Data privacy policy
Protecting your personal data is an important concern for DACHSER & KOLB. We process your personal data—such as your name, address, email address, or telephone number—at all times in compliance with the EU General Data Protection Regulation (GDPR / “DSGVO”) and the country-specific data protection laws applicable to DACHSER & KOLB.
With this Privacy Notice, we inform you about the nature, scope, and purpose of the personal data we collect and process. We also inform you about the rights you are entitled to. If we wish to offer you specific services via our website or otherwise, and if there is no statutory legal basis for the data processing required in that context, we will obtain your consent. Where we use analytics and marketing technologies (tracking), we do so exclusively on the basis of your consent.
1. Controller and Data Protection Officer
The controller within the meaning of data protection law is:
DACHSER & KOLB GmbH & Co. KG
Ignaz-Kiechle-Straße 36
87437 Kempten
Germany
Tel.: +49 831 59206 0
Fax: +49 831 59206 119
info@dachser-kolb.de
www.dachser-kolb.de
The names and contact details of the data protection coordinator and the data protection officer of DACHSER & KOLB GmbH & Co. KG are:
DACHSER & KOLB GmbH & Co. KG
Data Protection Coordinator
Ignaz-Kiechle-Straße 36
87437 Kempten
Germany
Tel.: +49 831 59206 0
Fax: +49 831 59206 119
data-protection.kempten@dachser-kolb.de
2. Collection of General Data and Information
Each time this website is accessed, it collects a series of general data and information. This general data and information is stored in the server log files. The following may be recorded: (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrers), (4) the subpages accessed on our website via an accessing system, (5) the date and time of access to the website, (6) the Internet Protocol (IP) address, (7) the Internet service provider of the accessing system, and (8) other similar data and information used for threat prevention in the event of attacks on our IT systems.
When using this general data and information (server log files), DACHSER & KOLB does not draw any conclusions about you; no profiling takes place in this context. Rather, we require this information to (i) deliver the content of our website correctly, (ii) optimize the content of our website and advertising for it, (iii) ensure the long-term functionality of our IT systems and the technology of our website, and (iv) provide law enforcement authorities with the information necessary for prosecution in the event of a cyberattack.
DACHSER & KOLB evaluates this anonymously collected data and information statistically and with the aim of increasing data protection and data security within our company. We store the anonymous server log file data separately from all personal data you provide. The legal basis for the temporary storage of the data and the log files is Art. 6(1)(f) GDPR.
3. Data Processing When You Contact Us
You can contact us via the contact form provided on our website, our live chat, our moving cost calculator, or the email address provided in the legal notice (Imprint). If you contact DACHSER & KOLB via any of these channels, we automatically store the personal data you transmit. Personal data transmitted to DACHSER & KOLB on a voluntary basis is stored for the purpose of processing your inquiry and/or contacting you.
All personal data transmitted to DACHSER & KOLB via the moving cost calculator is automatically deleted from the moving cost calculator system after 90 days, provided that no order results from the inquiry. If an order is created, the data will be used to process the order.
DACHSER & KOLB assigns inquiries and the associated personal data for processing and use to the technically responsible department within DACHSER & KOLB, usually the respective branch of the requester’s national company, and exchanges the data with that entity.
The legal basis for processing the data is Art. 6(1)(b) GDPR where the processing is for contract initiation or performance, and Art. 6(1)(f) GDPR in all other cases. For transfers of data to a third country, the legal basis is Art. 49(1)(b) GDPR.
4. Cookies, Consent Management, and Controls
Our website uses cookies and similar technologies (e.g., pixels, tags, local storage) to provide the website technically and—subject to consent—to analyze usage and measure and optimize marketing activities (conversions).
4.1 Technically Necessary Cookies/Technologies
These are required to ensure core functions (e.g., page navigation, form/session functions), IT security, and stability. The legal basis is Art. 6(1)(f) GDPR (legitimate interest) and—where applicable—Sec. 25(2) TTDSG.
4.2 Analytics and Marketing Technologies (Consent Only)
Analytics and marketing technologies (e.g., Microsoft Clarity, Google Analytics/Ads incl. Enhanced Conversions, Meta Pixel/Conversion Tracking, TikTok Pixel/Conversion Tracking) are used only if you have actively consented in advance via our cookie/consent banner. The legal basis is Art. 6(1)(a) GDPR in conjunction with Sec. 25(1) TTDSG.
4.3 Consent Management (Withdrawal/Changes)
You can change or withdraw your consent at any time with effect for the future via “Cookie Settings.”
For documentation purposes, we store your selection (e.g., consent status, timestamp, and, where applicable, a pseudonymous identifier). The legal basis is Art. 6(1)(c) GDPR (documentation obligations) and/or Art. 6(1)(f) GDPR (compliance/defense interest).
5. Web Analytics and Conversion Tracking
If you have consented, we use analytics and tracking technologies to (i) understand and optimize the use of our website and (ii) measure the effectiveness of our advertising measures (conversion tracking) and manage campaigns.
Depending on the tool and consent, the following data in particular may be processed: online identifiers (cookie/pixel IDs; possibly click/campaign identifiers such as “gclid”), device/browser data, IP address (technical), referrer URL, page views, events/interactions (e.g., clicks/scrolling), timestamp, and conversion/event data (e.g., “inquiry submitted”). This may result in pseudonymous usage profiles (profiling)—exclusively within the scope of your consent.
5.1 Microsoft Clarity (Heatmaps/Session Analytics)
We use Microsoft Clarity to analyze interactions (e.g., clicks, scrolling behavior, mouse movements) and to optimize user guidance.
Provider: Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland.
Data processed: online identifiers, device/browser data, usage/event data, technical metadata.
5.2 Google Tag Manager (Technical Tag Management/Control)
We use Google Tag Manager for the technical management and delivery of website tags. Which tags are loaded depends on your consent.
Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
5.3 Google Analytics (GA4) – Web Analytics
We use Google Analytics (GA4) to analyze how our website is used (e.g., navigation, interactions) and to optimize content/processes. GA4 generally processes event-based and pseudonymous data.
Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Data processed: online identifiers, device/browser data, usage/event data, technical metadata; possibly approximate location derivation (e.g., region).
Retention period: in accordance with the retention settings stored in GA4 (account/setting dependent).
5.4 Google Ads Conversion Tracking incl. Enhanced Conversions
We use Google Ads conversion tracking to measure whether users perform a desired action (e.g., submitting an inquiry) after interacting with an ad (e.g., clicking a Google ad).
Click/campaign identifiers (e.g., “gclid”) and conversion events may be processed to evaluate and optimize campaigns.
Enhanced Conversions: If enabled, data you provide yourself as part of a conversion (e.g., email/phone—depending on the conversion) may be hashed locally (one-way encryption) before transmission. Google may use these hash values for matching/attribution/measurement.
Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Data processed: click/campaign identifiers, online identifiers, conversion events; possibly hashed contact data (Enhanced Conversions).
5.5 Meta Conversion Tracking (Meta Pixel / possibly Conversions API)
We use Meta conversion tracking to measure campaigns on Facebook/Instagram, build audiences, and optimize ads. Event data (e.g., page view, lead/inquiry event) may be transmitted to Meta. Depending on our implementation, transmission may take place client-side via the Meta Pixel and/or server-side via the Meta Conversions API (CAPI). Conversion/event data (e.g., event type, timestamp, page URL), technical data (e.g., IP address, user agent), online identifiers (e.g., cookie/pixel IDs), and—if enabled and provided by you—hashed contact data (e.g., email/phone) are processed. Server-side transmission also takes place exclusively on the basis of your consent.
Provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Joint controllership: For the collection and transmission of certain event data within the “Meta Business Tools,” joint controllership pursuant to Art. 26 GDPR may apply (in particular for the data collection/transmission phase). Meta provides the essential information on joint controllership.
Data processed: online identifiers, device/browser data, event/usage data, referrer/URL information; possibly hashed contact data if Advanced Matching is enabled and you provide such data.
5.6 TikTok Conversion Tracking (TikTok Pixel / possibly Events API)
We use TikTok conversion tracking to measure and optimize campaigns on TikTok. Website events (e.g., page views, leads/inquiries) may be transmitted to TikTok and used for attribution/optimization. Depending on our implementation, transmission may take place client-side via the TikTok Pixel and/or server-side via the TikTok Events API. Conversion/event data (e.g., event type, timestamp, page URL), technical data (e.g., IP address, user agent), online identifiers (e.g., cookie/pixel IDs), and—if enabled and provided by you—hashed contact data are processed. Server-side transmission also takes place exclusively on the basis of your consent.
Provider: TikTok Technology Limited, 10 Earlsfort Terrace, Dublin, D02 T380, Ireland (and possibly affiliated companies, depending on processing).
Data processed: online identifiers, device/browser data, event/usage data, referrer/URL information; possibly hashed contact data if Advanced Matching/comparable features are enabled and you provide such data.
5.7 Third-Country Transfers / Safeguards (for Sections 5.1–5.6)
Processing outside the EU/EEA (in particular the United States) cannot be ruled out, depending on the provider and technical implementation. Where data is transferred to third countries, this takes place only in compliance with the requirements of Art. 44 et seq. GDPR (e.g., adequacy decision—where applicable—and/or EU Standard Contractual Clauses and, where necessary, additional measures).
5.8 Withdrawal/Opt-Out
You can withdraw your consent at any time via “Cookie Settings.” Once withdrawn, the tools will no longer be loaded; the lawfulness of processing carried out up to the point of withdrawal remains unaffected.
6. Google Maps
We use Google Maps on this website. This enables us to display interactive maps directly on the website and allows you convenient use of the map function.
By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. In addition, the data listed in Section 2 is transmitted. This occurs regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged into Google, your data is assigned directly to your account. If you do not want your data to be associated with your Google profile, you must log out before activating the button. Google stores your data as usage profiles and uses it for advertising, market research, and/or needs-based design of its website. Such evaluation is carried out in particular (even for users not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles; to exercise this right, you must contact Google. Further information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the provider’s privacy notices.
The legal basis for the processing of your personal data when using Google Maps is Art. 6 Para. 1 f) of the GDPR. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here and here.
7. Chat Function
Our homepage offers the option to contact us via an electronic chat. For this purpose, we use the service of Userlike UG (limited liability), Probsteigasse 44–46, 50670 Cologne, Germany, which is integrated into our website.
If you use this option, the data entered in the input mask will be transmitted to DACHSER & KOLB GmbH & Co. KG. If you do not enter any personal data (such as name, address, contact details, etc.) in the input mask itself, the date and time of transmission will be stored at the time the message is sent. No tracking/location data is collected. For fast responses to your questions, we use the Live Preview setting. The processing of the data entered in the input mask serves solely to answer the question(s) asked and to optimize the service offered. The legal basis for processing the data is Art. 6(1)(b) GDPR. The other personal data processed during the sending process (see Section 5) serves to prevent misuse of the contact form and to ensure the security of our IT systems. This constitutes the necessary legitimate interest in processing under Art. 6(1)(f) GDPR. The personal data is passed on to the contact person responsible for processing your request at DACHSER & KOLB GmbH & Co. KG. As part of providing the website, data is processed by our contractors, such as the service provider for our homepage. The data stored from the chat form input mask is automatically deleted after four weeks.
8. Social Plug-Ins
Our website uses social plug-ins (“plug-ins”) from Facebook, Instagram, LinkedIn, and Xing. We use plug-ins in particular to enable you to share content from our website with other users of social networks or to draw attention to such content. You can recognize the provider of the respective plug-in by its logo or initial letter.
When you visit our website, we initially do not transmit any personal data to the plug-in providers. However, if you click the marked field, your personal data will be transmitted directly to the provider of the respective plug-in and processed by that provider—potentially in third countries such as the United States. After clicking the plug-in field, a new browser window opens and calls up the page of the provider of the respective social network. Data is transmitted to the plug-in provider regardless of whether you have an account with the social network provider. If you are logged in to the plug-in provider, the data we collect will be assigned directly to your existing account with that provider.
We have no influence on the nature and scope of the data collected and processed through the use of the plug-ins, nor are we aware of the full scope of data collection, the purposes of processing, or retention periods. According to the plug-in providers, the transmitted data includes, among other things, information about your browser, the websites visited, and the date and time of the visit. The plug-in providers process this information, for example, to create user profiles and to display needs-based advertising. You have the right to object to the creation of these user profiles; to exercise this right, you must contact the respective plug-in provider. Further information can be found on the websites and privacy notices of the respective providers.
The legal basis is your consent through activation of the respective plug-in (Art. 6(1)(a) GDPR; where applicable Sec. 25(1) TTDSG). When using Facebook/Instagram (Meta) services, data may be transferred to third countries (in particular the United States). Where personal data is transferred to third countries, we ensure an appropriate level of data protection through suitable safeguards (e.g., adequacy decision—where applicable—and/or EU Standard Contractual Clauses and, where necessary, additional measures).
9. Disclosure to Third Parties
It is technically possible for service providers and contractual partners we use to operate our websites to access personal data. These external providers are obligated to use your personal data only to perform the services we request or otherwise in accordance with our instructions.
In particular, we use service providers in the areas of hosting/IT operations, website operations/maintenance, communication/support (e.g., chat), and analytics/marketing (Microsoft, Google, Meta, TikTok). Where service providers process personal data on our behalf, this is done on the basis of Art. 28 GDPR (processing on behalf) and corresponding contracts (DPA/AVV). If recipients process data outside the EU/EEA, transfers take place only in compliance with the requirements of Art. 44 et seq. GDPR (see Section 5.7).
Apart from the disclosures described above, we do not transfer, sell, or market your personal data to third parties such as other companies or organizations unless you have given your express consent or the transfer is necessary to fulfill our contractual obligations to you, the website user.
10. Data Retention Period
We store personal data only for as long as necessary for the respective purposes or as long as statutory retention obligations exist. If the purpose no longer applies or a statutory period expires, the data is routinely deleted, blocked, or anonymized.
Inquiry data from the moving cost calculator is deleted after 90 days if no order has been placed (see Section 3). If an order is placed, storage and processing takes place as part of order fulfillment and statutory obligations.
Consent and documentation data (consent status, timestamp, and, where applicable, a pseudonymous identifier) is stored as necessary to demonstrate consent and meet compliance requirements; it is then deleted.
Data from analytics and marketing technologies is processed in accordance with the retention and deletion mechanisms stored in the respective tools and is deleted or anonymized after the retention periods expire.
11. Your Rights
As a data subject, you have the rights set out in Articles 15–21 GDPR against DACHSER & KOLB where the respective conditions are met. These include the right of access (Art. 15 GDPR), rectification (Art. 16 GDPR), erasure (Art. 17 GDPR), restriction of processing (Art. 18 GDPR), data portability (Art. 20 GDPR), and the right to object (Art. 21 and 22 GDPR). In addition, you have the right to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR.
11.1 Withdrawal of Consent
Where processing is based on your consent (e.g., analytics/marketing tracking), you can withdraw it at any time with effect for the future (via “Cookie Settings”). The lawfulness of processing carried out up to the point of withdrawal remains unaffected.