Nachricht erfolgreich versendet.

PRIVACY POLICY

Thank you for accessing our privacy policy. We, Toll4Europe GmbH, are the controller of your personal data as far as the following processing operations are concerned. In the following, we would therefore like to inform you in particular, 

  • how we handle your personal data (section B), 

  • what processing operations are involved (from section C), and

  • what rights you are entitled to as a data subject (section E). 

Please note that some of the terms used here are taken from Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (the so-called "General Data Protection Regulation", hereinafter abbreviated to "GDPR"). Most of the terms are defined in Art. 4 GDPR. 


A.    Our contact details 


Toll4Europe GmbH
Französische Straße 33 a-c
10117 Berlin
contact@toll4europe.eu

represented by the management:
Mirka Dworschak, Thomas Laissle, Andrea Scheu, Ewa Conewa (Eva Tzoneva)
 

The data protection officer can also be reached at:
dataprotection@toll4europe.eu
 

B.    Basic information on our data processing procedures 


This section provides you with basic information on our handling of your personal data. The information presented here applies to all data processing procedures carried out by us as the data controller. 


Insofar as we are able to provide further details in the context of individually listed data processing operations in Section C, we will specify our explanations at the appropriate points. 


I.    Purpose limitation
We process your personal data only to the extent that we pursue legitimate purposes. As a rule, data is only processed for the provision of our services, including our online offers (e.g. maintenance of our website).  


II.    Legal basis
We process your personal data only if at least one of the following legal bases is applicable:


1.    Consent (Art. 6 para. 1 p. 1 lit. a GDPR)
In individual cases, we ask you for your consent to process certain personal data for previously defined and communicated purposes in accordance with Art. 6 para. 1 p. 1 lit. a GDPR. 


We generally obtain consent electronically and record the content and the granting of consent. In this case, consent is given by way of an "opt-in" procedure (confirming action by placing a check mark in the corresponding field) or, if this is necessary to identify the data subject, by way of a "double-opt-in" procedure (additional confirmation of identity by receipt of an e-mail with a confirmation link that you must click on). Only when placing cookies do we use a different collection procedure (cookie bot).


If you give your consent, you can withdraw it. Please note the more detailed explanations regarding your right of withdrawal under section E.II. 


2.    Performance of a contract (Art. 6 para. 1 p. 1 lit. b GDPR).
When taking steps prior to entering or when performing a contract with you, we rely on the legal basis of Art. 6 para. 1 p. 1 lit. b GDPR. This concerns, for example, your contact data, which we need to perform the contract and for communication.


3.    Compliance with a legal obligation (Art. 6 para. 1 p. 1 lit. c GDPR)
If we process data to comply with a legal obligation (e.g. commercial or tax obligations), Art. 6 (1) sentence 1 lit. c GDPR is the legal basis. 


4.    Vital interests (Art. 6 para. 1 p. 1 lit. d GDPR)
If vital interests of the data subject or another natural person make it necessary to process personal data, the legal basis is Article 6 (1) sentence 1 lit. d GDPR.


5.    Performance of tasks in the public interest or in the exercise of official authority (Art. 6 para. 1 p. 1 lit. e GDPR).
For the processing of personal data in the performance of tasks in the public interest or in the exercise of official authority, we invoke the legal basis of Art. 6 (1) p. 1 lit. e GDPR.


6.    Legitimate interests (Art. 6 para. 1 p. 1 lit. f GDPR)
Pursuant to Art. 6 (1) p. 1 lit. f GDPR, we process personal data if we pursue our legitimate interests or those of a third party and these interests outweigh your interests, fundamental rights and freedoms. In these cases, you may have a right to object to the processing. Please refer to the more detailed explanations regarding your right to object under section E.I. 


III.    Deletion of data
We delete your personal data as soon as the purpose of processing has been achieved or otherwise ceases to apply, unless storage beyond this is provided for by law, for example in accordance with Article 17 (3) GDPR. In order to ensure timely deletion, if necessary, we follow a self-developed deletion concept based on the deletion of personal data after the expiration of certain storage and deletion periods, which we subdivide according to the following criteria:

  • We keep accounting vouchers and balance sheets for 10 years (§ 257 para. 1, esp. no. 4, para. 4 HGB, § 238 para. 1 HGB),

  • Commercial letters, contracts and correspondence in connection with the initiation and execution of contracts are kept for 6 years in accordance with § 257 Para. 1 No. 2-3, Para. 4 HGB,

  • Documents and associated personal data that may lead to claims (for example, warranty claims), we keep until the expiry of the relevant limitation period (in accordance with § 195 BGB generally three years),

  • In the case of other personal data that does not fall under the aforementioned categories, we delete data immediately after the purpose has been achieved.

IV.    Transfer of personal data to third parties


We only disclose personal data to third parties if we are legally obliged or authorized to do so. The following categories of recipients fall under these categories:

  • Our contractual partners who assist us in fulfilling our (pre)contractual obligations to you (e.g. logistics and payment service providers),

  • Administrative authorities (e.g. financial or supervisory authorities),

  • courts, and if you have given us your consent to do so,

  • Web services that support us in the presentation of our website (such as Google, see also section C.III) 

If required, we can provide you with a list of the specific recipients of your personal data.


V.    Data processing in so-called third countries
Your personal data will only be processed in countries within the EU or the European Economic Area that are subject to the scope of the GDPR. To all other, so-called "third countries", we only transfer your personal data if an appropriate level of data protection is guaranteed in the respective third country or at the respective recipient in the third country in accordance with Art. 44 et seq. GDPR is ensured. This is the case, for example 

  • in the case of a so-called "adequacy decision" of the European Commission pursuant to Art. 45 GDPR and

  • by establishing appropriate safeguards pursuant to Art. 46 of the GDPR, such as the use of so-called "EU standard contractual clauses" pursuant to Art. 46(2)(c) or binding internal data protection rules pursuant to Art. 47 of the GDPR. 

If we cannot guarantee an adequate level of data protection when transferring data to a third country, we will only process your personal data if you give us your explicit consent to do so (Art. 49 para. 1 sentence 1 lit. a) GDPR). In this case, we will inform you about the corresponding risks associated with the transfer to third countries (e.g. in the case of the activation of Google functions).


C.    Data processing when you visit our website


In this section, we inform you about the personal data processing that takes place when you visit our website. 


I.    Logfile
When you call up our website, the browser you use on your end device automatically sends information to the server of our website. This information is temporarily stored in a so-called "log file".  


1.    Collected Data
The following information is automatically collected when our website is called up and stored until it is automatically deleted: 

  • The anonymized IP address of the requesting computer,

  • information about the type of device (mobile device, desktop computer, etc.), the type of browser and the version used, as well as the operating system of your terminal device, if applicable,

  • the user's Internet service provider

  • Date and time of access to our website,

  • website from which the user accesses our website (so-called "referrer URL"),

  • websites that the user's system calls up via our website, and

  • Movements of the user on our website.

2.    Purpose and legal basis
We pursue the following purposes with the collection and processing of the "log data" based on the following legal basis:

  • Provision of the content of our website to the user, which among other things also requires the temporary storage of the anonymized IP address to enable the user's communication with our website. The legal basis for this data processing - i.e. for the duration of your website visit - is Art. 6 para. 1 p. 1 lit. b GDPR as well as § 96 TKG and § 15 para. 1 TMG. In addition, the data processing is based on Art. 6 para. 1 p. 1 lit. f GDPR (see section B.II.6), whereby our legitimate interest follows from the fact that we can only make the provision of the content possible in the first place. 

  • Ensuring a smooth connection and comfortable use of our website, evaluation of system security and stability as well as for other administrative purposes. This is achieved by processing and storing the anonymized IP address in the log files beyond the communication process. We also base this on Art. 6 (1) sentence 1 lit. f GDPR (see section B.II.6) and our just mentioned legitimate interest as well as on § 109 TKG.

3.    Duration of storage and deletion periods
The data is deleted when the purpose for which it was collected no longer applies. In the context of the provision of the content of our website, the data is therefore generally deleted when you leave our pages and the session is thus ended. 


Insofar as the purposes of system security and stability are pursued, log data is stored for a maximum of four weeks beyond the end of the session.


4.    Possibility of objection and removal
In principle, you have the right to object - as we will explain in section E.I - insofar as we rely on legitimate interests. However, since the data processing described above is absolutely necessary for the operation of our website, you can only assert your right to object if your particular situation gives rise to reasons that do not permit processing to the extent described above. As a rule, however, we can prove the compelling necessity of the data processing just mentioned. 


5.    Data security
Within the website visit, we use the widespread SSL procedure (Secure Socket Layer) in connection with the highest encryption level supported by your browser. As a rule, this is a 256-bit encryption. You can tell whether an individual page of our website is encrypted by the closed key or lock symbol in the lower status bar of your browser. 


We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.


II.    Cookies
We use cookies on our site. We have already informed you about the use of cookies via our cookie banner. The information provided here serves to provide more comprehensive and supplementary information.


Cookies are small text files that your browser automatically creates and stores on your end device (PC, laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not contain viruses, Trojans or other malware, but information that enables the browser to be uniquely identified when you return to the same website. We do not obtain any direct knowledge of your identity by setting the cookies, but depending on the type of cookie placed and the possibility of assigning a cookie to an IP address, it is possible in principle to establish a personal reference to the user. However, we do not use this possibility of identifying the user. The following types of cookies can be used by us during the visit:

  • Session cookies: Sessions cookies, also called transient cookies, store a so-called session ID, with which various requests from your browser can be assigned to the common session. 

  • Persistent cookies: Persistent cookies, also known as tracking cookies, store information about the settings and preferences that you specify when you visit our website. Examples include language settings. These cookies enable us to automatically recognize that you have already visited our website when you visit it again. These cookies are automatically deleted after a defined period of time. 

We do not process any information from so-called third-party cookies. These are cookies whose information content is not provided by our web servers, but by third-party providers or third-party servers.

We use the following cookies:

  • eu_toll4europe_lp_cookiehint

1.    Purpose and legal basis
The use of session cookies serves to enable the provision of our website and the full use of our offer and to make it more convenient for you. This includes the optimization of user-friendliness, since, for example, information that has been entered once does not have to be entered again as soon as you call up another website or even another page of our website. Functions such as language settings, a shopping cart or similar would not be possible without the use of cookies. 


On the other hand, we use persistent cookies to statistically record the use of our website and to conduct an analysis of the surfing behavior of users on our website. This serves to optimize our offer as well as the quality of our website and its content. Through the analysis cookies, we learn how the website is used and can thus constantly optimize our services. This enables us to adapt our services to the wishes of our user group, for example by means of market research, and to design them in line with requirements. The user data collected in this way is pseudonymized by technical precautions. An assignment of the data to the calling user is then no longer possible. 


The legal basis for the use of our cookies with regard to the provision of our website and the full use of our offer is Art. 6 para. 1 p. 1 lit. b GDPR, insofar as the use in terms of contract performance or for the implementation of pre-contractual measures is mandatory, and Art. 6 para. 1 p. 1 lit. f GDPR, insofar as we pursue functional purposes (such as shopping cart function, appealing design and the like). Insofar as we use cookies for purely statistical collection and analysis, we rely on Art. 6 para. 1 p. 1 lit. f GDPR, whereby the use in each case is made to protect our legitimate interests for the purpose of providing our online services. 


Insofar as we analyze the surfing behavior of our users by means of persistent cookies and in some cases make use of third-party software, we rely on your consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR. Of course, we will refrain from this type of data processing if you have not given your consent to this.


2.    Duration of storage and deletion periods
Session cookies are stored by your browser only for the duration of your browser session and are deleted when you close the browser. Persistent cookies remain stored for a longer period of time (14 months) on the device you are using.


3.    Possibility of objection and removal
When you accessed our website, you were informed about the use of cookies and referred to this privacy policy. You were given the opportunity to object to the use of cookies (section E.I) or to withdraw your consent (section E.II).

As a user, you can also use technical settings to decide whether and how cookies are used or stored by your browser. You can configure your browser to ensure that no cookies are stored on your computer or that a message always appears before a new cookie is created. You can delete cookies that have already been created or have them deleted automatically by your browser. However, the complete deactivation of cookies may mean that you cannot use all the functions of our website.


III.    Web analysis service: Google Analytics
In order to ensure that our website is designed to meet the needs of our users and is continuously optimized, and to adapt to the technical conditions of our users, we use Google Analytics for web analysis. They collect information about the user behavior of our websites as well as technical details, such as the share of use of new technologies and the reach of our offers.


1.    Purpose and legal basis
For the purpose of analysis and demand-oriented design and continuous optimization of our websites and their use, we use the web analysis service "Google Analytics" of the company Google Inc. (1600 Amphitheatre Parkway, Mountaineer View, CA 94043, USA; hereinafter "Google"). Google Analytics uses cookies (see section C.II), which allow an analysis of the use of the website by creating pseudonymous usage profiles of our customers. 


This is only activated if you have given your consent to this when you call up our website in accordance with Art. 6 para. 1 p. 1 lit. a GDPR. Please note that you have a right of withdrawal (section E.II).


2.    Recipient of data
The information generated by the cookie (for example, browser type, operating system, IP address, etc.) about your website use will be transmitted to and stored by Google on servers in the United States. Your IP address will be shortened and anonymized by Google within the Member States of the European Union or in other contracting states to the Agreement on the European Economic Area before transmission (so-called "IP masking"). Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. 


Google uses the aforementioned information to evaluate the use of the website, to compile reports on website activity and to provide other services associated with website and Internet use for the purposes of market research and demand-oriented design of these websites. If necessary, this information is transferred to third parties if this is required by law or if third parties process this data on our behalf. Google may also combine data from other sources with your data. 


Please note, as we already informed you when asking for your consent, that

  • The USA are a „Third country“ (Section B.V) and if applicable, data is stored on a server in the USA, 

  • among other things, investigative authorities in the USA can obtain access to this data under certain circumstances without any possibility of influence by us or by Google, and

  • therefore it cannot be fully guaranteed that your data is fully subject to the level of data protection of the GDPR. 

If you have nevertheless given your consent, your consent expressly refers to the fact that you are aware of these risks and accept them. 


3.    Possibility of objection and removal
We only activate the Google Analytics function if you have given your consent to this when calling up our website. Since Google Analytics works with cookies, the explanations under the previous section C.II also apply accordingly. Please note in particular your right of withdrawal with regard to the consent you have given (see section E.II for more details). 


You can also prevent the collection of data by Google Analytics by either downloading and installing a browser add-on or setting an opt-out cookie at the following Internet address: http://tools.google.com/dlpage/gaoptout?hl=de. Setting an opt-out cookie has the effect of preventing the future collection of your data by Google Analytics when you visit this website. However, if you delete your cookies in the future, this will result in the opt-out cookie also being deleted and you may have to reactivate it. 


We use Google Analytics to evaluate data from AdWords and the Double-Click-Cookie for statistical purposes. If you do not wish this, you can deactivate this via the Ads Preferences - Manager (http://www.google.com/settings/ads/onweb/?hl=de).


4.    Joint Controllership
Finally, we would like to inform you that we are joint controllers for data processing with Google (Art. 26 GDPR). The data collection on the website is initially carried out by us; subsequently, the website transmits the collected data to Google through the respective tool. Once the data has been transmitted, Google is in turn solely responsible for further processing. 


We have concluded an agreement with Google, according to which you can exercise your rights as a data subject in accordance with this processing series both against us and against Google. If the assertion of your rights relates to a data processing operation that is the responsibility of the other jointly responsible party, we will forward your request accordingly so that the protection of your rights is guaranteed.


IV.    Embedment of YouTube-Videos
YouTube videos are integrated on our website in order to present our services to you in a visual manner. When these videos are played, they are accessed via YouTube itself (http://www.YouTube.com), a service of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter "Google"). We use the "extended data protection mode" so that no data about you as a user is transmitted to YouTube if you do not play the videos. A data transmission to YouTube only occurs when you play the videos. We have no influence on this data transmission. 

The data that we have already mentioned in section C.I.1 will then be transferred to YouTube. If you maintain a user account with YouTube or Google and are also logged in when you call up our website, the data will also be assigned to your user account. You can prevent this assignment by logging out of YouTube and / or Google before playing the video. 


Google uses the aforementioned information to evaluate the use of the website, to compile reports on website activity and to provide other services associated with the use of the website and the Internet for the purposes of market research and demand-oriented design of these websites. If necessary, this information is transferred to third parties if this is required by law or if third parties process this data on our behalf. Google may also combine data from other sources with your data. 

  • The USA are a „Third country“ (Section B.V) and if applicable, data is stored on a server in the USA, 

  • among other things, investigative authorities in the USA can obtain access to this data under certain circumstances without any possibility of influence by us or by Google, and

  • therefore it cannot be fully guaranteed that your data is fully subject to the level of data protection of the GDPR. 

If you have nevertheless given your consent, your consent expressly refers to the fact that you are aware of these risks and accept them. 


You have a right of withdrawal against this use both towards us and towards Google. If you would like to know more about the purpose and scope of the data collection, as well as your rights and technical settings options, you can access Google's privacy policy at: http://www.google.de/intl/de/policies/privacy


Finally, we would like to inform you that we are joint controllers for data processing with Google (Art. 26 GDPR). The data collection on the website is initially carried out by us; subsequently, the website transmits the collected data to Google through the respective tool. Once the data has been transmitted, Google is in turn solely responsible for further processing. 


We have concluded an agreement with Google, according to which you can exercise your rights as a data subject in accordance with this processing series both against us and against Google. If the assertion of your rights relates to a data processing operation that is the responsibility of the other jointly responsible party, we will forward your request accordingly so that the protection of your rights is guaranteed.
 

IV.    Social Media
We use plug-ins or links from social networks such as YouTube, Xing and LinkedIn on our website on the basis of Art. 6 (1) p. 1 lit. a GDPR. In doing so, we pursue the purpose of making our company better known on these networks as well. 


In this case, the social networks can link the IP address of your browser session to your own profile on the respective social network via one of their cookies. To ensure sufficient protection, we have implemented the plug-ins by way of the two-click method. Activation takes place by pressing the button directly next to the respective plug-in, use by clicking the button of the plug-in itself.
 

1. Xing
Functions and services of the social network "Xing" are integrated on our pages. These are offered by XING AG, Gänsemarkt 43, 20354 Hamburg.
 

a) Data processing and controllerships
A processing of data takes place as soon as you call up our profile at Xing via the corresponding link on our website, marked by a Xing symbol (plug-in). When you call up our Xing profile, Xing processes data stored in Cookies, if applicable, as well as log data, if applicable, that originate from our website and are transmitted to Xing. 
 

However, when you visit our profile, Xing mainly processes data on how and whether you have interacted with our profile (for example, postings, followings, etc.).


If you are also a member of the social network Xing, Xing processes the data you have already provided (e.g., function, country, industry, seniority, company size and employment status), creates analyses and statistics, and then provides them to us in aggregated form. In doing so, Xing makes use of further analysis services (e.g. Adobe Digital Analytics, Google Analytics, etc.). These data aggregated for us do not have a personal reference. 
 

We are jointly responsible with LinkedIn for the data processing described above (Art. 26 GDPR). We have transparently defined our obligations and rights with regard to data processing in a contract with Xing. 
 

Xing also primarily handles the task of addressing your data subject rights (see section E), if you wish to exercise them. You can do this easily via your profile settings on Xing or by contacting Xing directly. You are also free to contact us regarding your data subject rights. However, we would like to point out that due to a lack of insight into the concrete data processing, we will generally forward your request to Xing.
 

The data processing subsequent to the aforementioned (i.e., for example, the use of aggregated statistics and analyses) is carried out by us under our own responsibility. Likewise, we are responsible for the use and further processing of your personal and publicly viewable interactions on our profile page (e.g. likes, postings, sharing of posts, etc.) as well as for any contact made with us.
 

When you activate and use the plug-in, your browser establishes a direct connection with Xing's servers. The content of the plug-in is transmitted by Xing directly to your browser and integrated by it into the website. By activating the plug-ins, Xing receives the information that you have accessed the corresponding page of our website. 


If you are logged in to Xing, Xing can assign the visit to your Xing account. The purpose and scope of the data collection and the further processing and use of the data by Xing, as well as your rights in this regard and settings options for protecting your privacy, can be found in Xing's privacy policy at https://privacy.xing.com/de/datenschutzerklaerung.


For further information, you are welcome to visit Xing's privacy policy, where you will also find information on the options for deactivating certain tracking data processing: https://privacy.xing.com/de/datenschutzerklaerung/druckversion.
 

b) Purpose and legal basis
We use the plug-in on our website to draw attention to our Xing profile and to enable you to use the functions of the Xing social network directly. 
 

We operate our profile on Xing in order to present our services in an appealing manner and to be able to provide them with a relevant range. 


The analysis services of Xing are used to create aggregated statistics for us. This allows us to better understand our visitors and customers and improve our services. Likewise, we can target our advertising on this basis (which has no personal reference). 
 

We base this processing on your consent (given to Xing) (Art. 6 para. 1 p. 1 lit. a GDPR). 


Insofar as we communicate with you as sole controller, the processing serves to answer the inquiries as well as to prepare the conclusion of a contract and, if necessary, even the implementation (Art. 6 para. 1 p. 1 lit. b GDPR), as in other cases of contact (see section B). The remaining use is otherwise based on legitimate interests (Art. 6 para. 1 p. 1 lit. f GDPR), which lie in being able to improve our offers and services in line with the target group. Please note your right of objection with regard to the processing of personal data that we base on our legitimate interests (see E.I.1). 
 

c) Duration of storage
The storage of personal data by us when contacting you is carried out according to the general rules (see B.III). 
The storage period of the data processed by LinkedIn can be found in the data protection policy of Xing (see link above).
 

2. LinkedIn
Functions and services of the social network "LinkedIn" are integrated on our pages. These are offered by LinkedIn Ireland Limited, 77 Sir John Rogerson's Quay, Dublin 2, Ireland. At the same time, we maintain our own profile on LinkedIn, which you can access via the link on our website.
 

a) Data processing and controllerships
A processing of data takes place as soon as you call up our profile on LinkedIn via the corresponding link on our website, marked by a LinkedIn symbol (plug-in). When you call up our LinkedIn profile, LinkedIn processes data stored in cookies, if applicable, as well as log data, if applicable, that originate from our website and are transmitted to LinkedIn. 


Mainly, however, when you visit our profile, LinkedIn processes data on how and whether you have interacted with our profile (for example, postings, followings, etc.). 


If you are also a member of the social network LinkedIn, LinkedIn processes the data you have already provided (e.g. function, country, industry, seniority, company size and employment status), creates analyses and statistics and then makes these available to us in aggregated form. This aggregated data has no personal reference. LinkedIn refers to this as "page insights". You can find more information about this at (https://www.linkedin.com/help/linkedin/answer/4499/linkedin-page-analytics-overview?lang=en). 

For these "Page Insights" data processing operations described above, we are joint controllers with LinkedIn (Art. 26 GDPR). We have transparently defined the obligations and rights with regard to the data processing in a contract with LinkedIn ("Page Insights Joint Controller Addendum"), which can be accessed at https://legal.linkedin.com/pages-joint-controller-addendum

From this, you can see that LinkedIn has also primarily taken on the task of addressing your data subject rights (cf. Section E), insofar as you wish to exercise them. You can do this simply via your profile settings on LinkedIn or via a direct contact. You are also free to contact us regarding your data subject rights. However, we would like to point out that, in the absence of insights into the specific data processing, we will generally forward your request to LinkedIn. 
The data processing subsequent to the "Page Insights" (i.e., for example, the use of aggregated statistics and analyses) is carried out by us under our own responsibility. We are also responsible for the use and further processing of your personal and publicly visible interactions on our profile page (e.g. likes, postings, sharing of posts, etc.) as well as for any contact made with us. 
 

b) Purpose and legal basis
We use the plug-in on our website to draw attention to our LinkedIn profile and to enable you to use the functions of the LinkedIn social network directly. 


We operate our profile on LinkedIn in order to be able to present our services in an appealing manner and to provide them with a relevant reach. 


The analysis services provided by "Page Insights" are used to create aggregated statistics for us. This allows us to better understand our visitors and customers and to improve our offer. We can also target our advertising on this basis (which has no personal reference). 


We base this processing on your consent (given to LinkedIn) (Art. 6 para. 1 p. 1 lit. a GDPR). 


Insofar as we communicate with you on our own controllership, the processing serves to answer the inquiries as well as to prepare the conclusion of a contract and, if necessary, even to execute it (Art. 6 para. 1 p. 1 lit. b GDPR), as in other cases of contacting you (cf. section B). The remaining use is otherwise also based on legitimate interests (Art. 6 para. 1 p. 1 lit. f GDPR), which lie in being able to improve our offers and services in line with the target group. Please note your right of objection with regard to the processing of personal data that we base on our legitimate interests (see E.I.1). 
 

c) Data Transfer to the USA
The data processing carried out by LinkedIn is based, among other things, on a data transfer to the USA, a third country (see section B.V). LinkedIn has described the type of data collected and processed in the user agreement and in the privacy policy (https://www.linkedin.com/legal/privacy-policy?_l=de_DE). 

Insofar as data transfer and processing takes place in the USA, LinkedIn has concluded a standard data protection clause adopted by the EU Commission (cf. Section B.V) as a guarantee with the LinkedIn companies located in the USA. Please note, however, that 

  • among other things, investigative authorities in the USA can obtain access to this data under certain circumstances without any possibility of influence by us or by LinkedIn, and

  • therefore it cannot be fully guaranteed that your data is fully subject to the level of data protection of the GDPR. 

  • Since you have given your consent to LinkedIn to allow LinkedIn to carry out the processing on US servers, you also have a right of withdrawal vis-à-vis LinkedIn.

d) Duration of storage
The storage of personal data by us when contacting you is carried out according to the general rules (see B.III). 
The storage period of the data processed by LinkedIn can be found in the data protection policy of LinkedIn (see link above).


V.    Contact form and e-mail contact


We offer you the possibility to contact us via our contact form on our website. In any case, the IP address of the user and the date and time of sending your message will be saved as part of the contact. We collect and store the following personal data as mandatory information (marked with a " * " as mandatory field):

  • Request
  • Name
  • E-mail address
  • Phone number
  • Toll4Europe OBU user (yes/no)
  • Your OBU sales partner
  • Your company
  • Number of trucks
  • Message

If you decide to contact us via the e-mail address provided on our website, we will save your e-mail address and any other data you (voluntarily) provide. Your data will only be passed on to third parties if this is necessary to process your request.


1.    Purpose and legal basis
We process the aforementioned data for the processing of your request. Other data is only processed for technical or security reasons (for example, abuse prevention and ensuring our system security). The legal basis is Art. 6 para. 1 p. 1 lit. a GDPR (consent), Art. 6 para. 1 p. 1 lit. b GDPR (fulfillment of a contract or pre-contractual measures) and, with regard to the latter purpose, Art. 6 para. 1 p. 1 lit. f GDPR, as we have a legitimate interest in the integrity of our website.


2.    Duration of storage and deletion periods
All aforementioned data will be deleted as soon as we have processed your request and further clarification is no longer necessary. The deletion is subject to any obligations and rights pursuant to section B.III. 


3.    Possibility of objection and removal
After you have contacted us, you can withdraw your request at any time and object to further processing of the data. In addition, you may have the right to object in accordance with Art. 21 GDPR (see section E.I.1). 


D.    Contracts


If you are our contractual partner, please note that in this context we also apply our General Information under section B for data processing in contracts. The following information is provided in addition to our General Terms and Conditions and our General Information under section B. If you have any further questions, please contact us using the contact details provided in section B.I.1 or B.I.2. 


I.    Purpose and legal basis
The purpose of collecting the personal data received in the course of concluding and executing the contract is to enable us to fulfill our obligations under the contract for the use of our toll collection system. 


This includes, for example, registration for the toll collection system and the processing of toll payments. This also includes data processing for the purposes of failure analysis, abuse detection and ensuring IT security. Failure on your part to provide the data may mean that the contract cannot be concluded and/or executed. Mandatory data includes, for example, master data, payment data and such data as we require for the setup and operation of the "on-board unit" (e.g. truck license plate number, location and time of use of toll roads). 


Furthermore, we use the data to serve you as a customer and for statistical market and opinion research purposes. This is necessary to continuously improve our products and services and to adapt them to the needs of our customers. We only engage in direct advertising if you have consented to this or if there is another legal basis for this under the Union law of the member states.


The legal basis for the aforementioned data processing is Article 6 (1) sentence 1 lit. a GDPR in the case of consent, Article 6 (1) sentence 1 lit. b GDPR insofar as this is necessary for the performance of the contract and the implementation of pre-contractual measures, and Article 6 (1) sentence 1 lit. f GDPR (protection of legitimate interests) in all other aforementioned cases, whereby our legitimate interest is the marketing and continuous improvement of our products and services as well as their adaptation to the needs of our customers.


II.    Transfer of personal data to third parties
We cooperate with partners who support us in this task as part of the implementation of our tolling services. These are, in particular, so-called service providers in the toll areas in which the toll is determined or collected using the so-called "Dedicated Short Range Communication technology" (DSRC). These ensure access to the toll areas in question. 


We also cooperate with sales partners who use our services. This includes in particular your contractual toll service provider, who registers you with us and provides you with the OBU. 


In the context of these cooperations, partial disclosure of your personal data may be necessary in order to enable you to access the requested toll areas and to process services and corresponding payments. All parties involved work on their own controllership with regard to their data processing operations. 


With regard to other recipients of data, we ask you to note our explanations in accordance with section B.IV. 


III.    Duration of storage and deletion periods
We store the data collected by us and, if applicable, received from sales partners (your toll service provider) in accordance with our specifications in section B.III. 


IV.    Possibility of objection and removal
In particular, you have the right to withdraw your consent against the collection and further processing of data on the basis of consent (see Section E.II). Data processing required for the fulfillment of the contract or the performance of pre-contractual measures is not subject to any right of objection; however, you may object to data processing on the basis of legitimate interest under the conditions stated in section E.I.1. 


With regard to our direct advertising, we refer to your right of withdrawal (in the case of granted consent) pursuant to Section E.II and to your right of objection pursuant to Section E.I.2. 


In all other respects, you are entitled to the data subject rights already mentioned in section E.  


E.    Your rights as a data subject


If you are affected by our processing of your personal data, you may be entitled to the rights described below. To exercise your rights, please contact us at contact@toll4europe.eu.


I.    Right to object (Art. 21 GDPR)
In the case of data processing for specific purposes, you have the right to object in accordance with Art. 21 GDPR. For a possible objection, please contact us or our data protection officer using the contact details provided. You will not incur any costs for this other than the transmission costs according to the prime rates of your telecommunications provider. A right of objection exists in the following cases:


1.    Processing for legitimate interests (Art. 6 para. 1 p. 1 lit. f, 21 para. 1 GDPR): 
If personal data is processed for the purpose of legitimate interests (Art. 6 (1) p. 1 lit. f GDPR), you may object to the processing of your personal data at any time on grounds relating to your particular situation. If you object, we will no longer process your personal data unless we can prove compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves the purpose of asserting, exercising or defending legal claims.


2.    Processing for the purpose of direct marketing (Article 21 (2) GDPR, Section 7 (3) UWG):
Insofar as we process data for the purpose of direct marketing and/or profiling in connection with such, you may object at any time to the processing of personal data concerning you for the purpose of such advertising and/or profiling. If you object, we will refrain from any further processing of your data for the purpose of direct marketing and/or profiling.


3.    Processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller (Art. 6 (1) p. 1 lit. e, 21 (1) GDPR): 
If personal data is processed for the performance of tasks in the public interest or for the exercise of official authority (Art. 6 (1) sentence 1 lit. e GDPR), you may object to the processing of personal data relating to you at any time on grounds relating to your particular situation. If you object, we will no longer process your personal data unless we can prove compelling legitimate grounds for the processing which override your interests, rights and freedoms of you, or the processing serves the purpose of asserting, exercising or defending legal claims.


4.    Processing for scientific or historical research purposes or for statistical purposes (Art. 21 (6)): 
If personal data is processed for scientific or historical research purposes or for statistical purposes pursuant to Article 89(1) GDPR, you have the right to object, on grounds relating to your particular situation, to the processing of personal data concerning you, unless the processing is necessary for the performance of a task carried out in the public interest.


II.    Right of withdrawal for granted consent (Art. 7 (3) GDPR)
You can withdraw consent once given at any time with effect for the future - in full or in part - without incurring any costs by contacting us using our contact details. The lawfulness of the processing of the data covered by the consent on the basis of the consent until the withdrawal remains unaffected by the withdrawal.


III.    Right of access (Art. 15 GDPR)
You are entitled to request information about your personal data processed by us. This right to information includes 

  • the purposes of processing;

  • the categories of personal data processed by us; 

  • the categories of recipients to whom your data have been or will be disclosed; 

  • in the event of a transfer of personal data to so-called "third countries" (cf. Section B.V) outside the scope of the GDPR, whether and in what way we ensure an adequate level of protection by means of appropriate safeguards (Art. 45, 46 GDPR) at the data recipient in the third country;

  • the planned storage period, insofar as we are able to assess this; if an assessment and indication of the storage period are not yet conclusively possible, we will at least provide information on the criteria for determining the storage period (e.g. periods of limitation, statutory retention periods, cf. also Section B.III);

  • your right to rectification, deletion, restriction of processing and to object to the processing of personal data relating to you (details below);

  • the existence of a right of appeal to a supervisory authority;

  • the origin of the data, if it was not collected by us; and

  • the existence of an automated individual decision-making within the meaning of Article 22 GDPR, including profiling, which also includes details of the decision-making criteria (i.e. the logic used) of the automated decision and the effects and consequences for the data subject.

You have the right to request a copy of your personal data processed by us. You will not incur any costs for the first copy of the data, but we will charge an appropriate fee for further copies of the data. If you exercise this right, we will provide the copy of the data in electronic form, unless otherwise specified. This provision is subject to the rights and freedoms of other persons who may be affected by the transmission of the data copy. 


IV.    Right to rectification (Art. 16 GDPR)

You have the right to demand that we correct your incorrect data without delay. Likewise, you may request that we complete your incomplete personal data by means of supplementary declarations or communications from you.


V.    Right to erasure („Right to be forgotten“) (Art. 17 GDPR)
You have the right to demand that we delete your personal data stored with us without delay, insofar as

  • you have withdrawn your consent (see B.II.1) to the processing of your data, unless there is another legal basis for the processing of your data;

  • the storage or other processing of your personal data is no longer necessary for the purposes for which they were collected and processed;

  • you have objected to data processing pursuant to Art. 21 GDPR and there are no overriding legitimate grounds for further processing; in the case of direct marketing pursuant to Art. 21 (2) GDPR, erasure shall take place unconditionally on the basis of objection; 

  • your personal data have been processed unlawfully;

  • it is a child's data collected in relation to information society services pursuant to Art. 8 (1) GDPR. 

If we have made personal data public, we will also inform other responsible parties of their request for erasure, including the erasure of links, copies and/or replications, to the extent technically possible and reasonable. 


The aforementioned rights to erasure of your personal data do not exist insofar as the processing is carried out necessarily 

  • for the exercise of the right to freedom of expression and information;

  • for compliance with a legal obligation which requires processing under Union or Member State law to which we are subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in us;

  • for reasons of public interest in the area of public health pursuant to Art. 9(2)(h) and (i) GDPR and Art. 9(3) GDPR;

  • for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes pursuant to Art. 89(1) GDPR, insofar as your right to erasure is likely to render impossible or seriously prejudice the achievement of the purposes of such processing; or

  • the assertion, exercise or defense of legal claims. 

VI.    Right to restriction of processing (Art. 18 GDPR)
You have the right to request that we restrict the processing of your personal data (i.e. restrict the processing to mere storage) if one of the following cases applies:

  • You have disputed the accuracy of your personal data. For the duration of our verification of accuracy, you may request that your data not be used for other purposes and be restricted to that extent.

  • The processing is unlawful and you refuse the erasure of the personal data Art. 17 para. 1 p. 1 lit. d GDPR and request instead the restriction of the use of the personal data Art. 18 GDPR.

  • We no longer need the personal data for the purposes of processing, but you need it for the assertion, exercise or defense of legal claims. In this case, you may request the restriction of processing to the aforementioned purposes. 

  • You have objected to the processing pursuant to Article 21 (1) GDPR. As long as it has not yet been determined whether our legitimate interests or reasons for processing outweigh yours, you may request that we process your data only for the purpose of examining the aforementioned assessment. 

If we have restricted the processing of your personal data at your request, we may and will only process this data - apart from its storage - with your consent or for the assertion, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the Union or a Member State. 


If a processing restriction is lifted, you will be informed of this in advance.


VII.    Right to data portability (Art. 20 GDPR)
You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used and machine-readable format, and you have the right to transfer this data to another controller without hindrance from us, provided that

  • the processing is based on consent pursuant to Art. 6(1)(a) or Art. 9(2)(a) GDPR or on a contract pursuant to Art. 6(1) sentence 1(b) GDPR and

  • the processing is carried out with the aid of automated procedures.

Where technically feasible, you may also request us to transfer your personal data directly to another controller. 

The exercise of the right to data portability does not affect the right to data erasure (Art. 17 GDPR). However, the right to data portability does not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us. 

You may not exercise the right to data portability if this affects the rights and freedoms of other persons.


VIII.    Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)
We always process personal data in accordance with the law. However, if you have reason to believe that we have violated applicable data protection law, you may at any time contact the competent supervisory authority of the Union or the member states and lodge a complaint. The competent supervisory authority is the supervisory authority of your habitual residence, your place of work or the place of the alleged infringement. The data processing of personal data carried out for us as a controller is supervised by the following supervisory authority:


Berliner Beauftragte für Datenschutz und Informationsfreiheit
Friedrichstr. 219
10969 Berlin

Telephone: 030 13889-0
Telefax: 030 2155050
E-Mail: mailbox@datenschutz-berlin.de
Website: www.datenschutz-berlin.de


The following link also provides a listing of all data protection supervisory authorities:
https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html


Date: 08.01.2021

Imprint

Toll4Europe GmbH

Address:
Toll4Europe GmbH
Französische Str. 33 a-c
10117 Berlin

Email: contact@toll4europe.eu
Phone: +49 30 8353-85002

Please use the contact form for any question about Toll4Europe.

Admission Authority:

Bundesamt für Güterverkehr
Werderstraße 34
50672 Köln
Germany

Phone: 0221-5776-0
Fax: 0221-5776-1777
Email: poststelle@bag.bund.de

Represented by:

Board of Management:
Mirka Dworschak, Thomas Laissle, Andrea Scheu, Ewa Conewa (Eva Tzoneva)

Registration:

Eingetragen im Handelsregister.
Registergericht: Berlin
Registernummer: No. 175193
USt.-IdNr: DE306242805

Responsible for content in accordance with § 55 paragraph 2 German Interstate Broadcasting Treaty:

Mirka Dworschak, see address opposite

Disclaimer - legal information

Responsible for content in accordance with § 55 paragraph 2 German Interstate Broadcasting Treaty:
Mirka Dworschak, see address opposite

§ 1 Warning note on contents
The free and freely accessible contents of this website were created with the greatest possible care. However, the provider of this website does not guarantee that the free and freely accessible journalistic guides and news provided are correct and up-to-date. Contributions marked by name reflect the opinion of the respective author and not always the opinion of the provider. Only by the call of the free and freely accessible contents no contractual relationship between the user and the offerer is established. In this respect there is no willingness of the offerer to be legally bound.

§ 2 External links
This website contains links to third-party websites ("external links"). These websites are subject to the liability of the respective operators. When linking the external links for the first time, the provider checked the external content for any legal infringements. At that time, no legal violations were apparent. The provider has no influence whatsoever on the current and future design and content of the linked pages. The setting of external links does not mean that the provider adopts the content behind the reference or link as his own. A permanent control of the external links is not reasonable for the provider without concrete indications of legal violations. However, if we become aware of any legal infringements, such external links will be deleted immediately.

§ 3 Copyright and ancillary copyrights
The contents published on this website are subject to German copyright and ancillary copyright law. Any use not permitted by German copyright and ancillary copyright law requires the prior written consent of the provider or the respective rights holder. This applies in particular to duplication, editing, translation, storage, processing or reproduction of contents in databases or other electronic media and systems. Contents and rights of third parties are marked as such. The unauthorized duplication or passing on of individual contents or complete pages is not permitted and liable to prosecution. Only the production of copies and downloads for personal, private and non-commercial use is permitted.
The presentation of this website in external frames is only permitted with written permission.

§ 4 Special Terms of Use
If special conditions for individual uses of this website deviate from the aforementioned paragraphs, this is expressly pointed out at the appropriate point. In this case, the special terms of use apply in each individual case.

We use cookies to enable the provision of our website and the full use of our offer and to make it more pleasant for you. In addition, we would like to statistically record the use of our website and perform an analysis of the surfing behavior of users on our website in order to improve our offer, our advertising and the quality of our website and its content. For this purpose, we use analysis services provided by partners. For the latter purposes, we ask for your consent, which you can revoke at any time at daaprotection@toll4europe.eu with effect for the future. This consent to analyze your personal data refers, among other things, to the fact that our jointly responsible partners may also combine your personal data from other sources and make it available to us in anonymized form. In addition, your consent also covers the fact that our partners use U.S. servers where a level of data protection comparable to that in Europe is not guaranteed, as U.S. authorities may be granted access to your data without the possibility to object. 

For more information, please see our privacy policy.

All cookies
Necessary cookies