Greenland Seafood Europe GmbH, Eduard-Schopf-Allee 1, 28217 Bremen, Germany
1. Basic information on Data Processing and Legal Basis
1.2. The terms used herein, such as for instance “personal data” or “data processing” performed on them relate to the definitions in Article 4 of the General Data Protection Regulation (GDPR).
The personal data of users processed when providing these Online Services include Identity Data (e.g. Name and e-mail addresses of customers), Transaction Data (e.g. number of the article and batch, best before date and uploaded photos in case of customer complaints), Usage Data (e.g. websites visited, interest in our products) and Content Data (e.g. details entered on the contact form).
1.3. The term “User” includes all categories of data subjects. These comprise our business partners, customers, interested parties and other visitors of our Website. The terms used, like for instance “User”, are to be understood gender-neutral.
1.4. We process personal data of Users only in accordance with applicable data protection legislation. This means that personal data of users are processed lawfully and if there is a legal basis. In particular, this means that personal data are processed if processing is necessary for the performance of a contract (e.g. processing of orders) as well as Online Services, necessary for compliance with a legal obligation, if there is a consent by the User as well as in cases where there are legitimate interests (i.e. interest in the analysis, optimisation and cost-effective operation and security of our Website in terms of Article 6 1 f) GDPR, especially with regard to coverage assessment, creation of profiles for purposes of marketing and advertising as well as collection of access date and the use of third party services.
1.5. We would like to inform you that the legal basis if there is a consent given to processing is Article 6 (1) a) and Article 7 GDPR, the legal basis for processing necessary for the performance of a contract is Article 6 (1) c) GDPR and that the legal basis for processing necessary for legitimate interests is Article 6 (1) f) GDPR.
2. Security Measures
2.1. We have put in place state-of-the-art security measures in order to ensure compliance with the requirements of data protection legislation and to prevent the data processed by us from being accidentally or intentionally manipulated, lost, destroyed or accessed by unauthorised individuals.
In particular, these security measures include the encrypted transfer of data from your browser to our server.
3. Disclosure of Personal Data to Third Parties and Third Party Service Providers
3.1. Personal data will only be disclosed to third parties in accordance with the legal requirements. We will only disclose personal data of Users to third parties if this is, for example necessary for contractual purposes pursuant to Article 6 (1) b) GDPR or if there are legitimate interests in a cost-effective operation of our business pursuant to Article 6 (1) f) GDPR.
3.2. If we use subcontractors to perform our services, we take appropriate legal measures and corresponding technical and organisational measures to ensure protection of personal data in accordance with the applicable legal regulations.
3.3. If we use content, tools or other instruments of other service providers (hereinafter referred to as “Third Party Providers”) and which have their registered office in a third country, it is to be assumed that there is a transfer of personal data to the country of the registered office. Third countries are all such countries in which the GDPR is directly applicable law, which basically is the case for countries outside the EU or the European Economic Area respectively. The transfer of personal data will take place if there is an adequate level of protection, a consent form the User or where it is otherwise legally permissible.
4. Costumer Complaints
4.1. When handling customer complaints we process Identity Data (such as Name and e-mail addresses) and Transaction Data (e.g. number of the article and batch, best before date and uploaded photos) for the purposes of performance of a contract and services in accordance with Article 6 (1) b) GDPR.
5.1. If you contact us (by contact form or e-mail) we will use the personal data of the users to work on and handle your contact inquiry in accordance with Article 6 (1) b) GDPR.
6. Job Applications
6.1. The respective legal entity of Greenland Seafood group you applied to for a position or to which you submitted personal data as part of a speculative application is responsible for the processing of your application details. Your personal data you submitted to us using the online application form will be used for the purposes of recruitment only. Please be aware that applications submitted to us by e-mail are transferred without encryption. We therefore recommend that you only submit your application by using the online application form.
6.2. The collection and processing of personal data is necessary in order to take steps at the request of the data subject prior to entering into a contract and for the decision about entering into an employment relationship in accordance with section 26 of the German Federal Data Protection Act (BDSG) as well Article 6 (1) b) GDPR.
6.3. Job applications for positions at Greenland Seafood Europe GmbH will be collected and processed by Greenland Seafood Wilhelmshaven GmbH. In the course of recruitment your contact details may be submitted to Thomas International GmbH or ANTES Solutions GmbH which may perform services as subcontractors in the assessment centre process. Should we reach the conclusion that your application may also be of interest for other departments or entities within Greenland Seafood group we will submit your application details accordingly. In this case, your personal data will only be transferred to other entities of the Greenland Seafood group. In all other cases your personal data will not be transferred to third parties unless there is consent or an administrative order.
6.4. Your personal data will be retained for a time period of 12 months in order to enable us to contact you at a later time. After that time period your personal data will be completely deleted. Should you wish that your personal data are deleted at an earlier time, we will make the deletion on your written request. If your job application is successful your personal data will be kept in the personal file.
7. Collection of Access Data and Log Files
7.1. We collect data on the access to our servers on which the Online Services are hosted on (so-called server log files) in accordance with Article 6 (1) f GDPR for the purposes of the legitimate interests. Access Data includes name of the website visited, file, date and time of the visit, transferred data volume, notification on successful download, browser type and version, the operating system of the Users, Referrer URL (recently visited websites), IP address and the requesting provider.
7.2 Log file information is retained for security reasons (for example for solving misuse or fraudulent acts) for a time period of up to seven days and will be deleted thereafter. Data which is to be kept for reasons of evidence or the investigation of the respective matter is excluded from deletion.
8. Cookies & Performance Measurement
8.1. Cookies hold information stored by our webserver or webservers of third parties via the Users’ browsers on their computers to be used when the Website is visited again. Cookies may consist of small files or any other type of stored information.
8.2. We use so-called session cookies which are stored only for the time of your visit on our Website (e.g. for storing your login status or the shopping basket tool and thus to support the technical functionality of our website). A session cookie contains a randomly generated identification number, the so-called session ID. Moreover, a cookie contains information about its origin and duration period set within the cookie’s file. These cookies cannot store any other data. Session cookies are deleted automatically after you leave our Website and if you e.g. log out or close your browser.
8.4. If Users do not want cookies to be stored on their device, they are recommended to deactivate the respective function in the settings of their browsers. Stored cookies can be deleted using the setting of the browser. Blocking cookies can limit the functionality of this Website.
9. Performance Measurement using Matomo (formerly PIWIK)
9.2. The information on the use of this Website collected by the cookie will be saved on our server and will not be shared with any third party.
9.3. If you wish to opt out you can use the following Options:
10. Embedding Third Party Services and Content
10.1. We use content and services of third party service providers on our Website on the grounds of legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our Websites in terms of Article 6 (1) f) GDPR) in order to embed their content and services (hereinafter referred to as “Content”), like for instance videos of fonts into our Website. This requires the IP address of the Users to be disclosed to the third party service providers as the Content cannot be transferred to the browser without the IP address. Therefore the IP address is necessary for showing this Content. We strive to use only Content of service providers that use the IP address for the purposes of transferring the Content. Third party service providers may also use so-called pixel tags (invisible images, also referred to as “web beacons”) for statistical and marketing purposes. Pixel tags can be used to analyse information like the traffic on individual parts of the website. Furthermore, pseudonym information can be saved in cookies on the device of the User and among other things may contain technical information about the browser, the operating system, referring websites, duration of your visit as well as further details on the use of our Services, which may be combined with such information from other sources.
10.2. In the following you will find an overview of third party service providers, their content as well as links to their privacy policies in which the processing of personal data is described in more detail along with options for opting out, of which some have already been given:
- Maps by „Google Maps“ by the third party provider Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, Privavy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/.
11. Users’s Rights
11.1. On request, Users have the right to obtain information on the personal data we hold about you at no fee.
11.2. In addition to that, Users have the right to request correction of false personal data, limitation of processing of your personal data and, where applicable, the right to data portability and in case there is an assumption for the illegal processing of personal data, the right to file a complaint at the competent supervisory authority.
11.3. Likewise, Users can generally revoke their consent with future effect.
12. Erasure of Personal Data
12.1. The personal data we store will be erased as soon as these are no longer necessary in relation to the purposes for which they were collected and if there are not statutory obligations to retain the personal data. If the personal data of the Users are not to be erased by reasons that these are necessary for other and legally permissible purposes, processing will be restricted. This means that the personal data are blocked and will not be used for any other purposes. This applies for example for personal data of the Users that have to be retained for reasons under commercial or tax law.
12.2. In accordance with the applicable legal requirements data is retained for a period of 6 years in accordance with sec. 257 para. 1 of the German Commercial Code (HGB), (books of accounts, inventories, opening balance sheets, annual financial statements, trade letters, accounting records) as well as 10 years in accordance with sec. 147 para 1 German Tax Code (AO), (Books, records, annual reports, accounting records, trade letters and commercial letters, documents relevant for taxation etc.).
13. Right to Object
Users can object to the future processing of their personal data in accordance with the statutory requirements. An objection can be raised in particular to the processing for direct marketing purposes.