We at Hermes NexTec (Hermes) are very serious about protecting your privacy and your personal data. This is why we place great store on ensuring that your data is secure and that, when we process your data, data protection law – and especially the EU’s General Data Protection Regulation (GDPR) – is complied with. Furthermore, we deploy technical and organisational measures to ensure that your data is protected against unauthorised access by third parties.
This Privacy Statement applies to the following online offerings from Hermes:
– www.borderguru.io (Hermes website)
1 Personal Data
Personal data is personal information that allows your identity to be inferred. This includes, for example, information such as name, address, telephone number or email address, but also information about surfing behaviour, provided that this information can be assigned to you directly or indirectly.
You can use the Hermes website without disclosing your personal data. However, if you contact us via the Hermes website, we collect and process your personal data for the purpose of contacting you.
2 Providing the website
2.1 Storing data in a log file and geo-localization
2.1.1 Type of data and purpose of processing
Each time you visit the Hermes website, certain data from the end device accessing the site is captured by our webservers and temporarily stored. This includes the following data:
the IP address of the retrieving end device
the technical request
the type of end device
the browser and the operating system
the date and time of the visit (timestamp)
the website visited (URL)
This data is collected to ensure the functionality of the website. Furthermore, the data serves to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
Moreover, the IP address is used for so-called geo-localisation (IP geo-location) because on our websites you should get the information you are looking for – and this in the language that is probably most familiar to you. To ensure this, we process your IP address when you visit our website in order to direct you to the website of the respective Hermes subsidiary that is suitable for you.
2.1.2 Legal basis
The legal basis for temporarily storing your data can be found in Article 6.1(f) of the GDPR. Our legitimate interest in processing the data lies in the data collection and processing purposes mentioned above.
2.1.3 Length of storage
Data is deleted when it is no longer necessary to fulfil the purpose for which it was captured. The data is deleted at the earliest after seven days, but no later than 32 days.
The collecting and processing of data for the purposes mentioned in this section are necessary to operate the Hermes website. As a consequence users have no grounds to raise objection.
Cookies regularly contain a characteristic string of characters that enables a unique identification of the browser or the end device when the website is retrieved again.
Various types of cookies are used on this website. We distinguish between:
temporary session cookies that are regularly deleted when you close your web browser;
permanent cookies that are stored on your end device for a longer period of time and contain certain settings, such as the language you have selected for using the Hermes website;
own cookies (first-party cookies), which are stored by the Hermes website on your end device;
cookies from other internet services that have been authorised and are used on this Hermes website (so-called third-party cookies), which they store on your end device.
The cookies (first-party cookies) used by this Hermes website include temporary session cookies and permanent cookies. The website stores information in the permanent cookies in order to save your personal user settings and to improve your user experience on your next visit (e.g. the language settings you have selected). In the temporary session cookies, the web browser stores technical information that is necessary for the functioning of the website. The storage period of these cookies depends on the periods specified in this section.
In general, you can instruct your web browser to prevent the storage of cookies or prevent analysis technologies from running. Under certain circumstances, however, some features of this website may then no longer be available. As a compromise, you can also set your browser to notify you when a cookie or similar analysis technologies are being used. In addition, all cookies can be deleted manually at any time.
3.1 Analysing use (Webtrekk)
3.1.1 Type of data and purpose of processing
When you use the Hermes website, our analysis service – Webtrekk GmbH – collects and processes the following data:
data on your technical end device (type of device, version of the operating system, type of browser, the resolution of your monitor, the colour depth, whether Java script is enabled or not, etc.);
anonymised IP address;
the website you visited before visiting our website (referrer URL);
the pages visited on the Hermes website (the clicks the user made);
randomly generated session ID set by a session cookie;
randomly generated long-term ID set by a permanent cookie;
date, time and length of your visit;
geo-localisation (country, region, town)
The data is collected using a tracking pixel integrated into the Hermes website (and its sub-pages) and cookies set by Webtrekk.
With the help of the data collected, the analysis service enables us to analyse the surfing behaviour of our users. We are able to compile information about the use of the individual components of our website by evaluating the data obtained. This helps us to continuously improve our website and its user-friendliness. This analysis of usage is carried out in such a way that neither we nor the analysis service can identify the individual user.
3.1.2 Legal basis
3.1.3 Length of storage
The data is deleted as soon as it is no longer required for our analysis purposes. The session cookie with its session ID become invalid and are deleted at the end of a user’s visit to the website. The permanent cookie with its long-term ID become invalid and are delete after a period of six months. All data gathered by the analysis service are blocked after 14 months at the latest.
4 Establishing contact
If you contact us using a contact form, or by telephone or e-mail, your personal data will be collected and stored.
We use the data collected solely for the purpose of answering your inquiry.
We will delete the data arising in this context when its storage is no longer required for the purpose of contacting each other or – in the case of statutory retention obligations – shall limit processing.
Provided the contact between us is to conclude a contract, the legal basis for processing your data can be found in Article 6.1(b) of the GDPR. In all other cases, the legal basis can be found in Article 6.1(f) of the GDPR. Our legitimate interest in processing your data in this case is to be able to respond to your inquiries.
If your reason for contacting us is not for the purpose of initiating a contract, you have the right to object to having your personal data processed. If you do object, it might be that correspondence will have to be discontinued. All personal data gathered in this context will then be deleted should you raise objection.
6 Your data protection rights
With respect to your personal data, you have the following rights in your dealings with Hermes:
right to information
right to rectification or erasure
right to restrict data processing
right to object to data processing
right to data portability
If you have given us your consent to use your personal data (for example by activating the share buttons of social plugins), you have the right to revoke this consent at any time without giving reasons with effect for the future.
You can also assert any rights of objection not expressly stated here against the person listed below for data protection matters at Hermes.
If you wish personal data to be deleted, we may under certain circumstances be required by law to store this data for a certain period, for example for tax or accounting purposes. In this case we will delete the data immediately after the storage period has expired.
If your personal data has been incorrectly recorded, you can have this corrected at any time by contacting us personally.
6.1 Your rights
You have the right to appeal to the data protection supervisory authorities with respect to Hermes processing your personal data.
6.2 Right to appeal
7 Legal controller
Pursuant to Article 4.7 of the GDPR, the controller is
Hermes Europe GmbH
– represented by its Executive Board Stephan Schiller, Hendrik Schneider, Viviane Reichert-Brown, Martijn de Lange, Olaf Schabirosky and Dr. Georg Rau –
Essener Straße 89
Tel.: +49 / 40 / 53755 – 0
Fax.: +49 / 40 / 53754 – 870