DPD takes the protection of your personal data very seriously. This applies not just to the data which you entrust to us when you visit our website, but also to the sensitive data which you have to provide when you use online shipping services. For this reason DPD operates its website and Internet portal in compliance with the applicable legislation on data protection and data security.
As a company under private law DPD is in particular subject to the provisions of the Federal Data Protection Act (BDSG) and the Telecommunications Media Act (TMG), as well as the Directive on Data Protection in Postal Services (PDSV) and the Postal Services Act (PostG). In accordance with these regulations DPD has the right to record and process personal data to the extent that this is required for the establishment and implementation of the contractual relationship (master data), to enable the use of its services (usage data) and the invoicing of these services (invoicing data).
DPD wishes to ensure that visitors and users have full confidence in its services and for this purpose the company provides transparent information about the way it deals with personal data. Here you will learn in product-related terms what information is collected and how this information is used.
If you have provided DPD with personal data you can cancel this at any time. We will then immediately delete your data, unless we are under an obligation to archive it. If deletion is not possible for this or any other reason, we will block the data for further use in accordance with federal data protection regulations. The ‘Contact’ navigation element on our website and on our Internet portal enables users, for example, not just to make contact with DPD direct, but also to cancel their consent to the recording, processing and use of their personal data in future. The personal data which has been provided to us is then deleted.
The responsible body under federal data protection legislation is:
DPD Deutschland GmbH
If you have any questions relating to parcel shipping with DPD please use our contact form.
You can contact Michael Mayer, our Data Protection Officer, at firstname.lastname@example.org.
Further data protection information
In order to optimise our service we apply Google Analytics and our own statistical analyses. Google Analytics is a web analysis service provided by Google, which is used for purposes of market research and ensuring that the service meets user requirements. Google Analytics uses “cookies”, which are placed on your computer to make it possible to analyse how you make use of the service. The information generated by the cookies about your use of the service (including your pseudonymised IP address) is as a rule transmitted to and stored by Google on servers in the United States . Google uses this information in order to evaluate your use of the service and to create reports on activities for the operator of the service. Google may also transmit this information to third parties if this is prescribed by law, or if third parties process the data on behalf of Google. On no account will Google connect your IP address with other Google data. At http://tools.google.com/dlpage/gaoptout?hl=de you can, with effect for the future, opt out of the recording and saving of your data at any time. In addition we use Google Analytics remarketing and reports on demographic features and interests in order to display to website visitors relevant advertisements on the partner websites of the Google display and search network. The saving of cookies makes it possible to analyse user behaviour and activate interest-based advertising. With effect for the future you can cancel the recording and use of your data for advertising purposes at any time via the following link: http://www.google.de/settings/ads.
Google DFP (Doubleclick for Publishers) Small Business Server
DPD GeoPost (Deutschland) GmbH offers you the opportunity to apply online to work with us as a delivery driver or system partner. For this purpose we collect specific data from you.
From delivery drivers:
As DPD does not employ its own drivers, we evaluate your data and then pass it on to a suitable system partner. By providing your consent at the end of the data collection you agree that the recorded data – as displayed on the screen – can be passed on to a system partner. After the data has been passed on it will then be processed by the system partner. We delete your data after 12 months.
From system partners:
To qualify as a system partner to DPD the relevant person/company must have a business licence and a permit to transport goods. We will contact you after using the data which you provide for preliminary classification purposes. The data is used by us exclusively for selection and checking purposes, and will be deleted after 12 months if you cannot be considered as a system partner.
The DPD App and the Parcel Navigator application are operated and made available by DPD Deutschland GmbH, Wailandtstraße 1, 63741 Aschaffenburg, Germany. The following data protection terms are intended both for users of the mobile app and users of the browser-based version, referred to together below as the ‘service’.
In principle the service can be used without registration. However, registration is necessary if you wish to make use of the convenience functions of the service. This is implemented either by registering via the service with an email address and password, or by using an existing Facebook or Google+ account. DPD does not provide Facebook or Google with any parcel information data, and only uses these services for purposes of authentication.
‘Login with Facebook’: Facebook Connect is a service provided by Facebook Ireland Limited (Hanover Reach, 5‒7 Hanover Quay, Dublin 2, Ireland). Use is voluntary and optional. In the use of Facebook Connect, the Facebook profile data and public data from your Facebook profile are transmitted to DPD. For the purpose of simplified registration for the use of the service, we record and process your first name and surname, your gender, age, town of residence, email address and Facebook ID. If you are already a DPD customer, only the Facebook ID will be processed. Via the Facebook ID your Facebook account is then linked with your DPD account. This enables you to use the ‘Login with Facebook’ button to log into the service with your Facebook access data. In addition, if you use this process to log in, Facebook is informed that you are currently using the DPD service. The link with Facebook can be cancelled at any time from your Facebook profile. On this subject see also the Facebook data protection declaration.
The same process is applied if you use the Google+ login. This Google service is provided by Google Inc. (‘Google’; Amphitheatre Parkway, Mountain View, CA 94043, USA). Your registration and use of Google services are subject to the Google terms of data protection and use, which you can view at www.google.com/intl/de/policies/privacy.
In order to make the services and information available, DPD processes the following items of your data: email address, mobile phone number, password, a standard postcode (as a rule your consignee postcode), Predict status (whether you wish parcel notifications or not), the device name of the devices used by you, and shipment-related information from our delivery systems.
By using the app settings on your mobile device or user account for the service, you yourself can decide if the service should be able to send you messages.
Assessment of creditworthiness: For the purpose of assessing the creditworthiness of new customers, in the case of business customers we use a probability value (score procedure) on the basis of automated mathematical-statistical processes applied by the credit rating agency: e-crefo GmbH, Hellersbergstraße 12, 41460 Neuss . In the case of private customers we use the services of the credit rating agency: Creditreform Boniversum GmbH, Hellersbergstraße 11, 41460 Neuss. This information is used as the basis for the decision-making process. No enquiries are made involving subjective value assessments or personal financial circumstances. Data is only saved and communicated to the extent that this is necessary to protect the legitimate interests of DPD Deutschland GmbH. In the case of business customers we also wish to point out that, if there is insufficient data about the relevant company at the point in time when we make enquiries with e-crefo GmbH, to help us make an individual decision we also request a probability value from Creditreform Boniversum GmbH, Hellersbergstraße 11, 41460 Neuss relating to the owner or the manager of the relevant company. In order to avoid unreasonably affecting your interests in the course of the creditworthiness assessment, DPD carries out a balancing of interests. If the result of the check on creditworthiness is negative, DPD reserves the right to change its terms of payment.
In order to optimise our service we apply Google Analytics and our own statistical analyses. Google Analytics is a web analysis service provided by Google, which is used for purposes of market research and ensuring that the service meets user requirements. Google Analytics uses “cookies”, which are placed on your computer to make it possible to analyse how you make use of the service. The information generated by the cookies about your use of the service (including your pseudonymised IP address) is as a rule transmitted to and stored by Google on servers in the United States . Google uses this information in order to evaluate your use of the service and to create reports on activities for the operator of the service. Google may also transmit this information to third parties if this is prescribed by law, or if third parties process the data on behalf of Google. On no account will Google connect your IP address with other Google data. At https://tools.google.com/dlpage/gaoptout?hl=en you can, with effect for the future, opt out of the recording and saving of your data at any time. In addition we use Google Analytics remarketing and reports on demographic features and interests in order to display to website visitors relevant advertisements on the partner websites of the Google display and search network. The saving of cookies makes it possible to analyse user behaviour and activate interest-based advertising. With effect for the future you can cancel the recording and use of your data for advertising purposes at any time via the following link: http://www.google.de/settings/ads.
DPD only makes the data from the use of the service and the service itself available to authorised internal DPD users.
DPD Financial Services are provided by DPD Deutschland GmbH [referred to below as DPD] for the processing of electronic invoices. The service is operated on behalf of DPD by DATEV eG, Nuremberg. DPD records, processes and uses the data which you make available in connection with your use of the Financial Services.
A user account is required for the use of the service. You recognise the following terms and conditions for use when you register for the service and give your consent to the processing of the data which you provide. After registering, users are transferred to the website of our service provider.
The data which is required for the electronic invoicing function will be saved and used for the relevant processes. DPD will have the right to use your contact data for its own advertising and marketing purposes and to inform you about news and product information from DPD.
You can prohibit the use of your personal data for marketing and advertising purposes at any time by sending notification in no specific form to DPD Deutschland GmbH, Wailandtstraße 1, 63741 Aschaffenburg by post with the reference "Prohibition of the use of my Financial Services contact data for advertising purposes", or by using our contact form.
DPD will store your data on highly secure servers in Germany. Access to these servers is only available to a restricted number of specially authorised persons who are responsible for the servers in technical, commercial or editorial terms. DPD has taken special steps in order to ensure the security of your personal data. Your data will be carefully protected against loss, destruction, falsification, manipulation and unauthorised access or unauthorised publication.
All communication with Financial Services via the Internet is implemented using special security precautions by means of encrypted connections. In order to identify authorised users DPD uses session cookies. These small text files, which are administered by your Internet browser and saved on your computer, are deleted once more when you log out of Financial Services.
In order to ensure the correct delivery of shipments to the right consignee DPD requires a range of data, which is as a rule provided by the consignor. In addition to details of the address, parcel type and parcel shipping options the data may include further information which will, for example, enable us to notify the consignee of the delivery. In compliance with postal legislation and the regulations on data protection in postal services DPD processes this data in a shipment-related way and only for delivery purposes. The details which are provided are used exclusively within the DPD network for delivering shipments and invoicing services, or for clarifying issues relating to shipments (e.g. transport damage). DPD does not use consignee data for advertising purposes or for other personal analyses. Findings from DPD's delivery processes are only used in an anonymised form for the purpose of optimising delivery operations. Your data is not sold, hired out or exchanged.If we submit data to external service providers this will be done on behalf of §11 BDSG (german privacy law /data processing by contract) or other legal privacy regulations.
DPD also appears in a number of social networks. These include Facebook, Twitter, Xing and Youtube. DPD provides its services on these platforms under the data protection provisions of the individual platform operator and has no direct responsibility for the way the operator processes data. Any findings from this data are used only for internal purposes and direct consultation. DPD wishes to point out that these platforms are in themselves public and anything which is posted on them can as a rule be read by all users. DPD will not provide shipment-related information or details of personal data in any public forum via these platforms.
DPD Deutschland GmbH (registered office: Wailandtstraße 1, 63741 Aschaffenburg, referred to below as DPD) offers, as part of its product portfolio, its Predict-Services for consignors and consignees.
With this service the consignee receives advance notification of shipments sent by the consignor in the form of an email or SMS text message, notifying the consignee when the shipment will be delivered and enabling him or her to make individual arrangements for the delivery. For this purpose the consignor (shipping customer) provides DPD with the necessary supplementary information, such as the email address or mobile number of the consignee.
DPD processes this data exclusively for this purpose and for no other purpose. For purposes of dealing with complaints or invoicing, the data is recorded in relation to the individual shipment and saved, also in relation to the individual shipment, in our shipping archives in accordance with statutory provisions relating to archiving periods. In order to meet the requirements of federal data protection legislation in relation to transparency, we recommend to our shipping customers that they should inform their customers (consignees) about this data transfer as part of their own data protection arrangements, e.g. in the data protection declaration on their website (see suggested text below) or by obtaining a declaration of consent from the customer. We recommend the declaration of consent as a secure basis for the transfer of data to DPD.
The shipping customer is responsible for ensuring the correctness of the information provided to DPD about the email addresses and telephone numbers of his customers (consignees) with regard to the correct spelling, syntax and allocation to a specific shipment. If DPD has received instructions from a consignee blocking the transfer of information by email or SMS, DPD is under an obligation to follow these instructions and to terminate the service to the relevant consignee. There will be no message to the shipping customer that this service has been blocked by the consignee.
As part of DPD’s Predict-Services the consignor can also provide customers with information about himself in the form of banner advertising. In the process the shipping customer bears sole responsibility for the permissibility of sending the advertising banner to his customers (consignees). DPD undertakes towards shipping customers not to send any advertising of its own to their customers (consignees).
Consignees who wish to block their email address for the Predict-Service should send an informal notice of cancellation to email@example.com indicating their name, address and the email address which is to be blocked or use the unsubscribe link in the Predict notification email.
As a precaution we wish to point out that the effect of blocking the email address will be that the consignee will receive no further email notifications from us relating to shipments from any consignor. If therefore this function is only to be deactivated for one specific consignor, the relevant consignee needs to contact this specific consignor and inform him that email notifications are to be blocked.
Suggested text for instructions in the data protection declarations of DPD’s shipping customers:
”During shipping operations we transmit, on the basis of the directive on data protection in postal services (§5 PDSV), your data (name, address, if necessary email address and/or mobile phone number for notification options and re-directions, together with further shipment-related data) to our shipping partner DPD Deutschland GmbH.”
Valid from: 03/2017