Thank you for visiting our website. Below, we would like to inform you about how we handle your data in accordance with Art. 13 of the General Data Protection Regulation (GDPR).
The following entity is controller for the data processing described below:
SACO Shipping GmbH
Wollkämmereistraße 1
21107 Hamburg
Germany
Phone: +49 40 311706-0
E-Mail: info@saco.de
Our external data protection officer is available to provide you with information on data protection at the following contact details:
datenschutz nord GmbH
Sechslingspforte 2
22087 Hamburg
Tel.: +49 40 5936160400
Email: office@datenschutz-nord.de
When contacting our data protection officer, please also indicate SACO Shipping GmbH as the controller for the data processing.
When you visit our websites, our web server temporarily evaluates so-called usage data for statistical purposes in order to improve the quality of our website. This data consists of the following data categories:
The legal basis for the processing of usage data is Art. 6 (1) (f) GDPR. The processing is based on the legitimate interest of providing the contents of the website and ensuring a device- and browser-optimised display.
We share your data with service providers that support us in the operation of our websites and the associated processes as part of data processing on behalf of the controller pursuant to Art. 28 GDPR. These are, for example, hosting service providers. Our service providers are strictly bounded by our instructions and are contractually obligated accordingly.
In the following, we will name the processors with whom we work, if we have not already done so in the above text of the data protection declaration. If data may be processed outside the EU or the EEA in this context, we inform you about this in the following table.
| Processor | Purpose | Adequate level of data protection |
| profihost GmbH/dogado GmbH | Web hosting and support | Processing only within the EU/EEA |
| Digital Masters GmbH | Administrative support | Processing only within the EU/EEA |
In order to protect your data as comprehensively as possible from unwanted access, we implement technical and organisational measures. These measures include encryption procedures on our websites. Your data is transferred from your computer to our server and vice versa via the internet using TLS encryption. You can usually recognize this by the fact that the lock symbol in the status bar of your browser is closed and the address line begins with https://.
We use cookies on our websites, which are necessary for using our websites.
Cookies are small text files that can be stored on and extracted from your device. There is a difference between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored for more than the duration of the session. In some cases, these cookies only contain information on certain settings and are not linked to a person. They may also be necessary to enable user guidance, security and operating of the site.You can delete cookies or prevent the setting of new cookies at any time by using the appropriate browser settings. Please note that our websites may then not be displayed correctly and some functions may no longer be available for technical reasons.
We also use so-called web storage entries (local storage, session storage) on our websites. With local storage, data is stored locally in your browser’s cache and remains there even after you close the browser window and can be extracted if you do not actively delete the cache. You can manage local storage content in your browser via the settings, depending on which browser you use. The function of session storage corresponds in content to the local storage described above, except that the corresponding data is automatically removed from your browser’s cache immediately after closing the browser (“session”).
We use necessary cookies and web storage entries based on our legitimate interest in accordance with Art. 6 (1) (f) GDPR.
For more information about the necessary cookies and web storage entries, the storage period, and the purpose of processing, please refer to our consent banner, category “Essential”.
We use a consent management platform (consent banner) on our websites. The processing in connection with the use of the consent management platform and the logging of the settings you have made is based on our legitimate interest in accordance with Art. 6 (1) (f) GDPR to provide you with our content according to your preferences and to be able to prove your consent(s). The settings you have made, the consents you have given and parts of your usage data are stored in a cookie. This ensures that it is kept for further website visits and that your consents continue to be traceable. You can find more information about this under the section “3.4 Necessary cookies / web storage”.
We use Google Consent Mode V2 (basic mode). This means that your IP address is transmitted to Google irrespective of your settings in the banner. However, this is deleted by Google immediately after collection and is not logged. The processing is based on our legitimate interest in being able to better control and use certain functions of the Google services used on the website that require consent. The legal basis for processing is Art. 6 (1) (f) GDPR.
Non-essential cookies and, where applicable, web storage entries are also used on our websites, provided you have given your consent via our consent banner. For more information on non-essential cookies and web storage entries, the storage period, and the purpose of processing, please refer to our consent banner, categories “Statistics” and “External Media”. Only when you give your consent via our consent banner, non-essential cookies and, if applicable, web storage entries will be used, and further data processing will take place on the basis of your consent, which you can withdraw at any time via our consent banner. Withdrawing your consent does not affect the lawfulness of the processing based on your consent before its withdrawal.
We use web analytics tools to design our websites in accordance with the needs of our visitors. This creates usage profiles based on pseudonyms. For this purpose, permanent cookies are stored on your device and accessed by us. In addition, it is possible that we retrieve identifiers related to your browser or device (e.g., a so-called browser fingerprint or your full IP address). This allows us to recognise returning visitors and count them as such.
In addition, we use the following functions as part of visitor measurement:
The legal basis for this data processing is your consent if you have given your consent via our consent banner. Below we list the third-party providers with whom we collaborate within the context of our visitor measurement. If data is processed outside the EU or the EEA (in particular in the USA) in this context, we provide information about the level of data protection in the following table.
| Provider | Maximum storage period | Appropriate level of data protection | Withdrawal of consent |
| Google (Analytics) | 13 months | For transfers to the U.S., an adequate level of data protection is ensured due to the certification of the provider under the adequacy decision (EU-U.S. Data Privacy Framework). | If you wish to withdraw your consent, please click here and make the appropriate setting via our banner. |
On our websites, we embed map services that are not stored on our servers. For reasons of data protection, no content from third-party proivders is reloaded yet and the third-party provider will not receive any informtaion, when you call up our web pages. Only when you give your consent the content of the third-party provider will be reloaded. The third-party provider is therefore able to obtain the information that you have accessed our site as well as the usage data that is technically required in this context. Additionally, the third-party provider is able to implement tracking technologies. We have no influence on the further data processing by the third-party provider. Your consent includes that contents of the third party provider are reloaded.
The embedding is based on your consent. Please note that the embedding of some map services results in that your data will be processed outside the EU or EEA (in particular the USA). If data is processed outside the EU or the EEA (in particular in the USA) in this context, we provide information about the level of data protection in the following table.
| Provider | Maximum storage period | Appropriate level of data protection | Withdrawal of consent |
| Google (Maps) | – | For transfers to the U.S., an adequate level of data protection is ensured due to the certification of the provider under the adequacy decision (EU-U.S. Data Privacy Framework). | If you wish to withdraw your consent, please click here and make the appropriate setting via our banner. |
On our websites, we embed videos that are not stored on our servers. However, for reasons of data protection, no content from third-party proivders is reloaded yet and the third-party provider will not receive any informtaion, when you call up our web pages. Only when you give your consent the content of the third-party provider will be reloaded. The third-party provider is therefore able to obtain the information that you have accessed our site as well as the usage data that is technically required in this context. Cookies or web storage entries may also be set. Additionally, the third-party provider is able to implement tracking technologies. We have no influence on the further data processing by the third-party provider. Your consent includes that contents of the third party provider are reloaded.
The embedding is based on your consent, provided you have given your consent via our consent banner. If data is processed outside the EU or the EEA (in particular in the USA) in this context, we provide information about the level of data protection in the following table.
| Provider | Maximum storage period | Appropriate level of data protection | Withdrawal of consent |
| Vimeo | Until deletion from the browser | For transfers to the U.S., an adequate level of data protection is ensured due to the certification of the provider under the adequacy decision (EU-U.S. Data Privacy Framework). | If you wish to withdraw your consent, please click here and make the appropriate setting via our banner. |
We use the non-essential third-party technical functions and content listed below to display our websites. When you visit our pages, content from third-party providers who provide these functions and content is reloaded. This provides the third-party provider with information that you have visited our site, as well as the technically necessary usage data.
The embedding is based on your consent, provided that you have given your consent via our consent banner. Below, we list the third-party providers with whom we work in this context. If the data is processed outside the EU or the EEA (in particular in the USA) in this context, we provide information on the level of data protection in the table below.
| Provider | Technical function or content | Adequate level of data protection | Withdrawal of consent | |
| Google Tag Manager | For transfers to the U.S., an adequate level of data protection is ensured due to the certification of the provider under the adequacy decision (EU-U.S. Data Privacy Framework). | If you wish to withdraw your consent, please click here and make the appropriate setting via our banner. |
You have the option of applying to us and our affiliated companies using an application form provided on our websites or via email. The company to which your application is addressed is controller for the data processing. If your application is not addressed to us (SACO Shipping GmbH), we provide support within the scope of data processing in accordance with Art. 28 GDPR as a data processor bound by instructions.
When using the application form, you will be required to provide the information marked as mandatory fields in the application form. When applying via email, you determine the scope of the data you wish to transmit in your email application. However, in order for your application to be considered, at least the following information is required: name, address, email address, cover letter or details of the desired position, resume, references, and qualifications. The legal basis for the processing of this data is Section 26 (1) (1) German “Bundesdatenschutzgesetz” (BDSG) or Art. 6 (1) (b) GDPR, as the data is necessary for the decision on the establishment of an employment relationship or the conclusion of a contract. In addition, you can decide for yourself whether to provide further information that is not marked as mandatory on the application form or that you attach to your application via email. The provision of this data is voluntary and is not mandatory for your application. If you voluntarily provide us with personal data, this data will be processed on the basis of your consent, which can be revoked at any time, in accordance with Art. 6 (1) (a) GDPR in conjunction with § 26 (2) BDSG. You can withdraw your consent at any time with future effect. To do so, please contact bewerbung@saco.de .
In addition, personal data about you may be collected from career networks (e.g., XING, LinkedIn) and from websites with a professional context during the application process, provided that this personal data has been made public. The legal basis for processing is the legitimate interest pursuant to Art. 6 (1) (f) GDPR in collecting additional relevant information for the decision on establishing an employment relationship with you.
In the event of rejection, you may be asked whether you consent to the longer storage of your data (talent pool). Based on your consent, your data will then be further processed for a period of 18 months so that we can also consider your application for other or future job vacancies with us and our affiliated companies. We will retain your declaration of consent to be included in our talent pool for further three years in order to comply with our accountability obligations within the meaning of Art. 5 (2) GDPR. The legal basis for storing your application documents and contacting you in the event of a suitable position is Art. 6 (1) (a) GDPR in conjunction with § 26 (2) BDSG. You can withdraw your consent at any time with effect for the future. To do so, please contact bewerbung@saco.de .
Your information will be treated as confidential. In connection with applications Microsoft Ireland Operations Limited (One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland) is used. Data processing is carried out on our behalf on servers in data centers in the European Union. A corresponding contract for data processing has been concluded with the service provider. An adequate level of data protection is ensured by Microsoft’s certification under the EU-U.S. Data Privacy Framework (adequacy decision for the U.S.). Where necessary, other strictly bound service providers are used, e.g., in the areas of IT support, with whom separate contracts for data processing have been concluded.
If there is no legal retention period, the application data will be deleted as soon as storage is no longer necessary or the legitimate interest in storage has expired. If you are not hired, this will normally be the case no later than six months after completion of the application process or after receipt of the rejection, unless you have given your consent to longer storage. We also delete data if you withdraw your consent to the processing of your data. In individual cases, individual data may be stored for a longer period (e.g., travel expense reports). The duration of storage is then based on the statutory retention obligations, e.g., from the German Tax Code (“Abgabenordnung”, 6 years) or the German Commercial Code (“Handelsgesetzbuch”, 8 years). Further storage of your data is also permissible if, after weighing up the interests, we determine that further processing is necessary for the assertion, exercise, or defense of legal claims.
You have the option of contacting us via telephone or email. If we collect data from you during a telephone call, we will use it exclusively to respond to your request or to contact you. We also store and use the data provided in connection with an email exclusively for these purposes. The legal basis for the processing of the data is our legitimate interest in responding to your request in accordance with Art. 6 (1) (f) GDPR. We will delete your data if it is no longer required and there are no legal retention obligations. With regard to processing in accordance with Art. 6 (1) (f) GDPR, you have the right to object at any time.
We use Microsoft Ireland Operations Limited (One Microsoft Place, South County Business Park Leopardstown, Dublin 18, D18 P521, Ireland) for our email communication. Data processing takes place on servers in data centers in Europe. A corresponding contract for data processing has been concluded with the service provider. Furthermore, with regard to Microsoft, an adequate level of data protection is guaranteed due to the certification of the parent company under the EU-U.S. Data Privacy Framework (adequacy decision for the U.S.).
Unless we have already informed you in detail about the storage period, we delete personal data when they are no longer required for the aforementioned processing purposes and no legitimate interests or other (legal) reasons for storage prevent deletion.
When processing your personal data, the GDPR grants you certain rights as a data subject:
Right of access (Art. 15 GDPR)
You have the right to obtain confirmation as to whether personal data of you is being processed; if this is the case, you have the right to obtain information about the processed personal data and to receive the information listed in detail in Art. 15 GDPR.
Right to rectification (Art. 16 GDPR)
You have the right to request the rectification of any inaccurate personal data relating to you and, where applicable, the completion of any incomplete data, without delay.
Right to erasure (Art. 17 GDPR)
You have the right to request the erasure of your personal data without delay, provided that one of the reasons listed in detail in Art. 17 GDPR applies.
Right to restriction of processing (Art. 18 GDPR)
You have the right to request the restriction of processing, for the duration of the assessment by the controller, if one of the requirements listed in Art. 18 GDPR is met, e.g. if you have objected to the processing.
Right to data portability (Art. 20 GDPR)
In certain cases, which are listed in detail in Art. 20 GDPR, you have the right to receive your personal data in a structured, commonly used and machine-readable format or to request the transfer of this data to a third party.
Right to withdraw consent (Art. 7 GDPR)
If the processing of data is based on your consent, you are entitled to withdraw your consent to the processing of your personal data at any time in accordance with Art. 7 (3) GDPR. Please note that the withdrawal of the consent only effective for the future. Processing that took place before the withdrawal is not affected.
Right to object (Art. 21 GDPR)
If data is collected on the basis of Art. 6 (1) (f) GDPR (data processing for the protection of legitimate interests) or on the basis of Art. 6 (1) (e) GDPR (data processing for the protection of public interests or in the exercise of official authority), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are demonstrably compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)
Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your data violates data protection regulations. The right to lodge a complaint can be asserted in particular witha supervisory authority in the Member State of your habitual residence, your place of work or the place of the suspected infringement.
Asserting your rights
Unless otherwise specified above, please contact info@saco.de to assert your rights as a data subject.
Here you will find content from a third-party provider (Google). By clicking on “Confirm,” you agree to the loading of content from Google (USA). This provides Google with information that you have accessed our site, as well as the technically necessary usage data. We have no influence on further data processing by Google. For more information, please see our privacy policy.
You are currently viewing a placeholder content from Mapbox. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.
More InformationYou are currently viewing a placeholder content from OpenStreetMap. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.
More Information