The protection of your personal data is very important to us. With the help of high data protection standards we accept the responsibility of processing your data securely, no matter which of our services you use.
The aim of this privacy policy is to provide the highest possible level of transparency and information on the processing of your personal data by DPD Deutschland GmbH.
DPD Deutschland GmbH with its registered office at Wailandtstraße 1 in 63741 Aschaffenburg (referred to below as DPD) is - together with other companies referred to below as DPD Group - part of Geopost (legal notice), a subsidiary of France's La Poste (legal notice).
As a provider of postal services, it is the primary task of DPD to apply the very latest technical standards in delivering shipments on behalf of shippers securely and reliably to consignees. As a company governed by private law, DPD is subject to the data protection provisions of the EU General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG-neu), the Postal Act (PostG) and the Universal Postal Services Ordinance (PUDLV).
These legal requirements must be complied with in the same ways as the confidentiality, availability and integrity of the data entrusted to DPD must be maintained in accordance with the latest technical standards.
For these reasons DPD usually processes your data on the basis of
6 Para. 1 (a) GDPR (consent)
6 Para. 1 (b) GDPR (contractual relationships)
6 Para. 1 (c) GDPR (legal requirements)
6 Para. 1 (e) GDPR (public interest) and
6 Para. 1 (f) GDPR (legitimate interest) and
26 BDSG-neu (employee data) and
§64, §67-§70 PostG (shipment, accounting and inventory data).
You will find more information below and within the descriptions of the individual services.
If you have any questions about parcel shipping, please use our contact form.
To exercise your rights under Art. 15-22 GDPR or to report a data breach, please use the data protection form. (Please note: this form is not suitable for questions about parcel shipping or DPD's services.)
The supervisory authority responsible for DPD for the provision of postal services is:
The Federal Commissioner for Data Protection and Freedom of Information.
Department 22, P.O. Box 1468, 53004 Bonn
The competent supervisory authority for other data processing by the data controllers mentioned is:
Bavarian State Office for Data Protection Supervision (BayLDA)
P.O.Box 1349
91504 Ansbach
DPD processes personal data mainly for the purpose of fulfilling transport services on behalf of shippers. You can download our privacy policy for parcel shipping here as a PDF document . Subject to your consent, data is also occasionally processed for advertising purposes and to optimise our online and delivery services. Data processing is also carried out for the purpose of invoicing you for our services and for processing the salaries and social security contributions of our employees.
DPD receives data for processing from various sources and for various purposes.
If you are a shipper DPD receives your data when you contact us, visit one of our shipping websites or ship parcels with us. For this purpose DPD and its affiliated companies in the Geopost Group saves your invoice address, details of pickup times, contact persons or selected/offered products. As a rule DPD receives this data directly from you, or in rare cases you are brought to our attention via the Internet or our sales partners.
If you are a consignee DPD receives your data from shippers. They provide us with your data, as well as information about the parcel, notification instructions, and possible ID documentation data mainly in electronic form, via their own shipping systems or shipping systems made available by DPD. They normally do so in that they have entered into a contractual relationship with you in accordance with Article 6 Para. 1 (b) of the GDPR. In addition, DPD receives your data from other providers of postal services which act on DPD's behalf in delivering shipments, e.g. if the shipment comes from abroad and if a different provider of postal services which cooperates with DPD has been entrusted with the delivery there.
DPD processes your personal data as an alternative consignee within the scope of § 68 of the Postal Services Act. For the purpose of ensuring a functioning postal system, this authorises the processing of personal data in matters of special public interest within the meaning of Art. 6 Para. 1e of the GDPR. This also includes the authorisation in accordance with § 68 Para. 3 sentence 1 of the Postal Services Act to process the personal data of alternative consignees (neighbours or other third parties), insofar as this is necessary for the proper delivery of postal shipments.
The processing primarily serves the purposes of documenting the delivery, providing (potential) proof of delivery to the parties involved (sender, consignee, alternative consignee) and informing the actual consignee about the party from whom the shipment can be collected.
As a system partner, parcel shop operator or delivery driver you provide DPD with your data when you contact DPD or a system partner and would like to work for DPD. Due to various legal requirements and a specific legitimate interest, DPD is obliged to request some further information about you. This ranges from evidence of reliability to insurance cover, the vehicles used and existing licences or other information.
As a website visitor, you transmit your data via various functions on the DPD website. For this purpose DPD sets cookies or requests information directly from you. The main purpose of this is to optimise the presentation of the website or to introduce you to various services. You have the option at any time of restricting or deactivating these services by making an appropriate selection or clicking on a link. (On this subject please see: Web analysis, cookies and advertising).
As an applicant, you transmit your data when you contact DPD and send us your application documents. DPD uses this data exclusively for its own purposes. (Vorschlag: DPD uses this data exclusively for the purpose of processing the application.
Sie als Bewerber übermitteln Ihre Daten, wenn Sie mit DPD in Kontakt treten und Ihre Bewerbungsunterlagen zukommen lassen. DPD verwendet diese Daten ausschließlich für eigene Zwecke.
As an application developer and partner to DPD, you submit your data for the purpose of registering on the eSolutions portal.
DPD transfers your data to various bodies. However, only for the intended purposes.
DPD transmits the data of shippers mainly to the depots which are responsible for the collection and delivery of shipments, and to the system partners and delivery drivers involved there.
To assess the creditworthiness of (new) customers and service providers DPD uses probability values based on automated mathematical-statistical procedures (scoring). These are determined by reputable credit agencies and trade credit insurers on our behalf. For this purpose, we pass on data to these service providers on the basis of corresponding contractual agreements that have been reviewed in accordance with data protection law. In order not to unreasonably disadvantage your interests in individual cases with the credit assessment, DPD carries out a balancing of interests.
DPD transmits consignee data exclusively to the relevant system partners, parcel shops and delivery drivers (or other postal service providers required for delivery). The data always remains in DPD's systems. If a parcel is damaged, DPD also transfers the data to its insurers.
Shipment data or details of the contents of shipments will only be transmitted or made available to third parties in exceptional circumstances. Such third parties are above all the customs authorities, the state prosecution service or insurance companies. You can obtain information about the status of shipments at any time via the DPD app or the tracking functions on the DPD website. This information is only available to authorised users and can only be obtained by the entry of the consignee postcode and the parcel number.
Application documents are only sent to the departments concerned or, in the case of applications as delivery drivers, to DPD's system partners if the applicant has provided the appropriate consent.
In order to maintain our privileged customs status as an "authorised economic operator (AEO)" and to avoid penalties for breaches of the EU counter-terrorism regulations (EC 881/2002 and 2580/2001) and the Foreign Trade and Payments Act (AWG), at defined intervals DPD checks the names and address data of consignors, consignees, partners and employees against the official sanctions list databases.
Occasionally DPD also uses service providers to carry out specific tasks and activities. Unless they are sub-contractors in the logistics chain, all service providers are bound by our specifications for processing the data by means of a processing contract. DPD does not rent, lend or sell personal data to third parties. However, it is possible that data is passed on to affiliated companies, as is joint processing/controllership of data in accordance with Art. 26 of the GDPR.
Data on international shipments may also be processed in a non-EU country, i.e. forwarded to a country outside the European Union (EU)/European Economic Area (EEA) or accessed from there. This data transfer is necessary for the fulfilment of the relevant transport contract (e.g. delivery, customs clearance). If transfer to a non-EU country takes place by the controllers, this only takes place on the basis of the DPD privacy policy, EU standard contractual clauses or within the framework of the exemptions provided for by the GDPR.
Like all other companies under private law, DPD must comply with various obligations regarding the storage of data. These include, above all, the retention periods in accordance with Germany's tax code, e.g. for consignment notes, delivery lists, delivery tour schedules and out-for-delivery processing lists, damage reports, liability records, invoices and balance sheets. In addition, for security reasons we keep tracking data of parcels for different periods, ranging from 30 to 180 days per platform.
In the absence of consent to a longer storage period, job application documents will be deleted in accordance with data protection legislation at the latest within six months after the rejection of the application.
DPD account data is deleted 2 years after deactivation. Objections to delivery notifications (Predict) are kept in a blocking list until the objection is revoked.
For the storage period of cookies, please refer to the table on cookies set in Web analysis, cookies and advertising.
Under the name "myDPD" DPD provides digital platforms on web servers or mobile terminals which enable shippers and consignees to send parcels and to monitor or manage their delivery. These functions are referred to below as the "service" or "services". myDPD distinguishes between private and business use of the services.
Basically the service can be used without registration. To be able to use the convenience functions, however, registration is required. This is done either by registering via the service with an email address and password or by using an existing Facebook or Google account. DPD does not transmit any parcel information to Facebook or Google in this respect, and only uses these services for authentication purposes. After authentication, a uniform DPD account is created for all our services. Business customers need to request their access data directly through their sales contact.
DPD Group processes information about the location, time and deliverability of your parcels, for example in order to improve our operational processes or to point out suitable optimisation opportunities to you. This data is processed in accordance with Article 6 Para. 1 (f) of the GDPR.
If you use your Apple ID when logging in to DPD, you can register or log in with your Apple account. You will then be forwarded to the Apple website. For the iOS app the process takes place entirely within the operating system. For the login you will need the email address which is stored with Apple. This is required for identification purposes in order to create a secure DPD account for you and is stored with us. Your Apple profile and your DPD account are permanently linked via the email address. You can remove this link at any time on the Apple website.
DPD never learns your Apple access data. You can read how Apple handles privacy settings in the Apple data protection notices, which also include the valid regulations governing this possibility of logging in and registering with DPD.
Facebook Connect is a service from Facebook Ireland Limited (Hanover Reach, 5-7 Hanover Quay, Dublin 2, Ireland). Its use is voluntary and optional. When using Facebook Connect, Facebook profile data and public data from your Facebook profile are transferred to DPD. We use and process your first and last name, gender, age, home town, email address, and Facebook ID for simplified registration to use the Parcel Navigator. If you are already a DPD customer, only the Facebook ID will be processed. Your Facebook account is linked to the DPD account via the Facebook ID. This makes it possible for you to register for the service using your Facebook access data via the "Login with Facebook" button. In addition, every time you log in, Facebook will know that you are using the DPD service. The link to Facebook can be revoked at any time on Facebook itself. Please also read Facebook's privacy policy on this subject.
The same applies to the use of the Google login as to the use of the Facebook login. This Google service is provided by Google Inc. (Google; Amphitheatre Parkway, Mountain View, CA 94043, USA). Registration and use of Google's services are subject to Google's Privacy Policy and Terms of Use, which you can view at www.google.com/intl/de/policies/privacy.
If you use the netID button when logging in to DPD, you can register or log in with your netID account. You will then be redirected to the netID website. Your email address, which is stored with netID, is required for the login. This is necessary for identification in order to create a secure DPD account for you and is stored with us. Your netID profile and your DPD account will be permanently linked via the email address. You can remove this link at any time on the netID website.
DPD does not learn your netID access data at any stage. You can read how netID handles privacy settings in the netID privacy notices; these are also the applicable requirements for this possibility for logging in and registering with DPD.
DPD processes the following data from you in order to provide the relevant services and information: email address, mobile phone number, password, a standard postcode (usually your consignee postcode), Predict status (whether you want parcel notifications or not), the names of the devices you use, and shipment related information from our delivery systems.
Whether or not our service may send you messages is up to you to decide on the settings of the app in your mobile device, or in the user account of the services.
When a parcel has been successfully delivered, the consignee has the opportunity to rate our service. The data on customer satisfaction is required for the purpose of constantly adapting our work to the needs of our customers and market developments. In order to improve our products and quality, the rating is determined in conjunction with the parcel label number from the delivery. If the rating of our service has been saved, there is also the option to give a rating on Google. After clicking on the "Rate on Google" button, the user is then redirected from the DPD platform to the Google website via a link.
When a parcel has been successfully delivered and this has been rated positively by the consignee, there is the option of giving the delivery driver a digital tip via PayPal. A requirement is that the delivery driver has registered for the tipping function. Here the user can select an amount and is then redirected by the DPD platform to the PayPal website, where he or she has to log in with the relevant PayPal access data. After logging in the user is shown the transaction details (account linked to PayPal and the amount of the tip). After confirming the transaction on the PayPal website, the user is redirected back to the DPD platform, where he or she has to confirm the payment details for the tip once more. A click on the button "Pay now" triggers the transaction in which the user gives the delivery driver the tip. Finally the user is shown a page which confirms the successful transaction.
The platform makes it easier for shippers to transfer data to DPD as part of their shipping orders and to manage the necessary addresses. DPD uses this data exclusively for shipment processing as described under the "DPD parcel delivery service". The basis for the use of the platform is the transfer of data for the performance of postal services in accordance with Art. 6 Para. 1 (b) of the GDPR and the Postal Act on the basis of the resulting shipping order.
If you have previously given us your consent under your "Profile" or have not objected (where required by law), DPD also processes and uses this data for its own product-related information, surveys, competitions and marketing purposes. Service providers are also used for this purpose. These work exclusively in accordance with our instructions under the terms of contract processing in accordance with Art. 28 et seq. of the GDPR.
With your consent we at DPD Group also process information about your user behaviour and your shipping activities in order to provide you with relevant and interesting promotional offers from us or our partners. Until you revoke it this processing takes place on the basis of your voluntary consent in accordance with Art. 6 Para. 1 (a) of the GDPR.
As with our website, we use so-called cookies in several places in the tools. They serve to make our offering more user-friendly, effective and secure. How we use cookies and how you can prevent this is described under "Web analysis, cookies and services by third parties". These serve primarily for the quality assurance of the platform and for the maintenance of IT security.
DPD processes the data stored on the platforms only as long as it is legally required. Sometimes you can delete the data yourself (if this does not violate legal retention periods). We will maintain your myDPD account until you delete it yourself under your "Profile". Shipment data is stored in varying levels of detail between 40 days and 10 years. We keep invoice information for 7/11 years.
In order to optimise our service DPD applies Google Analytics and Matomo. Details on the use of these services are described above under Web analysis, cookies and third-party services. DPD only makes data from the use of the services and about the service itself available to authorised internal users.
The chat function enables logged-in business customers to get in touch with our employees in almost real time. When the chat request is sent, the following partly personal data is collected:
date and time of the request
specified name
if provided voluntarily: email address, parcel number, invoice number
customer number
content of the communication
Depending on the course of the conversation, the communication may require additional personal data that you enter in the chat. The nature of this data depends largely on your enquiry and on the matter which you wish to discuss. The purpose of processing this data is to enable a quick response to your enquiry and its content.
DPD stores the chat history for a period of six months, after which the data is automatically archived.
The data is processed primarily for the fulfilment of the contract in accordance with Art. 6 Para. 1 (b) of the GDPR, and for the protection of legitimate interests in accordance with Art. 6 Para. 1 (f) of the GDPR. A legitimate interest on the part of DPD is in particular to ensure smooth processing and service, and to improve this on a permanent basis.
When you visit our websites https://business.dpd.de and https://portal.dpd.de/home_mydpd.aspx, the chat widget is loaded in the form of a JavaScript file. The chat widget technically represents the source code that is executed on your computer and enables the chat.
DPD stores the chat history for a period of six months, after which the data is automatically archived.
In order to deliver shipments correctly to the correct consignee DPD requires various data which is usually provided by the shipper. In addition to details of the address, parcel type and parcel shipping options, this may also include further information, e.g. on the notification of delivery to the consignee. In the case of a third-party delivery to a neighbour, the name and street including house number of the neighbour will be displayed and processed on our platforms.
The provisions of Section 68 of the Postal Services Act (PostG) allow the processing of personal data to ensure a functioning postal system and are thus in the special public interest as defined by Article 6 Para. 1 (e) of the GDPR. This also includes authorisation under § 68 Para. 3 Sentence 1 PostG in conjunction with. §3 PUDLV to process the personal data of substitute recipients (neighbours or other third parties), insofar as this is necessary for the proper delivery of postal items.
With our free DPD parcel notification consignees are informed about the expected delivery day and delivery time for parcels ordered for delivery to their home address. In addition, we inform consignees in the event of delays in delivery or if the consignee can't be located during delivery.
In order to be able to send parcel notifications to consignees by email or text message, DPD requires the email address or mobile phone number of the consignee. The "parcel notification" component of the service is activated as part of the contract upon registration with DPD. In order to fulfil the contract, the email address is processed for the purpose of parcel notification on the basis of Art. 6 Para. 1 (b) of the GDPR.
If the consignee is not a registered DPD customer, DPD receives the consignee's email address from the shipper of the parcel. The shipper is responsible for the correctness of the email addresses and telephone numbers of its customers (consignees) provided to DPD with regard to spelling, syntax and allocation to a specific shipment. If DPD receives requests from the consignee to block the sending of information by email or text message, DPD is obliged to take this objection into account and to discontinue this service to the consignee concerned.
Consignees who wish to block their email address for the Predict service should send an informal notice of cancellation to [email protected] indicating their name, address and the email address which is to be blocked. The effect of blocking the email address will be that the consignee will receive no further email notifications from DPD relating to shipments. In this case the consignee's email address is recorded in a separate list to ensure that no further messages are sent to this email address. In view of the large amount of consignee data and the fact that DPD does not store such data permanently, this can only be achieved by means of such a blocking list. The data is stored permanently on the blocking list. The basis for the processing is Art 6 Para. 1 (f) of the GDPR with the legitimate interest on the part of DPD in not sending notifications against the will of the consignee. Objections to DPD parcel notifications sent by the shipper must be sent directly to the shipper. These are outside DPD's area of responsibility. The shipper is not notified of the blocking.
The legal basis for the forwarding of the email address by the shipper to DPD is usually the consignee's consent to the shipper in accordance with Art. 6 Para. 1 (a) of the GDPR. The subsequent processing of the email address by DPD is exclusively shipment-related for the purpose of parcel notification and the customer-friendly organisation of the delivery time and place on behalf of the data subject (consignee).
The data is processed primarily on the basis of Chapter 7, Sections 2 and 3 of the Postal Services Act, Article 6 Para. 1 (e) and Article 6 Para. 1 (f) of the GDPR. A legitimate interest on the part of DPD is in particular that the processing meets the form which is generally approved by the legal system and which is socially acceptable.
With each parcel notification the consignee receives an objection option via which future parcel notifications can be excluded.
As part of the parcel information and parcel delivery notification, the shipper can also send its customers information about itself in the form of customer banners. In addition to the company name and address, the banners may contain the company logo, the website URL and a company-related slogan/claim, but no additional advertising content in the form of text or images. The logos are provided via the Google AdManager order processing functions. DPD assures shippers that it will not send any advertising of its own to their consignees.
Our data protection assessment on Predict / GDPR can also be downloaded as a PDF document .
Suggested text for instructions in the privacy policies of DPD’s shipping customers from 25.5.2018:
”During shipping operations we transmit, on the basis of Art. 6 (1f) of the EU’s General Data Protection Regulation, your data (name, address, if necessary email address and/or mobile phone number for notification options and re-directions, together with further shipment-related data) to our shipping partner DPD Deutschland GmbH. You can reject the transmission of supplementary information such as email or mobile phone data both via our contact form and with DPD direct under [email protected] or, in the case of all parcel notifications, via a link.“
As part of DPD’s Predict-Service, consignors can also provide customers with information about themselves in the form of banner advertising. In addition to the company name and address, the customer’s banner can contain the company logo, the website URL and a company slogan/claim, but no advertising content that goes beyond this in the form of texts or images. DPD undertakes towards shipping customers not to send any advertising of its own to their customers (consignees).
Consignees who wish to block their email address for the Predict-Service should send an informal notice of cancellation to [email protected] indicating their name, address and the email address which is to be blocked. The effect of blocking the email address will be that the consignee will receive no further email notifications from us relating to shipments.
If you decide that you no longer wish to receive email notifications from DPD, we will put your email address on a separate list to ensure that no further messages are sent to you. In view of the large amount of consignee data and the fact that DPD does not in principle save this data in the long term, this can only be achieved by means of a blocking list. The data is saved permanently on the blocking list. The basis of the processing is Art. 6 I f) GDPR, with the legitimate interest on the part of DPD being not to send any notifications against the will of the consignee.
When you send us your online application you declare your consent to the electronic processing of your data, as described below.
As part of the application procedure, the DPD group of companies only records and processes the personal data which you submit to us or have entered in the application form.
Access to your data is only provided to such persons who have been trained in the relevant aspects of data protection and data security, and are subject to a contractual obligation of non-disclosure. The data which you make available in a concrete application is only seen by such persons who are responsible for filling the relevant vacancy. These are in particular HR staff within the company to which you apply, as well as any potential line managers.
Of course your data will not be used for any other purposes than for the application procedure, and will never be used for advertising purposes. Under no circumstances will your data be passed on to companies or persons outside the DPD group of companies.
Beyond the application procedure itself your application data may only be made available to other companies in the DPD group of companies for the purpose of filling other possible vacancies. If you do not agree to this, you can revoke your consent by sending an email to [email protected].
A variety of security procedures are used to protect the application data which is collected. The use of the latest technologies such as secure servers, firewalls and the encryption of application data protects against unauthorised access to your personal data. The security standard involved is continuously reviewed and adapted to the latest technological developments.
Data which is provided in connection with a specific unsuccessful application for an advertised vacancy is deleted six months after the applicant has been notified. Applications which are included in the pool of applicants are automatically deleted after one year.
You of course have the option of submitting your application documents to us on paper instead of electronically. However, please note that we do not return written application documents, and subsequently destroy them in accordance with data protection regulations.
Applicants have the right to revoke their consent to the application process at any time. They can also request information about the data stored by DPD. To exercise these or other data protection rights, please contact [email protected].
As DPD employs only a few of its own delivery personnel, application data is forwarded to suitable system partners after it has been evaluated. By giving your consent at the end of the data collection process, you as an applicant agree to this forwarding of the data collected. DPD itself deletes your data after 6 months.
A precondition for suitability as a DPD system partner is a valid business licence and road haulage permit for the persons/company involved. DPD uses data entered in the application process for a preliminary classification and then contacts you directly as a business. The data is used by DPD exclusively for the selection and screening process, and is deleted after 6 months if you are not accepted as a system partner.
As part of our search for suitable candidates, we research job platforms. With the help of automated searches, we use the personal data published by potential candidates to check whether the person is a good fit for us and to make contact if necessary. However, no automated decision is made. This data is deleted after the selection process has ended, unless an application process follows. The basis for the research is our legitimate interest in filling vacancies with suitable persons. You have the right to object.
To assess the creditworthiness of new customers DPD uses a probability value (scoring) based on automated mathematical-statistical procedures from e-crefo GmbH, Hellersbergstraße 12, 41460 Neuss for business customers, and from Creditreform Boniversum GmbH, Hellersbergstraße 11, 41460 Neuss for private customers. This information is used as a decision-making aid. Subjective value judgements or personal financial circumstances are not requested. Data is only stored and transmitted if this is necessary to protect the legitimate interests of DPD. In the event that insufficient data on the company concerned is available at e-crefo GmbH at the time of the enquiry regarding business customers, for the purpose of making individual decisions a probability value relating to the owner or managing director of the company concerned is also requested from Creditreform Boniversum GmbH, Hellersbergstraße 11, 41460 Neuss. In order not to unreasonably disadvantage your interests in individual cases with the creditworthiness check, DPD weighs up the interests involved. If the credit check is negative, DPD reserves the right to change the terms of payment or to subject the cooperation to monitoring.
If you use contact forms to contact DPD in electronic form, your voluntarily provided personal data will be collected and stored.
DPD uses the personal data provided by you exclusively for the purpose of answering your inquiry and fulfilling your requirements.
The processing of the personal data from the contact form serves DPD primarily for the purpose of responding to the establishment of contact. The data is processed for the fulfilment of the contract in accordance with Art. 6 Para. 1 (b) of the GDPR, as well as for the protection of legitimate interests in accordance with Art. 6 Para. 1 (f) of the GDPR. A justified interest on the part of DPD is, in particular, to ensure efficient processing and service, and to improve these on a permanent basis.
Your data will be stored as long as it is necessary to process the relevant contact enquiries.
DPD distinguishes between the following applications of video technology
camera systems for the purpose of parcel tracking (in the vicinity of sorting facilities) and
the use of video systems for site and building surveillance
These are then used for the following purposes:
Parcel tracking for error detection and error correction in parcel handling on the conveyor equipment and the infeed and outfeed points to the system
Security within the company
Safeguarding of domiciliary rights and property security against burglary, theft, vandalism and unauthorised entry
Compliance with the requirements of the customs AEO-F certification to maintain the status of an authorised economic operator.
The underlying legal basis for purposes 1, 2 and 3 is provided by Art. 6 Para. 1 (f) of the GDPR and in the case of postal secrecy by §64 of the Postal Services Act (PostG) as well as Art. 6 Para. 1 (c) of the GDPR, the Customs Code Implementation Decree (based on the EU Customs Code / Regulation (EU) No. 952/2013) and by the conclusion of works agreements with the relevant works councils based on §26 of the Federal Data Protection Act (BDSG) or the Works Council Constitution Act (BetrVG).
The storage period of the recordings is 40 days, for still images it is 12 months and in DPD stores 72 hours.
You have the option of subscribing to our free newsletter by email. The newsletter will keep you informed on a regular basis in order to provide you with offers and services tailored to your interests and preferences, as well as targeted tips on our products and services.
When you register for the newsletter, the personal data to be entered is transmitted to us from the input mask. For this purpose you have to enter your email address as a mandatory field. The purpose of collecting the email address is to ensure that emails are delivered correctly. In some cases, further voluntary details are requested for the individual dispatch of information such as your surname, first name and address data. In addition, your IP address and the date and time of the enquiry are automatically collected and stored.
When you sign up for our newsletter for the first time, a confirmation email will be sent to the email address you have provided. This confirmation email contains a link that you have to click on in order to confirm your registration. This so-called double opt-in procedure serves to check whether the owner of the email address has actually authorised receipt of the newsletter and agrees to receive this newsletter.
All registration processes are logged, so that it can be proved that the registration process was implemented in accordance with the applicable legal requirements. This includes the storage of the times of registration and confirmation, as well as the data transferred to us.
If consent has been provided by the user, the legal basis for the processing of the data after registration by the user for the newsletter is Art. 6 Para. 1 (a) of the GDPR.
We use the services of external service providers for the dispatch and evaluation as well as for the technical processing of our newsletters. These services are under an express obligation to comply with data protection regulations on the basis of Art. 28 of the GDPR.
DPD records your use of our newsletter, such as when emails are opened or clicked on, using tracking technology provided by the service provider.
On this basis the service provider can create reports for us on the success or failure of an email campaign, so that we can optimise the content of our newsletter. If the user has given his or her consent the legal basis for the processing of data in this context is Art. 6 Para. 1 (a) of the GDPR.
The personal data which is processed in the context of the subscription to and the dispatch of the newsletter is stored by us for as long as the subscription to the newsletter is active. You can cancel your subscription to the newsletter and your consent to the processing of your data for the above-mentioned purposes at any time by using the unsubscribe link provided in the newsletter, or by sending an email to [email protected].
A separate revocation of your consent with regard to the described tracking process only is not possible. However, you have the option of configuring the email programme you use so that emails are displayed in text form and not in HTML format. This hides image and graphic files so that tracking is not possible. In these cases, however, the newsletter will not be displayed in full and you may not be able to use all the available functions.
The eSolutions portal offers solutions for various DPD services. Various DPD shipping applications and interfaces as well as information on the offers of DPD's partners are available to consignors and consignees. In addition, DPD offers documentation and implementation guides to all application developers who want to access our systems. Test systems are also available for DPD web services, for example to use the cloud parcel label printing function.
Additional personal data such as your name, address, telephone number or email address will only be recorded if you provide this information for the purpose of registration on the portal. A distinction is made between mandatory data, which is necessary for the correct communication, verification of user authorisation and information about the services used, and further voluntary data. This may help to improve services and the associated information. This voluntary information is also explicitly marked as such. When using the forum provided by DPD it may also be possible to provide additional profile data such as photos or descriptions of your profile, e.g. skills. This is also voluntary. Please note the rules of use in the DPD terms of use for the forum.
If you have given us your consent or - insofar as stipulated by legal regulations - if you have not raised an objection, DPD will also use this data for its own product-related surveys and marketing purposes. As with its website, DPD uses so-called cookies in several places in the tools. Cookies serve to make our services more user-friendly, effective and secure. How we use cookies and how you can prevent this is described under Web analysis, cookies and third-party services.
If you log into DPD's portal to use our services or request information about the services or use our test servers, these activities are logged for security purposes within the framework of our security concept on the basis of Article 6 Para. 1 (f) of the GDPR. Only a few administrators are allowed access to it and the logs are used exclusively for the prosecution of criminally relevant enquiries.
DPD Deutschland GmbH provides you with a chatbot and an email bot to answer your enquiries about specific products and services quickly and effectively.
In addition, depending on the context, the chatbot or email bot is used to provide automated or semi-automated responses to customer enquiries by means of templates, to provide links to relevant websites, and to recommend alternative contact channels.
Depending on the nature of the individual enquiry, the following categories of data can be processed as part of the chat and email bot functionalities:
shipment number (including internal shipment data)
name
address
email address
phone number
The data is stored in the DPD data centres in Germany and France for a period of six months. The data is then automatically deleted. However, there is also the option of early deletion on request. The data will not be passed on to third parties. If the information collected in this way is related to a person, it is processed in accordance with Art. 6 Para. 1 lit. f of the GDPR on the basis of DPD's legitimate interest in providing an effective customer service.
Usage data is anonymised and used in order to manage and improve our business and service processes. This includes, for example, analysing frequently occurring concerns about specific products or checking the processing time required for enquiries. The legal basis for the anonymisation is our legitimate interest in the management and improvement of our business and service operations in accordance with Art. 6 Para. 1 Sentence 1 lit. f of the GDPR.
DPD enables shippers to send video messages to consignees in the course of delivering parcels. The video player used for this purpose processes your data so that the video display can be personalised for you automatically and in real time. The following information may be collected:
first name and surname
email address
locational information
IP address
URL and domain you originated from
page views and length of stay
dates and time when the page is accessed
Customer access log information (including IP addresses and the date and time of access to our app) is retained by DPD for security purposes for two weeks and then automatically deleted.
Information on the access logs of visitors viewing the videos on customers' websites (including IP addresses and date and time of access to our app) is retained to allow a full understanding of the number of views of the videos. This data is deleted on a monthly basis.
If you give your consent you may be contacted for market research purposes - including a customer satisfaction survey on the above-mentioned services and products. For this purpose, your data as well as information on the use of the relevant services will be processed. All personal data provided by you when answering questions is considered to have been submitted voluntarily and will be processed in accordance with local legislation. The legal basis for this data processing is your consent in accordance with Art. 6 Section 1 (a) of the GDPR.
In the event of unsubscription from email communication or revocation of consent, the corresponding data will be removed from the distribution list or blocked and no longer processed for these purposes.
DPD uses the services of external service providers who are expressly obliged to comply with data protection requirements on the basis of Art. 28 of the GDPR, both for the distribution and evaluation as well as for the technical processing of our surveys.
Participation in prize competitions takes place on the basis of the individual terms of the competition.
In addition to Art. 6 Para. 1 (b) of the GDPR, the legal basis for processing your data is also Art. 6 Para. 1 (c) of the GDPR in conjunction with possible tax law requirements. Your data will be used exclusively to determine the prize and for information and delivery relating to the prize and, unless we have your consent to the contrary, will be deleted after 30 days or after expiry of the statutory retention periods.
If you have given DPD consent in accordance with Art. 6 Para. 1 (a) of the GDPR to use your data for advertising purposes in the context of the competition, you can object to this use at any time. Simply send an email to [email protected] or use our online form. Your other rights according to Art. 15-21 GDPR remain unaffected.
With DPD's shipment tracking and Live-Tracking service, consignees and shippers can track the status of shipments addressed to them or shipped by them at any time and view the estimated time of delivery.
To display the current status of the shipment in tracking, the parcel label or reference number and the appropriate postcode simply have to be entered. In addition, other important detailed information about the shipment is displayed.
The shipper or consignee can also receive further information about the consignment in question by email or text message.
For this purpose the relevant email address or mobile phone number can be stored for the recipient of the notification - by the recipient himself/herself or with his/her consent - and the notification can be activated.
For this purpose, within the scope of tracking the following data may be processed: shipment number, name and address of the shipper, name and address of the consignee, if applicable the email address and telephone number of the shipper / consignee, if applicable the name and address of the substitute consignee, e.g. in the case of a redirection or neighbourhood delivery, the customer data of the shipper, the product or service designation, the status of the shipment, the signature of the consignee.
In addition, the route of the parcel on the day of delivery can be tracked live on a map using the Live-Tracking service. The data is processed for this purpose to fulfil the contract with the shipper in accordance with Art. 6 Para. 1 (b) of the GDPR and also on the basis of Art. 6 Para. 1 (e) of the GDPR (ensuring a functioning postal system) in conjunction with Chapter 7, Sections 2 and 3 of the Postal Services Act (PostG) for the provision of the postal service and to prove that the service has been properly provided. Please also see "Parcel information and parcel delivery notification".
DPD uses Google Maps from Google Inc. (Gordon House, Barrow St, Dublin 4, Ireland) on the website and in the Parcel Navigator app to display parcel shops in your vicinity or, if applicable, the route to them, or to display the route of your parcel to you as part of a delivery using the Live-Tracking service. For this purpose, the following data is transmitted to Google Inc:
Referrer (address of the site on which Google Maps is used)
The user's IP address
Google account (if the user is registered with Google, this will be recognised and assigned). The registration and use of Google's services are subject to its privacy policy and terms of use, which you can view at https://www.google.de/intl/de/policies/privacy.
The browser used and browser preferences such as browser size and resolution, browser plugins, date, language setting and a unique ID
User location: only if the user has explicitly confirmed the browser request "Do you wish my.dpd.de to be able to access your location?"
The data processing is based on Art. 6 (1) lit. f of the GDPR. DPD has a legitimate interest in displaying the DPD parcel shops/parcel locker stations as well as the delivery address in the best possible way for customers. In the location search, only the search address entered by the user is passed on. DPD does not link or store the search entry with the user data. The purpose for which and the extent to which the data is collected and processed in Google Maps can be seen in the provider's privacy policy. There you will also find further information on your rights and possible settings to protect your privacy: https://www.google.de/intl/de/policies/privacy.
Our privacy policy is reviewed on a regular basis.
DPD reserves the right to amend its privacy policy at any time with or without prior notice. It is therefore recommended that you inform yourself regularly about any changes. By using the DPD website you accept the terms of this privacy policy.
No liability is assumed for translations of the privacy policy into other languages. The German text is the authoritative version.
On the basis of the General Data Protection Regulation (GDPR), you have the following rights as a data subject. In order to request information, correction, objection or deletion in relation to your data, simply use our Data protection form and select the appropriate option there.
With effect for the future you have the right to revoke your consent to the processing of your personal data at any time. You can do this either directly in our systems (Parcel Navigator/website/app, myDPD) or via our consent management tool ("Cookie management" on the website).
On grounds relating to your particular situation, you have the right to object at any time to the processing of personal data relating to you that is carried out on the basis of Art. 6 Para. 1 (e) (data processing in the public interest) or (f) (data processing on the basis of a balance of interests) of the GDPR.
This also applies to profiling based on these provisions within the meaning of Art. 4 Para. 4 of the GDPR.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or where the processing serves the purpose of asserting, exercising or defending legal claims.
Notwithstanding Directive 2002/58/EC, you are free to exercise your right to object in the context of the use of information society services by means of automated procedures using technical specifications.
You have the right to request that the personal data relating to you should be deleted immediately if one of the reasons provided for by law applies and the processing or storage is not necessary.
Please note: DPD usually receives the shipping data from the shipper and does so anew with each shipment. Consequently, the shipper is primarily a better point of contact for the deletion of delivery addresses.
You have the right to obtain from us, at any time and free of charge, information about the personal data stored about you, as well as a copy of this data in accordance with the applicable legal provisions.
You have the right to request the correction of incorrect personal data concerning you. You also have the right to request that incomplete personal data should be completed, taking into account the purposes of the processing.
Please note: DPD usually receives the shipping data from the shipper and does so anew with each shipment. Consequently, the shipper is primarily a better point of contact for the correction of delivery addresses.
You have the right to request the restriction of processing if one of the relevant legal requirements is met.
You can exercise this right with DPD, for example, if you do not wish to receive shipping information from us by email/text message. For this purpose, we store your email address or telephone number in a blocking list, as we receive this data from the shipper again and again with each shipment and cannot prevent this.
You have the right to receive any personal data which you have provided to us, in a structured, standard and machine-readable format. Unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us, you also have the right to transfer this data to another controller without hindrance from us, provided that the processing is based on consent in accordance with Article 6 Para. 1 (a), Article 9 Para. 2 (a) or on a contract in accordance with Article 6 Para. 1 (b) of the GDPR, and the processing is carried out with the aid of automated procedures.
In addition, in exercising your right to data portability in accordance with Article 20 Para. 1 of the GDPR, you have the right to have your personal data transferred directly from one controller to another controller where this is technically feasible, and provided that this does not adversely affect the rights and freedoms of other individuals.
You have the right to request confirmation from us as to whether personal data relating to you is being processed.
You have the right to complain about our processing of personal data to a supervisory authority responsible for data protection.
The supervisory authority responsible for postal services is:
The Federal Commissioner for Data Protection and Freedom of Information.
Department 22, P.O. Box 1468, 53004 Bonn
When you visit this website, data which could possibly permit identification is temporarily stored on our web servers. The following data is collected:
the IP address,
host name of the accessing computer,
the website via which you accessed the DPD website,
the sub-pages of the DPD website which you have visited,
the date and the length of stay
a message confirming successful access,
the volume of data transferred
the type of browser used and
the operating system.
Other personal data such as your name, address, telephone number or email address are not recorded. An exception to this is if you provide this data of your own accord, for example by filling out an online contact form, registering, taking part in a survey or entering into a contract.
The temporary storage of this data is necessary in order to enable the trouble-free provision of the website. In order to ensure the functionality of the website and the security of the information technology systems, further storage is implemented in log files. These purposes also include the legitimate interest in data processing. The data is processed on the basis of Art. 6 Section 1 (f) of the GDPR.
DPD uses various technologies to evaluate the use of our website and to display advertising. This is done either on the basis of our legitimate interest in optimising the web service for you in accordance with Art. 6 Section 1 (f) of the GDPR, and in accordance with Art. 28 of the GDPR which covers contract processing involving appropriate service providers such as advertising agencies or website service providers, or on the basis of the provision of consent in accordance with Art. 6 Section 1 (a) of the GDPR via our consent management tool.
As soon as the purpose of the data collection no longer applies, the data is deleted again immediately.
We use Google Analytics, a web analytics service provided by Google Ireland Limited (https://www.google.de/intl/de/about/), Gordon House, Barrow Street, Dublin 4, Ireland ("Google") to create pseudonymised usage profiles with the use of cookies. The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to website and internet use for the purposes of market research and demand-oriented design of these web pages. This information may also be transferred to third parties if this is required by law or if third parties process this data on our behalf. Under no circumstances will your IP address be merged with other Google data. The IP addresses are anonymised so that an assignment is not possible (IP masking).
You can view the privacy policy of Google Analytics at: https://support.google.com/analytics/answer/6004245?hl=de
We use the reCAPTCHA function of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Ireland Limited is part of the Google group of companies with headquarters at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The reCAPTCHA function is primarily used to distinguish whether an entry is made by a natural person or is misused by machine and automated processing. The service also includes the sending to Google of the IP address and any other data required by Google for the reCAPTCHA service.
Further information on Google reCAPTCHA and Google's privacy policy can be found at: https://www.google.com/intl/de/policies/privacy/.
We use a tool from AB Tasty SAS to analyse the different usage of different versions of our websites for test purposes. AB Tasty uses cookies to collect information about how users browse its websites: this includes information about the user's browser (browser type and language), the Internet Protocol (IP) address of the user's terminal device and information derived from this address, such as the geographical location and identification numbers of the terminal device, the user's Internet service provider, the pages and files accessed by the user, the user's operating system, and the date and time of the user's visit to the website.
In addition, we collect a Net Promotor Score (NPS) in conjunction with the parcel label number from the delivery for the purposes of quality assurance, product improvement and customer satisfaction. The parcel label number is anonymized immediately afterwards.
The company is located at 64-66 rue des Archives, 75003 Paris, France and is part of AB Tasty Inc, 408 Broadway NY 10013, New York, United States. There is no exchange of data within the group. AB Tasty SAS cooperates by order and according to instructions within the framework of Article 28 of the GDPR.
For the company's privacy policy, please refer to the AB Tasty website: https://www.abtasty.com/privacy-policy/.
"Cookies" are small text files that are used to store specific information on your device during your visit to the website. The cookies help to determine the frequency and number of users of this website. In addition, cookies ensure that the use of the DPD website is as convenient and efficient as possible for you.
DPD participates in the IAB Europe Transparency and Consent Framework and complies with the relevant specifications and guidelines. This initiative promotes responsible data protection settings within the digital advertising industry, and offers users greater transparency and better control over how their data is processed for tracking purposes. In order to display personalised advertising, we also transmit information about the category of specific shippers to the advertising partner, but do so only with their consent..
When you access this website, a cookie banner informs you that by using our website you consent to the use of cookies. You can adjust your own advertising settings at any time using the corresponding function in the cookie notice and object to the use of cookies. If the user has given his or her consent, the legal basis for the processing of personal data using cookies for analysis purposes is Art. 6 Section 1 (a) of the GDPR. An overview of our advertising partners can be obtained via this link.
You can see the purpose and duration of validity of all other cookies set by us in the following table:
Cookie name
| Duration | Description | Type | Host |
1) Technically required cookies (according to §25 (2) DSA) | ||||
current_language_<id> | 30 days | Controls the language setting | 1st Party | dpd.com
|
dpd-connect-generic-redirect | 1 day | Single Sign On: storage of the log-in data | 1st Party | dpd.com |
TC_PRIVACY | 396 days | Used to store user status and display privacy banner. | 3rd Party | dpd.com |
TC_PRIVACY_CENTER | 396 days | Used to display opt-in/opt-out categories in privacy center when user reopens it. | 3rd Party | dpd.com |
TC_PRIVACY_IAB_VENDORLIST | unlimited | Wird verwendet, um die IAB TCF Global Vendor List zwischenzuspeichern. | 3rd Party | dpd.com |
TC_PRIVACY_TCF | unlimited | Used to cache the IAB TCF Consent API Response. | 3rd Party | dpd.com |
TCPID | 365 days | Contains a user-related, one-time value to enable analysis of the cookie banner application together with the TCID cookie. | 3rd Party | dpd.com |
ROUTEID | session | This cookie is used for directing the users to the same server. | 1st Party | dpd.com |
INGRESSCOOKIE | session | This cookie is used for load balancing and session stickiness. This technical session identifier is required for some website features. | 1st Party | dpd.com |
_cfb | session | Is used by Cloudflare for load balancing. | 1st Party | dpd.com |
PHPSESSID | session | This cookie is native to PHP applications. The cookie stores and identifies a user's unique session ID to manage user sessions on the website. The cookie is a session cookie and will be deleted when all the browser windows are closed. | 1st Party | dpd.com |
ASP.NET_SessionId | session | This cookie is essential for use, as it creates an anonymous "session" that allows us to respond to visitors' requests. | 3rd Party | Microsoft |
UserCookieSMEMigration | 180 days | Controls specific content for private or commercial customers after login (portal.dpd.de). | 1st Party | dpd.de |
2) Statistics cookies (help website owners understand how visitors interact with websites by collecting and reporting information anonymously) | ||||
Cookie name
| Duration | Description | Type | Host |
ABTasty | 1 year | Used for the analysis of the A/B tests using AB Tasty. | 3rd Party | ABTasty |
ABTastySession | session | Used for the analysis of the A/B tests using AB Tasty. | 3rd Party | ABTasty |
_ga | 2 years | Used for analysis / statistics purposes via Google Analytics. | 3rd Party | google.de |
_gat_ | session | Used for analysis / statistics purposes via Google Analytics. | 3rd Party | google.de |
_gid | 1 day | Used for analysis / statistics purposes via Google Analytics. | 3rd Party | google.de |
_gcl_au | 90 days | Used for analysis / statistics purposes via Google Analytics. | 3rd Party | google.de |
__gads | 1 year | Used for analysis / statistics purposes via Google Analytics. | 3rd Party | google.de |
__gpi | 1 year | Used for analysis / statistics purposes via Google Analytics. | 3rd Party | google.de |
3) Cookies to control user-friendliness (functional /with consent according to Art. 6(1a) DSGVO) | ||||
Cookie name
| Duration | Description | Type | Host |
_faq_<id> | 30 days | Cookie for the storage for the evaluation of a FAQ. | 1st Party | dpd.com |
german_sso | 0 | German SSO Login | 1st Party | dpd.com |
german_sso_landing_page | 0 | German SSO Login | 1st Party | dpd.com |
sso_error_login_social_msg | 0 | German SSO Login | 1st Party | dpd.com |
title_param_<id> | 7 days | Confirmation page after submission of an online form. | 1st Party | dpd.com |
name_param_<id> | 7 days | Confirmation page after submission of an online form. | 1st Party | dpd.com |
UserCookieNewFunctions | 180 days | Controls specific info layer after login (portal.dpd.de) | 3rd Party | portal.dpd.de |
DPD_reCaptcha_error_<id> | 0 | reCaptcha of Online Form | 1st Party | dpd.com |
tC_Sync | 0 | Technical cookie used to store the timestamp of the last cookie synchronization. | 3rd Party | dpd.com |
TCID | 365 days | Visitor identifier used to calculate deduplicated statistics per user. | 3rd Party | dpd.com |
DPD_PaketNavigator | session | The cookie is about the User Session, the Cloud User ID is stored in there | 1st Party | dpd.de |
4) Cookies for advertising purposes (with consent according to Art. 6 (1a) DSGVO) | ||||
Cookie name
| Duration | Description | Type | Host |
cto_bundle | 1 year | Used for displaying advertising, according to IAB standard. | 3rd Party | IAB Standard |
IAB Cookies | - | Used for displaying advertising, according to IAB standard. | 3rd Party | IAB Standard |
MUID | 1 year, 1 month, 43 minutes, 20 seconds (34190000 seconds) | Store and/or retrieve information on a device | 3rd Party | Microsoft Advertising |
_uetmsclkid | 2 months, 4 weeks, 1 day, 3 hours (7776000 seconds) | Store and/or retrieve information on a device | 3rd Party | Microsoft Advertising |
_uetsid | 1 day (86400 seconds) | Store and/or retrieve information on a device | 3rd Party | Microsoft Advertising |
_uetvid | 1 year, 3 weeks, 3 days, 18 hours (33696000 seconds) | Store and/or retrieve information on a device | 3rd Party | Microsoft Advertising |
UserMatchHistory | 30 days | Used for the synchronisation of the LinkedIn Ads ID | 3rd Party | |
StepStone View Pixel | 1 year | To be able to assign the source of origin of applications as part of the StepStone Appcast campaign: Pixel is placed in job advertisements. | 3rd Party Javascript Pixel | StepStone Deutschland GmbH |
StepStone Apply Form Pixel | 1 year | To be able to assign the source of origin of applications as part of the StepStone Appcast campaign: Pixel is placed on the application form. | 3rd Party Javascript Pixel | StepStone Deutschland GmbH |
StepStone Completed Pixel | 1 year | To be able to assign the source of origin of applications as part of the StepStone Appcast campaign: Pixel is placed on the ‘Thank you’ page after final application. | 3rd Party Javascript Pixel | StepStone Deutschland GmbH |
Duration |
---|
1) Technically required cookies (according to §25 (2) DSA) |
---|
current_language_<id> | 30 days |
---|
dpd-connect-generic-redirect | 1 day |
---|
TC_PRIVACY | 396 days |
---|
TC_PRIVACY_CENTER | 396 days |
---|
TC_PRIVACY_IAB_VENDORLIST | unlimited |
---|
TC_PRIVACY_TCF | unlimited |
---|
TCPID | 365 days |
---|
ROUTEID | session |
---|
INGRESSCOOKIE | session |
---|
_cfb | session |
---|
PHPSESSID | session |
---|
ASP.NET_SessionId | session |
---|
UserCookieSMEMigration | 180 days |
---|
2) Statistics cookies (help website owners understand how visitors interact with websites by collecting and reporting information anonymously) |
---|
Cookie name
| Duration |
---|
ABTasty | 1 year |
---|
ABTastySession | session |
---|
_ga | 2 years |
---|
_gat_ | session |
---|
_gid | 1 day |
---|
_gcl_au | 90 days |
---|
__gads | 1 year |
---|
__gpi | 1 year |
---|
3) Cookies to control user-friendliness (functional /with consent according to Art. 6(1a) DSGVO) |
---|
Cookie name
| Duration |
---|
_faq_<id> | 30 days |
---|
german_sso | 0 |
---|
german_sso_landing_page | 0 |
---|
sso_error_login_social_msg | 0 |
---|
title_param_<id> | 7 days |
---|
name_param_<id> | 7 days |
---|
UserCookieNewFunctions | 180 days |
---|
DPD_reCaptcha_error_<id> | 0 |
---|
tC_Sync | 0 |
---|
TCID | 365 days |
---|
DPD_PaketNavigator | session |
---|
4) Cookies for advertising purposes (with consent according to Art. 6 (1a) DSGVO) |
---|
Cookie name
| Duration |
---|
cto_bundle | 1 year |
---|
IAB Cookies | - |
---|
MUID | 1 year, 1 month, 43 minutes, 20 seconds (34190000 seconds) |
---|
_uetmsclkid | 2 months, 4 weeks, 1 day, 3 hours (7776000 seconds) |
---|
_uetsid | 1 day (86400 seconds) |
---|
_uetvid | 1 year, 3 weeks, 3 days, 18 hours (33696000 seconds) |
---|
UserMatchHistory | 30 days |
---|
StepStone View Pixel | 1 year |
---|
StepStone Apply Form Pixel | 1 year |
---|
StepStone Completed Pixel | 1 year |
---|
Description |
---|
1) Technically required cookies (according to §25 (2) DSA) |
---|
current_language_<id> | Controls the language setting |
---|
dpd-connect-generic-redirect | Single Sign On: storage of the log-in data |
---|
TC_PRIVACY | Used to store user status and display privacy banner. |
---|
TC_PRIVACY_CENTER | Used to display opt-in/opt-out categories in privacy center when user reopens it. |
---|
TC_PRIVACY_IAB_VENDORLIST | Wird verwendet, um die IAB TCF Global Vendor List zwischenzuspeichern. |
---|
TC_PRIVACY_TCF | Used to cache the IAB TCF Consent API Response. |
---|
TCPID | Contains a user-related, one-time value to enable analysis of the cookie banner application together with the TCID cookie. |
---|
ROUTEID | This cookie is used for directing the users to the same server. |
---|
INGRESSCOOKIE | This cookie is used for load balancing and session stickiness. This technical session identifier is required for some website features. |
---|
_cfb | Is used by Cloudflare for load balancing. |
---|
PHPSESSID | This cookie is native to PHP applications. The cookie stores and identifies a user's unique session ID to manage user sessions on the website. The cookie is a session cookie and will be deleted when all the browser windows are closed. |
---|
ASP.NET_SessionId | This cookie is essential for use, as it creates an anonymous "session" that allows us to respond to visitors' requests. |
---|
UserCookieSMEMigration | Controls specific content for private or commercial customers after login (portal.dpd.de). |
---|
2) Statistics cookies (help website owners understand how visitors interact with websites by collecting and reporting information anonymously) |
---|
Cookie name
| Description |
---|
ABTasty | Used for the analysis of the A/B tests using AB Tasty. |
---|
ABTastySession | Used for the analysis of the A/B tests using AB Tasty. |
---|
_ga | Used for analysis / statistics purposes via Google Analytics. |
---|
_gat_ | Used for analysis / statistics purposes via Google Analytics. |
---|
_gid | Used for analysis / statistics purposes via Google Analytics. |
---|
_gcl_au | Used for analysis / statistics purposes via Google Analytics. |
---|
__gads | Used for analysis / statistics purposes via Google Analytics. |
---|
__gpi | Used for analysis / statistics purposes via Google Analytics. |
---|
3) Cookies to control user-friendliness (functional /with consent according to Art. 6(1a) DSGVO) |
---|
Cookie name
| Description |
---|
_faq_<id> | Cookie for the storage for the evaluation of a FAQ. |
---|
german_sso | German SSO Login |
---|
german_sso_landing_page | German SSO Login |
---|
sso_error_login_social_msg | German SSO Login |
---|
title_param_<id> | Confirmation page after submission of an online form. |
---|
name_param_<id> | Confirmation page after submission of an online form. |
---|
UserCookieNewFunctions | Controls specific info layer after login (portal.dpd.de) |
---|
DPD_reCaptcha_error_<id> | reCaptcha of Online Form |
---|
tC_Sync | Technical cookie used to store the timestamp of the last cookie synchronization. |
---|
TCID | Visitor identifier used to calculate deduplicated statistics per user. |
---|
DPD_PaketNavigator | The cookie is about the User Session, the Cloud User ID is stored in there |
---|
4) Cookies for advertising purposes (with consent according to Art. 6 (1a) DSGVO) |
---|
Cookie name
| Description |
---|
cto_bundle | Used for displaying advertising, according to IAB standard. |
---|
IAB Cookies | Used for displaying advertising, according to IAB standard. |
---|
MUID | Store and/or retrieve information on a device |
---|
_uetmsclkid | Store and/or retrieve information on a device |
---|
_uetsid | Store and/or retrieve information on a device |
---|
_uetvid | Store and/or retrieve information on a device |
---|
UserMatchHistory | Used for the synchronisation of the LinkedIn Ads ID |
---|
StepStone View Pixel | To be able to assign the source of origin of applications as part of the StepStone Appcast campaign: Pixel is placed in job advertisements. |
---|
StepStone Apply Form Pixel | To be able to assign the source of origin of applications as part of the StepStone Appcast campaign: Pixel is placed on the application form. |
---|
StepStone Completed Pixel | To be able to assign the source of origin of applications as part of the StepStone Appcast campaign: Pixel is placed on the ‘Thank you’ page after final application. |
---|
Type |
---|
1) Technically required cookies (according to §25 (2) DSA) |
---|
current_language_<id> | 1st Party |
---|
dpd-connect-generic-redirect | 1st Party |
---|
TC_PRIVACY | 3rd Party |
---|
TC_PRIVACY_CENTER | 3rd Party |
---|
TC_PRIVACY_IAB_VENDORLIST | 3rd Party |
---|
TC_PRIVACY_TCF | 3rd Party |
---|
TCPID | 3rd Party |
---|
ROUTEID | 1st Party |
---|
INGRESSCOOKIE | 1st Party |
---|
_cfb | 1st Party |
---|
PHPSESSID | 1st Party |
---|
ASP.NET_SessionId | 3rd Party |
---|
UserCookieSMEMigration | 1st Party |
---|
2) Statistics cookies (help website owners understand how visitors interact with websites by collecting and reporting information anonymously) |
---|
Cookie name
| Type |
---|
ABTasty | 3rd Party |
---|
ABTastySession | 3rd Party |
---|
_ga | 3rd Party |
---|
_gat_ | 3rd Party |
---|
_gid | 3rd Party |
---|
_gcl_au | 3rd Party |
---|
__gads | 3rd Party |
---|
__gpi | 3rd Party |
---|
3) Cookies to control user-friendliness (functional /with consent according to Art. 6(1a) DSGVO) |
---|
Cookie name
| Type |
---|
_faq_<id> | 1st Party |
---|
german_sso | 1st Party |
---|
german_sso_landing_page | 1st Party |
---|
sso_error_login_social_msg | 1st Party |
---|
title_param_<id> | 1st Party |
---|
name_param_<id> | 1st Party |
---|
UserCookieNewFunctions | 3rd Party |
---|
DPD_reCaptcha_error_<id> | 1st Party |
---|
tC_Sync | 3rd Party |
---|
TCID | 3rd Party |
---|
DPD_PaketNavigator | 1st Party |
---|
4) Cookies for advertising purposes (with consent according to Art. 6 (1a) DSGVO) |
---|
Cookie name
| Type |
---|
cto_bundle | 3rd Party |
---|
IAB Cookies | 3rd Party |
---|
MUID | 3rd Party |
---|
_uetmsclkid | 3rd Party |
---|
_uetsid | 3rd Party |
---|
_uetvid | 3rd Party |
---|
UserMatchHistory | 3rd Party |
---|
StepStone View Pixel | 3rd Party Javascript Pixel |
---|
StepStone Apply Form Pixel | 3rd Party Javascript Pixel |
---|
StepStone Completed Pixel | 3rd Party Javascript Pixel |
---|
Host |
---|
1) Technically required cookies (according to §25 (2) DSA) |
---|
current_language_<id> | dpd.com
|
---|
dpd-connect-generic-redirect | dpd.com |
---|
TC_PRIVACY | dpd.com |
---|
TC_PRIVACY_CENTER | dpd.com |
---|
TC_PRIVACY_IAB_VENDORLIST | dpd.com |
---|
TC_PRIVACY_TCF | dpd.com |
---|
TCPID | dpd.com |
---|
ROUTEID | dpd.com |
---|
INGRESSCOOKIE | dpd.com |
---|
_cfb | dpd.com |
---|
PHPSESSID | dpd.com |
---|
ASP.NET_SessionId | Microsoft |
---|
UserCookieSMEMigration | dpd.de |
---|
2) Statistics cookies (help website owners understand how visitors interact with websites by collecting and reporting information anonymously) |
---|
Cookie name
| Host |
---|
ABTasty | ABTasty |
---|
ABTastySession | ABTasty |
---|
_ga | google.de |
---|
_gat_ | google.de |
---|
_gid | google.de |
---|
_gcl_au | google.de |
---|
__gads | google.de |
---|
__gpi | google.de |
---|
3) Cookies to control user-friendliness (functional /with consent according to Art. 6(1a) DSGVO) |
---|
Cookie name
| Host |
---|
_faq_<id> | dpd.com |
---|
german_sso | dpd.com |
---|
german_sso_landing_page | dpd.com |
---|
sso_error_login_social_msg | dpd.com |
---|
title_param_<id> | dpd.com |
---|
name_param_<id> | dpd.com |
---|
UserCookieNewFunctions | portal.dpd.de |
---|
DPD_reCaptcha_error_<id> | dpd.com |
---|
tC_Sync | dpd.com |
---|
TCID | dpd.com |
---|
DPD_PaketNavigator | dpd.de |
---|
4) Cookies for advertising purposes (with consent according to Art. 6 (1a) DSGVO) |
---|
Cookie name
| Host |
---|
cto_bundle | IAB Standard |
---|
IAB Cookies | IAB Standard |
---|
MUID | Microsoft Advertising |
---|
_uetmsclkid | Microsoft Advertising |
---|
_uetsid | Microsoft Advertising |
---|
_uetvid | Microsoft Advertising |
---|
UserMatchHistory |
---|
StepStone View Pixel | StepStone Deutschland GmbH |
---|
StepStone Apply Form Pixel | StepStone Deutschland GmbH |
---|
StepStone Completed Pixel | StepStone Deutschland GmbH |
---|
Links to the privacy policies of the individual providers lead directly to their websites. Calling up the web link may already transfer data to these site operators as well as to non-EU countries. DPD accepts no responsibility for this.
We use Bing Ads to advertise on our website and on third party websites for past visitors to our website. Bing Ads is provided by Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052, USA. Tel.: (+1) 425-882-8080 ("Microsoft").
The ads are displayed based on information stored in cookies that Microsoft places on your computer. The text files contain information about your visit to our website, in particular product views, which are retrieved for specific product recommendations on subsequent visits to this website or third-party websites. The cookie contains a random alias. If you visit our website within a certain period of time and view our products, Microsoft will be able to recognise you from the alias. However, the information cannot be attributed to you personally. We or Microsoft will not merge this information with your personal information and will not share any of your personal information with third parties.
The operating company of the Google Remarketing services is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Remarketing is a function of Google AdWords that enables a company to display ads to Internet users who have previously visited the company's website. The integration of Google Remarketing accordingly allows a company to create user-related advertising and consequently to display ads that are relevant to the interests of the Internet user.
The purpose of Google Remarketing is to display interest-based advertising. Google Remarketing enables us to display ads via the Google advertising network or on other websites that are tailored to the individual needs and interests of Internet users.
Google Remarketing places a cookie on the IT system of the data subject. By setting the cookie, Google is able to recognise the visitor to our website when he or she subsequently visits websites that are also members of the Google advertising network. Each time you visit a website on which the Google Remarketing service has been integrated, your internet browser automatically identifies itself to Google. In the course of this technical procedure Google obtains knowledge of personal data such as your IP address or surfing behaviour, which Google uses, among other things, to display advertising relevant to your interests.
By means of the cookie personal information, for example the websites you have visited, is stored. Each time you visit our website, personal data, including your IP address, is transmitted to Google in the USA. This personal data is stored by Google in the USA. Google may pass on this personal data collected via the technical process to third parties.
The operating company of the Google AdSense component is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google AdSense is an online service that enables the display of ads on third-party websites. Google AdSense is based on an algorithm which selects the ads displayed on third-party sites according to the content of the relevant third-party site. Google AdSense enables interest-based targeting of internet users, which is implemented by generating individual user profiles. The purpose of the Google AdSense component is the integration of ads on our website. Google-AdSense sets a cookie on your IT system. By setting the cookie, Alphabet Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA, is able to analyse the use of our website. Each time you call up one of the individual pages of this website that is operated by us and on which a Google AdSense component has been integrated, the internet browser on your IT system is automatically prompted by the relevant Google AdSense component to transmit data to Alphabet Inc. for the purpose of online advertising and the settlement of commissions.
In the course of this technical procedure, Alphabet Inc. obtains knowledge of personal data, such as your IP address, which Alphabet Inc. uses, among other things, to trace the origin of visitors and clicks and subsequently to enable commission settlements. Google AdSense also uses so-called tracking pixels. A tracking pixel is a miniature graphic that is embedded in websites to enable log file recording and log file analysis, which enables statistical evaluation. By means of the embedded tracking pixel, Alphabet Inc. can recognise whether and when a web page has been opened by your IT system and which links you have clicked on. Among other things, tracking pixels are used to evaluate the flow of visitors to a website.
Via Google AdSense personal data and information, which also includes the IP address and is necessary for the collection and billing of the advertisements displayed, is transferred to Alphabet Inc. in the USA. This personal data is stored and processed in the USA. Alphabet Inc. may share this personal data collected via the technical process with third parties.
You can view the privacy policy and further information from Google AdSense at: https://www.google.de/intl/de/adsense/start/ and at https://www.google.com/policies/technologies/ads/
On this website we integrate components from YouTube. The operating company of YouTube is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
YouTube is an internet video portal that enables video publishers to post video clips free of charge and other users to view, rate and comment on them, also free of charge. YouTube enables the publication of all types of videos, which is why complete film and television programmes, but also music videos, trailers or videos made by users themselves can be accessed via the Internet portal. Each time you call up one of the individual pages of this website that is operated by us and on which a YouTube component (YouTube video) has been integrated, the internet browser on your IT system is automatically prompted by the relevant YouTube component to download a representation of the corresponding YouTube component from YouTube. The Google WebFonts, Google Video and Google Photo services can also be downloaded from YouTube. Further information on YouTube can be found at https://www.youtube.com/yt/about/de/. Within the scope of this technical procedure, YouTube and Google receive information about which specific sub-page of our website is visited by you.
If you are logged in to YouTube at the same time, YouTube recognises which specific subpage of our website you are visiting when you call up a subpage that contains a YouTube video. This information is collected by YouTube and Google and assigned to your YouTube account.
YouTube and Google always receive information via the YouTube component that you have visited our website if you are logged into YouTube at the same time as you access our website. This takes place regardless of whether you click on a YouTube video or not. If you do not want this information to be transmitted to YouTube and Google, you can prevent the transmission by logging out of your YouTube account before accessing our website.
You can view YouTube's privacy policy at: https://www.google.de/intl/de/policies/privacy/.
LinkedIn Analytics
On this website, we use the retargeting tool and conversion tracking of LinkedIn Ireland, Wilton Plaza, Wilton Place, Dublin 2, Ireland (LinkedIn).
For this purpose, the LinkedIn Insight Tag is integrated on our website, which enables LinkedIn to collect statistical data about your visit and use of our website and to provide us with corresponding aggregated statistics on this basis. The service is also used to show you interest-specific and relevant offers and recommendations after you have found out about certain services, information and offers on the website. The relevant information is stored in a cookie.
As a rule, the following data is collected and processed:
These processing operations are only carried out with your express consent in accordance with Art. 6 para. 1 lit. a) GDPR. Your data will be stored until you withdraw your consent.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted. The personal data is stored for as long as it is required to fulfil the purpose of processing. The data is deleted as soon as it is no longer required to fulfil the purpose.
As part of processing via LinkedIn, data may be transferred to the USA and Singapore. The security of the transfer is regularly ensured by so-called standard contractual clauses, which guarantee that the processing of personal data is subject to a level of security that corresponds to that of the GDPR. If the standard contractual clauses are not sufficient to establish an adequate level of security, consent will be obtained from you in accordance with Art. 49 para. 1 lit. a) GDPR.
You can find more information about LinkedIn's privacy policy at: https://de.linkedin.com/legal/privacy-policy.
StepStone publishes job adverts on StepStone and job boards of selected cooperation partners. Candidates who apply to the customer in response to a posting placed by StepStone are counted by the code snippet placed by DPD in the ATS. For each application received by DPD in the ATS, a predetermined amount per application is deducted from the order quota. The cookies send a signal as soon as a user coming from Appcast is on the job advert, the application form and the ‘Thank you’ page. These signals are anonymised in the Appcast dashboard and used to control the campaigns. The pixel on the ‘Thank you’ page is the payment-relevant pixel and therefore the most important pixel in the implementation.
Privacy policy: https://www.appcast.io/privacy-policy/
DPD also appears in a number of social networks. These include, for example, Facebook, Instagram, X, Xing, LinkedIn and YouTube. DPD provides its services on these platforms under the data protection provisions of the individual platform operator and has no direct responsibility for the way the operator processes data. Any findings from this data are used only for internal purposes and direct consultation. DPD wishes to point out that these platforms are in themselves public and anything which is posted on them can as a rule be read by all users. DPD will not provide shipment-related information or details of personal data in any public forum via these platforms.
Facebook has made the fan page available to DPD Deutschland GmbH in accordance with the applicable terms of use, and is solely responsible for the technical operation of the fan page. DPD Deutschland GmbH is responsible for the content that is posted.
Facebook records your visit and your interactions and makes them available to us in anonymized form (page insights). If you have a Facebook account, Facebook processes your data in accordance with the Facebook terms of use. The interactions of visitors without a Facebook account are recorded anonymously and are also made available to us as a statistical evaluation (page insights).
DPD Deutschland GmbH and Facebook are jointly responsible for the processing of personal data in events for page insights (insights data). In accordance with the agreement which applies to Facebook and us (the so-called Page Insights Addendum), each joint controller must fulfil its obligations to provide information itself.
Please exercise your rights as a data subject (see Section 4) in relation to one of the data controllers of the insights data. We pass on requests that fall within Facebook's area of responsibility to Facebook for further processing.
We have no influence on the data processing by Facebook, the scope, purpose, or duration of its storage and any possible forwarding of data by Facebook.
For direct contact with DPD Germany without the involvement of Facebook, please use the contact options on our website.
You will find more detailed information on the data processing for which Facebook is solely responsible in Facebook's privacy policy and cookie policy.
Responsibilities for the processing of data
DPD Deutschland GmbH is the data controller for the information it posts and for the processing for which it is responsible.
You can reach our data protection officer at:
With regard to the processing of personal data in events for page insights (insights data), Facebook Ireland Ltd, 4 Grand Canal Harbour, Dublin 2 Ireland, is also the data controller in addition to us. The joint processing is carried out on the basis of an agreement between the joint controllers in accordance with Art. 26 of the GDPR, which you can view here: Information on page insights
The type of data processed and the reasons for the processing
Data processing of page insights for statistical purposes
Facebook provide DPD with so-called page insights for our fan page. These are anonymous statistics that are created on the basis of specific events and recorded by Facebook when fan page visitors like you interact on our fan page. The page insights don't contain any personal data, but they do make it possible to see what content is most frequently requested by what group of people. We optimise the fan page on this basis. This represents a legitimate interest in the processing that takes place (processing of personal data in events for page insights). The legal basis for data processing in the context of page insights is Art. 6 Para. 1 f of the GDPR.
You can change the settings for your Facebook advertising preferences in your Facebook account.
Data processing when contact is made and further communication
If you contact us via a contact form or Messenger, for example, we process personal data. This data is processed exclusively for the purpose of answering the enquiry, for contacting you and for the related technical administration and, unless other legal or contractual retention periods apply, will be retained for a maximum of two years to prove that your request has been processed properly and to further optimise our services.
Our legitimate interest lies in the correct and fastest possible processing of your enquiries. The legal basis for this processing is Art. 6 Para. 1 f of the GDPR. If the contact is made for the purpose of initiating or concluding a contract, Art. 6 Para. 1 b of the GDPR serves as the legal basis.
If you provide us with personal data via our fan page (for example in comments), this is done on the basis of your consent in accordance with Art. 6 Para. 1 a of the GDPR. You can revoke this consent at any time with effect for the future. If you would like to exchange personal data with us, please contact our Customer Service.
In the context of prize competitions, data is collected for the purpose of the implementation and processing of such competitions. Detailed information on this can be found in the data protection information and conditions of participation of the specific competition.
Your rights as users
On the basis of the GDPR, data subjects are entitled to the following rights:
In accordance with Art. 15 of the GDPR, you can request information about your personal data that is processed by the relevant data controller.
In accordance with Art. 16 of the GDPR, you can request a correction if your data is not (or no longer) accurate.
In accordance with Art. 17 of the GDPR, you can request the deletion of your personal data.
You have the right under Art. 18 of the GDPR to require restriction of the processing of your personal data.
In the event that the requirements of Art. 20 Para. 1 of the GDPR are met, you have the right to receive your data in a structured, standard and machine-readable format.
In accordance with Art. 77 Para. 1 of the GDPR, you have the right to complain to the competent data protection supervisory authority.
In accordance with Art. 21 Para. 2 of the GDPR, you can at any time object to the processing of personal data concerning you for direct marketing purposes.
In accordance with Article 21 of the GDPR, you have the right to object if the processing of your data is based on a legitimate interest within the meaning of Article 6 Para. 1 f of the GDPR (see Sections 3.1 and 3.2) and if you can provide grounds for this based on your individual situation. You can submit the objection to our Facebook Customer Service stating your contact details, the specific processing you are objecting to, the reasons for objection arising from your particular situation and the name of the fan page or, in the case of an objection to the processing of page insights for statistical purposes (see Section 3.1), raise the objection with Facebook. We pass on requests that fall within Facebook's area of responsibility to Facebook for further processing.
If you wish to exercise your rights as a data subject against Facebook, please contact Facebook Ireland Ltd, 4 Grand Canal Harbour, Dublin 2 Ireland. You can do this online via the contact form on the Facebook page.
If you would like to exercise your data protection rights against DPD, please contact us using the contact details provided in Section 2.
This privacy policy was last updated 4/2024
Home / Data protection