Erasure Concept Fleetboard Logistics GmbH
HABBL & CONIZI
1. Preface
Following the principle of data minimization (Art. 5 para. 1 lit. e DSGVO), Fleetboard Logistics GmbH shall ensure storage limitation. In doing so, the storage limitation must take place in a form that allows the identification of the data subjects only for as long as is necessary for the purposes for which they are processed. This requires, in particular, that the storage period for personal data is limited to the absolute minimum necessary (Recital 39 GDPR).
In addition, a storage limit must also be taken into account from an economic-technical perspective, because the more data is retained, the more storage space is required. This is accompanied by more computing power for the active system to process these data volumes. This is an obvious economic reason for keeping data storage as short as possible.
Already during software development, deadlines for the deletion of personal and technical data have to be defined. These determinations must be included in the program description and thus disclosed to the user.
2. Interim Periods until Deletion
Due to existing customer contracts and the assurances contained therein, only a successive transition to the planned deletion concept and the retention periods specified herein is possible. This depends on the respective customer communication and requirement.
It is determined that, according to plan, by 01.07.2021 the deletion concept described herein will have been implemented for the HABBL and CONIZI environment and only the then corresponding data sets will prevail in the server environments and backup solutions.
3. Execution Instruction for Deletion
HABBL checks periodically at low-load times which data records can be transferred to passive access (passive access: only for the owner of the data record; restricted search function (e.g. reference number)). This is done, for example, for tours based on the time stamp of when they were completed. The data and all sub-data sets are collected, processed and fed into the HABBL archive system (e.g. as PDF, PNG, ZIP, ...). After successful transfer, the data is deleted from active access and is no longer available under the usual menu items. Depending on the volume, this process may be delayed for a few days.
As soon as a data record has been transferred to the archive system (passive access), it can be searched for and viewed via a new menu item in the HABBL portal. Export functions are available in the archive system.
The deletion concept described under "Individual listing of deletion periods" will be applied automatically for new customers from 01.07.2021.
Existing customers will be informed about the deletion concept by post. After an objection period of four weeks, the concept comes into effect. An individual agreement is possible in justified exceptional cases and against remuneration.
4. Logging
The logging of the automated deletion takes place via the system log, which exclusively keeps track of which data records were deleted and when, and is overwritten after 90 days at the latest. A system log entry looks as follows:
"Customer XY: Data in the period from XX.XX.XXXX to XX.XX.XXXX was deleted.". Only system-internal data record identifiers are logged.
5. Responsibilities
Each employee of Fleetboard Logistics GmbH with technical-administrative rights is responsible for compliance with the specified regulations. On the part of the HABBL applications and the CONIZI platform, the stipulations of the storage and retention periods are implemented in the system by the main people responsible for the technical side, so that an automatism is created here, which is to be checked at regular intervals for its effectiveness.
6. Individual List of Deletion Periods
| Documents, software, processes, type of data | Retention or deletion period | Legal basis |
|---|---|---|
| Master data of the HABBL portal user | After deletion of the user account, the master data remains in the system for recourse and revision purposes for a further 3 months with the blocking note "deleted/blocked"; after expiry of these 3 months, all data is deleted by the system. | Art. 6 I b DSGVO (Contract of Use und Terms of Use HABBL); Art. 6 I a DSGVO (Terms of Use HABBL App) |
| Master data of the HABBL App user | When deregistering the HABBL app, the user can determine for himself whether his data will be deleted. Deletion takes place for recourse and auditing purposes after 3 months. Automatic deletion of data also occurs if a user does not use the HABBL App for 12 months. |
Art. 6 I b DSGVO (Contract of Use und Terms of Use HABBL); Art. 6 I a DSGVO (Terms of Use HABBL App) |
| Content data of HABBL (active access) | 45 days after the data record is closed, it remains in active access for HABBL portal users, after which it is transferred to a separate archive (passive access: only for the owner of the data record; restricted search function (e.g. reference number)). | Art. 6 I b DSGVO (Contract of Use und Terms of Use HABBL) |
| Content data of HABBL (passive access) | 12 months after transfer to passive access (only for the owner of the data record; restricted search function (e.g. reference number)), the data records are deleted. Export functions are made available to the user (= owner of the data record) (if the user needs the data records as documents justifying invoices) | Art. 6 I b DSGVO (Contract of Use und Terms of Use HABBL) |
| GPS data of the interactive map of HABBL | 90 days after record entry | Art. 6 I a DSGVO in conjunction with. Art. 17 I a DSGVO |
| Data of HABBL (revision prevention and backup cycle) | After deletion of the data, the last version states can still be contained in the backups for another 6 months (automatic, self-overwriting data backups). After the six months at the latest, the content data is completely deleted. | Art. 6 I f DSGVO in conjunction with Art. 5 and 32 DSGVO |
| CONIZI telemetry data | After 90 days the telemetry data is deleted | Art. 6 I b DSGVO (Contract of Use und Terms of Use CONIZI) |
| CONIZI activity data | Transaction data (shipments, logins, events) are deleted after 6 weeks. | Art. 6 I b DSGVO (Nutzungsvertrag und Terms of Use CONIZI) |
| Master data oft he CONIZI user | After deletion request of the customer regarding the user account can be reactivated for 30 days, then definite deletion of the account | Art. 6 I b DSGVO (Contract of Use und Terms of Use CONIZI) |
7. Specific Cases
In certain cases, it may be necessary to delete/anonymize data records outside the defined rules:
- A data subject makes use of his/her "right to be forgotten".
- A data record was collected unlawfully
- A supervisory authority requires the company to do so
- The company may be required to stop all deletions and changes to the data if, for example, the tax-related documents are still needed in pending court proceedings.
Fleetboard Logistics GmbH, as of 05/2021