At Hapag-Lloyd AG as well as the entire Hapag-Lloyd Group (HL) with all entities and Hapag-Lloyd agents we respect your privacy and your personal data. With this privacy policy we want to inform you about our data processing activities when
- we, as an international container shipping line, deliver products and perform services to you as, our customer or prospective customer (see section 8.1 Sales and Customer Services)
- you work with us as a supplier of products or as service provider (see section 8.2 Procurement and Suppliers)
- you visit our facilities and use our visitor services, including conference rooms, local area networking (see section 8.3 Visitor Services)
- you contact us online or offline (see section 8.4 Communication, contacting and collaboration)
- you apply for a job with us (see section 8.5 Recruitment Activities)
- we perform specific marketing activities, such as sending you our newsletter (see section 8.6 Marketing Campaigns (newsletters, surveys, mailings))
- you visit our website(s) and social media pages or use our mobile applications and platforms (see section 8.8 Social Plugins and 10. Processing of non-personal data)
- you are a shareholder and use our online services (see section 8.9 Online services for shareholders)
As Hapag-Lloyd AG is based in the European Union, we adhere primarily to the EU General Data Protection Regulation (GDPR) but will also follow stricter national laws and regulations as they apply to the data processing. You will find the specific details in Section 7 for the countries that have a deviating regulations.
a. Personal data in the meaning of Art. 4 GDPR are all information relating to an identified or identifiable natural person, e.g., name, address, phone number, email address etc.
b. If you are conducting business with us, you may also be interested to learn how we process relevant information that does not qualify as person-identifiable information. A lot of this information forms a basis of our services (e.g., cargo information, container tracing, schedules, etc..) and is processed in a digital manner via digital tools (mobile applications, web, API portal, email notification). All these applications require login credentials (see section 10). You can also find more information in the privacy terms of the respective tools.
a. Responsible for the processing
In most of the cases:
Hapag-Lloyd AG
Ballindamm 25
20095 Hamburg
Germany
b. Data processing activities might occur under the responsibility of other controllers of the Hapag-Lloyd Group. This is specifically the case, when you are interacting with local entities of the Hapag-Lloyd Group.
For questions regarding the collection, processing or use of personal data relating to you; or in case of a withdrawal of an informed consent regarding the disclosure, correction, blocking or deletion of data, please contact us via:
E-Mail: [email protected]
or
Postal Address:
Hapag-Lloyd AG
8800 Corporate Data Protection Office
Ballindamm 25
20095 Hamburg
Germany
c. Other entities of the Hapag-Lloyd Group
For questions related to data protection in our affiliates across the world, you can find more details under section 7.
Hapag-Lloyd will process your personal data in accordance with the rights of data subjects under relevant national or international law. You have the following rights:
a. right of access;
b. right to rectification and erasure (“right to be forgotten”);
c. right to restriction of processing;
d. right to data portability
e. under certain circumstances, right to object, unless we have legitimate grounds to continue the processing;
f. file a complaint with local supervisory data protection authority;
g. withdraw your consent at any time with effect for the future.
To exercise your rights as a data subject, please contact our Corporate Data Protection Office.
We shall endeavor to respond your request withing 30 days. If more time is necessary, we will inform you. To allow to us to verify your request, we might request proof of identification.
For more information on how we process your data when you contact us, see section 8.4.
In addition to us sharing your personal data with other entities of the Hapag-Lloyd group, we may share your personal data with the following recipients:
We only share your personal data with these recipients when it is necessary in accordance with the purpose of processing as described in more detail below under the respective processing activities.
We also may process and disclose your personal data if we determine that, due to legal requirements, law enforcement, litigation and/or requests from public and governmental authorities, or other issues of public importance, the disclosure and processing of your personal data is necessary and appropriate. These legal requirements (Art. 6 (1) GDPR) include, but are not limited to the following situations:
Your personal data may be transferred to and/or accessible globally by other Hapag-Lloyd entities and unaffiliated service providers, including in countries outside of the European Economic Area (EEA) in which the level of data protection may not be as high as within the EEA.
We comply with applicable legal requirements and provide an adequate level of data protection regardless of where the data are transferred or accessed. For transfers of personal data outside the EEA, we rely on appropriate international data transfer mechanisms and safeguards such as an adequacy decision or the Standard Contractual Clauses as approved by the European Commission. More information on this topic is published here: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection_en
We will retain the data for the period reasonably necessary to fulfill the purposes outlined in this Website Privacy Policy unless a longer retention period is required or permitted by law or subject to questions or complaints that force us to retain the data for a longer period.
We use a variety of technical and organizational measures to help to protect your personal data from unauthorized access, loss, use, disclosure, alteration, or destruction in line with applicable data protection laws. The Hapag-Lloyd AG is ISO 27001/ ISO 27701 certified.
We work with a number of external partners and have taken contractual steps to ensure that all external service providers comply with the relevant IT security standards, including but not limited to the requirements of the GDPR.
We do not process personal data relating to children and minors under the age of 16 years, unless we are legally obliged to do so. If we become aware that data were transferred to us or collected by us relating to children and minors under the age of 16 years without the informed consent of a parent or legal guardian, we will delete such personal data without any undue delay.
In the following, we list the contacts of our local Data Protection Officers that are based at affiliates of Hapag-Lloyd AG. Please be aware that some jurisdictions may use a different terminology for the data protection function. Such nomenclature may include, inter alias: Data Information Officer; Information Officer, Information Security Officer, Privacy Officer, Grievance Officer etc.
For information regarding further countries please check the local pages:
Purpose/information
The shipping process and the entire customer journey often requires the processing of personal data: e.g., to obtain quotes, to schedule and book your transport, to submit the necessary shipping documentation, to track your transport, to file your custom declaration and clear customs, but also for invoicing and payments. The processing of personal data may be necessary both prior to the conclusion of a contractual agreement (e.g., in order to provide you with a quotation) and during the implementation of a contract with you (e.g., shipping details). Notably, we often process personal data that do not relate to our direct (pre-) contractual partner, but to a third person (such as a consignee, an employee of a consignee or a notified party).
Personal data, which is processed to provide you or another third party with our services, only to the extent an identifiable person can be linked to such content, may include but is not limited to:
Cookies used: Type A. More information can be found in the “Cookies/Tools” section.
Subjects:
Direct contractual party but also third person (consignee, employee of a consignee or a notified party).
Recipients
Transfers to third countries are possible (see section 3).
Retention
See section 4.
Legal basis:
Please be also aware that we may not be able, for regulatory reasons, to provide you with our services if you partly or fully disagree with the processing of personal data relating to you.
Please note that for processing of personal data on consignees, employees of consignees or other third parties involved in a shipment, provided by the shipper/ contract party to Hapag-Lloyd, it is the responsibility of the shipper / contract party to ensure that the provision of data is compliant with applicable data protection laws.
Purpose/information
With regard to the cooperation with our suppliers and service providers (from terminal services, to supply of spare parts and offices services, or Information Technology services), we might collect personal information. In general, we only process information about the company but it might also include personal information of the contact person.
Personal data, which is processed, and only to the extent an identifiable person can be linked to such content, may include but is not limited to:
Subjects
Direct contractual parties (suppliers, service providers)
Recipients
Transfers to third countries are possible (see section3).
Retention
See section 4.
Legal basis
Purpose/information
We use the personal data of individuals who visit our offices and facilities especially for visitor management. This might include the following personal data related to your identity (name, job title, email address, phone number, picture, copy of identification document, visit information (time and date of visit, location information within our facilities and access logs from card readers in case they are used), online identifiers in case of use of our visitor Wifi. For certain types of visitors or in certain circumstances, we might also collect training information or certificates for security reasons or as legally required. Visuals might be captured via video surveillance equipment (CCTV).
Subjects
Any individual entering our buildings and facilities.
Recipients
Transfers to third countries are possible (see section 3).
Retention
See section 4.
Legal Basis
Purpose/information
When you contact us (e.g., by email or by phone), to request information about our services or when we exchange information, we use your person data to document the communication, answer your requests, improve the quality of our services and other business-related purposes.
Personal data might include name, email, phone number, address, preferred language, your position, correspondence, voice recording, or other information submitted during the conversation and communication.
Cookies used: Type A. More information can be found in the “Cookies/Tools” section.
Subjects
All individuals with whom we communicate, collaborate, and/or contact us.
Recipients
Transfers to third countries are possible (see section 3).
Retention
See section 4.
Legal Basis
If you apply to one of our open positions published in our careers site, by sending us contact details and CV via the relevant application for or through any other means provided by us (e.g., social media), we will collect your personal data as applicant. We may also use retargeting mechanisms for recruitment activities (see section 8.6).
To check the suitability of applicants, we carry out aptitude tests for occupational groups. These tests deal with various areas of knowledge and serve as a performance test to better assess the previous knowledge and certain skills of the applicants, they are adapted to the respective position of the applicants. Test are conducted pseudonymously and only Hapag-Lloyd is able to match the results to the applicants. For the purpose of carrying out the application process, registration for the talent pool as well as the initiation of an employment relationship, we process your data required.
You can provide the following information as part of your application to us:
Cookies used: Type A. More information can be found in the “Cookies/Tools” section.
Subjects
Applicants.
Recipients
Transfers to third countries are possible (see section 3).
Retention
Your data will be stored for the duration of the application process and in accordance with legitimate retention periods after completion of the application process. In case of a cancellation, the data will be kept for 6 months. After the retention period has expired, the data is completely anonymized. If the processing is based on consent or legitimate interest, your data will be deleted after withdrawal of consent or legitimate objection.
Legal Basis
Purpose/information
If you subscribe to one of our newsletters or direct marketing communications, we might process the following personal data: individual and business-contact information (such as name, company name, physical address, email address, and telephone or fax number), content and preferences related to marketing communication, cookie and browser related information. If you subscribe to one of our newsletter we offer you the option to define in a preference center what you are most interested in.
You may choose to unsubscribe at any time from such marketing communications by following the opt-out options as described in the respective marketing communication or cookies. When unsubscribed, you will not receive further direct marketing from us.
Marketing communications can be done through different channels (emails, postal letters, social media, etc.).
We also send out mailings to our customers and business partners to take part in promotional activities, including events, to provide updates our services etc. In this context, we might process the following personal data: individual and business-contact information (such as name, company name, physical address, email address, and telephone or fax number), and browser related information.
When you participate in one of our surveys (e.g., about our services, events we organize), including non-anonymous surveys, we might process the following personal data: your name, your contact details, your answers, as well as details how you connected to the survey website, including data and time when you were connected.
Cookies used: Type A. More information can be found in the “Cookies/Tools” section.
Subjects
Customers, potential customers, vendors, other business partners, employees, press, other stakeholders
Recipients
Transfers to third countries are possible (see section 3).
Retention
See section 4.
Legal Basis
Purpose/information
Using our websites may lead to an automatic processing of personal data relating to you.
Cookies used: Type A. More information can be found in the “Cookies/Tools” section.
Processing is carried out in a way which does allow your identification, as we are potentially able to link between such metadata and data directly relating to you (= identifiable data). Personal data may include but is not limited to:
Subjects:
Any individual visiting our website, subscribed to our newsletter, or using any website/digital technology.
Recipients
Transfers to third countries are possible (see section 3).
Retention
See section 4.
Legal basis:
Purpose/information
Our website contains hyperlinks to social media (so called "social plugins") operated by third parties. The functionality of these social plugins, in particular the transfer of information and user data is not activated by visiting our website, but only by clicking the hyperlinks (social plugins). Once you click on any of these links, the plugin of the respective social media tool will be activated, and your browser will establish a direct connection with the server of this social media tool. If you click on the social plugin while you are visiting our website, a transfer of your user data to the respective social media network and the processing of your data through the social media network may occur. If you activate any of the social media plugins on our website while you are at the same time simultaneously logged into the respective social media tool with your personal account for that social media tool, the information that you have visited our website and that you have clicked the plugin on our website may be transferred to the social media tool and may be processed and stored in relation to your account with this social media tool.
To prevent such processing in relation to your account with the respective social media tool, you need to log out of your account before clicking the plugin link. You may also prevent the activation of social media plugins by adjusting the add-on settings of your browser, for example, by installing a so-called script-blocker such as „NoScript“ (http://noscript.net/).
To the extent that such plugins qualify as cookies, please review our dedicated Section 11 on cookies.
Cookies used: Type A. More information can be found in the “Cookies/Tools” section.
Subjects:
Any website visitors activating the social plugins.
Recipients
Transfers to third countries are possible (see section 3).
Retention
The deletion is in the responsibility of the main service providers.
Legal basis:
Purpose/information
The online services offer Hapag-Lloyd shareholders the possibility to electronically receive information and documents to the Annual General Meeting, as well as the ability to use various Annual General Meeting-related and share register-related applications.
Cookies used: Type A. More information can be found in the “Cookies/Tools” section.
Subjects:
Any shareholding using the online services.
Recipients
Transfers to third countries are possible (see section 3).
Retention
See section 4.
Legal basis:
The website of Hapag-Lloyd may contain hyperlinks, which refer you to content provided on websites operated by third parties. As Hapag-Lloyd is not legally responsible for the content and the data protection compliance of such third-party-operated websites, we kindly ask you to closely pay attention to the respective privacy terms of these third-party-operated websites.
In the Privacy Terms above we provide all data subjects with a comprehensive overview regarding the processing of personal data at Hapag-Lloyd Group. Nonetheless, we know and appreciate that many customers are also concerned about the information that does not qualify as personal data, in particular as such information may be important to the operations of our customers.
Logistics is currently undergoing several waves of digitization, and this process is about to further accelerate over the months and years to come. Insofar, the operations processes and the exchange of information are changing rapidly with a clear tendency towards the expansion of data exchange between all stakeholders in the logistics supply chain.
Within the boundaries set by law, such as customs regulations or competition law, just to name a few examples, we also exchange substantially more transport service related information with third parties than we did before. Partially, this increase is even triggered by changes in the operations of public authorities, such as customs authorities.
As a guiding principle we exchange information with third parties involved in the logistics supply chain on a need-to-know basis, that means we share operational and production data to the extent this is necessary to provide the service. Examples are trucking companies, authorities, port terminals, feeder operators or other service related external partners.
To the same extent we also receive such operational or production data from stakeholders, primarily to synchronize such data with our internal data sets, to update the transport plan or for other general purposes of providing our service to you.
Most of the data provided and obtained relates to the physical move of the box, but such data sets may, depending on the stakeholders involved, also contain cargo related information such as cargo descriptions or the HS-Code.
We trust that our customers appreciate that Hapag-Lloyd, with new services like Quick Quotes or LIVE, is at the forefront of the digitization in the shipping industry, and that customers appreciate the value of new, disruptive digital platforms, which aim to increase the real-time data exchange of operations data in the entire ecosystem.
We are committed to remain one of the leaders in this field, and to increase transparency for all players in the ecosystem that are contributing to an individual shipment without compromising the security of information and operations.
Substantive parts of our customers are using existing platforms, such as INTTRA, and we expect that even more customers will try to harvest the advantages of emerging platforms such as GSBN.
Participating in such platforms comes at a “cost”, and that is the need for further standardization of data types, including operational and customer-related data. Partly triggered through new standards proposed by the Digital Container Shipping Association, as well as platform services, this standardization limits the capability of all stakeholders in the ecosystem to provide customer-specific services, or to contribute to customer run stand-alone systems.
Some of the new data-driven platforms and services imply the processing of vast amounts of operational data and trade documents, incl. the aggregated or de-identified use for secondary purposes, e.g. for the improvement of the quality of service providers or the promotion of ancillary services, to name just a few examples.
As a member to such platforms, Hapag-Lloyd is following the relevant data provisioning and data sharing requirements of the platform operators, and integrates the technology of such platforms into the Hapag-Lloyd services.
As such, terms and conditions of a platform may imply that we share data related to a shipment with that platform beyond the need-to-know principle, even if you are not a customer to that platform.
Regardless of the platform or service we collaborate with, we will not compromise our IT security standards, and whenever mixed data sets contain personal data, e.g. in trade documents, we will continue to adhere to the EU GDPR and/or other applicable data protection laws.
Cookies/Similar Technologies. Please refer to our Cookie Policy to learn how you we use cookies, how you can manage your cookie settings, for detailed information on the cookies we use and the intended purposes.
IP addresses. An IP address is a number that is used by computers on the network to identify your computer every time you log on to the Internet. We may record IP Addresses for the following purposes: (i) troubleshoot technical concerns, (ii) maintain website safety and security (iii) better understand how our websites are utilised, and (iv) to better tailor content to your needs depending on the country you are in.
Log Files. We (or a third party on our behalf) may collect information in the form of logs files that record website activity and gather statistics about a user’s browsing habits. These entries are generated anonymously, and help us gather (among other things) (i) a user’s browser type and operating system, (ii) information about a user’s session (such as the URL they came from, the date and time they visited our website, and which pages they've viewed on our website and for how long), and, (iii) other similar navigational or click-stream data.
Web Beacons. We may use web beacons (or clear GIFs) on the HLSites. Web beacons (also known as “web bugs”) are small strings of code that provide a method of delivering a graphic image on a web page for the purpose of transferring data back to us. The information collected via web beacons may include information about how a user responds to an email campaign (e.g. the time the email is opened, where does the user link to from the email, etc.). We use web beacon information for a variety of purposes, including, site traffic reporting, unique visitor counts, advertising and email auditing and reporting, and personalisation.
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used to facilitate and to improve the use of our website, or work more efficiently, as well as to provide information to the owners of the site.
See below for details on what information is collected by cookies and how we use that information. For more information about the kind of data we collect, please read our Privacy Terms.
Hapag-Lloyd uses cookies to gain a better understanding how visitors use this website. Cookies help us tailor Hapag-Lloyd websites to your personal needs, to improve their user-friendliness, gain customer satisfaction feedback on our websites (through designated partners) and to communicate to you elsewhere on the web. To enable this some cookies are applied when you enter our sites.
Hapag-Lloyd keeps all the information collected from cookies in a non–personally identifiable format. Hapag-Lloyd cookies located on your computer do not retain your name or your IP address.
We have summarized relevant information related to our use of cookies in these Privacy Terms. You may obtain additional information by reviewing this cookie information at Cookie Policy. We also provide details on our cookies in the consent management window that is automatically opened once you enter our website that use cookies.
By using a Hapag-Lloyd Site, you accept our use of cookies and other tracking technology for the provision of the Hapag-Lloyd Site in accordance with this notice. If you do not agree to our use of cookies and other tracking technology in this way, you should set your browser settings accordingly or not use the Hapag-Lloyd Site. If you disable cookies that we use, this may impact your user experience while on the Hapag-Lloyd Site.
For cookies which require consent, we will ask for your consent via the cookie banner. You can access and adjust the cookie settings at any time.
When using a mobile device to connect to the Internet, you should also refer to the privacy notice of the specific App you are using to understand its specific data collection practices.
You can adjust your cookie settings related to Hapag-Lloyd Sites at any time in our Cookie Settings/Privacy Preference Center with immediate effect for the future. Furthermore, you may block cookies, change the settings of your browser add-ons.
Please ensure that your computer setting reflects whether you are happy to accept cookies or not. You can set your browser to warn you before accepting cookies, or you can simply set it to refuse them, although you may not have access to all the features of this website if you do so. See your browser 'help' button for how you can do this. You do not need to have cookies on to use or navigate through many parts of this and other Hapag-Lloyd websites. Remember that if you use different computers in different locations, you will need to ensure that each browser is adjusted to suit your cookie preferences.
To delete the cookies and all information gathered, and otherwise change your cookie settings please click the following link.
For useful information on cookies, see AboutCookies.org
Session cookies
Session cookies are temporary cookie files which are erased when you close your browser. When you restart your browser and go back to the site that created that cookie, the website will treat you as a new visitor.
Persistent cookies
Persistent cookies stay on your browser until you delete them manually or until your browser deletes them based on the duration period set within the cookie. These cookies will recognise you as a return visitor.
Cookies that send information to us (First Party cookies)
These are the cookies that we set on a Hapag-Lloyd Site and they can only be read by that site. This is known as a "First Party" cookie.We also place cookies on ads which are placed on other websites owned by third parties (e.g. Facebook). We obtain information via those cookies when you click on or interact with the advertisement. In this situation the ad is placing a “Third Party” cookie. Hapag-Lloyd may use the information obtained by these cookies to serve you with advertising that is relevant and of interest to you based on your past online behaviour.
Cookies that send information to other companies (Third Party Cookies)
These are cookies that are set on a Hapag-Lloyd Site by our partner companies (e.g. Facebook or advertisers). They may use the data collected from these cookies to anonymously target advertising to you on other websites, based on your visit to this Website. For example, if you use a social widget (e.g. the Facebook icon) on the Website, it will record your “share” or “like”. Facebook (as the company setting the cookie) will collect the data. This is known as a “Third Party’’ cookie.
Please note that third party services placing cookies or utilizing other tracking technologies through our services may have their own policies regarding how they collect and store information. Such practices are not covered by our Privacy Terms and we do not have any control over them.