DE
EN

PRIVACY POLICY

This website (hereinafter referred to as "Website") is provided by HVCC Hamburg Vessel Coordination GmbH (hereinafter referred to as "us" or "we"). Further information about the provider of the Website can be found in our legal notice (Impressum).

Below, we would like to inform you about how we handle personal data when you use this Website. We generally collect and process personal data only to the extent necessary to provide a functional Website and our content and services.

You can contact our Data Protection Officer at datenschutz@hhla.de or via our postal address with the addition "Data Protection Officer".

 

1. Accessing the Website

When you access our Website, your browser automatically transmits certain data to our web server for technical reasons, so that the information you requested can be provided. The following data is collected, temporarily stored, and used to enable your visit to the Website:

  • IP address
  • Date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Operating system and its access status / HTTP status code
  • Amount of data transferred
  • Website from which the request originates
  • Browser, language, and version of the browser software

Temporary storage of this data is necessary to deliver the Website to the user's computer. Storage in log files ensures the functionality of the Website and helps us optimize it and maintain the security of our IT systems. The data is deleted once the purpose of processing no longer applies and no legal retention obligations prevent deletion.

The legal basis for the temporary storage of data and log files is Art. 6(1)(f) GDPR. The described purposes also constitute our legitimate interest in processing.

 

2. Use of Cookies

We only use session cookies (also known as temporary cookies) on our websites. Session cookies are small text files that are stored temporarily for the duration of your use of one of our websites. You can configure your browser to disable cookies entirely, restrict them to certain websites, or notify you when a cookie is set and ask for your response.

The purpose of these cookies is to identify your computer during a visit to our websites and to detect when your visit ends. To use the full functionality of our website, it is technically necessary to allow session cookies. These cookies are deleted once you leave our websites or end your browser session.

The legal basis for this processing is Art. 6(1)(f) GDPR. The described purposes also constitute our legitimate interest in processing.

 

3. Use of the HVCC Customer Portal (Dashboard)

The HVCC Customer Portal is a central tool for coordinating and optimizing vessel arrivals. It aggregates and coordinates a wide range of planning data and timestamps centrally and across operations.

To use the HVCC Customer Portal, we process personal data necessary to provide our services, including:

  • Email address
  • Username
  • First name, last name
  • Preferred language
  • Company
  • Assigned function-related dashboard

This data enables us to provide you with personalized and secure access and to tailor the dashboard functionalities to your needs.

The data is deleted once the purpose of processing no longer applies and no legal retention obligations prevent deletion.

This data is processed exclusively based on your explicit and voluntary consent (Art. 6(1)(a) GDPR).

 

4. External Services and Content on Our Website

We integrate external services or content on our Website. To use the full functionality of our website, it is technically necessary to process data in connection with these external services and content. When you use such a service or view third-party content, communication data is exchanged between you and the respective provider for technical reasons.

Additionally, the provider may process your data for their own purposes. We have configured services or content from providers known to process data for their own purposes to the best of our knowledge so that communication for other purposes than displaying the content or services on our Website is either prevented or only occurs if you actively choose to use the service.

However, since we have no control over the data collected and processed by third parties, we cannot provide binding information about the purpose and scope of such processing.

For more information about the purpose and scope of data collection and processing, please refer to the privacy policies of the respective providers responsible for the services or content we have integrated.

The legal basis for this processing is Art. 6(1)(f) GDPR. The described purposes also constitute our legitimate interest in processing.

 

5. Presence on LinkedIn

Operating a LinkedIn channel serves the purpose of providing sustainable and transparent information and communication to the interested public. The legal basis for operating the LinkedIn channel is Art. 6(1)(f) GDPR; HVCC’s presence on LinkedIn is part of its public relations responsibilities.
Please note that you use this LinkedIn page and its functions under your own responsibility.

HVCC uses the technical platform and services of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, for its LinkedIn channel.

When you visit our LinkedIn page, LinkedIn collects, among other things, your IP address and other information stored in cookies on your device. This information is used to provide us, as the operator of the LinkedIn page, with statistical insights into the usage of the page. More information is available from LinkedIn at the following link:
LinkedIn Privacy Policy

The data collected about you in this context is processed by LinkedIn Inc. and may be transferred to countries outside the European Union. LinkedIn’s data usage policies describe what information is collected and how it is used. These policies also include contact details and information about ad settings.
LinkedIn Data Usage Policy

LinkedIn does not transparently disclose how it uses data from visits to LinkedIn pages for its own purposes, to what extent user activities are assigned to individual users, how long LinkedIn stores this data, or whether data is shared with third parties. We therefore do not have access to this information.

As users of the LinkedIn platform, we operate within the framework of LinkedIn’s terms of use and have no direct influence over the data processing that occurs when our LinkedIn presence is accessed or over which profiles are visible.

Our LinkedIn presence is managed by dedicated staff who review and respond to incoming messages. The visibility of your profile and contributions to other users depends on your interaction with our content.

It is important to note that using LinkedIn involves data transfers to third countries outside the European Union and the European Economic Area. LinkedIn states that such transfers are legitimized through Standard Contractual Clauses.

Regarding data storage: comments and likes left on our profile are stored indefinitely unless deleted by you. Direct messages sent to us are also stored but are deleted at regular intervals.

 

6. Disclosure of Data for Processing on Our Behalf

Your personal data is generally not shared with third parties unless required by law or you have given explicit consent. Data is only shared in legally permitted exceptional cases, such as due to a government order or to fulfill a contract to which you are a party.

In some cases, we use external service providers to fulfill our tasks. If these service providers gain access to your personal data, this constitutes data processing on our behalf. We ensure that your data is always processed in compliance with data protection regulations and under our instructions.

Before engaging an external service provider to process your data, we carefully assess their ability to implement the necessary technical and organizational measures to protect your data. The relationship with these service providers is governed by a data processing agreement in accordance with Art. 28 GDPR. This agreement ensures that the service provider processes your data exclusively according to our instructions and in compliance with strict data protection regulations.

If data processing takes place in a country outside the European Union or the European Economic Area, we ensure an adequate level of data protection through the use of EU Standard Contractual Clauses. These clauses are approved templates by the European Commission that ensure your data is protected even when transferred to third countries. Regular audits and checks of our processors ensure compliance with contractual and legal requirements.

 

7. Objection or Withdrawal of Consent to Data Processing

If you have given consent for the processing of your data, you may withdraw it at any time. Such a withdrawal affects the legality of the processing of your personal data after you have communicated it to us. The legality of the data processing up to the point of your withdrawal remains unaffected.

If we base the processing of your personal data on a balancing of interests, you may object to the processing. When exercising such an objection, we ask you to explain the reasons why you do not want us to process your personal data as we have been doing. We will then assess the situation and either adjust or stop the data processing, or demonstrate our compelling legitimate grounds for continuing the processing.

 

8. Information About Your Rights

As a data subject, you have comprehensive rights regarding your personal data. You have the right to access the data stored about you and to have it corrected if it is inaccurate. You may also request the deletion of your data if one of the reasons listed in Art. 17 GDPR applies, for example, if the data is no longer necessary for the original purposes.

Under the conditions outlined in Art. 18 GDPR, you also have the right to restrict processing. In cases covered by Art. 20 GDPR, you have the right to data portability. Any consent you have given can be withdrawn at any time in accordance with Art. 7(3) GDPR. Furthermore, you have the right to object to data processing under Art. 21 GDPR.

If you wish to exercise your rights, please contact our Data Protection Officer using the contact details provided below.

Every data subject has the right to lodge a complaint with a supervisory authority if they believe that the processing of their personal data violates data protection regulations. The right to complain can be exercised in particular with a supervisory authority in the Member State of your residence, workplace, or the place of the alleged infringement.
In Hamburg, the competent supervisory authority is:

The Hamburg Commissioner for Data Protection and Freedom of Information Free and Hanseatic City of Hamburg, Ludwig-Erhard-Str. 22, 20459 Hamburg
Email: mailbox@datenschutz.hamburg.de

 

9. Contacting the Data Protection Officer

You also have the right to contact our Data Protection Officer at any time:

Hamburger Hafen und Logistik Aktiengesellschaft
Group Data Protection Officer
Email: datenschutz@hhla.de
Bei St. Annen 1
20457 Hamburg

 

10. Updates to This Privacy Policy

We reserve the right to update this privacy policy from time to time. Updates will be published on our Website. Changes become effective upon publication on our Website. We therefore recommend visiting this page regularly to stay informed about any updates.

 

Last updated: September 2025