You can find further options for objection and removal in Google’s privacy settings.
VII. 2. Visable
VII. 2.1 Description and scope of data processing:
This website uses services from Visable to generate website leads to increase our company’s visibility in B2B networks. Visable collects data that provides information about the usage behavior of visitors to our website in order to establish targeted business contacts.
VII. 2.2 Legal basis for data processing:
This website uses services from Visable to generate website leads to increase our company’s visibility in B2B networks. Visable collects data that provides information about the usage behavior of visitors to our website in order to establish targeted business contacts.
VII. 2.3 Purpose of data processing:
The processing of data by Visable for Website Leads is based on legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR, with the focus on optimizing our online marketing and targeting business customers.
VII. 2.4 Duration of storage:
The length of time Visable stores data depends on Visable’s specific terms of use and privacy policy.
VII. 2.5 Opposition and removal option:
For more information on data processing by Visable and options for objection and removal, please see the privacy policy on Visable’s website.
VIII. Rights of the person concerned
The following list includes all rights of data subjects under the GDPR. Rights that are not relevant to your own website do not have to be mentioned. In this respect, the list can be shortened.
If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the person responsible:
VIII. 1. Right to information
You can request confirmation from the person responsible as to whether personal data relating to you is being processed by us.
If there is such processing, you can request information from the person responsible about the following information:
(1) the purposes for which the personal data is processed;
(2) the categories of personal data that are processed;
(3) the recipients or categories of recipients to whom the personal data relating to you has been or is still being disclosed;
(4) the planned duration of storage of your personal data or, if specific information is not possible, criteria for determining the storage period;
(5) the existence of a right to correct or delete personal data concerning you, a right to restrict processing by the person responsible or a right to object to such processing;
(6) the existence of a right to lodge a complaint with a supervisory authority;
(7) all available information about the origin of the data if the personal data is not collected from the data subject;
(8) the existence of automated decision-making, including profiling, in accordance with Article 22 (1) and (4) GDPR and — at least in these cases — meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.
You have the right to request information as to whether your personal data is being transferred to a third country or to an international organization. In this context, you can request to be informed of the appropriate guarantees in accordance with Article 46 GDPR in connection with the transfer.
VIII. 2. Right to Rectification
You have the right to have the person responsible corrected and/or completed if the processed personal data relating to you is incorrect or incomplete. The person responsible must make the correction immediately.
VIII. 3. Right to restrict processing
Under the following conditions, you can request the restriction of the processing of personal data concerning you:
(1) if you dispute the accuracy of the personal data concerning you for a period of time that enables the person responsible to verify the accuracy of the personal data;
(2) the processing is unlawful and you refuse to delete the personal data and instead request the restriction of the use of the personal data;
(3) the person responsible no longer needs the personal data for the purposes of processing, but you need them to assert, exercise or defend legal claims, or
(4) if you have lodged an objection to processing in accordance with Article 21 (1) GDPR and it is not yet clear whether the legitimate reasons of the person responsible outweigh your reasons.
If the processing of your personal data has been restricted, this data — apart from storage — may only be processed with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the Union or a Member State.
If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the person responsible before the restriction is lifted.
VIII. 4. Right to delete
VIII. 4. a) Obligation to delete
You can demand from the person responsible that the personal data concerning you be deleted immediately, and the person responsible is obliged to delete this data immediately if one of the following reasons applies:
(1) The personal data concerning you is no longer necessary for the purposes for which they were collected or otherwise processed.
(2) You withdraw your consent, on which processing was based in accordance with Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a DSGVO, and there is no other legal basis for processing.
(3) You object to processing in accordance with Article 21 Paragraph 1 GDPR and there are no overriding legitimate reasons for processing, or you object to processing in accordance with Article 21 Paragraph 2 GDPR.
(4) Your personal data was processed unlawfully.
(5) The deletion of personal data concerning you is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the person responsible is subject.
(6) The personal data concerning you was collected in relation to information society services offered in accordance with Article 8 (1) GDPR.
VIII. 4. b) Information to third parties
If the person responsible has made the personal data concerning you public and is obliged to delete them in accordance with Article 17 (1) GDPR, he will take appropriate measures, including technical measures, taking into account available technology and implementation costs, to inform data controllers who process the personal data that you, as the data subject, have deleted from them all links to this personal data or copies or replications of this personal data have requested personal data.
VIII. 4. c) Exemptions
The right to deletion does not exist if processing is necessary
(1) to exercise the right to freedom of expression and information;
(2) to fulfill a legal obligation that requires processing under Union or Member State law to which the controller is subject, or to perform a task that is in the public interest or in the exercise of official authority vested in the controller;
(3) for reasons of public interest in the area of public health in accordance with Art. 9 para. 2 lit. h and i and Art. 9 para. 3 GDPR;
(4) for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes in accordance with Article 89 (1) GDPR, insofar as the right referred to in section a) is likely to make it impossible or seriously impair the achievement of the objectives of this processing, or
(5) to assert, exercise or defend legal claims.
VIII 5. Right to be informed
If you have asserted the right to correct, delete or restrict processing against the person responsible, the controller is obliged to notify all recipients to whom the personal data concerning you have been disclosed of this correction or deletion of the data or restriction of processing, unless this proves impossible or involves disproportionate effort.
You have the right to be informed by the person responsible about these recipients.
VIII. 6. Right to data portability
You have the right to receive the personal data concerning you, which you have provided to the person responsible, in a structured, common and machine-readable format. You also have the right to transfer this data to another person responsible without hindrance by the person responsible to whom the personal data was provided, provided that
(1) processing is based on consent in accordance with Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO or on a contract in accordance with Art. 6 para. 1 lit. b DSGVO and
(2) processing is carried out using automated processes.
In exercising this right, you also have the right to have your personal data transferred directly from one person responsible to another person responsible, as far as this is technically feasible. Freedoms and rights of other persons must not be affected by this.
The right to data portability does not apply to the processing of personal data that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the person responsible.
VIII. 7. Right of objection
For reasons arising from your particular situation, you have the right to object at any time to the processing of personal data concerning you, which is carried out on the basis of Article 6 (1) (e) or (f) GDPR; this also applies to profiling based on these provisions.
The person responsible will no longer process your personal data unless he can demonstrate compelling legitimate reasons for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct marketing.
If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.
In connection with the use of information society services — notwithstanding Directive 2002/58/EC — you have the option to exercise your right of objection by means of automated procedures using technical specifications.
VIII 8. Right to withdraw the declaration of consent under data protection law
You have the right to withdraw your data protection consent at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the time of withdrawal.
VIII 9. Automated individual decision including profiling
You have the right not to be subject to a decision based exclusively on automated processing — including profiling — which has legal effect on you or significantly affects you in a similar way. This does not apply if the decision
(1) is necessary for the conclusion or fulfilment of a contract between you and the person responsible,
(2) is permitted by Union or Member State legislation to which the person responsible is subject and that legislation contains appropriate measures to protect your rights and freedoms and your legitimate interests, or
(3) is carried out with your express consent.
However, these decisions must not be based on special categories of personal data under Article 9 Paragraph 1 GDPR unless Article 9 Paragraph 2 lit. a or g GDPR applies and appropriate measures have been taken to protect your rights and freedoms and your legitimate interests.
With regard to the in (1) and (3) In these cases, the controller shall take appropriate measures to protect the rights and freedoms and your legitimate interests, including at least the right to obtain the intervention of a person by the person responsible, to express his own point of view and to challenge the decision.
VIII. 10. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or place of alleged infringement, if you believe that the processing of personal data concerning you violates the GDPR.
The supervisory authority with which the complaint was filed shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.
VIII 11. Safety:
As part of our IT security, we use technical and organizational security measures to protect the data you provide from accidental or intentional manipulation, loss, destruction or access by unauthorised persons. The security measures are continuously reviewed and adjusted in accordance with data protection law and the state of technological development. We protect our systems and data processing through technical and organizational measures such as data encryption, pseudo and anonymization, access and access controls, firewall and recovery systems, and integrity testing.
VIII 12th update:
The privacy policy is up to date and is dated May 2018. Due to changes, e.g. European and national legal regulations, official instructions, the development of our website, it may be necessary to amend the privacy policy at a later date. An updated version can be obtained from time to time at the address above.