Privacy Policy
Thank you for visiting the data protection section tailwind-shipping.com. Please note that when you visit our website and use our Tailwind portal, we handle your personal data responsibly and in compliance with the EU General Data Protection Regulation.
The following privacy policy is designed to inform you about the nature and scope of the processing of your personal data by Tailwind Shipping Lines GmbH & Co. KG (also referred to in this policy as "Tailwind", "we" and "us").
Personal data is information that identifies you or could identify you directly or indirectly. The statutory basis for data protection is, in particular, the EU General Data Protection Regulation (GDPR).
1. Accessing our website/Tailwind portal
Purposes of the processing/legal bases:
When accessing our website and our Tailwind portal, the browser used on your end device will – automatically and without any action on your part – send
- the IP address of the accessing Internet-enabled end device;
- the date and time of access;
- the name and URL of the requested file;
- the website/application from which the access occurred (referrer URL);
- the browser and, where relevant, the operating system of your Internet-enabled end device; and
- the name of your Internet service provider
to our website server and be stored temporarily in what is known as a log file for the following purposes:
- to ensure a fault-free connection;
- to ensure the comfortable use of our website/application; and
- to analyze system security and stability.
The legal basis for the data processing is Article 6(1) sentence 1(f) GDPR (legitimate interest in the data processing) and section 25 (2) no. 2 of the German Telecommunications and Telemedia Data Protection Act (Telekommunikation-Telemedien-Datenschutz-Gesetz – TTDSG). Our legitimate interest arises from our interest in protecting our systems and preventing improper and/or fraudulent activity each time that a user accesses this website.
Recipients/categories of recipient:
In the context of the aforementioned processing, your data will also be processed by our contract processors, in particular from the IT sector. Such processors are carefully selected and, where required by law, bound by contract in accordance with Article 28 GDPR.
Storage time/criteria for determining storage time:
Data pertaining to our website will be stored for a period of 14 days and data pertaining to our Tailwind portal for a period of 90 days and automatically deleted thereafter.
2. Using our Tailwind portal
Purposes of the processing/legal bases:
As our business partner, you can register for our portal. You can use our portal to plan and manage your bookings and view the status of the corresponding deliveries. In connection with this, we process your business data required for this purpose. This specifically includes:
- Your name;
- Your work e-mail address;
- Your work telephone number;
- Your language selection;
- Your company name and business address.
The legal basis for the aforementioned processing is Article 6(1)(b) GDPR.
Recipients/categories of recipient:
In the context of the aforementioned processing, your data will also be processed on our behalf by contract processors, in particular from the IT sector. Such processors are carefully selected and, where required by law, bound by contract in accordance with Article 28 GDPR.
Storage time/criteria for determining storage time:
Once generated, your data will generally be retained for 12 years to allow us to comply with our archiving obligations for transport documents. If your user account is inactive for 12 months or longer, we will automatically anonymize your data.
Use of cookies to process usage data
Purposes of the processing/legal bases:
The provision of our Tailwind portal requires the use of cookies.
Cookies are small text files that are stored on your end device (laptop, tablet, smartphone, etc.) when you visit our portal. Cookies do not cause any harm to your end device, nor do they contain any viruses, trojans or other malware. The cookie stores certain information that results in connection with the specific end device deployed. This does not, however, mean that we will immediately become aware of your identity.
Technical cookies and similar technologies are essential for using our portal (e.g., for correctly displaying the website). Depending on the purpose, the use of technical cookies to process usage data involves processing the following types of personal data in particular:
- user inputs, in order to remember inputs across multiple sub-pages (e.g., your language of choice);
- authentication data to identify a user after signing in, enabling you to access authorized content on subsequent visits (e.g., access to the Time Slot Management Portal);
- security-related events (e.g., identifying repeat failed sign-in attempts).
The legal basis for using technically necessary cookies is your consent given pursuant to Article 6(1)(f) GDPR and section 25(2) no. 2 TTDSG. Our legitimate interest arises primarily from our interest in protecting our systems and preventing improper and/or fraudulent activity each time that a user accesses this website.
For further information about the cookies we use, including the respective purposes of processing, storage periods and any third party providers involved, see the cookie policy below.
Recipients/categories of recipient:
When using cookies to process usage data, we may on occasion retain IT service providers to process data. They process your data as processors on our behalf. Each has been carefully selected and bound by contract in accordance with Article 28 GDPR.
Storage time/criteria for determining storage time:
For information on the duration of storage for cookies, see the cookie policy below.
3. Contact/e-mail inquiries
Purposes of the processing/legal bases:
We treat all personal data which you provide us with by e-mail confidentially. We use your data solely for the limited purpose of processing your inquiry.
The legal basis for the processing is Article 6(1)(f) GDPR. Our shared (legitimate) interest in this data processing arises from the objective of answering any inquiries and resolving any issues you may have and thus ensuring and improving your level of satisfaction as a business partner, employee of a business partner, or other user of our portal.
Recipients/categories of recipient:
As a rule, we do not transfer the data to third parties. In exceptional cases, we will have a processor process the data on our behalf. Such processors are carefully selected, audited by us and bound by contract in accordance with Article 28 GDPR.
Storage time/criteria for determining storage time:
We delete or anonymize all personal data we receive from you when you make inquiries (positive/negative comments or suggestions) no later than 90 days after the final response is sent. Based on experience, we generally do not receive any questions concerning our responses after 90 days.
4. No obligation to provide personal data
The provision of personal data is neither legally nor contractually required, nor is it required in order to enter into an agreement. You are under no obligation to provide personal data. However, if you choose to not provide your personal data you may not be able to (fully) use our website/portal.
5. Your rights as the data subject
5.1. Overview
In addition to the right to withdraw any consent you have granted to us, you have the following additional rights provided the respective statutory conditions are met:
- right of access to your personal data stored with us pursuant to Article 15 GDPR;
- right to rectification of inaccurate personal data and the right to have incomplete personal data completed pursuant to Article 16 GDPR;
- right to erasure of your personal data stored with us pursuant to Article 17 GDPR;
- right to a restriction of processing of your data pursuant to Article 18 GDPR;
- right to data portability pursuant to Article 20 GDPR;
- right to object pursuant to Article 21 GDPR.
5.2. Right of access pursuant to Article 15 GDPR
Pursuant to Article 15(1) of the GDPR, you have the right to request information, free of charge, on the personal data stored about you. This includes in particular:
- the purposes for which personal data is being processed;
- the categories of personal data that are being processed;
- the recipients or categories of recipient to whom personal data concerning you has been or will be disclosed;
- the planned duration of the storage of the personal data concerning you or, if it is not possible to give any specific details, the criteria used to determine the storage duration;
- the existence of a right to rectification or erasure of the personal data concerning you, a right to request from the controller that processing be restricted or a right to object to this processing;
- the right to lodge a complaint with a supervisory authority;
- all available information regarding the origin of the data if the personal data is not being collected from the data subject;
- the existence of any automated decision-making processes including profiling pursuant to Article 22(1) and (4) GDPR and – at least in these cases – meaningful information regarding the logic involved as well as the significance and the envisaged consequences of such processing for the data subject.
If personal data is transferred to a third country or an international organization, you have the right to be notified about appropriate safeguards pursuant Article 46 GDPR in connection with the transfer.
5.3. Right to rectification pursuant to Article 16 GDPR
You have the right to request the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
5.4. Right to erasure pursuant to Article 17 GDPR
You have the right to require us to erase any personal data concerning you without undue delay where one of the following grounds applies:
- the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
- you withdraw your consent on which the processing pursuant to Article 6(1)(a) or Article 9(2)(a) GDPR was based and there is no other legal basis for the processing;
- you object to the processing pursuant to Article 21(1) or (2) GDPR, and in the case of Article 21(1) GDPR there are no overriding legitimate grounds for the processing;
- the personal data was unlawfully processed;
- the erasure of personal data is necessary in order to comply with a legal obligation;
- the personal data was collected in relation to the offer of information society services referred to in Article 8(1) GDPR.
Where we have made the personal data public and are obliged to erase it, taking account of available technology and the cost of implementation we will take reasonable steps to inform any third parties processing your data of the fact that you have requested the erasure by such third parties of any links to, or copies or replications of, such personal data.
5.5. Right to restriction of processing pursuant to Article 18 GDPR
You have the right to require us to restrict the processing where one of the following applies:
- you contest the accuracy of the personal data;
- the processing is unlawful and you request the restriction of the use of the personal data rather than its erasure;
- the controller no longer needs the personal data for the purposes of the processing, but it is required by the data subject for the establishment, exercise or defense of legal claims; or
- you have objected to the processing pursuant to Article 21(1) GDPR pending verification of whether the legitimate grounds of the controller override those of the data subject.
5.6. Right to data portability pursuant to Article 20 GDPR
You have the right to require us to restrict the processing where one of the following applies:
- the processing is based on consent pursuant to Article 6(1)(a) or Article 9(2)(a) or on a contract pursuant to Article 6(1)(b) GDPR and
- the processing is carried out by automated means.
In exercising your right to data portability you have the right to have the personal data transmitted directly from us to another controller where technically feasible.
5.7. Right to object pursuant to Article 21 GDPR
Provided the requirements of Article 21(1) GDPR are met, you may object to the data processing on grounds relating to your particular situation.
The aforementioned general right to object applies to all processing grounds set out in these data protection provisions, which are processed on the basis of Article 6(1)(f) GDPR. The GDPR only obliges us to action such general right to object if you cite grounds of overriding importance, e.g. a possible risk to life or health. In addition, you have the option to contact the supervisory authority responsible for Tailwind Shipping Lines GmbH & Co. KG or the data protection officer of Tailwind Shipping Lines GmbH & Co. KG.
5.8. Right to lodge a complaint with a data protection supervisory authority
You have a right to lodge a complaint with the competent data protection supervisory authority at any time. In order to do this you can contact the data protection supervisory authority of the federal state where you have your place of residence or the authority of the federal state where the respective controller is domiciled.
6. Name and contact details of the controller and contact details of the company's data protection officer
This privacy policy applies to the processing of data by Tailwind Shipping Lines GmbH & Co. KG, Neue Burg 2, 20457 Hamburg, Germany ("Controller"), with respect to using the portal. The company data protection officer can be contacted at the aforementioned address for the attention of the data protection officer or at datenschutz@tailwind-shipping.com.
Please also write to this address to exercise your rights as data subject.
Cookie Policy (last updated 9/16/2022)
This website uses technically necessary cookies only.
Technically necessary cookies help to make a website usable by enabling basic functions such as site navigation and access to secure pages, and ensuring the integrity of the website. The website cannot function properly without the following cookies: