Privacy Notice
1. Introduction
The DHL Global Forwarding and DHL Freight (DGFF) Group entities (hereinafter called “DGFF”) are pleased that you visit the “DGFF Certified Portal” “DGFF Mobile App” (together referred to as “Application”) and that you are interested in the CIF (Certified International Forwarder) and CFS (Certified Freight Specialist) Learning Modules (hereinafter called “Certified Learning Modules”). The Application contains a DHL Global Forwarding instance and a DHL Freight instance for the respective Certified Learning Modules.
It is important to us to protect your personal data during the entire process within the Application.
The information provided below is intended to give you an overview of how your data are processed.
2. Who is responsible?
This Privacy Notice applies for the data processing carried out by the DGFF Group entity that employs you (Controller).
You will find more information regarding the usage of your personal data in connection with your employment relationship as part of your employment contract or you can contact your responsible HR contact person.
If you have queries with regard to the processing of your personal data, please contact us:
dataprotectionDGFF@dhl.com
3. What is personal data?
“Personal data” means information relating to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an email address, an identification number, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
4. What is the purpose and the legal basis of processing personal data?
Visiting the Application
DGFF is committed to preserving the privacy of users of the Application. When you visit our website, the web servers temporarily store data for security reasons that may permit identification. The following data are collected: IP address, hostname of the accessing computer, website from which you accessed this website, the date and duration of your visit, notification of whether the visit was successful, volume of data transferred, information about the identification data of the browser type and operating system used by you. These purposes are also covered by a legitimate interest in data processing. This measure is undertaken on the basis of Art. 6(1)(f) GDPR.
Registration to the Application Your Application Profile
If you register for the Application, DGFF processes in particular your name, e-mail address, role, function and work location when you enter this information into the registration mask and accept the terms of use. We also ask you to provide information regarding your manager´s name and e-mail address. The manager will be informed by the Application of the progress for certain Certified Learning Modules in order to support you in your learning. The legal basis is Art. 6 (1) b) GDPR as learning opportunities are considered to be part of the performance of the employment contract.
Participating in the Certified Learning Modules
When you use the Certified Learning Modules in the Application, you participate in courses in which knowledge that may be helpful for the performance of your tasks is imparted to you. You might also take part in courses for the purpose of personal or professional development. There are four module categories: induction, functional, cross-functional and managementsupervisory. We may capture e.g. your name, e-mail address, country and learning history as well as your pre- and post- work documents for specific Certified Learning Modules. The legal basis for processing your personal data for these purposes is set out in Article 6 (1) (b) of the GDPR when the Certified Learning Modules serve your personal or professional development under your contract of employment. The participation in all Certified Learning Modules is voluntary.
5. Who has access to your data?
Your personal data will be processed only by persons duly authorised by your DGFF Group entity. These are, in particular, employees of the Personnel department and your manager at your DGFF Group entity. In certain situations, other people such as the responsible DGFF Administrators from other DGFF Group entities, may have access to your data in order to perform the tasks assigned to them, for example, to invite you to Certified Learning Modules, view your progress, check the pre- and post-work documents and confirm your attendance.
DGFF makes use of subcontractors (internal and external service providers) that process personal data on DGFF’s behalf; such service providers are contractually obliged to maintain strict confidentiality. DGFF retains responsibility for safeguarding your information in such circumstances.
Your participation record of the Certified Learning Modules is transferred to my Talent World, as my Talent World is considered the leading training system for DPDHL Group. With regard to the processing of personal data on my Talent World, please see the my Talent World website.
6. Transfer to third countries
If your personal data are transferred from a DGFF Group entity within the European Union (EU) to another DGFF Group entity in a country without a data protection level comparable to that in the EU, it will be processed according to the standards of the DPDHL Data Privacy Policy. This ensures that our Group companies worldwide process personal data pursuant to standards that guarantee an adequate level of protection in accordance with the level required by the GDPR, Article 46, Paragraph 2 (a). Our DPDHL Data Privacy Policy is approved by European data protection authorities as being Binding Corporate Rules (BCR). If you are interested in learning more about the DPDHL Data Privacy Policy, please visit
https:mynet.dpdhl.comgoto20180510110028126679_en.
If an external company located outside the EU and the DPDHL Group is working as a processor for any DPDHL Group company in a country without a data protection laws at level of compliance comparable to that of the laws of the EU, contractual agreements (standard contractual clauses of the European Commission) to ensure compliance with the European data protection level, Article 46, Paragraph 2 (c) of the GDPR, must be agreed and in place with each such processor or sub-processor.
7. How long will personal data be stored?
Your master data, which includes information such as your name and email address, will be stored in the Application for the duration of your employment contract. If you leave the DGFF Group entity at which you are employed, your data will be deleted from the Application within one month after your departure.
Your personal data, which are processed in the context of the participation in the Certified Learning Modules will generally be deleted after a maximum period of five years from the date it was first collected. This applies, for example, to your personal learning history.
Retention periods can be longer or shorter depending upon nationally applicable regulations.
8. How is personal data secured?
DGFF takes the necessary technical and organizational security measures to protect personal data from being lost or misused. For instance, data is saved in a secure operating environment which is not accessible to the public. In certain cases, data is encrypted using Secure Socket Layer technology (SSL) during transmission. To make sure personal data is secure, we communicate our privacy and security guidelines to DHL employees and ensure that appropriate safeguards are enforced.
9. What rights do individuals have?
In accordance with applicable law:
• You can request information as to what personal data is stored about him.
• You can request that DGFF corrects, deletes or blocks his data.
• You can request to receive provided data in a structured, commonly used and machine-readable format.
• You can object in if the processing of your data is based on a legitimate interest.
Individuals may lodge a complaint with the competent supervisory authority.
10. Cookies
DGFF uses necessary Cookies which are essential to making the DGFF Certified Portal website work. They enable core functionality such as security, network management and accessibility. The legal basis for our use of strictly necessary cookies is legitimate interest Art. 6 (1) f) GDPR, namely being able to provide and maintain our website.
DGFF also uses functional and performance cookies for the DGFF Certified Portal. These cookies collect, e.g.information about number of visitors to the DGFF Certified Portal, track average time spent in the Certified Learning Modules and dropout rates. Information collected from these cookies is aggregated and used on an anonymous basis. The legal basis for our use of these cookies is your consent according to Art. 6 (1) a) GDPR.Of course you have the possibility to revoke a given consent.
You will be informed in detail via the cookie preference center on the DGFF Certified Portal website in particular about which cookies will be set, including the processing of data by third-party providers.
For further information, please click on:
11. Changes to this Privacy Notice
DGFF keeps this Privacy Notice under regular review.
DGFF reserves the right to change its Privacy Notice at any time with or without prior notice. Please check back frequently to be informed of any changes.
This Notice was last updated on 21 July 2021.
The DHL Global Forwarding and DHL Freight (DGFF) Group entities (hereinafter called “DGFF”) are pleased that you visit the “DGFF Certified Portal” “DGFF Mobile App” (together referred to as “Application”) and that you are interested in the CIF (Certified International Forwarder) and CFS (Certified Freight Specialist) Learning Modules (hereinafter called “Certified Learning Modules”). The Application contains a DHL Global Forwarding instance and a DHL Freight instance for the respective Certified Learning Modules.
It is important to us to protect your personal data during the entire process within the Application.
The information provided below is intended to give you an overview of how your data are processed.
2. Who is responsible?
This Privacy Notice applies for the data processing carried out by the DGFF Group entity that employs you (Controller).
You will find more information regarding the usage of your personal data in connection with your employment relationship as part of your employment contract or you can contact your responsible HR contact person.
If you have queries with regard to the processing of your personal data, please contact us:
dataprotectionDGFF@dhl.com
3. What is personal data?
“Personal data” means information relating to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an email address, an identification number, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
4. What is the purpose and the legal basis of processing personal data?
Visiting the Application
DGFF is committed to preserving the privacy of users of the Application. When you visit our website, the web servers temporarily store data for security reasons that may permit identification. The following data are collected: IP address, hostname of the accessing computer, website from which you accessed this website, the date and duration of your visit, notification of whether the visit was successful, volume of data transferred, information about the identification data of the browser type and operating system used by you. These purposes are also covered by a legitimate interest in data processing. This measure is undertaken on the basis of Art. 6(1)(f) GDPR.
Registration to the Application Your Application Profile
If you register for the Application, DGFF processes in particular your name, e-mail address, role, function and work location when you enter this information into the registration mask and accept the terms of use. We also ask you to provide information regarding your manager´s name and e-mail address. The manager will be informed by the Application of the progress for certain Certified Learning Modules in order to support you in your learning. The legal basis is Art. 6 (1) b) GDPR as learning opportunities are considered to be part of the performance of the employment contract.
Participating in the Certified Learning Modules
When you use the Certified Learning Modules in the Application, you participate in courses in which knowledge that may be helpful for the performance of your tasks is imparted to you. You might also take part in courses for the purpose of personal or professional development. There are four module categories: induction, functional, cross-functional and managementsupervisory. We may capture e.g. your name, e-mail address, country and learning history as well as your pre- and post- work documents for specific Certified Learning Modules. The legal basis for processing your personal data for these purposes is set out in Article 6 (1) (b) of the GDPR when the Certified Learning Modules serve your personal or professional development under your contract of employment. The participation in all Certified Learning Modules is voluntary.
5. Who has access to your data?
Your personal data will be processed only by persons duly authorised by your DGFF Group entity. These are, in particular, employees of the Personnel department and your manager at your DGFF Group entity. In certain situations, other people such as the responsible DGFF Administrators from other DGFF Group entities, may have access to your data in order to perform the tasks assigned to them, for example, to invite you to Certified Learning Modules, view your progress, check the pre- and post-work documents and confirm your attendance.
DGFF makes use of subcontractors (internal and external service providers) that process personal data on DGFF’s behalf; such service providers are contractually obliged to maintain strict confidentiality. DGFF retains responsibility for safeguarding your information in such circumstances.
Your participation record of the Certified Learning Modules is transferred to my Talent World, as my Talent World is considered the leading training system for DPDHL Group. With regard to the processing of personal data on my Talent World, please see the my Talent World website.
6. Transfer to third countries
If your personal data are transferred from a DGFF Group entity within the European Union (EU) to another DGFF Group entity in a country without a data protection level comparable to that in the EU, it will be processed according to the standards of the DPDHL Data Privacy Policy. This ensures that our Group companies worldwide process personal data pursuant to standards that guarantee an adequate level of protection in accordance with the level required by the GDPR, Article 46, Paragraph 2 (a). Our DPDHL Data Privacy Policy is approved by European data protection authorities as being Binding Corporate Rules (BCR). If you are interested in learning more about the DPDHL Data Privacy Policy, please visit
https:mynet.dpdhl.comgoto20180510110028126679_en.
If an external company located outside the EU and the DPDHL Group is working as a processor for any DPDHL Group company in a country without a data protection laws at level of compliance comparable to that of the laws of the EU, contractual agreements (standard contractual clauses of the European Commission) to ensure compliance with the European data protection level, Article 46, Paragraph 2 (c) of the GDPR, must be agreed and in place with each such processor or sub-processor.
7. How long will personal data be stored?
Your master data, which includes information such as your name and email address, will be stored in the Application for the duration of your employment contract. If you leave the DGFF Group entity at which you are employed, your data will be deleted from the Application within one month after your departure.
Your personal data, which are processed in the context of the participation in the Certified Learning Modules will generally be deleted after a maximum period of five years from the date it was first collected. This applies, for example, to your personal learning history.
Retention periods can be longer or shorter depending upon nationally applicable regulations.
8. How is personal data secured?
DGFF takes the necessary technical and organizational security measures to protect personal data from being lost or misused. For instance, data is saved in a secure operating environment which is not accessible to the public. In certain cases, data is encrypted using Secure Socket Layer technology (SSL) during transmission. To make sure personal data is secure, we communicate our privacy and security guidelines to DHL employees and ensure that appropriate safeguards are enforced.
9. What rights do individuals have?
In accordance with applicable law:
• You can request information as to what personal data is stored about him.
• You can request that DGFF corrects, deletes or blocks his data.
• You can request to receive provided data in a structured, commonly used and machine-readable format.
• You can object in if the processing of your data is based on a legitimate interest.
Individuals may lodge a complaint with the competent supervisory authority.
10. Cookies
DGFF uses necessary Cookies which are essential to making the DGFF Certified Portal website work. They enable core functionality such as security, network management and accessibility. The legal basis for our use of strictly necessary cookies is legitimate interest Art. 6 (1) f) GDPR, namely being able to provide and maintain our website.
DGFF also uses functional and performance cookies for the DGFF Certified Portal. These cookies collect, e.g.information about number of visitors to the DGFF Certified Portal, track average time spent in the Certified Learning Modules and dropout rates. Information collected from these cookies is aggregated and used on an anonymous basis. The legal basis for our use of these cookies is your consent according to Art. 6 (1) a) GDPR.Of course you have the possibility to revoke a given consent.
You will be informed in detail via the cookie preference center on the DGFF Certified Portal website in particular about which cookies will be set, including the processing of data by third-party providers.
For further information, please click on:
11. Changes to this Privacy Notice
DGFF keeps this Privacy Notice under regular review.
DGFF reserves the right to change its Privacy Notice at any time with or without prior notice. Please check back frequently to be informed of any changes.
This Notice was last updated on 21 July 2021.