Data protection declaration
The company Deutsche Post Adress GmbH & Co. KG (hereinafter referred to as Deutsche Post Adress) appreciates your visit to our website www.postadressglobal.com and your interest in our company and our services. It is extremely important to us that your personal data is protected throughout the entire business process. The following contains an overview of how your personal data is processed on this website. This data protection information meets the information duties laid out in Art 12 ff. of the EU General Data Protection Regulation (GDPR). It does not apply to websites that are linked to from our site. The data processing guidelines of the respective operators of the accessed websites apply.
Definition of terms
To ensure that the data protection declaration is legible and clear, we first explain the specific terms named in the GDPR, which is the main law.
- Personal data includes all information relating to an identified or identifiable natural person (hereinafter called ‘affected person’). A natural person is deemed identifiable if they can be directly or indirectly identified, in particular by means of assignment to a code such as a name, a code number, location data, online code, or one or several special features that indicate the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person.
- Processing is any process with or without automated procedures or any kind of series of processes connected to personal data ( collection, recording, organisation, sorting, saving, adaptation, changing, experting, querying, use, disclosure/transfer, distribution/provision, comparison, linking, restriction, deletion, destruction).
- Processing restriction is the marking of personal data so that processing of this data is restricted.
- Profiling is any kind of automated processing of personal data that focuses on using data to assess specific personal aspects of a natural person, in particular to analyse or predict aspects relating to work output, economic situation, health, personal preferences, interests, reliability, behaviour, place of residence or change of location of this natural person.
- Pseudonymisation is the processing of personal data in a way that eliminates the possibility of assigning the personal data to specific affected persons without needing other information, insofar this additional information is stored separately and is subject to technical and organisational measures that guarantee that the personal data cannot be assigned to an identified or identifiable natural person.
- Responsible person/party is the natural or legal person, authority, institute or other office that decides by themselves or in cooperation with others about the purpose and means of the processing of personal data.
- Contractor is the natural or legal person, authority, institute or other office that processes personal data on behalf of the responsible party.
- Recipient is the natural or legal person, authority, institute or other office to whom personal data is disclosed regardless of whether or not this is a third party.
- Third party is the natural or legal person, authority, institute or other office that is authorised to process the personal data under the direct responsibility of the responsible party or the contractor.
- Consent by the affected person in this specific case is any voluntary informed and unequivocal declaration in which the affected person clearly states that they agree to the processing of their personal data.
A. Person responsible for processing your personal data
The person responsible for processing your personal data when you visit our website is:
Deutsche Post Adress GmbH & Co. KG
Am Anger 33, 33332 Gütersloh, Germany
Tel.: +49 5241 / 5393–0
This responsibility does not apply to websites that are linked to from our www.postadressglobal.com site.
B. Our data protection officer
You can reach our data protection officer at
Deutsche Post Adress GmbH & Co. KG, Data protection department
Am Anger 33, 33332 Gütersloh
C. General information about data processing
The personal data, e.g. your correct name, your address, your telephone number or your date of birth, is always processed in compliance with the General Data Protection Regulation and the national data protection provisions that apply for Deutsche Post Adress GmbH & Co KG.
I. Processing scope, recorded data types and their purposes
We only process our users’ personal data, if this is necessary to provide a functional website, our contents and work, if so stipulated by law or if you have given your express consent. The host computer automatically records information when the website is visited. If you want to continue using the services of the website, pseudonymous user profiles and any data you enter into the website will be used. You may need to provide personal data for some services. Types of data that we record automatically when the website is called up are: access/usage/meta/communication data (e.g. device information, Internet service provider, visited websites, access times, IP address). If necessary, depending on your further use of the website and your services on data types master/user/address data (e.g. Name, address), contact data (e.g. E-mail, telephone number) and content data provided by you are processed. Please read the information in section D about the cookies that are used. We use the data for providing the website and also connected services, functions and contents for security measures, if necessary to respond to contact or contract enquiries or other communication with users, for analysis, range measuring and marketing purposes.
II. Legal basis for the processing
Any legal bases for processing personal data by us as the responsible organisation are as follows:
- When data is processed for which we need consent for a certain processing purpose: Art. 6 I sec. a GDPR;
- When data is processed to fulfil a contract (e.g. provision of a service) where the contractual party is the affected person or to carry out pre-contract work (e.g. responding to an enquiry about our product or services): Art. 6 I sec. b GDPR;
- When data is processed to meet on of our statutory duties: Art. 6 I sec. c GDPR;
- When data is processed that is necessary for the vital interests of the affected person or another natural person: Art. 6 I sec. d GDPR.
- When data is processed to realise legitimate interests of our company or a third party and where the interests do not outweigh the fundamental rights and freedoms of the affected person: Art. 6 I sec. f GDPR.
III. Period for which the personal data is stored, deletion and blocking of personal data
We process and save personal data of the respective affected person only for the period required to achieve the purpose for which it was saved or for the period specified by the European Directive and Ordinance regulator or another legislator in laws or regulations which the person responsible for the processing is subject to. These may be business or tax-related regulations. § 257 Par.1 HGB specifies a storage period of 6 years for trade books, inventories, opening balance sheets etc. and § 147 Par.1 AO specifies a storage period of 10 years for books, records, situation reports, booking receipts, trade and business correspondence, tax-relevant documents etc. If necessary, processing is restricted, i.e. The data is blocked and not processed for other purposes. The criteria for the storage period for personal data are therefore the necessity and any specified statutory periods. If the storage purpose is no longer valid or if a storage period stipulated by the European Directive and Ordinance regulator or another legislator has expired, the personal data is blocked or deleted based on a routine or in line with statutory regulations.
IV. Transfer of data to third countries
If we process personal data in a country outside the European Union (EU) or the European Economic Area (EEA), in so-called third countries, or if we use the services of a service provider or disclose data to a third party, we only do so if you have given us your consent, if this is necessary to meet (pre)contractual duties, due to legal obligations or as part of our legitimate interest. Subject to a contract or statutory-based consent, we only allow data to be processed in one of these third countries, if the requirements of Art. 44 GDPR are met.
You will find more information about sections C I – IV in the following section D.
D. Description of data processing in detail
I. Provision of the website and creation of logfiles
Every time our website is accessed, it collects general data and information automatically. This general data and information is saved in the server logfiles. The following can be recorded:
- Browser types / versions that are used
- The operating system of the accessing system
- Website from which the accessing system enters our website (so-called referrer)
- Sub-website that are controlled by a system that accesses our website
- Data and time of access to our website
- Internet-Protocol address (IP address)
- Internet service provider of the accessing system
- Other similar data and information that serve to avert danger in the event of attacks on our IT systems.
We do not use this general data and information to draw conclusions about affected persons. This information is required to supply and optimise the content on our website correctly, to guarantee the permanent functionality of our IT systems and the website equipment, and to carry out security analyses and ward off any attacks, This information is only analysed by ourselves or our providers statistically with the objective of improving data protection and data security in our company to ultimately ensure an optimum protection level for the personal data we process. The data of the server logfiles are stored separately from all personal data submitted by an affected person.
The legal base for the temporary storage of the data is Art 6 Par.1 1 sec. f GDPR. The legitimate interests of the Deutsche Post Adress lie in the functionality of the website, safety analyses and averting danger.
The data and/or the IP addresses in the server logfiles is deleted as soon as it is no longer required for the purpose for which it was deleted. If recorded to provide the website, this is the case if the respective session is over; if recorded for our own security purposes, always after 7 days unless they need to be stored for verification purposes until the malfunction has been completely clarified.
You always have the right to lodge an objection to the processing of your data within the scope of server logfiles if there are reasons for this resulting from your special situation. If you would like to exercise your right to object, please contact the ‘Person responsible for processing your personal data’ using the given address. However, we should mention that without processing, the function may be completely or partially impaired, that saving data in logfiles is absolutely necessary to run the website and that processing may occur in compliance with Art.21 GDPR with no objection, if the responsible person can prove they have legitimate grounds for processing.
II. Contact opportunity via the website
If stipulated by law, our website contains information that allows you to contact our company quickly and electronically. You can contact us using the stated e-mail address(es), telephone number(s) or a contact form. If you contact us by e-mail, telephone or using the general contact form or the contact form for data audit queries, the data entered into the form, your e-mail address and/or telephone number and also your query will be sent to us and automatically saved. This kind of volunteered personal data will be saved to process your enquiry and contact you. Depending on your enquiry, your personal data will be processed possibly with the help of service providers. If necessary to process your enquiry, we may need to forward your personal data to third parties, e.g. cooperation partners.
The legal base for processing data is Art. 6 sec. f. GDPR. Deutsche Post Adress has an interest to remain in contact with the users of the website and to answer any questions or send information. If the e-mail or the direct contact aim to conclude a contract, the additional legal base for processing is Art. 6 Par.1 sec. b GDPR.
The contact data will be deleted during our regular deletion routines after your enquiry has been concluded and no further communication is required. This does not apply if you contacted us to conclude a contract or if you exercise your rights of affected persons. In this case, the data is saved until the contractual and/or statutory duties are met and statutory storage periods do not stand in the way of a deletion.
When the message is sent by e-mail or via a form, your IP address and the time and date of dispatch will be saved. This serves to prevent misuse of the contact form and the ensure the security of our IT systems. The data is used for processing the communication and no data is forwarded to third parties in this connection.
The legal base for this processing is Art. 6 sec. f. GDPR. The legitimate interest results from the above-mentioned security purpose. The other data saved with the dispatch data is deleted at the latest after a period of 7 days, unless it needs to be saved for verification purposes until the problem is finally clarified.
You have the right and the possibility to lodge an objection against the processing of your contact data. To this end, please contact the ‘Person responsible for processing your personal data’ using the address stated at the top of this data protection information. After an objection, the data saved during the contact process will be deleted immediately. If you lodge an objection, no further communication with you is possible. This does not apply if your data is processed for the purpose of a contract. In this case, it is not possible to lodge an objection. Of course, the contractual or statutory options for terminating a contract are not affected.
Technically necessary cookies are deployed on this website.
Cookies are small text files that are saved in your web browser, or by the web browser in your computer system, when you visit a website. If you access a website, a cookie containing a certain character string may be saved on your operating system. That makes it possible to uniquely identify the browser when you access the website again.
We deploy cookies in order to design our website to be more user-friendly. Some elements of our website make it necessary for the accessing browser to be identifiable, also following a change of page. Some elements of our website make it necessary for the accessing browser to be identifiable, also following a change of page. Language settings are processed in the cookies.
The user data gathered by technically necessary cookies is not processed to create user profiles.
We also use so-called “session cookies”, which are only stored on an interim basis for the duration of your use of one of our web pages.
You can, however, in your browser, deactivate the storage of cookies, limit them to certain websites, or set your browser to such a setting that it notifies you once a cookie is sent. You can also delete cookies from the hard drive of your PC at any time. Please note, however, that, in this case, of deactivating cookies, you need to expect a limited page display, and limited user guidance.
The legal basis for the processing of personal data using cookies is Art. 6(1)(f) GDPR. In that respect, our legitimate interest lies in the purposes described above.
IV. iThemes Security
We deploy the WordPress plug-in iThemes Security. It serves to protect against external attacks by hackers and bots. The plug-in stores the IP addresses of the users who visit this site, in order to adopt corresponding countermeasures in the event of any attacks. The IP addresses are only stored in the local WordPress database, and not transmitted to third parties.
The legal basis is Art. 6(1)(f) GDPR. The legitimate interest lies in the secure use of our website and protecting the user from malware, Trojans, etc.
V. Social media
Our website has a link to the social network LinkedIn and/or the LinkedIn Corporation, 2020 Stierling Court, Mountain View, CA 94043, USA (‘LinkedIN’). After clicking the graphic element, you will be forwarded to the page of the respective provider. For information about how your personal data is handled when using the LinkedIn websites, please refer to the respective data protection information by LinkedIN at https://www.linkedin.com/legal/privacy-policy.
Our website has a link to the social network XING by XING AG, Gänsemarkt 43, 20354 Hamburg, Germany („Xing“). After clicking the graphic element, you will be forwarded to the page of the respective provider. For information about how your personal data is handled when using the XING websites, please refer to the respective data protection information by XING at https://privacy.xing.com/de/datenschutzerklaerung.
VI. Google Maps
Our website has a link to Google Maps by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, („Google“). After clicking the link, you will be forwarded to the page of the respective provider. For information about how your personal data is handled when using the Google websites, please refer to the respective data protection information by Google at https://www.google.de/intl/de/policies/privacy.
E. Who receives your data
Within the company Deutsche Post Adress, offices that need to process your data to carry out the above-mentioned processes are granted access to your data.
Also, service providers / contractors that we deploy, e.g. computer centres, providers, web hosts, IT service providers, analysis services can be given your data on the basis of statutory permission (e.g. to fulfil a contract or legal duty, your consent, our legitimate interest). These service providers ensure the observance of instructions, and the security and confidential treatment of your data on the basis of order processing contracts. Contractors are commissioned based on Art.28 GDPR.
If one of the above-mentioned statutory consents applies, data may also be given to third parties, e.g. cooperation partners.
The company Deutsche Post Adress takes all necessary technical and organisational security measures to protect your personal data from loss and misuse. For instance, your data is saved in a secure operating environment that is not accessible to the public. In some cases, your personal data is encrypted during transfer by means of the so-called Secure Socket Layer (SSL) technology. This means that communication between your computer and the servers of the company Deutschen Post Adress is encrypted in a recognised encryption procedure, if your browser supports SSL.
G. Rights of affected persons
A person who is affected by the processing of their personal data has the following rights under the GDPR:
• Right to information: Each affected person has the right to demand confirmation from the responsible person about whether or not personal data is processed; if this is the case, the person has a right to information about this personal data according to the regulations of the GDPR.
• Right to correction: The affected person has the right to demand that any personal data that is incorrect is corrected by the responsible person immediately. Taking the processing purpose into account, the affected person has the right to demand that incomplete data is completed, also by using an additional explanation.
• Right to deletion (right to be forgotten): The affected person has the right to demand from the responsible person that the affected personal data is deleted immediately, if one of the following reasons applies and none of the statutory exclusion reasons (§ 17 Par.3 GDPR) applies:
- The personal data was collected for such purposes or was processed in another manner for which it is no longer required.
- The affected person revokes their consent on which the processing was based in accordance with Art. 6 Par. 1 sec. a GDPR or Art. 9 Par. 2 sec. a GDPR and there is no other legal base for processing the data.
- The affected person lodges an objection against the processing of their data according to Art. 21 Par. 1 GDPR, and there are no overriding legitimate reasons for processing, or the affected person objects to the processing according to Art. 21 par. 2 GDPR.
- The personal data was processed unlawfully.
- The personal data must be deleted to comply with a legal duty according to the Union laws or the laws of Member States which apply to the responsible person.
- The personal data was collected with reference to the available services of the information company according to Art. 8 Par. 1 GDPR.
If we, as the responsible party, have published the personal data and if we have a duty to delete personal data as a result of one of the above-mentioned reasons, we will, depending on the available technology and implementation costs, take suitable action (possibly even of a technical nature) to inform other persons who are responsible for data processing and also process the published personal data that you have requested us to delete all links to this personal data or copies and replications of this personal data.
• Right to limit data processing: The affected person has the right to demand from the responsible person that processing is restricted, if one of the following pre-requisites applies:
- The accuracy of the personal data is disputed by the affected person, for a period that allows the responsible person time to check the accuracy of the personal data.
- Processing is unlawful, the affected person rejects the deletion of the personal data and instead demands restriction of the use of the personal data.
- The responsible person no longer requires the personal data for the processing purpose; the affected person however requires the data to assert, exercise or defend legal claims.
- The affected person has lodged an objection against the processing according to Art. 21 Abs. 1 GDPR and it is not yet clear whether or not the legitimate reasons of the responsible person outweigh those of the affected person.
• Right to data portability: The affected person has the right to receive the personal data that they have given to the responsible person in a structured, standard and machine-readable format, and also has the right to send this data to another responsible person without hindering the responsible person to which the personal data was given, if the processing is based on the consent according to Art. 6 Par. 1 sec. a GDPR or Art. 9 Par. 2 sec. a GDPR or is based on a contract according to Art. 6 Par. 1 sec. b GDPR and the data is processed using an automated procedure, insofar as the processing is not necessary to carry out a task in the public interest or in the exercise of official authority that was transferred to the responsible person. The affected person also has the right when exercising their right to data portability according to Art. 20 Par. 1 GDPR to ensure that the personal data is transferred directly from one responsible person to another, if this is technically feasible and of this does not impact on the rights and freedoms of other persons.
• Right of objection: If there are any reasons arising from their special situation, the affected person has the right to object against the processing of personal data based on Art. 6 Par. 1 sec. e or f GDPR. This also applies to any profiling based on these regulations. If an objection is lodged, the responsible person stops processing the personal data, unless the responsible person can provide compelling proof of legitimate reasons for processing that outweigh the interests, rights and freedoms of the affected person or if the data processing serves to assert, exercise or defend legal claims.
• Right to revoke data protection consent: The affected person has the right to revoke their consent allowing their personal data to be processed at any time. Revoking the consent does not affect the legality of the data processing that has already occurred based on the consent that was valid until it was revoked.
• Right to appeal to the data protection supervisory body: Irrespective any other administrative and judicial procedures, the affected person has the right to lodge a complaint with a supervisory body, in particular in a Member State of their place of residence, workplace or the location of the suspected breach, if the affected person believes that processing of their personal data breaches this ordinance.
H. Provision of personal data, statutory or contractual specification, possible consequence if data is not provided
We also explain the following:
The provision of personal data is prescribed by law at this time. One example of this are tax regulations. Likewise, personal data may be provided as a result of contractual regulations,. In some cases, for instance to conclude or execute a contract, it is necessary for you, as an affected person, to give us personal data which we need to process. When you conclude a contract with us, you are obliged to provide us with personal data; if this data is not provided, the contract cannot be concluded. Before providing us with any data, please feel free to contact our data protection officer at the above contact address to check whether the provision of the personal data is stipulated by law or by the contract or is necessary to conclude the contract, whether there is a duty to provide personal data and what the consequences are if the data is not provided.
I. Automated decision-making, profiling
We do not carry out any automatic decision-making nor profiling.
J. Responsible data protection authority
The state representative for data protection and freedom of information in North Rhine-Westphalia
Telephone: +49 211 / 38424-0
Fax: +49 211 / 38424-10