Data protection declaration

SLYNX GmbH & Co.KG

General – Information according to Art. 13 + 14 GDPR

In this Data Protection Declaration, we, SLYNX GmbH & Co. KG, inform you about how your personal data is processed when you use our website slynx.digital and about SLYNX products and services. We take the protection and security of your personal data entrusted to us seriously and want you to feel safe and comfortable when visiting our website and using our offers. It is important to us that you know what personal data is collected when you use our offers and services and how we use it afterwards. 

Purpose of the data processing

Insofar as SLYNX GmbH & Co. KG processes personal data, this is done for the particular purposes stated in this data protection declaration.

Personal data, in particular address data, contact data or payment data, is used for the execution of an emerging contractual relationship or its initiation. Your personal data is therefore processed on the legal basis of Art. 6 para. 1 lit. b GDPR. For this purpose, it is usually necessary to also transmit the collected data to our partner companies or other commissioned data processors.

Contact details of the data controller

SLYNX GmbH & Co. KG

Directors: Michael Craiss

Vetterstraße 35

75417 Mühlacker

Tel: +49 7041 804-663

E-mail: info@slynx.digital

Data Protection Officer

If you have further questions regarding the processing of your personal data, you can contact our data protection officer, who is also available in the event of requests for information, applications or complaints:

TÜV Technische Überwachung Hessen GmbH

E-mail: datenschutz@craiss.com

 

Rights concerning the processing of personal data

Right to information

You have the right to receive information from us at any time upon request about the personal data processed by us that concerns you within the scope of Art. 15 GDPR. To do this, you can submit an application by post or e-mail to the addresses given above.

 Right to rectify inaccurate data

You have the right to demand that we correct the personal data concerning you without delay if it is incorrect (Art. 16 GDPR). For this purpose, please contact the addresses given above.

 Right to erasure

You have a right to the immediate erasure (“right to be forgotten”) of the personal data concerning you if the legal grounds pursuant to Art. 17 GDPR exist. These are, for example, if the personal data are no longer necessary for the purposes for which they were originally processed or you have withdrawn your consent and there is no other legal basis for the processing; the data subject objects to the processing (and there are no overriding reasons for processing – this does not apply to objections to direct marketing). To exercise your above right, please contact us at the above contact addresses.

 Right to restrict processing

You have the right to restrict processing if the conditions are met and in accordance with Art. 18 GDPR. Accordingly, the restriction of processing may be required in particular if the processing is unlawful and the data subject refuses the erasure of the personal data and instead requests the restriction of the use of the personal data or the data subject has objected to the processing pursuant to Art. 21 para.1 GDPR as long as it has not yet been determined whether our legitimate grounds override theirs. To exercise your above right, please contact us at the above contact addresses.

 Right to data portability

You have a right to data portability according to Art. 20 GDPR. In this regard, you have the right to receive the data relating to you that you have provided to us in a common, structured and machine-readable format and to transfer this data to another controller, such as another service provider. The prerequisite for this is that the processing is based on consent or on a contract and is carried out with the aid of automated procedures. To exercise your above right, please contact us at the above contact addresses.

 Right to object

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out, inter alia, on the basis of Art. 6 para. 1 lit. e or f GDPR, in accordance with Art. 21 GDPR. We will stop processing your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims. To exercise your above right, please contact us at the above contact addresses.

 Right to complain to a supervisory authority

If you believe that the processing of personal data relating to you by us is unlawful, you have the right to complain to the supervisory authority responsible for us, which you can contact as follows:

The State Commissioner for Data Protection and Freedom of Information of Baden-Württemberg

PO Box 10 29 32, 70025 Stuttgart

Königstraße 10a, 70173 Stuttgart

Tel: +49 711 61 55 41 0

E-mail: poststelle@lfdi.bwl.de

 

Data processing in the context of visiting the SLYNX website

Visiting our website/access data

When personal data is entered, it is always transmitted in encrypted form via SSL.

We record and store the IP address assigned to your computer in order to transmit the contents of our website that you have accessed to your computer (e.g. texts, images as well as files made available for download, etc.) (cf. Art. 6 para. 1 lit. b GDPR). We also process this data for abuse detection and tracking. In this respect, the legal basis is Art. 6 para. 1 lit. f GDPR. Our legitimate interest in processing data is to ensure the proper functioning of our website and the transactions conducted via it.

Insofar as we process your data for the purposes of providing the functions of our website, as described above, you are contractually obliged to provide us with this data.

 Newsletter

This website uses HubSpot Ireland Limited, 2nd Floor 30, North Wall Quay, Dublin 1, Ireland to send out newsletters. Hubspot is a service that can be used to organise and analyse newsletter distribution. The data you enter for the purpose of receiving the newsletter (e.g. email address) is stored on Hubspot’s servers.

Our newsletters sent with Hubspot allow us to analyse the behaviour of newsletter recipients. Among other things, it can be analysed how many recipients have opened the newsletter message and how often which link in the newsletter was clicked. With the help of so-called conversion tracking, it can also be analysed whether a predefined action (e.g. download whitepaper) has taken place after clicking on the link in the newsletter.

The data processing is based on your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time by unsubscribing from the newsletter. The lawfulness of the data processing operations already carried out remains unaffected by the revocation.

If you do not want any analysis by Hubspot, you must unsubscribe from the newsletter. We provide a link for this in every newsletter message. Furthermore, you can also unsubscribe from the newsletter directly on the website.

The data you provide for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from our servers as well as from Hubspot’s servers after you unsubscribe from the newsletter. Data stored by us for other purposes (e.g. e-mail addresses for the members’ area) remain unaffected by this.

For more details, please see Hubspot’s privacy policy at: https://legal.hubspot.com/de/privacy-policy

 Contact form

If you have a more detailed question for us, you can submit an enquiry using the contact form on our website. The required data will be marked as mandatory fields.

When you contact us, the data you provide (in particular your name, e-mail address, telephone number and the text of your enquiry as well as any other voluntary information) will be stored by us. The processing is carried out for the purpose of processing the enquiries on the basis of Art. 6 para. 1 lit. b, f GDPR. The data collected in the course of contacting you will be deleted as soon as it is no longer required for processing your enquiry.

 Disclosure to third parties

Your personal data may be disclosed to processors for the purposes set out in this data protection declaration. In some cases, we use service providers (based in Germany) who process data on our behalf (e.g. for email marketing). In the cases described here, the information is passed on to these third parties to enable further processing. The external service providers are carefully selected and regularly checked by us to ensure that your privacy is protected.

The service providers are service providers/order processors bound by instructions and are accordingly required by us, among other things, to treat your data only in accordance with our instructions and the applicable data protection laws. In particular, they are obliged to keep your data strictly confidential. You are also prohibited from processing the data for purposes other than those agreed.

The transfer of data to processors takes place on the basis of Art. 28 para. 1 GDPR. We also do not sell your data to third parties, nor do we market it in any other way.

Cookies/tracking tools

Use of cookies

We use so-called cookies on our website. These are text files that are automatically stored in the internet browser or by the internet browser on your end device (e.g. computer, tablet, smartphone, etc.) when you visit our website. These cookies contain characteristic character strings that enable the internet browser to be uniquely identified when the website is called up again.

We use cookies to make our website more user-friendly. These cookies enable us to automatically recognise that you have already been with us, e.g. as a logged-in user, when you visit our site again. These cookies are automatically deleted after a defined period of time. The data processed in this way is necessary for the aforementioned purposes to protect our legitimate interests and those of third parties in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR.

You can prevent the setting of cookies by our website at any time by means of a corresponding setting of the Internet browser used and thus permanently object to the setting of cookies. Furthermore, cookies that have already been set can be deleted at any time via an internet browser or other software programmes. This is possible in all common internet browsers. If you deactivate the setting of cookies in the internet browser used, it may not be possible to use all the functions of our website to their full extent.

You can find all the information about the cookies used in detail in our Consent Banner

 Usercentrics

We use the Usercentrics service on our website. The service enables us to obtain, manage and document consent. The legal basis is Art. 6 para. 1 sentence 1 lit. c) GDPR (fulfilment of legal obligation).

In order to oblige the provider of this service to process the transmitted data only in accordance with our instructions and to comply with the applicable data protection regulations, we have concluded an order processing contract with the provider.

Provider: Usercentrics GmbH, Sendlinger Straße 7, 80331 Munich, Germany

https://usercentrics.com/privacy-policy/

https://usercentrics.com/terms-and-conditions/

 Google Tag Manager

We use this service on our website. The service enables us as marketers to manage website tags via one interface. The tool that implements the tags is a cookieless domain and does not itself collect any personal data. The service provides for the triggering of other tags, which in turn may collect data. The service does not access this data. If a deactivation has been made at domain or cookie level, this remains in place for all tracking tags that are implemented with the service.

Provider: Google Ireland Limited, Google Building Gordon House, Barrow St 4 Dublin, Ireland

https://www.google.de/

https://policies.google.com/privacy?hl=de&gl=de

 Google AdWords

Our website uses the advertising tool “Google AdWords” from Google including its conversion tracking. We use this tool to determine how successful advertising our services is on websites other than our own. For this purpose, a conversion cookie is set when you have clicked on one of our advertisements. This cookie allows us to recognise that you have reached our website via this advertisement. With such usage statistics, we create statistics to evaluate the conversion of our advertisements. We do not receive any information about you personally. The conversion cookie set in your browser is individual and cannot be used by other Google AdWords customers for their statistics. You can prevent tracking by deactivating the conversion tracking cookie in your browser settings.

 Social media

We are also represented with content on social networks and other virtual platforms in order to be able to communicate with customers, interested parties and users there and present our services to them. When calling up these networks and virtual platforms, their terms and conditions and, above all, their data protection principles apply.

Unless otherwise regulated in our data protection declaration, we process your personal data that you provide to us via the social networks and virtual platforms as part of our communication, e.g. by sending messages to us, to process your enquiries. The legal basis for this processing of the transmitted data is Art. 6 para. 1 sentence 1 lit. b GDPR.

For a detailed presentation of the respective forms of processing and the options to object (opt-out), we refer to the data protection declarations and information provided by the operators of the networks concerned.

Also in the case of requests for information and the assertion of data subject rights, we point out that these can be asserted most effectively with the providers. Only the providers have access to the users’ data and can directly take appropriate measures and provide information.

We have pages on the following social media platforms:

 Planned data transfer to third countries

A transfer to third countries is currently not planned, otherwise the corresponding legal requirements will be created. In particular, you will be informed about the respective recipients or categories of recipients in accordance with the legal requirements.

 Security

SLYNX GmbH & Co. KG uses technical and organisational security measures to protect the data you have made available from accidental or intentional manipulation, loss, destruction or access by unauthorised persons. This also applies when external services are procured. The effectiveness of our security measures is reviewed and the measures are continuously improved in line with technological developments.

 Standard periods for the deletion of data

The legislator has enacted a wide range of retention periods and obligations. After expiry of these periods, the corresponding data is routinely deleted. If data is not affected by this, it will be deleted or made anonymous if the purposes stated in the context of this data protection declaration cease to apply. Unless this Data Protection Declaration contains other, different provisions regarding the storage of data, the data collected by us will be stored by us for as long as it is necessary for the aforementioned purposes for which it was collected.

 Other data use and data deletion

Your personal data will only be processed further or used if permitted by law or if you have consented to the data processing or use. In the event of further processing for purposes other than those for which the data was originally collected, we will inform you of these other purposes prior to further processing and provide you with the further relevant information.

 Other purposes

Personal data is also processed if you provide it to us of your own accord, for example in the context of an enquiry or an order. The legal basis in this respect is Art. 6 para. 1 lit. b GDPR. The data we process in this respect includes customer data, employee data and data from suppliers, insofar as this is necessary for the purposes named in the context of this data protection declaration.

Insofar as we process your data, as described above, for the purposes of receiving and processing your respective enquiry, you are contractually obliged to provide us with this data. Without this data, we are not able to carry out the appropriate processing.

If you have consented to the processing of personal data (cf. Art. 6 para. 1 lit. a GDPR), you may revoke your consent at any time without affecting the lawfulness of the processing carried out on the basis of the consent until revocation.

 Data processing in the course of applications to SLYNX

We process your personal application data in accordance with the provisions of the EU GDPR and the German Federal Data Protection Act, insofar as this is necessary for the decision on the establishment of an employment relationship with us. We process the data that we receive from you by post or e-mail in the course of contacting you or your application, or that you have provided or transmitted to us via social networks used for professional networking and self-presentation (e.g. LinkedIn). By sending or making available your data, you give us your express consent to do so. You can revoke this consent at any time.

The legal basis for processing the data is Article 88 GDPR in conjunction with Article 26 of the amended Federal Data Protection Act and, if applicable, Article 6 para. 1 lit. GDPR for the initiation or implementation of contractual relationships. Furthermore, we may process your personal data if this is necessary to fulfil legal obligations (Art. 6 para. 1 lit. c GDPR) or to defend asserted legal claims against us.

If an employment relationship arises between you and us, we may, in accordance with Art. 88 GDPR in conjunction with Article 26 of the amended Federal Data Protection Act, further process the personal data already received from you for the purposes of the employment relationship, insofar as this is necessary for the implementation or termination of the employment relationship or for the exercise or fulfilment of the rights and obligations of the employee representation resulting from a law or a collective agreement, a company or service agreement (collective agreement). A transfer of data to a third country is not intended.

Hubspot

On this website, we use the HubSpot service for various purposes. HubSpot is a software company from the USA with a branch in Ireland. Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, Phone: +353 1 5187500.

Hubspot is an integrated CRM software solution that we use to cover various aspects of our online marketing. These include, among others: E-mail marketing, social media reporting, reporting, contact management (e.g. user segmentation & CRM), landing pages and contact forms.

You can find more information about HubSpot’s privacy policy here: http://legal.hubspot.com/de/privacy-policy

As part of the optimisation of our marketing measures, the following data may be collected and processed via Hubspot: Inventory data (e.g. names, addresses); contact data (e.g. e-mail, telephone numbers); meta/communication data (e.g. device information, IP addresses); usage data (e.g. websites visited, interest in content, access times).

The legal basis for the processing is your consent pursuant to Art. 6 para. 1 a GDPR. If you do not want Hubspot to collect and process the aforementioned data, you can refuse your consent or revoke it at any time with effect for the future.

The personal data shall be kept for as long as necessary to fulfil the purpose of the processing. The data is deleted as soon as it is no longer required to achieve the purpose.

 Data processing when using the SLYNX portal and app

The data listed below will be stored and, if necessary, processed by or on behalf of SLYNX when using the services or registering for one of the services at SLYNX in addition to the data mentioned so far.

Data provided by customers when booking the transport of goods

These include the customer’s profile data and the transport data when booking a transport. We collect data when users make use of the SLYNX platform service. In the final step, a user account is created and the following data is collected:

  • Company and address
  • First and last name
  • Telephone number
  • E-mail address
  • VAT number
  • Invoice address
  • Recipient and delivery addresses and telephone numbers

When entering the order, the customer can use the services of Google Autocomplete. Therefore Google collects the following data: unique identifiers, the type and settings of the browser, the type and settings of the device, the operating system, information about the mobile network such as the name of the mobile provider and the phone number as well as the version number of the app, data about the interaction of the apps, browsers and devices with Google services. This includes, but is not limited to, the IP address, crash reports, system activity, and the date, time, and referring URL of the request.

The data will not be passed on to third parties. When using the online account, the customer is obliged to store the access data for the user account carefully. He shall ensure that no unauthorised third party gains knowledge of the password. The customer is obliged to keep the password secret and – if possible – to change it immediately or have it changed by SLYNX if he suspects that unauthorised third parties have gained knowledge of it. The customer is liable to SLYNX for any damage caused by the breach of these obligations.

 Data collected by the transport partner

We collect data when transport partners create or update an account for the company/for an individual transporter with SLYNX. The following data is concerned:

  • Company and address
  • First name and surname
  • Telephone number
  • Vehicle type incl. registration number
  • E-mail address
  • VAT no.
  • Tax number
  • Copy of business registration, extract from the commercial register, EU licence, insurance confirmation
  • Bank data such as IBAN and BIC

 Data arising from the use of the SLYNX App by the transport partner

In the context of transport execution, location sharing, motion detection and push notification must be enabled with the use of the SLYNX app. And the SLYNX app transmits the following information to SLYNX:

Location data

During the period of order execution and use of the SLYNX Driver App, we require access to the location in order to be informed about the current transport progress. The GPS data will only be collected by us from the time of departure to the place of collection of the goods. This data is collected when the app is running in the foreground (app open and on screen) or in the background (app open but not on screen) of the mobile device. Location data will not be transmitted without an order.

For example, the SLYNX customer only sees the order-related transport progress between the pick-up and delivery address and status messages such as the Estimated Time of Arrival. The Estimated Time of Arrival is constantly updated based on GPS information.

 Transaction data

SLYNX collects transaction data related to the use of the services, including the type of services requested or provided, order details, delivery information, the date and time the service was provided, the invoice amount, the distance travelled and the payment method.

 Usage data

SLYNX collects data on how users interact with the services. This includes data such as access dates and times, app functions or pages accessed, app crashes and other system activity, browser type and third-party websites or services used prior to interaction with the services.

In addition, when using the app for transporters, photos related to the transport can be transmitted and captured by the driver. For the confirmation of collection and delivery by the carrier, the signature of the customer and the recipient is also recorded in the SLYNX app in each case.

During the transport, the user has the option to send SLYNX order/transport-related messages and images via the SLYNX Driver App.

 Device data

SLYNX may collect data about the devices used to access the SLYNX services, including hardware models, device IP address, operating systems and versions, software, preferred languages, unique device identifiers, promotional identifiers, serial numbers, device movement data and mobile network data.

 Use of personal data

SLYNX uses the collected data for the following purposes, among others, to provide, improve, maintain, personalise products and services.

This includes the use of the data to:

  • Create and update user accounts
  • Verifying the identity of clients and transporters to work with SLYNX
  • Enable transports
  • Process payments for services
  • Tracking and release of the course of transports
  • Performing internal operations necessary for the provision of the services, including troubleshooting software errors and operational problems, performing data analysis, testing and research, and monitoring and analysing usage and activity trends.
  • Feedback on satisfaction with the SLYNX services

Safety and security

SLYNX uses personal data to ensure the security of SLYNX services and the safety of customers and transport partners and users.

This includes:

  • The verification of transport partners prior to the release of the use of the SLYNX platform in order to prevent the use of the services by unsafe transport partners
  • Use of device, location, usage and other data to prevent, detect and combat fraud and unsafe activities

Customer and partner support

SLYNX uses information to provide support:

  • Forwarding questions to the responsible employee
  • Investigating and addressing concerns of clients and transport partners
  • Monitoring and improving the processes

 Amendment and update of the data protection declaration

We ask you to keep up to date about the content of our data protection declaration. We adapt the data protection declaration as soon as the changes in the data processing carried out by us make this necessary. We will inform you as soon as the changes require an act of cooperation on your part (e.g. consent) or other individual notification.

 

As of Januar 2023