The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the EU member states, as well as other data protection regulations, is:

YES Logistics Europe GmbH

Kleine Reichenstraße 7

20457 Hamburg

Deutschland

Managing Director: Chun-Nan Chou

Authorized Officer (Prokurist): Torsten Kruse

Phone: +49 40 180240100

Email: info@yeslogistics.eu

Website: www.yeslogistics.eu

2.1. Scope of processing of personal data

We generally process personal data of our users only to the extent necessary to provide a functional website and our content and services. The processing of personal data is generally carried out with the user’s consent. An exception applies where prior consent cannot be obtained for factual reasons and the processing of data is permitted by law.

2.2. Legal basis for the processing of personal data

Where consent is obtained, Art. 6 (1) (a) GDPR serves as the legal basis.

For processing necessary to fulfill a contract or pre-contractual measures, Art. 6 (1) (b) GDPR applies.

Where processing is required to comply with a legal obligation, Art. 6 (1) (c) GDPR applies.

Where processing is necessary to protect vital interests, Art. 6 (1) (d) GDPR applies.

Where processing is necessary to safeguard a legitimate interest and does not override the interests or fundamental rights of the data subject, Art. 6 (1) (f) GDPR applies.

Personal data will be deleted or blocked as soon as the purpose for storage no longer applies. Storage may continue if required by European or national legislation. Data will also be deleted once legally required retention periods expire, unless further storage is necessary for contract conclusion or fulfillment.

4.1. Description and scope of data processing

Each time our website is accessed, our system automatically collects certain data and information from the user’s device. This includes in particular: - Browser type and version - Operating system - Internet service provider - IP address - Date and time of access - Referring websites - Websites accessed via our website

These data are stored in log files. The data are not merged with other personal data.

4.2. Legal basis

Data processing is carried out on the basis of Art. 6 (1) (f) GDPR (legitimate interest).

4.3 Purpose

The processing is necessary to enable delivery of the website, ensure its functionality and guarantee the security and stability of our IT systems. No analysis of the data for marketing or tracking purposes takes place.

4.4. Storage duration

The data are deleted as soon as they are no longer necessary for the purpose for which they were collected. Log files are generally deleted or anonymized after no more than seven days.

Our website uses exclusively technically necessary cookies or comparable technologies that are required to ensure the operation and basic functionality of the website. Processing is carried out on the basis of Art. 6 (1) (f) GDPR (legitimate interest in providing a technically error-free and functional website). No cookies are used for analytics, tracking or marketing purposes. Further information can be found in our Cookie Policy.

If your personal data are processed, you have the following rights under the GDPR: - Right of access to your personal data (Art. 15 GDPR) - Right to rectification of inaccurate data or completion of incomplete data (Art. 16 GDPR) - Right to erasure of your personal data (Art. 17 GDPR), unless statutory retention obligations apply - Right to restriction of processing (Art. 18 GDPR) - Right to data portability (Art. 20 GDPR) - Right to object to processing where it is based on Art. 6 (1) (e) or (f) GDPR (Art. 21 GDPR) - Right to withdraw consent at any time with effect for the future where processing is based on consent (Art. 7 (3) GDPR)

You also have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR)

The controller collects and processes personal data of applicants for the purpose of carrying out the application procedure. Processing may also take place electronically, in particular if application documents are submitted by email or via a web form. If an employment contract is concluded, the applicant’s data will be stored for the purpose of implementing the employment relationship in compliance with statutory requirements. If no employment contract is concluded, application documents will be deleted no later than two months after notification of the rejection decision, unless statutory retention obligations or legitimate interests require longer storage.

The use of contact details published under legal notice obligations for sending unsolicited advertising is hereby expressly prohibited. Legal action is reserved in the event of unsolicited advertising, such as spam emails.