Privacy Notice RIM Group
1) Who is processing my Personal Data?
If not otherwise communicated, the following entity is responsible for the processing of your Personal Data as Controller.
RIM logistics, ltd., 200 Gary Ave., Roselle, IL 60172, USA
For questions, please contact us via email at email@example.com.
In accordance with this Privacy Notice, we may also transfer your Personal Data to another RIM entity or to third parties (this may also include public authorities) so that these recipients can process personal data for their own or the Controller’s purposes. These recipients act as either Processors or independent Controllers. This Privacy Notice states where such may be the case.
2) What kind of Personal Data and for what purpose does RIM process my Personal Data?
If you contact us or we contact you (in writing, electronically or by phone), we will process Personal Data such as name and contact data (address, e-mail address or phone number) and the content and time of the relevant messages. We use this data for providing you the requested service, giving you information, process your request and to communicate with you. We can also forward messages within the Group to the responsible entity or office and within our Agent Network.
2.2) Website / RIM WebTracker / Newsletter
When you use our Online Services, we will process Personal Data such as IP-address, log data, information about the time our website and/or WebTracker was accessed and/or you have consented to the receipt of a newsletter, the duration of the visit, the pages accessed, device specific information, and all data that is provided to us through an online facility, which data may include an e-mail address and name. In case of a newsletter such as our Customer Advisory, we may additionally process Personal Data concerning the delivery of the newsletter, if, when and where you have opened and forwarded the newsletter, as well as links you have used.
We use these Personal Data for providing the Online Services; we further use it to improve our IT security. Based on the processed Personal Data we are able to make the relevant offer or further offers to you or to the company you work for and to process your offer. This may include opening and managing a customer account in your name or informing you about changes and providing you further information through the electronic newsletter. You are under no obligation to provide this Personal Data to us, but we may not be able to process a request or provide an online facility if you fail to provide such Personal Data.
2.3) Visiting our Premises
When you enter our premises, you must check in with our front desk for security reasons. We process your name, the name of the company you are representing, your email address, phone number, and your picture (in selected U.S. offices only). We also use video surveillance for security and evidence purposes. We may thereby obtain information about your actions in the relevant areas. Any Personal Data collected by video surveillance is only available for processing to specific employees for your own safety, the safety of our employees and for evidence purpose. If criminal acts are suspected, we can make the recordings available to the prosecution authorities. If you do not want to be recorded, we must ask you not to enter the relevant areas.
You may also be able to use a Wi-Fi service. In this case, we collect device-specific data in the course of your use, and we may ask you to enter your name and e-mail address when registering. Even though we will usually not be able to assign the device specific data to a specific person, we will collect your log-in data. Additionally we will process the duration of the connection, the location of the used Wi-Fi service and the volume of data used. We process this information in order to provide you with Wi-Fi services and for IT security purposes. The use of our Wi-Fi service is voluntary. However, it may not be possible to use the Wi-Fi service without your Personal Data being processed accordingly.
2.4) Customer Events
For an event (might it be for advertising, sponsoring, cultural and sporting reason), we process Personal Data such as name, contact details and participation, other data (e.g. date of birth) depending on the event. We process this information to carry out customer events, but also to get in direct contact with you and get to know you better. Participation in customer events is voluntary, but usually not possible without the processing of Personal Data.
2.5) Business Partners
If you are one of our business partners, might it be a commercial customer, member in our Agent Network, supplier or service provider, depending on the field of activity we process different Personal Data about the contact persons in your company, e.g. name, function, title, contact information or further information available from third party resources.
We need to process such Personal Data for the performance of our contract (i.e. check whether we want and can work together with you and to check whether your company offers the required security standards), improvement of our customer orientation, customer satisfaction and customer loyalty. None of your employees is obliged to provide us with Personal Data. Yet, if they do not wish to provide us with the required Personal Data, we may not be able to work with you. In exceptional cases, we are even legally obliged to process such Personal Data.
We process Personal Data such as name, function, contact details or further personal information for our internal and group-internal administration, as well as accounting and archiving purposes and generally for checking and improving internal processes. These purposes may relate to us or to other Group entities.
2.7) Job Applications
When you are applying to us, we will process your Personal Data relating to your application (e.g. name, date of birth, resume, qualifications, certificates; if necessary also Sensitive Personal Data) in order to assess whether you are qualified for the respective job position and to discuss possible employment with you. With your consent, we may also keep your application pending if we, or you, refrain from employment with a view to a possible later employment. It is voluntary to provide the respective Personal Data, but we cannot process an application without the necessary Personal Data.
2.8) Compliance with Legal Requirements
We may also process Personal Data to comply with a legal requirement or government request.
2.9) Protection of Rights
We process Personal Data, e.g. name of the counterparty, in various constellations in order to protect our rights, e.g. to assert claims in and out of court and before local and foreign authorities or to defend ourselves against claims. Thereby authorities may require us to disclose documents containing Personal Data.
3) On what legal grounds is RIM processing my Personal Data?
We process your Personal Data based on the following legal grounds:
4) For how long will my Personal Data be stored?
We retain your Personal Data no longer than it is necessary for the purposes for which the information is collected. We moreover retain Personal Data as long as we have a legitimate interest in the storage, for archiving purposes and for guaranteeing IT security or in the case of running statutes of limitations. We also retain your Personal Data as long as it is subject to a legal retention obligation.
5) Who receives my Personal Data?
Our employees have access to your Personal Data as far as it is necessary for the described purposes and the work of the employees concerned. They act in accordance with our instructions and are bound to confidentiality and secrecy when handling your Personal Data.
We may also transfer your personal data to other entities within the Group and our Agent network for the purpose of internal group and Agent network administration and for the purposes described in this Privacy Notice. This means that your Personal Data can also be processed and combined with Personal Data originating from another Group or Agent network entity for the respective purposes, to the extent permitted under applicable law.
We may also disclose your Personal Data to third party Processors. If we disclose Personal Data to third party Processors, they are obliged to process the Personal Data exclusively on our behalf and according to our instructions.
Additionally we may disclose your Personal Data to other recipients if this is required by law. We also reserve the right to share your Personal Data in accordance with a court order or to assert or defend legal claims or if we consider it necessary for other legal reasons.
For data subjects located in the EEA only:
The recipients of your Personal Data may be located in the United States and other countries outside of the EU or the EEA. The countries concerned may not have laws that protect your Personal Data to the same extent as the laws in the EU or the EEA do. If we disclose your Personal Data to recipient located in such a country, we will take appropriate measures to ensure the protection of your Personal Data, for example by concluding a data transfer agreement, that includes contracts approved, issued or recognized by the European Commission to ensure the necessary data protection with the recipients. Additionally we may transfer Personal Data to recipients who have joined the US Privacy Shield program.
Please contact us if you would like to obtain a copy of our data transfer contracts.
6) Protection of Personal Data
Appropriate technical and organizational security measures are implemented in order to safeguard the security of your Personal Data and to protect it against unauthorized or unlawful processing, prevent the risk of loss, unintentional alteration, unintentional disclosure or unauthorized access. However, the electronic transfer of information in particular entails security risks that cannot be completely ruled out. If you transfer information electronically, you do so at your own risk.
7) What are my rights as Data Subject with regard to my Personal Data?
You may have the following rights, in accordance with applicable laws:
7.1) Right to Information
You have the right to be informed transparently, clearly and comprehensively about how we process your Personal Data and what rights you have in connection with the processing of your Personal Data. This Privacy Notice fulfils this obligation. If you would like further information, please contact us.
7.2) Right of Access
You have the right to request, at any time, access to your Personal Data stored and processed by us. This gives you the opportunity to check which Personal Data we process about you and to verify that it is used in accordance with the applicable data protection regulations. The right to information may be limited or excluded, in case no sufficient identification is given, it is necessary to protect the rights and freedoms of other Data Subjects, the right to access is used excessively, a comprehensive provision of information would generate disproportionate efforts.
7.3) Right to Rectification
You have the right to have incorrect or incomplete Personal Data corrected or completed and to be informed of such rectification.
7.4) Right to Erasure
You have the right to request that your Personal Data is erased if the Personal Data no longer necessary for the purposes pursued, consent has effectively been withdrawn or there is an effective objection and if Personal Data is processed unlawfully.
The Right to Erasure might be excluded if the Personal Data is necessary for the exercise of freedom of expression and information, to perform a legal task or a task in the public interest or for the establishment, exercise or defense of legal claims.
7.5) Right to restrict Processing
Under certain circumstances, you have the right to request that the processing of your Personal Data be restricted (e.g. no further processing at all or removal of published Personal Data).
7.6) Right to Data Portability
You have the right to receive the Personal Data concerning you, which you have provided to us, in a commonly used and machine-readable format, provided that processing is based on your consent or is necessary for the performance of the contract and the processing is carried out by automated means. Depending on the individual case, your Personal Data may be transferred to you or directly to another Controller.
7.7) Right to lodge a Complaint
You have the right to lodge a complaint with a competent supervisory authority about the way we handle or process your Personal Data. Alternatively you may inform us by emailing firstname.lastname@example.org.
7.8) Right to withdraw Consent and to Object
At any time, you may object to the processing of your Personal Data or freely withdraw your consent to the processing of your personal data. If you revoke your consent or effectively object to further processing for a specific purpose, we may no longer process your personal data for the corresponding purposes.
8) Updates and Definitions
8.1) Updates to this Privacy Notice
We may update this Privacy Notice from time to time.
The most current Privacy Notice is available on this page (www.rimlogistics.com/privacy-notice).
Agent Network: A network of freight forwarders chosen by RIM to perform freight forwarding services on RIM’s behalf.
Controller: The responsible entity, deciding whether a particular processing should take place, for what purpose and which principles are applicable.
Cookie: Small text files that are temporarily or permanently stored on your device when visiting our website in order to the functionality of the website or record the preferences of the users.
Data Subject: Any natural person, whose Personal Data might be processed.
EEA: The European Economic Area describes a region associated with the EU and includes Norway, Iceland and Liechtenstein.
GDPR: EU General Data Protection Regulation 2016/679.
Group: RIM logistics, ltd. (United States), RIMbosh Logistics Ltd. (Canada), RIM logistics, UK ltd (United Kingdom), RIM logistics GmbH (Germany), and RIM logistics Asia limited (Hong Kong and Phillippines).
Online Services: These services include our website, our WebTracker and our electronic newsletters.
Personal Data: Information by which a particular natural person can be identified or is identifiable.
Processing: Any operation or set of operation which is performed on Personal Data such as collecting, storing, restraining, organizing, administering, adapting, retrieving, consulting, using, applying, disclosing, combining, restricting, deleting, destructing or transferring.
Processor: A third party who performs certain business operations on our behalf, such as IT services, consulting services, third-party logistics services, administration services.
Sensitive Personal Data: Personal Data that is seen by the legislator as particularly critical and therefore specially protected. This includes Personal Data revealing race or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, genetics biometric or health data, data on sex life, sexual orientation or criminal convictions and crimes.
This Privacy Notice was last updated on November 20, 2018.