Privacy Policy

Ostsee Fährlinien GmbH operates this online platform and the services available through it. This policy describes how we collect, use, and protect your personal information. Protecting your privacy is important to us, and we are committed to complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) in the European Union.

1. Identity of the Controller

The data controller responsible for the processing of your personal information is:

Ostsee Fährlinien GmbH
55 Warnowufer
Rostock, Mecklenburg-Vorpommern, 18057
Germany

2. Information We Collect

We collect personal information that you provide directly to us when you use our services, such as when you make a booking, register for an account, contact us, or use our onboard services. The types of personal information we may collect include:

• Contact Information: Name, address, email address (if provided in forms), telephone number (if provided in forms).
• Booking and Travel Information: Details about your travel arrangements (e.g., ferry route, dates, times), passenger names, vehicle details (type, registration), payment information, special requests (e.g., accessibility needs, dietary requirements).
• Account Information: If you create an account on our site, we collect login credentials and profile information.
• Communication Information: Records of your communication with us, including customer service inquiries.
• Onboard Services Data: Information related to services you use during your journey, such as onboard purchases or amenity bookings.
• Freight and Logistics Data: Information necessary for processing freight bookings, tracking shipments, managing intermodal logistics solutions, and port operations.

We also automatically collect certain technical and usage information when you visit our site, including:

• IP address
• Browser type and operating system
• Referring URLs
• Pages visited and actions taken on the site
• Dates and times of access

3. How We Use Your Information

We use the information we collect for the following purposes:

• Providing and Managing Services: To process your bookings, issue tickets, manage vehicle transport, handle freight shipping and logistics, manage port operations, and provide onboard amenities and services.
• Communication: To send you confirmations, updates about your booking, and respond to your inquiries.
• Account Management: To manage your account if you create one on our platform.
• Improving Our Services: To understand how our site and services are used and to improve our online platform, maritime transportation, and logistics operations.
• Security and Fraud Prevention: To protect the security of our services, prevent fraud, and ensure the safety of passengers and cargo.
• Compliance with Legal Obligations: To comply with applicable laws, regulations, and requests from public authorities.
• Business Operations: For internal business purposes such as data analysis, audits, and developing new services.

4. Legal Basis for Processing

We process your personal information based on the following legal grounds:

• Performance of a Contract: Processing is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into a contract (e.g., processing your booking).
• Legal Obligation: Processing is necessary for compliance with a legal obligation to which we are subject (e.g., safety regulations, customs requirements, tax obligations).
• Legitimate Interests: Processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms (e.g., improving our services, preventing fraud, ensuring network and information security).
• Consent: In certain cases, we may rely on your explicit consent to process specific types of personal information. Where processing is based on your consent, you have the right to withdraw your consent at any time.

5. Sharing Your Information

We may share your personal information with third parties in the following circumstances:

• Service Providers: We may share information with trusted third-party service providers who perform services on our behalf, such as payment processors, IT service providers, customer support providers, and operational partners involved in providing maritime transportation and logistics services. These service providers are obligated to protect your information and use it only for the purposes for which it was shared.
• Affiliated Companies: We may share your information within the Ostsee Fährlinien GmbH group of companies for operational and administrative purposes.
• Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., customs, immigration, law enforcement).
• Business Transfers: In connection with a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction.
• Protection of Rights: We may disclose your information to protect our rights, property, or safety, or the rights, property, or safety of others.

Some of our service providers or operations may involve transferring your data to countries outside the European Economic Area (EEA). When we transfer your data internationally, we take steps to ensure that your data is protected by appropriate safeguards, such as using standard contractual clauses approved by the European Commission or relying on adequacy decisions by the European Commission regarding certain countries.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. However, please note that no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

7. Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements. The retention period varies depending on the type of information and the purpose for which it is processed. For example, booking information is generally retained for a period necessary to manage the journey, handle potential claims, and comply with maritime and tax regulations.

8. Your Data Protection Rights

Under the GDPR and other applicable laws, you have certain rights regarding your personal information:

• Right of Access: You have the right to request access to the personal information we hold about you.
• Right to Rectification: You have the right to request that we correct any inaccurate or incomplete information we hold about you.
• Right to Erasure ('Right to be Forgotten'): You have the right to request the deletion of your personal information in certain circumstances.
• Right to Restriction of Processing: You have the right to request that we restrict the processing of your personal information in certain circumstances.
• Right to Data Portability: You have the right to receive your personal information in a structured, commonly used, and machine-readable format and have the right to transmit that data to another controller.
• Right to Object: You have the right to object to the processing of your personal information in certain circumstances, particularly where processing is based on legitimate interests.
• Rights related to Automated Decision-Making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

To exercise any of these rights, please contact us in writing using the physical address provided in the "Identity of the Controller" section above. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

You also have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work, or where the alleged infringement occurred, if you believe that the processing of your personal data infringes applicable law.

9. Cookies and Similar Technologies

Our site uses cookies and similar technologies to enhance your browsing experience, analyse site traffic, and for marketing purposes. Cookies are small text files stored on your device. We use both session cookies (which expire when you close your browser) and persistent cookies (which remain on your device for a set period). For detailed information about the cookies we use, their purpose, and how you can manage your cookie preferences, please refer to our separate Cookie Policy (if available, or information is provided below). By using our site, you consent to the use of cookies in accordance with this policy and our Cookie Policy.

[Note: If no separate Cookie Policy exists, a basic explanation should be included here about categories of cookies (necessary, analytical, marketing) and how users can manage them via browser settings.]

10. Children's Privacy

Our services are not directed to individuals under the age of 16, and we do not knowingly collect personal information from children under this age without parental consent. If we become aware that we have collected personal information from a child under 16 without appropriate consent, we will take steps to delete that information.

11. Links to Third-Party Sites

Our online platform may contain links to third-party websites or services. We are not responsible for the privacy practices or the content of these third-party sites. We encourage you to review the privacy policies of any third-party sites you visit.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. Any changes will be posted on this page, and the updated policy will be effective immediately upon posting. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

13. Contact Us

If you have any questions about this Privacy Policy or our data processing practices, please contact us in writing at the following physical address:

Ostsee Fährlinien GmbH
55 Warnowufer
Rostock, Mecklenburg-Vorpommern, 18057
Germany