Data protection declaration

Download data protection declaration (PDF): english / german

Gender Disclaimer

In order to ensure easy reading of the text, explicit, gender-specific style of writing has been omitted in the presented instructions. To achieve this and for simplification purposes, the masculine form of addressing has been used as a representative for both gender forms.

1. Applicability

This data protection directive applies to Valiant TMS GmbH and all corporate companies of Valiant TMS Group within the European Union.

2. Data processing purpose

Valiant TMS processes personal data of staff members, partners, customers and suppliers in order to run its usual course of business and to meet all related statutory and contractual requirements.

Customer data processing

Valiant TMS collects and processes personal data provided by interested parties and customers in order to prepare offers and execute orders, as well as to meet all related contractual and legal obligations. When necessary to meet legal obligations, data may be provided to authorities and public centres.

2.1. Candidate data processing

Contact data and job candidate documentation provided during recruitment shall be processed electronically in order to select appropriate candidates for employment and such data shall be stored for a period of 6 months (according to Glbg § 15).

In the case of rejection, recruitment documents shall be maintained as an evidence only, if approved by the affected individual.

2.2. Websites & Cookies

2.2.1. IP address allocation

Data is automatically saved on the web server during visits on our company site. Such data include the type of browser used, type of operating system used, which page was used during a visit, the IP address, time at which the page was accessed and other information. These data are stored anonymously from the point of view of the company and cannot be assigned to a specific person without additional data sources. These data are usually not analysed as long as no illegal use of the website took place.

2.2.2. Google Analytics

Our website uses the website features of the web analytics service Google Analytics (Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA, Tel: +1 650 253 0000, email: support@google.com. Data is transferred to a third country. For this purpose, cookies are used that allow an analysis of the use of the website by your users. The generated information is transferred and stored on a server of the provider.) You can prevent this by setting up your browser so that no cookies are stored. We have concluded a corresponding contract data processing contract with the provider. Your IP address is captured but immediately pseudonymized. As a result, only a rough localization is possible. The business connection with the web analytics provider is based on adequacy decision of the European Commission. Based on legal regulations of § 96 Abs 3 TKG (telecommunications act) as well as the article 6 paragraph 1 a (consent) and / or b (legitimate interest) of the GDPR. Our concern in the sense of the GDPR (legitimate interest) is the improvement of our offer and our website. Since the privacy of our users is important to us, the user data is pseudonymized. The user data is kept for a period of 26 months.

3. Basics of personal data processing

Personal data processing is based on a strict basis, which treats safety and security of data and rights of the affected individual as the highest values.

3.1. Legality and transparency

Data processing shall take place in conformity with the law, trust and good faith. The affected individual is informed about the planned data processing and handling upon data collection. The affected individual shall be informed about the following points as a minimum:
• Person responsible for data processing
• Data processing purpose
• Legal basis for processing

3.2. Purpose identification

The data is collected and processed for specific, clear and legal purposes. Data processing shall not take place in a manner and type not appropriate for such purposes.

3.3. Data minimising

Only data strictly required for the specific purpose shall be collected and processed. If it is possible and reasonably adapted for the purpose, only anonymous data shall be processed.

3.4. Memory limitation and deletion

Personal data shall be deleted as soon as the purpose it was originally collected for is no longer valid and such deletion does not violate statutory data storage periods.

If protection-worthy interest in such data exists in individual cases, the data shall be stored for a longer period of time, until such interests have been clarified according to the law.

3.5. Data safety

Personal data is covered by confidentiality obligations. The data shall be handled confidentially and protected against unauthorised access, manipulation and revelation, as well as against loss and destruction using adequate organisational and technical measures.

3.6. Material correctness

Personal data should be maintained correctly, fully and updated. Appropriate measures aimed at correction of obsolete, incorrect or incomplete data shall be undertaken.

4. Data confidentiality obligation

All staff members of VALIANT TMS and staff of other corporate companies are obliged to maintain confidentiality and are regularly trained in the field of safe handling of personal data and of other critical data.

5. Data safety

Protection of data confidentiality, availability and integrity is an important task of VALIANT TMS. This applies to the same extent to company secrets, customer data, personal data and to other critically important information.

Technical and organisational safety measures shall be implemented for this purpose, according to the current technological state of the art and internationally recognized, best practices, as well as according to safety standards, such measures shall also be continuously improved.

6. Data protection specialist

VALIANT TMS should not be indicated if a data protection administrator is required, as Article 37, paragraph 1 of the EU-GDPR does not apply. According to the importance of data protection, VALIANT TMS decided to designate a data protection coordinator. This person shall be available to the affected individuals and to data protection authorities as a contact person and shall take care for personal data topics within the company group.

7. Rights of affected individuals

Every affected individuals, personal data of which are processed by VALIANT TMS can call upon the rights of affected individuals at any time and execute them with the data protection administrator of VALIANT TMS.
In order to use the rights of affected individuals, an appropriate request can be sent at any time via e-mail, to gdpr-dataprotection@tms-at.com.

7.1. Information


Affected individuals may always request information stating which of their personal data is processed and for what purposes.

7.2. Correction


Affected individuals have the right to demand immediate correction of their incorrect personal data.
Limitations
Affected individuals have the right to limit data processing if correctness of their personal data is violated, if such processing violates the law, if data are no longer required for processing or if the affected individuals have objected to the processing.

7.3. Revocation


Affected individuals have the right to object to processing of their personal data at any time.

7.4. Transferability


Affected individuals have the right to maintain their personal data provided to VALIANT TMS in a structured, commonly used and machine-readable format. The affected individuals also have the right to transfer such data to another responsible person as long as it is technically feasible.
Transferability applies only to personal data processed using automated methods.

7.5. Deletion – right to forget


The affected individual has the right to demand their personal data to be deleted immediately if legal basis for data processing is missing or does no longer apply, if objection against data processing is raised, data processing is illegal and no statutory storage period prevents such data deletion.

Data security has a very high value in relation to the rights of the affected individual, as execution of the rights of affected individuals is possible only after clear and positive identification of the affected individual.

The affected individual may report violations to data protection authorities.

8. Data transfer


Transfer of personal data to recipients outside the company group and to recipients in other EU countries can take place only in conformity with the effective law and according to a legal basis, as well as with observance of the highest level of confidentiality and data security.
Within conventional processing, personal data is exchanged between companies of the VALIANT TMS Group. This exchange is regulated by regulations, Binding Corporate Rules, and provides a uniform standard of data protection and processing according to the law.

Valiant TMS uses various contractual data processors during data processing. All contracted processors are contractually obliged upon signing a processing contract to observance of all legally binding regulations related to data protection.

9. Continuous control and improvement

Continuous improvement of quality and processes is extremely important to Valiant TMS. Observance of data protection directives and effective statutory regulations, as well as effectiveness of data protection and data safety measures is verified and improved continuously in order to ensure optimal execution of data protection measures.