Menu

Deutsch (German) English (English)
Headerbild

Port of Hamburg App Data Protection Regulations

1. Service provider in the sense of the Telecommunications and Telemedia Data Protection Act (TTDSG) and in charge of data processing per Article 4 no. 7 GDPR as well as name and contact data of data protection officer:

Responsible:

Hafen Hamburg Marketing e.V. (HHM)
Pickhuben 6
20457 Hamburg
Phone: +49 40 37 709 0
email: info@hafen-hamburg.de

Data Protection Officer:
Andreas Kortmann, netCo.privacy GmbH
Reimerstwiete 11
D-20457 Hamburg
Phone: +49 (0)40 540 90 90 - 0
email: datenschutz@hafen-hamburg.de

This app processes data in compliance with GDRP, BDSG, as well as TTDSG.

2. Collection of Data in Case of Download and Use of App

Upon downloading the mobile app, the requisite data are transferred to the AppStore (e.g. Apple Store or Google Play Store), i.e. user name, email address and customer number of your account, time of download, payment details, and your individual device code. We have no influence on this data collection and are therefore not liable. We are only processing these data as far as they are required for downloading the mobile app to your mobile terminal.

When you use our mobile app, we collect the following data, which are technically required in order to offer you the functions of our mobile app and to guarantee stability and security.

We collect the following data:

a) Operating system and system settings of the user
b) Information on the accessing terminal and the software used
c) The user’s IP address
d) Date and time/time zone of access
e) Access status/http status code
f) Location of user (as far as enabled)
g) Amount of data transferred
h) Installation ID
i) Technical failure, error messages

3. Collection and Storage of Personal Data as well as Type and Purpose and Their Use.

If you use the Port of Hamburg App, your personal data will be processed as follows:

Type and Source of Data Purpose of Data Processing Storage PeriodType and Source of Data Purpose of Data Processing Storage PeriodType and Source of Data Purpose of Data Processing Storage Period
LocationIs required for the localisation of ships.In case of use, this information is processed on the terminal, but not stored.
Device sensor (compass sensor)Is required for the localisation of ships.Is enabled in case of use and the information is processed, but not stored.
LogfilesOur servers record the access to our databases in logfiles. This access takes place, for example, when your terminal retrieves the current ship data or the like and stores them on the terminal. In this case, your IP address is anonymised directly after server inquiry.6 months
Push messages (see section 5)We would like to inform you for example when cruise ships come into the port.These data are not stored.

We require these data to guarantee the app functions to work flawlessly.

Data are processed pursuant to Article 7 GDPR, based on the consent given.

The personal data collected are stored for the period written above. After that they are deleted immediately.

4. Authorisations for this app:

  • Access to storage
  • Access to camera
  • Access to location
  • Access to compass sensor Access to push message

This is required to guarantee the function of the app.

5. Push Messages

Within the scope of our services you may give your consent to receive push messages. Those are short messages that you receive on your device. Upon login and for transmission of the push message the following data are processed:

  • IP address (region)
  • Technical configuration of terminal/browser

The Push Message function can be disabled anytime. For this purpose, please use the configuration of your device, choose Settings and then disable Messages/Notifications.

6. Videos

6.1 YouTube

We integrate videos from the YouTube platform in our app. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). If you use our app, you give your consent that the respective videos are started on your device by YouTube and thus a connection is established to the YouTube servers. In the course of this, the YouTube server is notified about which of our functions or which video you have started.

We use YouTube videos only in enhanced data protection mode, so that according to YouTube none of your personal data as a visitor from our app are stored, as long as you do not watch the video. However, we cannot exclude that YouTube already transmits data to YouTube partners, as soon as you call up or use our app. The YouTube partners can be looked up in the Google DoubleClick network.

We cannot exclude nor influence additional data processing after a video is started. Furthermore, we cannot influence if YouTube stores or applies different cookies or the like on your terminal in order to record video statistics, check usability or prevent fraud.

We use YouTube due to our legitimate interest based on Art. 6 (1) GDPR. We are pursuing the legitimate interest of ensuring that our services are provided in a user-friendly manner. The processing of resulting data is exclusively based on your given consent pursuant to Article 6(1)(f) GDPR. The Telecommunications and Telemedia Data Protection Act (TTDSG) comprises the storage of cookies or access to data on the user’s terminal device. In case you give your consent, §25 section 1 TTDSG shall apply. You may withdraw your given consent at any time.

For more information on data protection at YouTube, please refer to their privacy policy: https://policies.google.com/privacy?hl=de.

6.2 Vimeo without tracking (Do-Not-Track)

This app uses videos from the Vimeo video portal, among others.

The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA. If you use our app, a connection is established to the Vimeo servers. In the course of this, your IP address is transmitted to the Vimeo server as well as the information on which videos you have viewed.

We use Vimeo without a tracking function, so that your user activities cannot be tracked and no cookies are stored. We use Vimeo due to our legitimate interest based on Art. 6 (1) GDPR. We are pursuing the legitimate interest of ensuring that our services and anything comparable are provided in a user-friendly manner. The processing of resulting data is exclusively based on your given consent pursuant to Article 6 (1) (f) GDPR. The Telecommunications and Telemedia Data Protection Act (TTDSG) comprises the storage of cookies or access to data on the user’s terminal device. In case you give your consent, §25 section 1 TTDSG shall apply. You may withdraw your given consent at anytime.

The data transfer to the USA are based on the standard contract clauses of the EU Commission as well as on “legal business interests” according to Vimeo. For more information on data protection at Vimeo, please refer to their privacy policy: https://vimeo.com/privacy.

7. Location of Processing

We are processing data exclusively in Germany.

8. Transmission of Data to Third Parties

Your personal data are not transmitted to third parties for other purposes than the ones stated here.

9. Liability for Links

Our offer contains links to websites of third parties on the content of which we have no influence. For this reason, we do not assume liability for these contents. The respective provider or operator of linked websites is always liable for the content of their linked pages. The linked pages were reviewed at the time of the establishment of the link for possible legal infringements. At the time the link was established, no unlawful contents could be detected. A permanent content revision of the pages linked, however, is not reasonable without specific evidence indicating a legal infringement. Should such legal infringements become known to us we shall remove such links immediately.

10. Data Subject Rights

You have the right:

  • pursuant to Article 7 GDPR, to withdraw your previously given consent from us at any time. This means that we will no longer be allowed to process the data, to which this consent related, in the future;
  • pursuant to Article 15 GDPR, to obtain information on your personal data that we have processed. In particular, you have the right to obtain information on the processing purposes, categories of personal data, categories of recipients of data to whom your data have been or will be revealed, the storage time planned, the existence of your right to obtain the rectification, deletion, limitation of processing, or objection, the existence of a right to complain, the origin of your data, as far as they were not collected by us, as well as the existence of automated decision-making including profiling and, if applicable, significant information on their details;
  • pursuant to Article 16 GDPR, to obtain without undue delay the rectification of inaccuracies or omissions in your personal data that we have stored;
  • pursuant to Article 17 GDPR, to obtain the erasure of your personal data that we have stored, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
  • pursuant to Article 18 GDPR, to obtain restriction of processing of your personal data if the accuracy of the data is contested by you, the processing is unlawful but you oppose the erasure of these data, and we no longer need the data but they are required by you for the establishment, exercise or defence of legal claims or you have objected to processing the data pursuant to Article 21 GDPR;
  • pursuant to Article 20 GDPR, to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format or to demand that those data be transmitted to another controller;
  • pursuant to Article 21 GDPR, to object to the processing of your personal data if there are grounds therefor relating to your particular situation and
  • pursuant to Article 77 GDPR, to lodge a complaint with a supervisory authority.