Data privacy statement

High data protection standards are integral to the Deutsche Post DHL Group brand, and IT security is of critical importance to our business operations. As a globally active company whose business model is based on connecting people and exchanging sensitive data, we believe we have a special responsibility in this regard.

The protection of your personal data throughout the entire business process is important to us. The following information is intended to provide you with an overview of how your data is processed.

General

This data privacy statement applies to data processing at

DHL Paket GmbH
Sträßchensweg 10
53225 Bonn, Germany

If you have any questions regarding the processing of your personal data, please contact the Data Protection Officer at DHL Paket GmbH. The data protection team will be happy to help if you have suggestions, complaints or requests for information.

DHL Paket GmbH
Gabriela Krader, LL.M
53250 Bonn, Germany
datenschutz@dpdhl.com

Competent supervisory authority:

Data processing in connection with postal and telecommunications services:

The Federal Commissioner for Data Protection and Freedom of Information (Bundesbeauftragte für den Datenschutz und die Informationsfreiheit)
Husarenstraße 30
53117 Bonn

Any other data processing by the data controller:

The North Rhine-Westphalia Commissioner for Data Protection (Landesbeauftragte für den Datenschutz Nordrhein-Westfalen)
Kavalleriestraße 2-4
40213 Düsseldorf, Germany

We process your data for a variety of reasons such as:

  • To fulfill a contract to which you or a sender are party
  • To make working with our IT systems as pleasant as possible
  • To send or display to you - where permitted - targeted advertising
  • To have your enquiries handled by our customer service
  • To meet our obligations within the framework of statutory requirements (e.g. the German Code of Criminal Procedure (Strafprozessordnung) or the German Foreign Trade and Payments Act (Außenwirtschaftsgesetz))
  • To fulfill our security requirements (e.g. for the purpose of solving crimes)
  • To compile statistics
  • To ensure quality, optimize processes and create planning security

Further details including the type of data, the purpose of data processing and the legal basis can be found on the respective DHL product pages (www.dhl.de).

Rights of the data subject

You have the following rights as a data subject:

a) The right to obtain information regarding the personal data we have stored about you

b) The right to rectification of any inaccurate personal data on file

c) The right to have data that is no longer required for the purpose stated erased or - where a requirement to store data exists - to have the processing thereof restricted

d) The right to receive personal data you have provided and to receive it in a structured, commonly used and machine-readable format

e) The right to file an objection if the processing of your data is based upon a legitimate interest/to its use for advertising purposes

f) The right to lodge a complaint with the competent supervisory authority if you have doubts about whether the processing of your data complies with data protection regulations.

To assert your rights, please contact us (by e-mail or letter) regarding your concerns about disclosure, correction and/or erasure of your personal data.

Send your e-mail to: dhlgeschaeftskundenportal@deutschepost.de

Send your letter to:
DHL Paket GmbH
Data protection enquiries GKP
Kruppstr. 74
45145 Essen

Your personal data will be erased or blocked as soon as the reason for retaining it ceases to apply. Data may also be retained for longer periods if statutory retention periods apply. Data may also be blocked or erased if a data retention period prescribed by law expires unless it is necessary to continue storing the data for the performance of a contract, billing or to provide evidence of correct performance until expiration of the liability periods.

The DPDHL Data Privacy Policy regulates the Group-wide standards for data processing with a special focus upon so-called third country transfers, meaning transfers of personal data to countries outside the European Union (EU) that do not have a recognized, adequate level of data protection. If you are interested in learning more about the DPDHL Data Privacy Policy, please use the following link:

Summary of DPDHL Group Data Privacy Policy (PDF)

Data processing during use of the DHL Business Customer Portal

Personal data means any information relating to an identified or identifiable natural person (referred to as the "data subject" in this text). This includes information such as name, address, telephone number and date of birth. Information that cannot be directly linked to your real identity - such as favorite websites or number of site users - is not considered personal data.

Access

For users of the DHL Business Customer Portal: To identify you uniquely as a user and communicate with you (e.g. during sign up or creation of a new shipment), we require some personal information from you. This information will be requested from you when you set up your personal user account for the DHL Business Customer Portal and includes the following: Salutation, last name, first name, address, e-mail address, telephone number, and/or cell phone number. We use your personal data exclusively for the technical administration of access to the DHL Business Customer Portal and to fulfill your wishes and requirements - i.e., primarily to process contracts concluded with you or to handle your enquiries. As the data is processed for the performance of a contract to which you are party, the legal basis for that processing is Article 6, Paragraph 1, Lit. b of the EU General Data Protection Regulation (GDPR).

Visiting the DHL Business Customer Portal

DHL is committed to preserving user privacy. For security purposes, our web servers always save the connection data of the computer connecting to our site, a list of the webpages that you visit during your activities and of the functions you used, the date of your visit, the identification data of the type of browser, and the IP address when you use our Business Customer Portal. We do not record personal data such as your name, your address, telephone number or e-mail address unless you provide these details on your own initiative, for instance, by filling out an online contact form or using specific functions (e.g. storage of a sender address).

Article 6, Paragraph 1, Lit. f of the GDPR provides the legal basis for processing the above-mentioned data categories. For these reasons, and in particular to ensure safe and seamless connection, we have a legitimate interest in the processing of such data.

The DHL Business Customer Portal has contact forms that you can use to contact us electronically. If you use this option, the data entered in the input screen will be transmitted to us and stored.

We use the personal data you provide exclusively for the technical administration of the portal and to fulfill your wishes and requirements - i.e., primarily to process contracts concluded with customers or to handle their enquiries.

The following contains examples of data processed when contact forms are used:

  • Names
  • Address
  • Contact information
  • Banking information
  • Personal notifications

Personal data entered on an input screen is used primarily to process contact requests. In addition, data may also be processed for the following purposes whenever we have to address a customer concern or request:

  • Answering enquiries sent to the point of contact listed under contact information
  • Forwarding the inquiry to another responsible party at DHL Paket
  • Revision, correction of created documents (e.g. invoices)
  • Provision of compensation

The data is processed primarily for the performance of a contract pursuant to Article 6, Paragraph 1, Lit. b of the GDPR or if processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party pursuant to Article 6, Paragraph 1, Lit. f of the GDPR. DHL Paket has a legitimate interest in particular in safeguarding smooth process flows.

If you provide your consent, you will receive offers and specific tips on products and information relating to DHL and Deutsche Post AG that are tailored to your interests and preferences. You can unsubscribe to this information at any time simply by using the link in the e-mail or using our customer service contact form.

You will receive offers for interesting products and services from DHL and Deutsche Post AG through the contact channels you provide (also by e-mail and text message) only if you expressly provide your consent. Addressing and sending is handled by DHL Paket GmbH to avoid passing on your address data to third parties. Technical processing is handled by a service provider that will be explicitly required by DHL Paket GmbH to comply with data protection requirements. This process ensures that your address data is not provided to third parties by DHL Paket GmbH. Only in the event that you respond to information from companies that we selected, will they become privy to your address data.

DHL does not provide your personal data to third parties - and will not do so in the future - unless the provision of this information is required by law, required for contractual purposes or you have explicitly provided your consent. It may, for instance, be necessary to provide your address and order details to our sub-contractors when you order our products from us.

The use of the DHL Business Customer Portal may also require us to provide your data to other companies within Deutsche Post DHL Group and their subcontractors (e.g. DHL Express Germany).

Customer service and IT services are also outsourced. External service providers who process data on our behalf provide reasonable assurance that appropriate technical and organizational measures are taken to ensure that processing complies with the requirements of the European Union General Data Protection Regulation (GDPR). Pursuant to Article 28 of the GDPR, they are contractually obligated to maintain strict confidentiality. In such cases, DHL remains responsible for protecting your personal data. These external service providers process personal data only on the basis of documented instructions from DHL.

We use tracking software to determine the number and frequency of visitors to our website. We do not use this software to collect individual personal data or individual IP addresses. The data is used solely in anonymous and summarized form for statistical purposes and for further developing the functions of the DHL Business Customer Portal.

Cookies are small text files that make it possible for us to store data on your PC concerning you as a user while you use/visit the DHL Business Customer Portal. On the basis of Article 6, Paragraph 1, Lit. f of the GDPR, we only use so-called "session cookies" to optimize our website and to ensure that our website is convenient and user-friendly. These cookies are stored exclusively for the duration of your visit. "Persistent cookies" for storing information about users that repeatedly access our internet pages are not used.

When you use the DHL Business Customer Portal, we set the following cookies:

Type Designation Purpose Additional Information
Authentification _WL_AUTHCOOKIE_JSESSIONID This encrypted cookie is set as soon as you log in to the DHL Business Customer Portal (www.dhl-geschaeftskundenportal.de).  It is removed when the session ends.
 
Session Amsel A cookie managed by the portal to maintain the session. The cookie expires after 30 minutes if it is not refreshed during the session.  
Session BIGipServerRD_100_POOL_STD A cookie managed by the portal to maintain the session. The cookie expires after 30 minutes if it is not refreshed during the session.  
Session JSESSIONID A cookie managed by the webserver to maintain the HTTP session. The cookie expires after 30 minutes if it is not refreshed during the session.  
Session NOLSESSIONID A cookie managed by the portal to maintain the session. The cookie expires after 30 minutes if it is not refreshed during the session.  
Session RPISESSIONID A cookie managed by the portal to maintain the session. The cookie expires after 30 minutes if it is not refreshed during the session.  
Settings vls_isPopUpBlockerActive A cookie managed by the portal. Used to manage the pop-up blocker settings for shipping. This cookie expires after one year at the latest.  

You can also take advantage of our offers with cookies deactivated. You can set your browser so that cookies are not saved on your computer or are restricted to certain websites. You can also have the browser notify you as soon as a cookie is sent. Cookies can also be deleted  from your computer hard drive at any time (see file: "Cookies"). Please note, however, that that this will typically limit both the way the page is presented and user guidance. Most browsers have settings that offer some control over the overwhelming majority of cookies. If you would like further information about cookies, including information about the type of cookies set and how they can be managed and deleted, please visit the website "All About Cookies" at http://www.allaboutcookies.org/. For information about cookies that is specific to the European Union and on different options for their deactivation, you can also visit the website "Your Online Choices" at http://www.youronlinechoices.eu/.

Not everyone uses a browser to visit our website. Some users access the DHL website or related applications via a mobile device. In such cases, it may not be possible to deactivate cookies or to adjust web browser settings.

Transfer to third countries means that data is transmitted to countries outside the European Economic Area (EEA) or is accessed from there. When you use the DHL Business Customer Portal, your data is without exception not processed in a third country.

DHL takes all of the necessary technical and organizational security measures to protect your personal data from being lost or misused. For instance, your data is saved in a secure operating environment which is not accessible to the public. In certain cases, your personal data is encrypted by Secure Socket Layer technology (SSL) during transmission. This means that an approved encryption procedure is used for communication between your computer and Deutsche Post DHL Group servers if your browser supports SSL.

Should you wish to contact DHL by e-mail, it is important to be aware that the confidentiality of the information you send cannot be guaranteed. The contents of e-mail messages can be read by third parties. We therefore recommend you send us confidential information directly from the DHL Business Customer Portal or by postal mail.

The contents of our data privacy statement are reviewed at regular intervals.

DHL reserves the right to change its data privacy statement at any time with or without prior notice. Please check back regularly to ensure you are informed of any changes. By using this DHL website, you declare that you accept this data privacy statement.

You can download this document for your documentation.

Last revised: May 2018