If you are a private customer, please see the Privacy Policy provided here.
We, Hermes Germany GmbH (‘Hermes’), are highly committed to the protection of your privacy and your personal data. We therefore attach great importance to ensure that your data are secure and that our data processing complies with the applicable data protection regulations, in particular the EU General Data Protection Regulation (GDPR). Furthermore, we use technical and organisational measures to ensure that your data are optimally protected against unauthorised access by third parties.
This Privacy Policy applies to the website of https:// business.myhermes.de and myhermes.de/geschaeftskunden (‘Hermes Website’)
The data controller accordance with Article 4(7) GDPR is
Hermes Germany GmbH
Essener Straße 89
D-22419 Hamburg
Further information can be found in the
legal notice
.
zentrale@hermesworld.com
Personal information – the law also refers to personal data – is personal information that permits others to draw conclusions about your identity as a natural person. This includes, for example, information such as name, address, telephone number or email address but also information about surfing behaviour, insofar as this information can be directly or indirectly assigned to you. Data about legal entities are not personal data and does not fall within the scope of this Privacy Policy.
You can generally use the Hermes Website without disclosing your personal data. However, if you log in with your myHermes Business user account, we can identify you using the data provided there. Furthermore, if you contact us via the Hermes website, we collect and process your personal data to contact you.
Personal data are transferred to third parties only subject to compliance with the legal requirements. We only pass on the data of the users to third parties if this is necessary, for example, for billing purposes in order to fulfil contractual obligations.
If we use subcontractors for our online services, we have taken appropriate contractual precautions and corresponding technical and organisational measures against these companies.
When we use content or other resources from other providers (hereinafter jointly referred to as ‘third-party providers’) and their named registered office is in a third country, it must be assumed that data are transferred to the countries in which the third-party providers have their registered office. We transfer personal data to third countries only when an adequate level of data protection is ensured, or when user consent or other legal permission has been granted.
We have implemented suitable technical and organisational measures to protect your data from loss, modification or access by third parties. We continuously improve these safety measures in line with technical developments. Our website employs the industry-standard SSL (Secure Sockets Layer) encryption. This safeguards the confidentiality of your personal information in internet activities.
All our employees receive regular training on the subject of data protection and are instructed in the safe and trusting handling of customer data. All our employees are obliged to maintain confidentiality and have accordingly signed an obligation to maintain confidentiality and to comply with data protection as part of their employment contracts.
We collect and process your personal data based on the following legal bases of the General Data Protection Regulation (GDPR):
a. Consent pursuant to Article 6(1)(a) GDPR. Consent is any statement of intent provided voluntarily and unambiguously by the data subject in a specific case in the form of a statement or other unambiguous confirming act that indicates to the data subject that they have consented to the processing of their personal data.
b. Necessity for performing a contract or for implementing preparatory measures in accordance with Article 6(1)(b) GDPR. We require your data to prepare the conclusion of the contract with you or to comply with our contractual obligations to you.
c. Data processing for compliance with a legal obligation pursuant to Article 6(1)(c) GDPR. This means that the processing of your data is required, for example, by law or in accordance with other provisions.
d. Processing to safeguard legitimate interests in accordance with Article 6(1)(f) GDPR. This means that the processing is necessary to safeguard legitimate interests on our part or on the part of third parties, unless the interests or fundamental rights and freedoms on your part, which require the protection of personal data, prevail.
With regard to your personal data, you have the following rights vis-à-vis Hermes:
You also have the right to lodge a complaint about our processing of your personal information with a data protection supervisory authority. The competent supervisory authority in relation to postal services shall be:
The Federal Commissioner for Data Protection and Freedom of Information
Graurheindorfer Straße 153, 53117 Bonn
https://www.bfdi.bund.de
The supervisory authority responsible for us is:
The Hamburg Commissioner for Data Protection and Freedom of Information
Ludwig-Erhard-Straße 22, 20459 Hamburg
https://datenschutz-hamburg.de
If you have any questions about the processing of your personal data and the exercise of your rights as a data subject, please contact:
datenschutz@hermesworld.com
When making your request, please make sure to provide us with your full contact details (first name, surname and address) so that we can uniquely identify you and respond promptly to your request.
These data are collected exclusively to ensure the functionality of the website. The data is also used to ensure the security of our information technology systems. We do not evaluate this data for marketing purposes.
Each time you access the Hermes Website, certain data of the accessing device are automatically collected by our web servers and temporarily stored. The following data are collected:
The legal basis in this connection is Article 6(1)(f) GDPR, section 25(2) No. 2 TDDDG. Our legitimate interest for data processing lies in ensuring the functionality of the website, in securing our systems and in making the language version that is probably most familiar to you available. Your interest in confidentiality is of subordinate importance in this regard. We are technically not able to provide the Website or to operate and save the Website without processing your personal data. Securing our website is also for your benefit.
The data will be erased as soon as they are no longer required to fulfil the purpose for which they were collected. The data will be erased at the earliest after 7 days and at the latest after 32 days.
The collection and processing of the data for the purposes mentioned in this Policy are strictly necessary for the operation of the Hermes Website. Hence, there is no possibility of objection.
This website is operated by:
Google Ireland Limited
Gordon House, Barrow Street
Dublin 4
Ireland
In principle, we have commissioned the processing of your personal data in the European Union. Nevertheless, your personal data may be processed in the United States of America (USA).
You are not obliged to disclose any personal data. However, without the above-mentioned personal data, you will not be able to access this website.
To improve our services and troubleshoot errors, we occasionally conduct voluntary surveys/ user surveys on myhermes.de. For this purpose, we ask the users of the website to participate in a survey. The surveys are accessed via a link. The answers are entered via an online mask and sent to Hermes. Hermes stores these answers and evaluates them. For this, we use the external tool of the service provider SurveyMonkey.
The following data will be provided to us when you participate in a survey:
The legal basis for the processing is Article 6(1)(a) GDPR, i.e. consent by participating in the survey.
If only data are collected in the survey, these will be erased after their analysis. If personal data (e.g. the shipment number) are collected, this will be indicated at the beginning of the survey. By participating in the survey, the participant agrees to the processing. Any personal data collected will be erased after one year. Hermes does not include personal data that is entered by participants without being requested to do so for evaluation purposes. They will be erased after 6 months at the latest. Before the interviews, participants are advised not to enter any personal data in order to protect their privacy.
To conduct the surveys, we use the service of the service provider SurveyMonkey:
Momentive Europe UC
2nd Floor, 2 Shelbourne Buildings
Shelbourne Road, Dublin, Ireland
SurveyMonkey stores the respondents' IP addresses in back-end logs. The processing is necessary to safeguard the legitimate interests of SurveyMonkey as a technical service provider of Hermes (Article 6(1) (f) GDPR).
An inference about personal identity can only be drawn indirectly if, for example, law enforcement authorities link the IP addresses to the survey responses and identify the owner of the internet connection of the IP address used for the survey.
For further information about the processed data, please see:
https://www.surveymonkey.com/mp/legal/privacy/
In principle, we have commissioned the processing of your personal data in the European Union. Nevertheless, your personal data may be processed in the United States of America (USA). The European Commission has not adopted an adequacy decision on the USA. We have therefore secured the level of data protection with suitable guarantees within the meaning of Article 46 GDPR.
You are not obliged to disclose any personal data. If you do not grant your consent, you cannot take part in the survey.
Regular sending of the Hermes Business Customer Newsletter by email for the purpose of informing and distributing news about new products and services.
To send our newsletter, we collect the following data:
In this regard, we use the title and your last name for personal address.
The legal basis for the data processing is Article 6(1)(a) GDPR.
The data are stored until the newsletter is revoked.
You can unsubscribe at any time by selecting the link provided in the newsletter below. After logging out, your personal data transmitted in this context will be blocked immediately and erased after expiry of the statutory storage periods.
Our newsletter contains so-called tracking pixels, which enable an evaluation of the user reach. Tracking pixels are small graphics that are automatically loaded when a website or an email is accessed and make it possible to evaluate user behaviour.
This evaluation is carried out automatically and anonymously, so that a personal reference is not established. The legal basis for the data processing is Article 6(1)(f) GDPR. Our legitimate interest for the processing lies in the measurement of the effectiveness of our advertising measures, as well as in the improvement of our online presence and services. Your interest in confidentiality is of subordinate importance in this regard.
The Hermes newsletter is sent by:
Salesforce.com inc.
Salesforce Tower
415 Mission Street, 3rd Floor
San Francisco, CA 94105
Salesforce processes your personal data in the United States. The USA does not offer an adequate level data protection. However, any transfer of personal data will take place in compliance with the conditions set out in Articles 44 to 50 GDPR and the other provisions of the GDPR to ensure that the level of protection granted to natural persons will be maintained.
For more information, visit:
https://www.salesforce.com/company/privacy/
You are not obliged to disclose any personal data. However, we cannot deliver our newsletter to you without providing your data.
The Hermes Website uses cookies. Cookies are small text files that are stored in or by the Internet browser on a user's device. Cookies regularly contain a distinctive character string that enables unique identification of the browser or device when the website is accessed again.
Different types of cookies are used on this website. We have to distinguish between:
The cookies used by the Hermes website (first-party cookies) include temporary session cookies and permanent cookies. The website stores information in the permanent cookies to save any personal user settings and to improve the user experience during your next visit (e.g. the selected language settings). In the temporary session cookies, the website stores technical information that is necessary for the functioning of the website. The storage period of these cookies depends on the deadlines specified in this section.
Services offered by third parties are also used on this website to evaluate user behaviour or to provide Internet services. The service providers may use cookies (third-party cookies), tracking pixels or comparable analytics technologies. For more information about the Internet and analytics technologies used here, please see the sections below.
In general, you can set your web browser so as to prevent the storage of cookies or the execution of analytics technologies. However, some features of this website may then no longer be available. As a compromise, you can also set your browser to notify you as soon as a cookie or a similar analytics technology is used. In addition, all cookies can be deleted manually at any time.
Revocation of all consent
You can revoke your declarations of consent that you have granted for the data processing described below in full by using the following Tool . As a result, the analysis service will no longer be carried out and, in addition, an OptOut cookie is stored in the web browser of the terminal device used, with the instruction that data should no longer be processed by this terminal device for the above-mentioned purposes.
Usercentrics is a consent management platform that uses technically necessary cookies. You can do so by means of an entry in the LocalStorage in your respective browser.
This is a consent management service. The storage of the consent serves to comply with the legal obligations.
This list contains the following (personal) data collected by or through the use of this service.
The legal basis for the storage of the data is Article 6(1)(c) in conjunction with Article 7(1) GDPR.
The consent data (consent and revocation of consent) will be stored for three years. After the retention period has expired, the collected data will be erased.
The collection of data based on a legal obligation precludes the raising of an objection.
The processing company is:
Usercentrics GmbH
Sendlinger Str. 7
80331 Munich
Germany
For further information about the processed data, please see:
https://usercentrics.com/privacy-policy/
In principle, we have commissioned the processing of your personal data in the European Union. Notwithstanding the above, your personal data may be processed in the United States of America (USA). The European Commission has not adopted an adequacy decision on the USA. We have therefore secured the level of data protection with suitable guarantees within the meaning of Article 46 GDPR.
The provision of your personal data is necessary to fulfil a legal obligation.
The A/B test is a test method for evaluating two variants of a system, in which the original version is tested against a slightly modified version. The multivariant test is an A/B test with several variables.
The purpose of the processing is to continuously improve the online offer.
When using the Hermes website, AB Tasty collects the following statistical information:
The legal basis for data processing in this context is Article 6(1)(a) GDPR, provided that you have consented to the use of cookies on the Hermes website.
The cookies set by AB Tasty have a maximum duration of 13 months and are then automatically deleted from the device used. By deleting the cookies, the collected analysis data is anonymised, since they can no longer be assigned to a cookie ID.
You can revoke your consent to the analysis of the usage using the AB Tasty web analysis service at any time for the future by deactivating the ‘AB Tasty’ box in the ‘Statistics and analysis’ section and by subsequently saving this setting via the following Tool .
As a result, the analysis service is no longer executed and, in addition, the cookie with the name ‘AB Tasty Opt-out’ from the domain myhermes.de is stored on the corresponding terminal device. The AB Tasty analysis service no longer collects or processes data from your device. This revocation is valid until the above ‘AB Tasty’ box is activated again.
The data is collected by a tracking pixel that is integrated on the Hermes website (and the subpages) as well as by means of cookies set by AB Tasty. Using the collected data, the analysis service enables us to analyse the surfing behaviour of our visitors and to make the Hermes website more customer-oriented. The usage analysis is carried out in such a way that neither we nor the analysis service can identify individual users.
The myhermes website uses the service of AB Tasty:
AB TASTY SAS (‘AB Tasty’)
3 impasse de la Planchette
F-75003 Paris
For further information about the processed data, please see:
https://www.abtasty.com/privacy-policy/
In principle, we have commissioned the processing of your personal data in the European Union. Nevertheless, your personal data may be processed in the United States of America (USA). The European Commission has not adopted an adequacy decision on the USA. We have therefore secured the level of data protection with suitable guarantees within the meaning of Article 46 GDPR.
You are not obliged to provide your personal data. If you have not used the above-mentioned function to deactivate tracking by AB Tasty, your personal data will be processed when you access this website.
Using the collected data, the analysis service enables us to analyse the surfing behaviour of our users. We are in a position to compile information about the use of the individual components of our website by evaluating the data obtained. This helps us to ensure the integrity of our website and to continuously improve its usability and user-friendliness. The usage analysis is carried out in such a way that neither we nor the analysis service can identify individual users.
The following data is processed:
technical terminal device data (device type, operating system version, browser type, screen resolution, colour depth, Javascript on/off, etc.)
The legal basis for data processing in this context is Article 6(1)(a) GDPR, provided that you have consented to the use of cookies on the Hermes website.
The data will be erased as soon as they are no longer needed for our analytical purposes. The session cookie with the session ID will be invalid and deleted after the end of the visit duration of the website. The permanent cookie with the long-term ID will be invalid and deleted after 6 months. All data collected by the analysis service will be anonymised after 14 months at the latest.
You can object to the cookie-based collection and processing of data at any time for the future by deactivating the ‘Webtrekk’ box and subsequent saving this setting via the following Tool . In this case, the Webtrekk analysis service will no longer collect or process data from this end device by means of cookies. This objection shall apply as long as the ‘AB Tasty’ box is not activated again.
The data are collected by a tracking pixel that is integrated in the Hermes website (and the subpages) as well as by means of cookies set by Mapp Intelligence (Webtrekk).
The data are processed by the following company:
Mapp Digital Germany GmbH
Dachauer Straße 63, 80335 Munich
For further information about the processed data, please see:
https://mapp.com/privacy/
In principle, we have commissioned the processing of your personal data in the European Union. Nevertheless, your personal data may be processed in the United States of America (USA). The European Commission has not adopted an adequacy decision on the USA. We have therefore secured the level of data protection with suitable guarantees within the meaning of Article 46 GDPR.
You are not obliged to provide your personal data. If tracking by Webtrekk is activated by the above-mentioned function, your personal data will be processed when you access this website.
Using the collected data as mentioned below, the analysis and targeting service ‘Mapp Marketing Automation’ enables us to display our users' personalised content on the Hermes website in a segment-based manner.
When using the Hermes website, the following data are processed by our analysis service:
The legal basis for data processing in this context is Article 6(1)(a) GDPR, provided that you have consented to the use of cookies on the Hermes website.
The data will be erased as soon as they are no longer needed for our analysis purposes. The session cookie with the session ID will be deleted after the end of the visit to the website. The permanent cookie with the long-term ID will be invalid and deleted after 6 months. All data collected by the analysis service will be anonymised after 14 months at the latest.
You can revoke your consent to the usage analysis and the collection of personalised information on the Hermes website by Mapp Marketing Automation at any time for the future by deactivating the ‘Mapp Marketing Automation’ box in the following tool and subsequently saving it.
The data are collected by a tracking pixel that is integrated in the Hermes website (and the subpages) as well as by means of cookies set by Mapp Intelligence (Webtrekk).
The data are processed by the following company:
Mapp Digital Germany GmbH
Dachauer Straße 63, 80335 Munich
For further information about the processed data, please see:
https://mapp.com/privacy/
In principle, we have commissioned the processing of your personal data in the European Union. Nevertheless, your personal data may be processed in the United States of America (USA). The European Commission has not adopted an adequacy decision on the USA. We have therefore secured the level of data protection with suitable guarantees within the meaning of Article 46 GDPR.
You are not obliged to provide your personal data. If tracking by Mapp Marketing Automation is enabled by the above-mentioned function, your personal data will be processed when you access this website.
If you contact us by telephone or email, your personal data will be collected and stored.
We use the collected data exclusively for the purpose of answering your request as well as for other purposes specified during the collection of the data. If this is necessary to answer your request, we will also transmit the data to the Hermes company concerned (for example, data will be transmitted to Hermes Logistik GmbH & Co KG, based in Austria, if you like information about Hermes services in Austria).
The following data may be collected: Whether these data are collected depends on your request:
The legal basis for data processing is Article 6 (1)(b) GDPR, provided that the contact is in connection with the myHermes Business user account, our myHermes Business services or otherwise in a contractual context. If there is no contractual relationship between you and Hermes, the legal basis in this regard is Article 6(1)(f) GDPR. The legitimate interest of Hermes in this case outweighs your legitimate interest. The reason for this is that it is not possible to process your request without processing your personal data. The use of the contact form or contacting is moreover voluntary.
We erase the data collected in this context as soon as storage for the purpose of contact is no longer necessary or – in the case of statutory retention obligations – limit their processing.
If the contact was not made to initiate the conclusion of a contract, you have the right to object to the processing of your personal data at any time. In the event of an objection, the correspondence cannot be continued. All personal data collected in this context will be erased in the event of a legitimate objection.
You are not obliged to disclose your personal data. The fields marked in the input mask are mandatory fields without which your request cannot be processed.
If you have registered in the myHermes Business Portal, you will find the Privacy Policy for our services here: To the services
If you have concluded an individual contract with Hermes Germany GmbH, you will find the Privacy Policy regarding our services here: To the services
Our website and our Privacy Policy may contain links to external websites of third parties, the content of which is beyond our control. Thus, we cannot assume any liability for such third-party content.
The respective provider or operator of the website is always responsible for the contents of the linked pages. The external linked website was checked for possible violations of the law at the time of linking. At the time of linking, no illegal contents were evident. The permanent monitoring of the content of the linked website is not possible and unreasonable without concrete evidence of a violation of the law. If we become aware of a violation of the law, we will remove such links immediately.
Parts of the Privacy Policy may be changed or updated by us without prior notice to you. Please check the Privacy Policy before using our internet services to be aware of any recent changes or updates.
Current status of the Privacy Policy: August 2022