Office Düsseldorf: +49 2102 5650 870

Office Hamburg: +49 40 84 200 717

Privacy Policy

Privacy Police

The following data-protection declaration applies for usage of the online offer at www.efrexx.com respectively efrexx.com (hereinafter referred to as the “website”) of eFrexx GmbH. We attach great importance to data protection. Collecting and processing your personal data is done in compliance with the applicable data protection-law provisions, particularly the General Data Protection Regulation (GDPR).

The party responsible for collecting, processing and using your personal data in the sense of Article 4 number 7 of the GDPR is eFrexx GmbH, Asternweg 6, 40880 Ratingen, datenschutz@efrexx.com Insofar as you want to object to the collection, processing or usage of your data by us in accordance with these data-protection provisions as a whole or for individual measures, you can direct your objection to the controller. You can save and print out this data-protection declaration at any time.

We use personal data for the purpose of operating the website and for the operation of the individual online platforms for transportation services of our clients.

The hosting services used by us serve to make the following services available: infrastructure and platform services, processing capacity, storage capacity and database services, security services as well as technical maintenance services, which we use for the purpose of operating the website. In this context, we process or our hosting provider processes inventory data, contact data, contents data, contract data, usage data, metadata and communications data of clients, interested parties and visitors to these websites on the basis of our justified interest in an efficient and more secure provision of our website pursuant to Article 5 paragraph 1, sentence 1 f of the GDPR in conjunction with Article 28 of the GDPR.

We collect information about you when you use this website. We automatically collect information about your usage behaviour and your interaction with us and registered data regarding your computer or mobile device. We collect, save and use data about every access of our website (so-called server log files). Access data includes:

  • the name and URL of the file accessed
  • the data and time of access
  • data quantity transferred
  • report about success access (HTTP response code)
  • browser type and browser version
  • operating system
  • referrer URL (i.e. the preceding page visited)
  • websites which are accessed by the user’s system via our website
  • the user’s Internet service provider
  • IP address and the requesting provider.

We use this protocol data without attribution to you or other profile creation for statistical evaluations for the purpose of the operation, security and optimisation of our website, but also for the anonymous recording of the number of visitors to our website (traffic) as well as regarding the scope and the type of usage of our website and services, also for billing purposes, in order to determine the number of the clicks received from cooperation partners. On the basis of this information, we are able to make personalised and location-related content available and to analysis data traffic, to look for and fix bugs, and to improve our services. We also have a justified interest therein pursuant to Article 6 paragraph 1, sentence 1 f) of the GDPR. We hereby reserve the right to check the protocol data later on if due to concrete indications there is a justified suspicion of unlawful usage. We save IP addresses for a limited period of time in the log files if this is necessary for security purposes or for the rendering of the service or for billing for a service, e.g. if you use one of our offers. After breaking off the ordering process or after receipt of payment, we delete the IP address if it is no longer necessary for security purposes. We also save IP addresses if we have a concrete suspicion of a criminal offence in connection with usage of our website. In addition, as part of your account we save the date of your most recent visit (e.g. when registering, logging in, clicking on links, etc.).

We use so-called session cookies, in order to optimise our website. A session cookie is a small text file which is sent by the respective server when you visit a website and is saved temporarily on your hard drive. This file as such receives a so-called session ID, with which various requests from your browser can be allocated to the common session. This makes it possible to recognise your computer when you return to our website. These cookies are deleted after you close your browser. They serve, for example, to make it possible for you to use the shopping cart function over several pages. We also use persistent cookies to a small extent (also small text files which are placed on your end device), which stay on your end device and make it possible for us to recognise your browser on the next visit. These cookies are saved on your hard drive and are deleted automatically after the set time. Their lifespan is 1 month to 10 years. In this way, we can present our offer to you in a more user-friendly, more effective and more secure manner, and for example can display information on the website which is specially tailored to your interests. . Our justified interest in using cookies pursuant to Article 6 paragraph 1, sentence 1 f) of the GDPR consists of making our website more user-friendly, efficient and secure. For example, the following data and information are saved in the cookies:

  • log-in information
  • language settings
  • search terms entered
  • information about the number of accesses of our website as well as usage of individual functions of our Internet site.

When the cookie is activated, this is allocated an identification number, and no attribution of your personal data to that identification number is made. Your name, your IP address or similar data which would enable an attribution of the cookie to you is not placed in the cookie. On the basis of the cookie technology, we receive only pseudonymised information, for example information about which pages of our website have been visited, what products or services have been viewed, etc. You can configure your browser in such a way that you are informed in advance about the placement of cookies and can decide on a case-by-case basis whether you accept cookies for certain cases or generally exclude them, or that cookies are completely stopped. The functionality of the website can be limited thereby.

We process personal data which we need for the fulfilment of our contractual obligations, such as name, address, email address, products ordered, invoicing and payment data. The collection of this data is necessary for entry into the contract. The data is deleted after the expiry of the warranty periods and statutory retention periods. Data which is associated with a user account (please see below) is definitely retained for the period that the account is kept. The legal basis for the processing of this data is Article 6 paragraph 1, sentence 1 b) of the GDPR, because this data is needed so that we are able to fulfil our contractual obligations to you.

You can create a user account on our website. If you would like to do that, then we need the personal data asked for during the log-in process. When you log in later, only your email address or user name and the password you have chosen will be needed. We collect key data (e.g. name, address), communications data (e.g. email address), payment data (bank details) and access data (user name and password) for a new registration. In order to ensure you can log on properly and to prevent unauthorised logins by third parties, after you register you will receive an activation link by email, in order to activate your account. Only after registration has taken place do we save the data which has been transmitted by you permanently on our system. You can have a user account which has been created deleted by us at any time, without costs arising for this other than the transmission costs in accordance with the basic tariffs. A message in text form to the contact details named in 1 above (e.g. email, fax, letter) is sufficient for this purpose. We will then delete your saved personal data, insofar as we do not have to save this for the execution of services or due to statutory retention obligations. The legal basis for the processing of this data is your consent pursuant to Article 6 paragraph 1, sentence 1 a) of the GDPR.

If you contact us (e.g. by contact form or by email), we process your details in order to handle the query as well as in the event that follow-up questions arise. . If the data processing takes place in order to carry out pre-contractual measures which are performed in response to your request, or, if you are already one of our customers, for the performance of the contract, the legal basis for this data processing is Article 6 paragraph 1, sentence 1 b) of the GDPR. Further personal data is processed by us only if you consent thereto (Article 6 paragraph 1, sentence 1 a) of the GDPR) or if we have a justified interest in the processing of your data (Article 6 paragraph 1, sentence 1 f) of the GDPR). Replying to your email is a justified interest, for example.

We use Google Analytics, a Google Inc. (“Google”) web analysis service. Google Analytics uses so-called “cookies”, text files which are saved to your computer to enable analysis of your usage of the website. The information generated by the cookie about usage of this website by website visitors is usually transferred to a Google server in the USA and saved there. This is also our justified interest pursuant to Article 6 paragraph 1, sentence a f) of the GDPR. Google has subjected itself to the Privacy Shield Treaty entered into between the European Union and the USA and has certified itself. Thereby, Google has undertaken to comply with the standards and provisions of European data protection law. You can read more information about this at the link below: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active. We have activated IP anonymisation on this website (anonymizeIp). This means that Google first truncates your IP address within EU member states or in other contract states to the Treaty concerning the European Economic Area. Only in exceptional cases is the full IP address transferred to a Google server in the USA and truncated there. On our behalf, Google will use this information in order to evaluate your usage of the website, in order to compile reports concerning the website activities, and to render to us other services associated with the website usage and Internet usage. The IP address transmitted by your browser in the framework of Google Analytics is not merged with other data by Google. You can prevent cookies being stored through corresponding configuration of your browser software; however, we draw your attention to the fact that in such case you might not be able to use all of the functions of this website to the full extent. Moreover, you can prevent the transfer of the data (including your IP address) generated by the cookie and relating to your usage of the website to Google, as well as the processing of that data by Google, by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de. As an alternative to the browser plugin or inside browsers on mobile devices you can click on the following link in order to set an opt-out cookie, which will prevent data acquisition by Google Analytics within that website in future (this opt-out cookie only works in that browser and only for that domain. If you delete the cookies in your browser, you must click on this link again): [deactivate Google Analytics]

Insofar as not specifically stated, we store personal data only as long as this is necessary for the fulfilment of the purposes pursued. In some cases, the legislator prescribes the retention of personal data, for example in tax law or commercial law. In such cases, we only continue to store the data for those statutory purposes, but that data is not processed in another way and that data is deleted after the expiry of the statutory retention period. 

Pursuant to the applicable laws, you have various rights with regard to your personal data. If you would like to assert these rights, then please direct your request by email or by mail, with clear identification of your identity, to the address named in 1 above. An overview of your rights is set out in the following:

You have the right to a clear statement about the processing of your personal data. In detail: you have the right at all times to receive a confirmation from us about whether personal data pertaining to you is being processed. If this is the case, then you have the right to request from us free-of-charge information about the personal data saved about you, together with a copy of that data. Moreover, there is a right to the following information:

  1. the processing purposes;
  2. the categories of personal data which are being processed;
  3. the recipients or categories of recipients to whom the personal data has been or will be disclosed, particularly in the case of recipients in non-EU countries or in the case of international organisations;
  4. if possible, the planned duration for which the personal data is saved, or, if this is not possible, the criteria for the definition of that duration;
  5. the existence of a right to correction or deletion of the personal data pertaining to you or to limitation of the processing by the controller or a right to object to that processing;
  6. the existence of a right to complain to a supervisory authority;
  7. if the personal data is not collected from you, all available information about the source of the data;
  8. the existence of automated decision-making, including profiling pursuant to Article 22 paragraphs 1 and 4 of the GDPR and – at least in these cases – meaningful information about the logic involved as well as the scope and the striven-for impacts of such processing for you.

If personal data is transmitted to a non-EU country or to an international organisation, then you have the right to be informed about the suitable guarantees pursuant to Article 46 of the GDPR in connection with the transmission.

You have the right to request us to correct and where applicable also complete personal data pertaining to us. In detail: you have the right to ask us to correct without undue delay incorrect personal data pertaining to you. Taking into account the purposes of the processing, you have the right to request completion of incomplete personal data – also by means of a supplementary declaration.

In a series of cases we are obliged to delete personal data pertaining to you. In detail: you have the right pursuant to Article 17 paragraph 1 of the GDPR to ask us to delete without undue delay personal data pertaining to you, and we are obliged to delete personal data without undue delay if one of the following grounds is fulfilled:

  1. The personal data is no longer necessary for the purposes for which it was collected or processed in another way.
  2. You revoke your consent on which the processing pursuant to Article 6 paragraph 1, sentence 1 a) of the GDPR or Article 9 paragraph 2a) of the GDPR was based, and there is a lack of another legal basis for the processing.
  3. You file pursuant to 21 paragraph 1 of the GDPR an objection to the processing and there are no overriding justified grounds for the processing, or you file pursuant to Article 21 paragraph 2 of the GDPR an objection to the processing.
  4. The personal data has been processed unlawfully.
  5. The deletion of the personal data is necessary for the fulfilment of a legal obligation pursuant to Union law or the law of the member states to which we are subject.
  6. The personal data has been collected with regard to offered services of the information company pursuant to Article 8 paragraph 1 of the GDPR.

If we have made the personal data public and if we are obliged pursuant to Article 17 paragraph 1 of the GDPR to delete it, then, taking account of the available technology and the implementation costs, we take reasonable measures, including of a technical nature, to inform parties responsible for the data processing who process the personal data that you have requested them to delete all links to that personal data or of copies or replications of that personal data.

In a series of cases you are entitled to ask us to limit the processing of your personal data. In detail: you have the right to ask us to limit processing if one of the following prerequisites is fulfilled:

  1. the correctness of the personal data is disputed by you, and for a period which makes it possible for us to check the correctness of the personal data,
  2. the processing is unlawful and you have refused the deletion of the personal data and instead have requested limitation of the usage of the personal data;
  3. we no longer need the personal data for the purposes of the processing, but you need the data for the assertion of, exercise of or defence against legal claims, or
  4. you have filed an objection to the processing pursuant to Article 21 paragraph 1 of the GDPR, until it is has been determined whether our company’s justified reasons outweigh yours

You have the right to receive or to transmit personal data pertaining to you in machine-readable form or to have such data transmitted by us in machine-readable form. In detail: you have the right to receive in a structured, common and machine-readable format the personal data pertaining to you which you have provided to us, and you have the right to transmit that data to another controller without impediment by us, insofar as

  1. the processing is based on a consent pursuant to Article 6 paragraph 1, sentence 1 a) of the GDPR or Article 9 paragraph 2) of the GDPR or on a contract pursuant to Article 6 paragraph 1, sentence 1 b) of the GDPR, and
  2. the processing is done with the assistance of automated processes.

In the event of the exercise of your right to data transferability pursuant to paragraph 1, you have the right to direct that the personal data is transmitted directly by us to another controller, insofar as this is technically feasible.

You have the right also to object to lawful processing of your personal data by us, if this is justified due to your special situation and if our interests in the processing do not override that. In detail: you have the right for reasons which arise from your special situation at any time to make an objection to the processing of personal data pertaining to you which is done on the basis of Article 6 paragraph 1, sentence 1 e) or f) of the GDPR; this also applies for profiling based on these provisions. We no longer process the personal data, unless we can prove compulsory protection-worthy grounds for the processing which outweigh your interests, rights and freedoms, or the processing serves in the assertion of, exercise of or defence against legal claims. If personal data is processed by us in order to pursue direct advertising, then you have the right at any time to make an objection to the processing of personal data pertaining to you for the purpose of such advertising; this also applies for profiling insofar as it is associated with such direct advertising. You have the right for reasons which arise from your special situation to make an objection to the processing pertaining to you of personal data pertaining to you which is done for scientific or historical research purposes or for statistical purposes pursuant to Article 89 paragraph 1 of the GDPR, unless the processing is necessary for the fulfilment of a task which is in the public interest.

You have the right not to be subjected to a decision based exclusively on automated processing – including profiling – which has legal effect against you or which substantially detrimentally affects you in another way. No automated decision-making is done on the basis of the personal data collected.

You have the right to revoke at any time a consent to the processing of personal data.

You have the right to complain to a supervisory authority, particularly in the member state of your place of residence, your job or the location of the alleged breach, if you are of the view that the processing of the personal data pertaining to you is unlawful.

We make maximum endeavours for the security of your data in the framework of the applicable data-protection laws and what is technically possible. Your personal data is transmitted in encrypted form at our end. This applies for your orders and also for the customer login. We use the coding system SSL (Secure Socket Layer), but draw attention to the fact that data transmission on the Internet (e.g. when communicating by email) can have security holes. Completely protecting data from third-party access is not possible. We maintain technical and organisational security measures in accordance with Article 32 of the GDPR, which we repeatedly adjust in line with the state-of-the-art technology, in order to secure your data. Moreover, we do not guarantee that our offer is available at certain times; disruptions, interruptions or outages cannot be excluded. The servers used by us are carefully backed up regularly.

As a matter of principle, we use your personal data only within our company. If and insofar as we engage third parties in the framework of the performance of contracts (e.g. logistics service providers), these receive personal data only in the scope in which transmission is necessary for the corresponding service. In the event that we outsource certain parts of data processing (“order processing”), we obligate order processors contractually to use personal data only in compliance with the requirements in the data-protection legislation and to guarantee the protection of the rights of the data subject. No transmission of data to bodies or people outside the EU outside the case named in number 4 of this declaration takes place, and no such transmission is planned.  

If you still have questions or concerns about data protection, then please contact our data protection officer: Achim Quaken a.quaken@efrexx.com