Privacy Policy
General Information
Waterside Logistics GmbH, Bodenackerstrasse 39, 4657 Dulliken (following „Waterside/us/we“), is the operator of the website www.watersidelog.com and offers services in the field of transport and freight forwarding brokerage for shipping (roll-on/roll-off shipments, container shipments, High&Heavy/Project Cargo) and other services (such as arrangement and organisation of insurance coverage, processing of customs clearing documents, general support, track &trace etc.) and is therefore responsible for the collection, processing and use of your personal data or personal data (in this data protection declaration ‘personal data’) and the compatibility of data processing with the applicable data protection law. Your trust is important to us, which is why we take the issue of data protection seriously and ensure appropriate security.
Depending on the data processing, in addition to the applicable Swiss law, the Federal Act on Data Protection (FADP) of 25 September 2020, SR 235.1, European data protection law, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, GDPR), OJ L 119, 4.5.2016, p. 1-88), may also or exclusively apply. This applies in particular in the context of the use of our website and the observation of the behaviour of data subjects residing in the EU/EEA(Art. 3 para. 2 lit. b GDPR).
Processing Activities
Depending on your relationship with us, we process different personal data about you for different purposes and based on different legal bases.
1.1. Visiting our website
When you visit our website, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a so-called log file.
The following data is collected without any action on your part and stored until it is automatically deleted:
- IP address of the requesting computer
- Owner of the IP address range (usually your Internet access provider)
- Date and time of access
- Name and URL of the retrieved file
- Website from which the access is made (referrer URL), if applicable with the search term used
- Status code (e.g. error message)
- Amount of data sent in bytes
- Operating system of your computer
- Transmission protocol used (e.g. http/1.1)
- Your username from a registration/authentication, if applicable
Browser used (type, version and language)
The data in question is processed for the following purposes:
- Ensuring a smooth connection to the website
- Ensuring a comfortable use of our website
- To analyse system security and stability and for other administrative purposes
To improve and further develop our business and services
For our website we use the hosting solution of A2Hosting, Inc. (‘A2Hosting’), PO Box 2998 Ann Arbor, MI 48106, USA. A2Hosting has access to the website and thus to your personal data in the case of support
You can find more information about the handling of your personal data in the processor's privacy policy: https://www.a2hosting.com/policies/#Privacy-Policy.
There is an overriding legitimate interest in the processing of your personal data in accordance with Art. 31 para. 1 FADP and Art. 6 para. 1 sentence 1 lit. f GDPR.
This information is necessary for the functioning of the website.
A2Hosting, Inc, PO Box 2998 Ann Arbor, MI 48106, USA.
Processing takes place in Switzerland and the USA. We have concluded an data processing contract with this processor.
The transfer of European or Swiss personal data to A2Hosting may result in this data being transferred to other affiliated companies of A2Hosting in the USA or to third parties in a country that does not have an equivalent level of data protection. A2Hosting, Inc. is not a participant in the EU-U.S. and Swiss-U.S. Data Privacy Frameworks. Your data is therefore not subject to a level of data protection in the USA that is comparable to that in Switzerland or the EU. If A2Hosting processes your personal data outside the European Economic Area (EEA), A2Hosting will take appropriate measures to ensure the protection of your personal data in accordance with applicable law (e.g. the standard contractual clauses approved by the European Commission).
If you consent to data processing by A2Hosting, you therefore also consent to your data being transferred to unsafe third countries in accordance with Art. 17 para. 1 lit. a FADP or Art. 49 para. 1 lit. a GDPR.
We have agreed with A2Hosting that a transfer to the USA will be based on the E.U.- US or Swiss - US Data Privacy Framework (hereinafter Data Privacy Framework) or, if the Data Privacy Framework is declared invalid or does not (yet) apply, based on so-called standard contractual clauses as well as suitable and proportionate technical and organisational measures.
Due to hosting, A2Hosting may share your personal data with its affiliated companies. Personal data may also be transferred to third countries, including the USA.
https://www.a2hosting.com/policies/#Privacy-Policy.
At the end of your session, the session cookies are deleted, but we retain the log in accordance with legal requirements.
1.2. Contact
On our website, we offer you the opportunity to contact us directly by e-mail, telephone, WhatsApp or contact form. The reason for contacting us may be, for example, questions about quotations, orders, payments and invoices, technical questions or questions on other topics or even feedback.
The following details can be entered:
- First and last name
- e-mail address
- Telephone number
Information that you provide in writing or verbally
The data in question is processed for the following purposes:
- Contacting you
Answering your enquiry
We use the following software and service providers to process your enquiry:
Our email system runs via Microsoft Outlook from Microsoft Ireland Operations Ltd (‘Microsoft’), South County Business Park, One Microsoft Place, D18P521, Leopardstown, Ireland, and is operated via a Microsoft Exchange Server. When an e-mail is sent, Microsoft has access to the sender and the content of the message.
Our telephone system runs via Swisscom AG, Alte Tiefenauerstrasse 6, CH-3050 Bern (‘Swisscom’). We do not use ‘Voice over IP’ (VOIP), to record the call. In principle, no personal data will be passed on from you to Swisscom.
We also offer you the option of contacting us via WhatsApp chat box. The WhatsApp chatbox is operated by WhatsApp Ireland Ltd, Merrion Road, Dublin 4, D04 X2K5, Ireland (‘WhatsApp’).
You can find more information about the handling of personal data in the privacy policy of the respective service provider:
Microsoft: https://privacy.microsoft.com/de-de/privacystatement.
WhatsApp: https://www.whatsapp.com/legal/privacy-policy-eea.
This data processing is carried out on the basis of contractual or pre-contractual measures in accordance with Art. 31 para. 2 lit. a FADP or Art. 6 para. 1 sentence 1 lit. b GDPR. As soon as you have consented to this privacy policy, we will also process your personal data on the basis of your express consent in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 sentence 1 lit. a GDPR.
This processing activity is not necessary for the functionality of the website.
The transfer of European or Swiss personal data to Microsoft may result in this data being transferred to its parent company in the USA or to third parties in a country that does not have an equivalent level of data protection. We have agreed with Microsoft that a transfer to the USA will be based on the E.U.- US or Swiss - US Data Privacy Framework (hereinafter Data Privacy Framework) or, if the Data Privacy Framework is declared invalid or does not (yet) apply, based on so-called standard contractual clauses and appropriate and proportionate technical and organisational measures.
Microsoft Corporation Inc. is a participant in the EU-U.S. and Swiss-U.S. Thus, your personal data may be transferred to Microsoft in the USA without the need for further guarantees. By submitting your enquiry, you also consent to your personal data being transferred to insecure third countries in accordance with Art. 17 FADP and Art. 49 para. 1 lit. a GDPR.
The transfer of European or Swiss personal data to WhatsApp may result in this data being transferred to its parent company in the USA or to third parties in a country that does not have an equivalent level of data protection. We have agreed with WhatsApp that a transfer to the USA will be based on the E.U.- US or Swiss - US Data Privacy Framework (hereinafter Data Privacy Framework) or, if the Data Privacy Framework is declared invalid or does not (yet) apply, based on so-called standard contractual clauses and appropriate and proportionate technical and organisational measures.
WhatsApp LLC is a participant in the EU-U.S. and Swiss-U.S. This means that your personal data can be transferred to WhatsApp in the USA without the need for further guarantees. By submitting your request, you also consent to your personal data being transferred to insecure third countries in accordance with Art. 17 FADP and Art. 49 para. 1 lit. a GDPR. If you contact us via WhatsApp Chatbox and get in touch with us, you therefore also consent to WhatsApp transferring your data to third countries in accordance with Art. 17 para. 1 lit. a FADP or Art. 49 para. 1 lit. a GDPR.
The data stored for the purpose of making contact will be deleted after processing has been completed, unless we are legally obliged to retain the data for 5 or 10 years.
1.3. Chat function/chatbot
We use a chat function with an integrated chatbot on our website to process your questions and concerns. For this chat function, we use the solution of the provider Tidio LLC ("Tidio"). If you use this chat function, you will usually be connected directly to our customer service team and the answers you receive will be written by an employee. To shorten waiting times and optimise customer service, we can use a chatbot (text-based dialogue software) as an intermediary. In this case, the chatbot will, as far as possible, assist you in answering your questions or concerns.
We collect the following data when you use the chat function:
- Surname, first name
- E-mail address
- Other information you have shared via the chat
Furthermore, the following data may be collected through the use of Tidio's chat function:
- Hardware model
- Operating system information
- Browser information
- IP address
Information on the mobile network and device identifiers
The data in question is processed for the following purposes:
- Contacting you
Answering your enquiry
Tidio LLC, 149 Montgomery St. 4th Floor, San Francisco, USA or Tidio Poland Sp. z oo, 81 Wojska Polskiego Street 70-481, Szczecin, Poland.
This data processing is carried out on the basis of contractual or pre-contractual measures in accordance with Art. 31 para. 2 lit. a FADP or Art. 6 para. 1 sentence 1 lit. b GDPR.
The chat function is not necessary for the functionality of the website. We process your data for the purpose of customer service or other enquiries.
The transfer of European or Swiss personal data to Tidio may result in this data being transferred to its parent company in the USA or to third parties in a country that does not have an equivalent level of data protection. We have agreed with Tidio that a transfer to the USA will be based on the E.U.- US or Swiss - US Data Privacy Framework (hereinafter Data Privacy Framework) or, if the Data Privacy Framework is declared invalid or does not (yet) apply, based on so-called standard contractual clauses and appropriate and proportionate technical and organisational measures. By submitting your enquiry, you also consent to your personal data being transferred to insecure third countries in accordance with Art. 17 FADP and Art. 49 para. 1 lit. a GDPR.
https://www.tidio.com/privacy-policy/
The data stored for the purpose of establishing contact will be stored in accordance with the relevant legal provisions and for as long as is necessary to fulfil the aforementioned purposes.
1.4. Advertising
We also use your contact data for advertising purposes, unless we require your consent for this, e.g. for letter post advertising and direct advertising for our own similar goods and services within existing customer relationships.
The following personal data will be processed:
- E-mail address
- Salutation
- First name and surname
- Company name
- Street and house number
Postcode and city
The purpose of processing your personal data received as part of the request is to enable the print advertising to be sent to the address you have provided and to process your enquiries regarding the receipt of advertising. We do not use any provider for such advertising activities.
The processing of your personal data is based on our overriding legitimate interest pursuant to Art. 31 para. 1 FADP and Art. 6 para. 1 sentence 1 lit. f GDPR in customer care and the provision of information about our products and services.
This processing activity is not necessary for the functionality of the website.
We process your data until you object to receiving advertising. You can do this by sending an email to operation@water-side.ch
1.5. Business customer account (B2B)
You have the option of applying for a password-protected online customer account (business customer account) for order entry and processing. The business customer account is used to administer your orders. You can also manage past orders and inventory data. If you are logged in with your business customer account, you also have the option of reporting incorrect information about our product master data using a form provided for this purpose.
The following data is processed during this procedure:
- Company-specific data:
- Company name or person
- Street, postcode, city, state, country
- Phone number
- Tax ID or EORI number
- User-specific details:
- First name and surname
- ID number or passport number
- e-mail address
Telephone number
The purpose of this processing is to set up a business customer account and thereby enable ordering on our website.
This data processing is carried out on the basis of contractual or pre-contractual measures in accordance with Art. 31 para. 2 lit. a FADP or Art. 6 para. 1 sentence 1 lit. b GDPR.
This processing activity is required to create a business customer account. You can visit the website without creating an account.
We retain the data used to process your order for at least the duration of the contract. We are legally obliged to retain business documents and accounting records for 10 years. We reserve the right to retain them for longer in order to assert our rights.
1.6. Quotation requests
Via our website you have the possibility to request and compare offers for a transport and freight forwarding or other services orders from our providers for roll-on/roll-off shipments, container shipments, High&Heavy/Project Cargo, or for associated other services, tailored to your needs, in order to find the best offer for your project. You can request a quote via our website and the portal at https://watersidelog.com/booking-request.
The following data may be processed during this process:
- Project-specific data depending on the offer category and the requested services
- User-specific data:
- Title, first name and surname
- Business or private address
- E-mail address
Telephone number
The purpose of this processing is to provide a form to obtain shipping transport quotes and quotes for associated services.
We use the Logisoft software for the booking request form. The provider of this software is INTRA Logisoft Labs Ltd (‘Logisoft’), 38, Areos Street, 1015 Nicosia, Cyprus.
This data processing is carried out on the basis of contractual or pre-contractual measures in accordance with Art. 31 para. 2 lit. a FADP or Art. 6 para. 1 sentence 1 lit. b GDPR. In addition, by ticking a corresponding box, you give us your express consent in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 lit. a GDPR to make the data you have provided available to the relevant providers so that they can prepare a non-binding offer.
This processing activity is necessary for submitting and responding to requests for quotations. You can visit the website without submitting a request.
The transfer of European or Swiss personal data to Logisoft results in the transfer of data to affiliated companies or to third parties in a country that does not have an equivalent level of data protection. Your data is therefore not subject to a level of data protection in these countries that is comparable to that in Switzerland or the EU.
If you consent to data processing by Logisoft, you therefore also consent to your data being transferred to insecure third countries in accordance with Art. 17 para. 1 lit. a FADP and Art. 49 para. 1 lit. a GDPR.
We have agreed with Logisoft that a transfer to countries without equivalent data protection is based on so-called standard contractual clauses as well as suitable and proportionate technical and organisational measures.
https://logisoft.io/terms-and-conditions/
We retain the data used to process your order for at least the duration of the contract. We are legally obliged to keep business documents and accounting records for 10 years. We reserve the right to retain them for longer in order to assert our rights.
1.7. Online payment
Besides ordinary wire transfer by bank, we offer online payment. To process your payment, we process the data provided by you. Furthermore, we use the payment platform of Stripe Inc. (‘Stripe’) to process your online payment.
The payment data collected for this purpose is forwarded to Stripe to the credit institution commissioned with the payment. In some cases, the selected payment service providers also collect this data themselves if you create an account with them. As a result, we only store the transaction number and not your full card details.
We process the following personal data to process the payment:
- Company name or first name and surname
- E-mail address
- Contact number
- Billing and shipping address
- Information on the payment method
The purpose of this data processing is the processing of your order and thus the fulfilment of the relevant contract.
Stripe Inc. (‘Stripe’), 510 Townsend Street, San Francisco, CA 94103, USA.
This data processing is carried out on the basis of contractual or pre-contractual measures in accordance with Art. 31 para. 2 lit. a FADP or Art. 6 para. 1 sentence 1 lit. b GDPR. As soon as you have consented to this privacy policy, we will also process your personal data on the basis of your express consent in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 sentence 1 lit. a GDPR. In addition, we have an overriding interest in the credit check in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 sentence 1 lit. f GDPR.
The processing of this data is necessary for the processing of the order and its payment.
We have concluded an order processing contract with Stripe. The data is processed by Stripe in Ireland. According to the Federal Council, Ireland has an adequate level of data protection.
https://stripe.com/de-ch/privacy
We retain the data used to process your order for at least the duration of the contract. We are legally obliged to keep business documents and accounting records for 10 years. We reserve the right to retain them for longer in order to assert our rights.
1.8. Cookies
1.8.1 General Information
We use cookies on our website. These are small files that your browser automatically creates and that are stored on your end device (laptop, tablet, smartphone, etc.) when you visit our site.
A cookie does not always mean that we can identify you.
The use of cookies serves to statistically record the use of our website and to evaluate it for the purpose of optimisation and user-friendliness.
We process cookies on the basis of our overriding legitimate interest in accordance with Art. 31 para. 1 FADP and Art. 6 para. 1 sentence 1 lit. f GDPR. As soon as you have given your consent in this privacy policy, we also process cookies that are not technically necessary on the basis of your consent in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 sentence 1 lit. a GDPR.
Cookies are automatically accepted in the default settings of most Internet browsers. If you do not wish to store cookies from our websites on your device, you can configure your browser settings so that you receive a warning before certain cookies are stored. Please note that the partial or complete deactivation of cookies may result in you not being able to use all the functions of our websites.
Cookies have different storage periods. If they are cookies from third parties, we have no influence on the storage period.
1.8.2 Technically necessary cookies
To save your personal user settings regarding cookies on our website, we use a logging cookie.
No personal data is processed. Only the current status of your selected cookie and language setting is saved.
The processing is carried out to re-identify your personal cookie settings on our website.
The processing is based on our overriding legitimate interest in accordance with Art. 31 para. 1 FADP and Art. 6 para. 1 sentence 1 lit. f GDPR. As soon as you have consented to this privacy policy, we will also process your personal data on the basis of your express consent in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 sentence 1 lit. a GDPR.
This cookie is necessary for the functionality of the website.
The cookie is automatically deleted from your system after 12 months at the latest.
1.8.3 Google Tag Manager
We use the Google Tag Manager ("GTM") from Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland on our website. GTM is a tag management system that integrates tags in a standardised manner via a user interface. Tags are short sections of source code that can track activities and access other systems in order to centrally control when certain systems are triggered. Google Marketing Platforms (Double Click and Google Analytics), Google Ads Remarketing, Scarab Research from Emarsys and Meta Pixel are integrated into GTM. This means that GTM is merely an interface between the website and the analytics software. You can prevent the setting of tags in your browser settings at any time. Further information on these systems and their data processing can be found in the following sections.
GTM ensures the activation of other tools, which in turn collect personal data. Depending on the integrated tool, GTM collects IP addresses of website visitors and passes them on to the analysis programmes. You will find more information on the individual data processing operations in the following sections.
We process your personal data for marketing and analysis purposes. We evaluate your user behaviour, carry out conversion tracking, compile statistics and optimise our advertising channels and approaches.
The use of GTM is based on our overriding legitimate interest in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 sentence 1 lit. f GDPR. As soon as you have consented to this privacy policy, we will also process your personal data on the basis of your express consent in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 sentence 1 lit. a GDPR.
This processing activity is not necessary for the functionality of the website.
The transfer of European or Swiss personal data to Google results in the transfer of data to Google in the USA or to third parties in a country that does not have an equivalent level of data protection. We have agreed with Google that a transfer to the USA will be based on the E.U.- US or Swiss - US Data Privacy Framework (hereinafter referred to as the Data Privacy Framework) or, if the Data Privacy Framework is declared invalid or does not (yet) apply, based on so-called standard contractual clauses and appropriate and proportionate technical and organisational measures. By giving your consent via the cookie banner, you also consent to your personal data being transferred to insecure third countries in accordance with Art. 17 FADP or Art. 49 para. 1 lit. a GDPR.
Your data is stored on the end device for up to two years, unless it is renewed.
1.8.4 Google Analytics
We use Google Analytics on our website, a web analytics service provided by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland, which uses cookies to create pseudonymised user profiles. The data is stored on the end device, anonymised and evaluated in the form of statistics.
In connection with the web analysis service of Google Analytics, the following data is processed:
- Masked IP address of the requesting computer
- Date and time of access
- Website from which access is made (referrer URL)
- Browser type and browser version
- Number of visits/users
- Session statistics
Expansion of demographic characteristics and interests:
- Age: 18-24, 25-34, 35-44, 45-54, 55-64, 65+
- Gender: Male, Female
- Categories of common interests
- Segments with ready-to-buy target groups
- Further categories that provide the most specific view of users
Three permanent Google Analytics cookies are used for this purpose (_gat, _gid, _ga), which are automatically deleted after a defined period of time. The recorded IP addresses are anonymised by Google Analytics (so-called IP masking). Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there.
We use Google Analytics to analyse errors and to constantly improve the services on our website by means of statistical analysis.
Data processing is based on your express consent in accordance with Art. 31 para. 1 FADP and Art. 6 para. 1 sentence 1 lit. a GDPR.
This processing activity is not necessary for the functionality of the website.
The transfer of European or Swiss personal data to Google results in the transfer of data to Google in the USA or to third parties in a country that does not have an equivalent level of data protection. We have agreed with Google that a transfer to the USA will be based on the E.U.- US or Swiss - US Data Privacy Framework (hereinafter referred to as the Data Privacy Framework) or, if the Data Privacy Framework is declared invalid or does not (yet) apply, based on so-called standard contractual clauses and appropriate and proportionate technical and organisational measures. By giving your consent via the cookie banner, you also consent to your personal data being transferred to insecure third countries in accordance with Art. 17 FADP or Art. 49 para. 1 lit. a GDPR.
Your data will be stored on the end device for up to 2 years.
1.8.5 Google Ads
We have integrated Google Ads from Google Ireland Limited (‘Google’), Gordon House, Barrow Street, Dublin 4, Ireland, on our website. These internet advertising services allow advertisers to place adverts both in Google's search engine results and in the Google advertising networks (‘conversion tracking’). Google Ads enables an advertiser to define certain keywords in advance, by means of which an advert is only displayed in Google's search engine results if the user retrieves a keyword-relevant search result using the search engine. In the Google advertising network, the adverts are distributed to relevant websites using an automatic algorithm and taking into account the previously defined keywords.
Conversion cookies are used to store personal data, such as the websites visited by the data subject. The following personal data is therefore processed each time our website is visited:
- Click path
- IP address
- Cookie IDs
- Unique identifier of the mobile device
- Number of visits/users
- Transactions
Usage data
The purpose of these ad services is to promote our website by displaying interest-relevant adverts on third-party websites and in the search engine results of the Google search engine and by displaying third-party adverts on our website.
Data processing is based on our overriding legitimate interest in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 sentence 1 lit. f GDPR. As soon as you have consented to this privacy policy, we will also process your personal data on the basis of your express consent in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 sentence 1 lit. a GDPR.
The aforementioned data is not required for website functionality.
The transfer of European or Swiss personal data to Google means that this data is transferred to Google in the USA or to third parties in a country that does not have an equivalent level of data protection. We have agreed with Google that a transfer to the USA will be based on the E.U.- US or Swiss - US Data Privacy Framework (hereinafter referred to as the Data Privacy Framework) or, if the Data Privacy Framework is declared invalid or does not (yet) apply, based on so-called standard contractual clauses and appropriate and proportionate technical and organisational measures.
By giving your consent via the cookie banner, you also consent to your personal data being transferred to insecure third countries in accordance with Art. 17 FADP and Art. 49 para. 1 lit. a GDPR.
https://support.google.com/google-ads/answer/12929169?hl=de
The retention period is generally 13 months.
1.8.6 Meta Pixel
We have integrated Meta Pixel (incl. Facebook Custom Audience) on our website. These internet advertising services allow advertisers to place adverts on both the Facebook platforms and the meta advertising networks ("conversion tracking"). Meta Pixel enables us to place targeted adverts on the Facebook platform and address a relevant target audience. This may include Sponsored Content, Sponsored Messaging, Dynamic Ads or Text Ads. Facebook Custom Audience includes visitors to our website in lists that we can use to address you again as a potential customer. As a user on the remarketing lists, we can place targeted adverts for you.
If you contact us via our social media profile or click on a social media button, the following information will be collected from you:
- User behaviour
- IP address
- Connection data
- Device and browser information
- Data about the content accessed when clicking on the social media button
- User name or first name and surname
- Possibly images, data that you send us when contacting us
By clicking on the social media button, you will be redirected to the provider's website. We have no influence on the processing of personal data on third-party websites.
If you contact us via our social media profile, we will process the data for the purpose of responding to your enquiry. The social media buttons are used to structure our website.
If you contact us via one of our social media profiles, we process your data based on our overriding legitimate interest in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 sentence 1 lit. f GDPR in order to provide a means of communication.
Meta Platforms Ireland Ltd. («Meta»), 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
This processing activity is not necessary for the functionality of the website.
We are joint controllers with Meta in accordance with Art. 26 GDPR, but only with regard to the collection and transmission of data. Meta is solely responsible for the subsequent processing of the information by Meta. We have concluded a joint controllership agreement with Meta to determine the respective responsibilities for the fulfilment of obligations under the GDPR. Accordingly, we are responsible for providing information to users of our website, while Meta is responsible for fulfilling requests regarding the rights of data subjects in accordance with Art. 15 to 21 GDPR. However, within the framework of joint responsibility, you can in principle assert your data subject rights against each of the joint controllers.
The transfer of European or Swiss personal data to Meta may result in Meta transferring data to its parent company in the USA or to third parties in a country that does not have an equivalent level of data protection. We have agreed with Meta that a transfer to the U.S. based on the E.U. US or Swiss - US Data Privacy Framework (hereinafter Data Privacy Framework) or, if the Data Privacy Framework is declared invalid or does not (yet) apply, based on so-called standard contractual clauses and appropriate and proportionate technical and organisational measures. By using the Social Media Profiles, you also consent to the transfer of your personal data to insecure third countries in accordance with Art. 17 FADP or Art. 49 para. 1 lit. a GDPR. Meta is solely responsible for the subsequent processing of the information by Meta.
https://www.facebook.com/privacy/policy/
The retention period for Meta Pixel is generally 90 days.
1.8.7 Google reCAPTCHA
We use the reCAPTCHA service from Google Ireland Limited (‘Google’), Gordon House, Barrow Street, Dublin 4, Ireland on our website for the contact form. reCAPTCHA calculates a probability that the respective user is a human being. For this purpose, the user's behaviour is analysed and added to a captcha score. Your behaviour is tracked by Google cookies that have already been installed, with regard to your previous browser interactions, the number of mouse movements and keyboard strokes as well as the time spent on the website.
To evaluate the behaviour of a user, the following data is collected and transmitted to Google's servers
- IP address of the user
- Date and length of visit
- time zone
- Complete screenshot of the browser window
- Referrer URL
- Browser plug-ins
- Mouse movements and keyboard strokes
- Information about the operating system (Windows, Linux, iOS, etc.)
- Cookies from the last 6 months, as well as NID cookies, which are suitable for creating user profiles
Settings of the user device (e.g. language settings, location, browser, etc.)
The purpose of processing this data is to ensure that the website user is a human being and to protect against spam bots.
The data processing is based on your express consent in accordance with Art. 31 para. 1 FADP and Art. 6 para. 1 sentence 1 lit. a GDPR.
reCAPTCHA is necessary to protect our website from being overloaded by spam bots. There is no immediate need for the functionality of the website.
The transfer of European or Swiss personal data to Google means that this data is transferred to Google in the USA or to third parties in a country that does not have an equivalent level of data protection. We have agreed with Google that a transfer to the USA will be based on the E.U.- US or Swiss - US Data Privacy Framework (hereinafter referred to as the Data Privacy Framework) or, if the Data Privacy Framework is declared invalid or does not (yet) apply, based on so-called standard contractual clauses and appropriate and proportionate technical and organisational measures. By giving your consent via the cookie banner, you also consent to your personal data being transferred to insecure third countries in accordance with Art. 17 FADP and Art. 49 para. 1 lit. a GDPR.
https://support.google.com/analytics/answer/6004245?hl=de
Your data will be stored by reCAPTCHA for 6 months.
1.8.8 Google Maps
On our website we use Google Maps (API) from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Maps is a web service for displaying interactive (land) maps in order to visualise geographical information. By using this service, you will be shown our location and it will be easier for you to find us.
Information about your use of our website (such as your IP address) will only be transmitted to Google servers in the USA via the cookie banner and stored there after you have given your consent. This takes place regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not wish your data to be associated with your Google profile, you must log out before activating the button. Google stores your data (even for users who are not logged in) as usage profiles and analyses them.
The purpose of integrating Google Maps directly on our website is to make it easier to find our business premises and to simplify contact with customers. For Google, data processing promotes the purpose of displaying personalised advertising, market research and/or the needs-based design of its website. We have no influence on the processing of personal data on third-party websites.
The processing is based on our overriding legitimate interest in accordance with Art. 31 para. 1 FADP and Art. 6 para. 1 sentence 1 lit. f GDPR.
The data mentioned is not necessary for the functionality of the website.
The transfer of European or Swiss personal data to Google means that this data is transferred to Google in the USA or to third parties in a country that does not have an equivalent level of data protection. We have agreed with Google that a transfer to the USA will be based on the E.U.- US or Swiss - US Data Privacy Framework (hereinafter referred to as the Data Privacy Framework) or, if the Data Privacy Framework is declared invalid or does not (yet) apply, based on so-called standard contractual clauses and appropriate and proportionate technical and organisational measures. By giving your consent via the cookie banner, you also consent to your personal data being transferred to insecure third countries in accordance with Art. 17 FADP and Art. 49 para. 1 lit. a GDPR
.
The retention period is based on the information on the various types of data in Google's privacy policy, available at https://policies.google.com/privacy?hl=de&gl=de#inforetaining.
1.8.9 YouTube
In order to make our website more interesting for you, we integrate video components from YouTube on our website. The data from YouTube is processed by Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland, and according to the information provided by YouTube, your data - in particular which of our websites you have visited and device-specific information including the IP address - is only transmitted to the YouTube server in the USA in "extended data protection mode" when you watch the video. If you are logged in to YouTube at the same time, this information will be assigned to your YouTube member account. You can prevent this by logging out of your member account before visiting our website.
If the data subject is logged in to YouTube at the same time, YouTube recognises which specific sub-page of our website the data subject is visiting when a sub-page containing a YouTube video is accessed. This information is collected by YouTube and Google and assigned to the respective YouTube account of the data subject.
Our interest lies in the smooth integration of the videos and the appealing design of our website.
Data processing is carried out with your express consent in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 sentence 1 lit. a GDPR, which you have given by clicking on the YouTube button.
Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
The data mentioned is not required for the website functionality.
Your data will be processed by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Personal data may also be transferred to the US parent company Google LLC. Google LLC is a participant in the EU-U.S. and Swiss-U.S. Data Privacy Frameworks. This means that your personal data may be transferred to Google in the USA without any additional guarantees being required.
https://support.google.com/analytics/answer/6004245?hl=de
The retention period is based on the information in Google's privacy policy, available at https://policies.google.com/privacy?hl=de#inforetaining.
1.9. Social Media
1.9.1 Integration of Facebook and/or Instagram
To enable you to communicate with us, we operate a social media profile on Instagram at https://www.instagram.com/watersidelogistics/?igsh=cHM0YjBpeTJxdnN2&utm_source=qr and a Facebook profile at https://www.facebook.com/people/Waterside-Logistics-GmbH/61564013878008/?mibextid=LQQJ4d. You can contact us via these profiles. We have also placed an Instagram and Facebook social media button on our website so that you can easily link to our respective profile. This is not a plugin, but only an icon with a link. Meta does not process any of your personal data on our website in this context.
If you contact us via our social media profile or click on a social media button, the following information will be collected from you:
- User behaviour
- IP address
- Connection data
- Device and browser information
- Data about the content accessed when clicking on the social media button
- User name or first name and surname
- Possibly pictures, data that you send us when contacting us
By clicking on the social media button, you will be redirected to the provider's website. We have no influence on the processing of personal data on third-party websites.
If you contact us via one of our social media profiles, we will process the data for the purpose of responding to your enquiry. The social media buttons are used to structure our website.
If you contact us via one of our social media profiles, we process your data based on our overriding legitimate interest in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 sentence 1 lit. f GDPR in order to provide a means of communication.
Meta Platforms Ireland Ltd (‘Meta’), 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
This processing activity is not necessary for the functionality of the website.
We are joint controllers with Meta in accordance with Art. 26 GDPR, but only with regard to the collection and transmission of data. Meta is solely responsible for the subsequent processing of the information by Meta. We have concluded a joint controllership agreement with Meta to determine the respective responsibilities for the fulfilment of obligations under the GDPR. Accordingly, we are responsible for providing information to users of our website, while Meta is responsible for fulfilling requests regarding the rights of data subjects in accordance with Art. 15 to 21 GDPR. However, within the framework of joint controllership, you can in principle assert your data subject rights against each of the joint controllers. You can find out more about the joint controllership agreement here: https://de-de.facebook.com/legal/controller_addendum.
The transfer of European or Swiss personal data to Meta may result in the transfer of data to its parent company in the USA or to third parties in a country that does not have an equivalent level of data protection. We have agreed with Meta that a transfer to the USA will be based on the E.U.- US or Swiss - US Data Privacy Framework (hereinafter Data Privacy Framework) or, if the Data Privacy Framework is declared invalid or does not (yet) apply, based on so-called standard contractual clauses and appropriate and proportionate technical and organisational measures.
By using the social media profiles, you also consent to your personal data being transferred to insecure third countries in accordance with Art. 17 FADP and Art. 49 para. 1 lit. a GDPR. Meta is solely responsible for the subsequent processing of the information by Meta.
https://www.facebook.com/privacy/policy/
1.9.2 Integration of LinkedIn
To enable you to communicate with us, we operate a social media profile on LinkedIn at https://www.linkedin.com/company/waterside-logistics/. You can contact us via this profile. We have also placed a LinkedIn social media button on our website so that you can easily link to our profile. This is not a plugin, but only an icon with a link. LinkedIn does not process any of your personal data on our website in this context.
If you contact us via our social media profile or click on a social media button, the following information will be collected from you:
- User behaviour
- IP address
- Connection data
- Device and browser information
- Data about the content accessed when clicking on the social media button
- User name or first name and surname
- Possibly picture, data that you send us when contacting us
By clicking on the social media button, you will be redirected to the provider's website. We have no influence on the processing of personal data on third-party websites.
If you contact us via LinkedIn, we will process the data for the purpose of responding to your enquiry. The social media buttons are used to structure our website.
If you contact us via one of our social media profiles, we process your data on the basis of our overriding legitimate interest in accordance with Art. 31 para. 1 FADP and Art. 6 para. 1 sentence 1 lit. f GDPR in order to provide a means of communication.
LinkedIn Ireland Unlimited Company (“LinkedIn”),
Wilton Place, Dublin 2, Ireland
This processing activity is not necessary for the functionality of the website.
The transfer of European or Swiss personal data to LinkedIn may result in the latter transferring data to its parent company in the USA or to third parties in a country that does not have an equivalent level of data protection. We have agreed with LinkedIn that a transfer to the USA will be based on the E.U.- US or Swiss - US Data Privacy Framework (hereinafter Data Privacy Framework) or, if the Data Privacy Framework is declared invalid or does not (yet) apply, based on so-called standard contractual clauses and appropriate and proportionate technical and organisational measures.
You can find LinkedIn's privacy policy here: de.linkedin.com/legal/privacy-policy.
Data that is processed in connection with your contact will be deleted after 1 year, unless we have a retention obligation of 5 or 10 years for the communication.
1.9.3 Integration of TikTok
So that you can communicate with us, we operate a social media profile on TikTok at https://www.tiktok.com/@watersidelogistics?is_from_webapp=1&sender_device=pc. We have also placed a TikTok social media button on our website so that you can easily link to our TikTok profile. This is not a plugin, but only an icon with a link. TikTok does not process any of your personal data on our website in this context.
If you contact us via our social media profile or click on a social media button, the following information will be collected from you:
- User behaviour
- IP address
- Connection data
- Device and browser information or app information
- Data about the content accessed
- User name or first and last name
- Possibly picture, data that you send us when contacting us
By clicking on the button, you will be redirected to the provider's website. We have no influence on the processing of personal data on third-party websites.
The TikTok social media button is used to structure our website. If you contact us via TikTok, we will process the data for the purpose of responding to your enquiry.
If you contact us via our TikTok profile, we process your data on the basis of our legitimate interest in accordance with Art. 31 para. 1 FADP or Art. 6 para. 1 lit. f GDPR to provide a means of communication.
TikTok Technology Limited («TikTok»), 10 Earlsfort Terrace, Dublin, D02 T380, Irland.
The data mentioned is not necessary for the website functionality.
TikTok processes your data on its servers in the USA, Malaysia and Singapore. The transfer of European or Swiss personal data to TikTok may result in the transfer of data to its parent company in the USA or to third parties in a country that does not have an equivalent level of data protection. We have agreed with TikTok that a transfer to the USA will be based on the E.U.- US or Swiss - US Data Privacy Framework (hereinafter Data Privacy Framework) or, if the Data Privacy Framework is declared invalid or does not (yet) apply, based on so-called standard contractual clauses and appropriate and proportionate technical and organisational measures.
https://www.tiktok.com/legal/page/eea/privacy-policy/de
1.10. Search-Tool
We use tools on our website to search and index content and to analyse your search query.
The following data is processed:
- Your IP address
- User behaviour
The following personal data may be collected:
- IP address
- Connection data
- Device and browser information
Search query
The purpose of processing this data is to display optimal and personalised search results. The personal data provided is processed to make it easier to find the information contained on our website, to provide better and more relevant search results from our catalogue and to ensure user-friendliness.
Your personal data is processed on the basis of our overriding legitimate interest in accordance with Art. 31 para. 1 FADP and Art. 6 para. 1 sentence 1 lit. f GDPR.
We use the Yoast SEO for WordPress service from Yoast BV, Don Emanuelstraat 3, 6602 GX Wijchen, The Netherlands on our website. AB Tasty SAS (‘Yoast’). This service is used to enable searches on our website. It also personalises and improves the search function on our website. The service also enables us to understand your behaviour and interests when you make enquiries and to show you optimised search suggestions.
This processing activity is not necessary for the functionality of the website.
Yoast processes your data on its servers in the Netherlands. The transfer of European or Swiss personal data to Yoast may result in Yoast transferring data to its parent company Newfold Capital Inc (‘Newfold’) in the USA or to third parties in a country that does not have equivalent data protection. According to Yoast, it is a joint controller with Newfold pursuant to Art. 26 GDPR.
We have agreed with Yoast that a transfer to the USA will be based on the E.U.- US or Swiss - US Data Privacy Framework (hereinafter Data Privacy Framework) or, if the Data Privacy Framework is declared invalid or does not (yet) apply, based on so-called standard contractual clauses and appropriate and proportionate technical and organisational measures.
Yoast's privacy policy can be found here: https://yoast.com/privacy-notice/.
The retention period is based on the information in Yoast's privacy policy at https://yoast.com/privacy-notice/.
1.11. Widgets and Fonts
1.11.1 Font Awesome
Our website uses Font Awesome, a font service (icon collection and toolkit for web design and web development) from Fonticon, Inc (‘Fonticon’), 307 S Main St, Suite 202, Bentonville, AR, USA. We use the Roboto Slab font on our website, an open source font developed by Google.
Each time this website is accessed, files are loaded from a Fonticon server to display the texts in a specific font. Your IP address may be transmitted to a Fonticon server and stored as part of the usual weblog. The Roboto Slab font is loaded from our own storage space each time it is called up and is therefore integrated locally into our website. No connection to Google servers is established.
The purpose of this data processing is the correct display of the text and content on the website.
The processing is carried out with your express consent in accordance with Art. 31 para. 1 FADP and Art. 6 para. 1 sentence 1 lit. a GDPR.
The data mentioned is not necessary for the functionality of the website.
Fonticon processes your data on its servers in the USA. The transfer of European or Swiss personal data to Fonticon may result in the transfer of data to affiliated companies in the USA or to third parties in a country that does not have an equivalent level of data protection. We have agreed with Fonticon that a transfer to the USA will be based on the E.U.- US or Swiss - US Data Privacy Framework (hereinafter Data Privacy Framework) or, if the Data Privacy Framework is declared invalid or does not (yet) apply, based on so-called standard contractual clauses and appropriate and proportionate technical and organisational measures. By giving your consent via the cookie banner, you also consent to your personal data being transferred to insecure third countries in accordance with Art. 17 FADP and Art. 49 para. 1 lit. a GDPR.
The retention period is based on the information in Fonticon's privacy policy at: https://fontawesome.com/privacy.
Disclosure of data to third parties
Your personal data will not be transferred to third parties for purposes other than those listed or to contractors other than those listed and their subcontractors. Third parties are technology providers for the optimal operation of the website and social media presences as well as for the provision of the services listed above.
Cross-border disclosure to third countries without an adequate level of protection
No disclosure is made to third countries without an adequate level of data protection or only subject to suitable guarantees, e.g. under the contractual obligation to maintain an adequate level of data protection (EU standard contractual clauses).
Personal data is only transferred to third countries if the data protection requirements of Art. 6 FADP or Art. 44 et seq. GDPR are met.
A third country is a country outside Switzerland or the European Economic Area (EEA) in which Swiss data protection law or the European GDPR is not directly applicable. A third country is considered unsafe if, according to the Federal Council or the EU Commission, the country does not have an adequate level of data protection.
Data privacy frameworks exist between the EU and the USA and between Switzerland and the USA. These frameworks ensure that data is transferred to the USA in compliance with the GDPR or FADP and that data is processed in a correspondingly compliant manner, in which all rights under EU law or Swiss law of the data subject can be safeguarded. Whether the specific data processor in the USA participates in this framework can be clarified on the website: www.dataprivacyframework.gov/s/. In addition, you will find further information on the processing of user data in the specific data protection declarations of the data processor.
In this data protection information, we inform you when and how we transfer personal data to the USA or other insecure third countries.
Data security
We take appropriate measures to ensure that your personal data cannot be accessed or stolen by unauthorised third parties. In particular, we take appropriate technical (e.g. firewall, password protection, SSL encryption, etc.) and organisational (e.g. restriction of authorised persons, training of authorised persons, etc.) measures to ensure that only authorised persons have access to this data. Our data processing and security measures are continuously improved in line with technological developments.
Personal data is any information relating to an identified or identifiable natural person, including name, address, telephone number or e-mail or IP address.
We use SSL encryption for security reasons and to protect the transmission of confidential content, such as the enquiries you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from ‘http://’ to ‘https://’ and by the lock symbol in your browser line.
If SSL encryption is activated, the data you transmit to us cannot be read by third parties.
Retention period
We will retain your personal data for as long as we deem necessary or appropriate to comply with applicable laws or for as long as it is necessary for the purposes for which it was collected. We delete your personal data as soon as it is no longer required and in any case after the legally prescribed maximum retention period of 5 or 10 years. Data that is no longer required and for which there is no legal obligation to retain it will be destroyed once the purpose and justification no longer apply.
Specifically, we store your data for the following period:
We retain data that we process by law for the statutory retention period, for example if required by labour law, social security law, tax law or the Business Records Ordinance;
Data that we need for the fulfilment of a contract is retained for at least the duration of the contract and for a maximum of 10 years thereafter, unless we need the data to assert our rights;
Data that we process to protect our legitimate interests will be retained for a maximum of ten years after the end of the contractual relationship, unless we need the data to assert our rights.
Your Rights
As a data subject, you may assert various claims against us in accordance with the applicable national and international law. We may process your personal data again to fulfil these claims. Depending on the applicable law, data subjects may assert the following rights:
- To request information about your personal data processed by us. In particular, information pursuant to Art. 25 FADP or Art. 15 GDPR may contain information
- about the purposes of processing
- the category of personal data
- the categories of recipients to whom your data has been or will be disclosed
- the planned storage period
- the existence of a right to rectification, erasure, restriction of processing or objection
- the existence of a right to lodge a complaint
- the origin of your data if it was not collected by us
- the existence of automated decision-making, including profiling and, where applicable, meaningful information about its details
- to immediately request the correction of incorrect or incomplete personal data stored by us (Art. 6 para. 5 FADP or Art. 16 GDPR);
- to request the restriction of the processing of your personal data if the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to delete it and we no longer need the data, but you need it for the assertion, exercise or defence of legal claims or you have lodged an objection to the processing in accordance with Art. 21 GDPR (Art. 32 FADP or Art. 18 GDPR);
- to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transferred to another controller (Art. 28 FADP or Art. 20 GDPR);
- to request the deletion of your personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims (Art. 32 FADP or Art. 17 GDPR);
- to revoke your consent once given to us at any time. As a result, we may no longer continue the data processing that was based on this consent in the future (Art. 30 para. 2 lit. b FADP and Art. 7 para. 3 GDPR);
- object to the processing if your personal data is processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR (Art. 21 GDPR) and if there are reasons for this arising from your particular situation or if the objection is directed against direct advertising. In the latter case, you have a general right to object, which will be implemented by us without specifying a particular situation;
to lodge a complaint with a supervisory authority (see above) (Art. 49 FADP or 77 GDPR).
Up-to-dateness & amendment of this privacy policy
We reserve the right to amend this privacy policy at any time or to adapt it to new processing methods. The current privacy policy can be accessed at any time at https://watersidelog.com/privacypolicy.
September 2024