Register
Login

Privacy

PRIVACY POLICY

This document explains how DAGO Express GmbH, Karl-Marx-Straße 193, 15230 Frankfurt (Oder), Germany (Controller) processes personal data.

For questions regarding data protection, please contact the Controller by email:
[email protected]

I. Definitions

Controller – within the meaning of Art. 4(7) GDPR, the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. In this document, the Controller is: DAGO Express GmbH, Karl-Marx-Straße 193, 15230 Frankfurt (Oder), Germany

Personal Data – information relating to an identified or identifiable natural person, including IP address, location data, online identifier, and information collected through cookies.

Policy – this Privacy Policy.

GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data.

EEA – European Economic Area (EU countries + Iceland, Liechtenstein, Norway).

Website – the website operated by the Controller at https://dagoexpress.com

User – any person who visits the website, uses the Controller’s services, or contacts the Controller.

II. Processing of Personal Data – Purposes and Legal Bases

The Controller conducts ongoing risk analyses to ensure that personal data is processed securely – in particular, that only authorised persons have access to the data.

1. Processing of Customer Data

Your personal data is processed for the following purposes:

  • Booking and provision of courier/forwarding services – legal basis: Art. 6(1)(b) GDPR;
  • Use of products and services offered – legal basis: Art. 6(1)(b) GDPR;
  • Performance of concluded contracts – legal basis: Art. 6(1)(b) GDPR;
  • Issuing and storing invoices and accounting documents – legal basis: Art. 6(1)(c) GDPR;
  • Establishment, exercise or defence of legal claims – legal basis: Art. 6(1)(f) GDPR;
  • Customer service and responding to enquiries – legal basis: Art. 6(1)(f) GDPR;
  • Handling complaints – legal basis: Art. 6(1)(f) GDPR;
  • Direct marketing of own products and services – legal basis: Art. 6(1)(f) GDPR or Art. 6(1)(a) GDPR;
  • IT infrastructure management and system security – legal basis: Art. 6(1)(f) GDPR.

2. Use of the Website

Personal data of all website users is processed:

  • for the provision of electronic services – legal basis: Art. 6(1)(b) GDPR;
  • for analytical and statistical purposes – legal basis: Art. 6(1)(f) GDPR;
  • for the establishment and defence of legal claims – legal basis: Art. 6(1)(f) GDPR.

The provision of personal data is generally voluntary, but in some cases necessary for the conclusion of a contract, the provision of courier services, or the issuance of accounting documents.

3. Correspondence and Telephone Contact

In the case of correspondence by email or post, the personal data contained therein is processed exclusively for the purpose of communication and handling the matter. Legal basis: Art. 6(1)(f) GDPR.

4. Business Contacts

In the course of its business activities, the Controller also collects personal data during business meetings or when exchanging business cards. Legal basis: Art. 6(1)(f) GDPR.

III. Cookies

1. What are Cookies?

Cookies are small text files stored on the user’s device. They contain information such as session identifier, user settings, language preferences, visit time, and IP address.

2. Types of Cookies

  • Necessary – enable the proper functioning of the website.
  • Functional – store user settings and preferences.
  • Analytical – enable monitoring of website traffic (e.g. Google Analytics).
  • Marketing – enable the display of personalised advertising (e.g. Google Ads, Facebook Ads).
  • Social Media – enable integration with social platforms.

3. Third-Party Providers

Google (Analytics, Ads, GTM, reCAPTCHA), Facebook/Meta, Microsoft (Advertising, Clarity), Cloudflare, Sentry, and other partners.

4. Consent Management

The user can change browser settings at any time to block or delete cookies, as well as withdraw consent via the cookie banner interface.

5. Transfer Outside the EEA

Data from cookies may be transferred to third countries only on the basis of appropriate legal safeguards such as Standard Contractual Clauses (SCCs) or the EU-US Data Privacy Framework.

IV. Retention Periods for Personal Data

The Controller stores personal data only for as long as necessary:

  • Contract and service data: for the duration of the contract, then 3-6 years (limitation period).
  • Accounting and tax data: 10 years for accounting documents, 6 years for business correspondence.
  • Contact data and enquiries: for the time necessary for processing.
  • Marketing data: until withdrawal of consent or objection.
  • Technical data: up to 12 months.

V. Rights of Data Subjects

You have the right to access, rectification, erasure, restriction of processing, data portability, and objection. Where processing is based on consent, you may withdraw it at any time. You have the right to lodge a complaint with a supervisory authority (Bundesbeauftragter für den Datenschutz und die Informationsfreiheit - BfDI).

Contact: By post: DAGO Express GmbH, Karl-Marx-Straße 193, 15230 Frankfurt (Oder), Germany By email: [email protected]

VI. Recipients of Data

Recipients of your personal data include: legally authorised institutions (tax authorities, courts), external service providers (IT, advertising, legal), transport operators, payment service providers, hosting companies, and marketing agencies.

VII. Transfer of Personal Data Outside the EEA

Your personal data may be transferred outside the EEA. The Controller ensures that this is done only on the basis of lawful safeguards under Chapter V GDPR:

  • Adequacy decision (Art. 45 GDPR)
  • Standard Contractual Clauses (Art. 46 GDPR)
  • Binding Corporate Rules (BCRs)
  • Derogations for specific situations (Art. 49 GDPR)

VIII. Automated Data Processing

Personal data may be processed automatically (including profiling), but this does not produce legal effects. Profiling serves to improve website functionality. Legal basis: Art. 6(1)(f) GDPR.

IX. Updates to the Privacy Policy

The Policy is regularly reviewed and updated as necessary.

Last updated: 13.01.2026

GDPR – INFORMATION CLAUSES

Below you will find detailed information clauses in accordance with Art. 13 and 14 GDPR for various categories of data subjects.

1. Information Clause for Customers

The Controller of your personal data is DAGO Express GmbH, Karl-Marx-Straße 193, 15230 Frankfurt (Oder), Germany.

For data protection matters: [email protected]

1.1 Purposes and Legal Bases for Processing

Your personal data is processed for the following purposes:

  • Booking and provision of courier/forwarding services – Art. 6(1)(b) GDPR;
  • Use of products and services offered – Art. 6(1)(b) GDPR;
  • Performance of concluded contracts – Art. 6(1)(b) GDPR;
  • Issuing and storing invoices – Art. 6(1)(c) GDPR;
  • Establishment, exercise or defence of legal claims – Art. 6(1)(f) GDPR;
  • Customer service and responding to enquiries – Art. 6(1)(f) GDPR;
  • Handling complaints – Art. 6(1)(f) GDPR;
  • Direct marketing of own products and services – Art. 6(1)(f) GDPR;
  • IT infrastructure management and system security – Art. 6(1)(f) GDPR;
  • Archiving purposes – Art. 6(1)(c) GDPR.

1.2 Recipients of Data

Recipients of your data include: legally authorised institutions (e.g. tax authorities, courts), external service providers (IT support, advertising, legal advice), entities involved in service provision (e.g. transport operators), payment service providers, hosting companies, and marketing agencies.

1.3 Retention Period

  • Accounting and tax documents: 10 years from the end of the calendar year.
  • Business correspondence: 6 years from the end of the calendar year.
  • Consent-based data (e.g. marketing): until withdrawal of consent or objection.

1.4 Rights of Data Subjects

You have the right to access, rectification, erasure or restriction of processing, data portability, and objection to processing. Where processing is based on consent, you may withdraw it at any time. You have the right to object to the processing of your data for direct marketing purposes at any time. You also have the right to lodge a complaint with a supervisory authority.

1.5 Requirement to Provide Data and Profiling

The provision of personal data is a contractual requirement insofar as it is necessary for the provision of courier/forwarding services. Failure to provide this data will make it impossible to conclude a contract or perform it properly. The provision of data for marketing purposes is voluntary. Your data is not processed automatically and is not subject to profiling.

1.6 Transfer of Personal Data Outside the EEA

Your personal data may be transferred to third countries outside the EEA. The Controller ensures that any transfer outside the EEA is made solely on the basis of lawful grounds and safeguards under Chapter V GDPR (adequacy decision, Standard Contractual Clauses, BCRs, approved codes of conduct/certifications, or derogations under Art. 49 GDPR). You have the right to obtain a copy of the safeguards applied.

2. Information Clause for Business Partners

The Controller of your personal data is DAGO Express GmbH, Karl-Marx-Straße 193, 15230 Frankfurt (Oder), Germany.

For data protection matters: [email protected]

2.1 Purposes and Legal Bases for Processing

  • Performance of the concluded contract – Art. 6(1)(b) GDPR;
  • Initiation of possible cooperation – Art. 6(1)(b) GDPR;
  • Documentation and settlement according to tax and commercial regulations – Art. 6(1)(c) GDPR;
  • Establishment, exercise or defence of legal claims – Art. 6(1)(f) GDPR;
  • Handling complaints – Art. 6(1)(f) GDPR;
  • Direct marketing including newsletter – Art. 6(1)(f) GDPR;
  • Credit check – Art. 6(1)(f) GDPR;
  • Geolocation monitoring of transport – Art. 6(1)(b) and (f) GDPR;
  • Website analysis and service optimisation – Art. 6(1)(f) and (a) GDPR;
  • IT infrastructure management – Art. 6(1)(f) GDPR.

2.2 Recipients of Data

Recipients of your data include: legally authorised institutions, external service providers (IT support, advertising, legal advice), transport operators, payment service providers, hosting companies, and marketing agencies.

2.3 Retention Period

  • Accounting and tax documents: 10 years.
  • Business correspondence: 6 years.
  • Geolocation data and system logs: maximum 12 months.

2.4 Rights of Data Subjects

You have the right to access, rectification, erasure, restriction of processing, data portability, and objection. You have the right to object to direct marketing at any time. You also have the right to lodge a complaint with a supervisory authority.

2.5 Requirement to Provide Data and Profiling

The provision of data is a contractual requirement for the conclusion and performance of the contract. The provision of data for marketing purposes is voluntary. Your data is not processed automatically and is not subject to profiling.

2.6 Transfer of Personal Data Outside the EEA

Your data may be transferred to third countries. The Controller ensures that this is done only on the basis of lawful safeguards under Chapter V GDPR.

3. Information Clause for Employees

The Controller of your personal data is DAGO Express GmbH, Karl-Marx-Straße 193, 15230 Frankfurt (Oder), Germany.

For data protection matters: [email protected]

3.1 Purposes and Legal Bases for Processing

For contract performance (Art. 6(1)(b) GDPR): - Performance of the employment contract; - Ensuring information protection; - Provision of employer’s equipment.

For compliance with legal obligations (Art. 6(1)(c) GDPR and Art. 9(2)(b) GDPR): - Calculation and payment of salaries; - Contract settlement (social insurance, taxes, accounting); - Health and safety obligations; - Maintenance of personnel files; - Social insurance and tax obligations.

For legitimate interests (Art. 6(1)(f) GDPR): - Ensuring business continuity; - Establishment of claims; - Personnel management; - Ensuring security; - Work organisation.

3.2 Recipients of Data

  • Legally authorised bodies: social insurance institutions, tax office, employment agencies, health and safety authorities;
  • Works Council – according to the Works Constitution Act (Betriebsverfassungsgesetz);
  • Business partners – only business data (name, position, business email);
  • Processors: email services, hosting, IT support, legal advice, employee benefits, group insurance.

3.3 Retention Period

  • Establishment of claims: up to 3 years;
  • Accounting, tax and payroll documents: 10 years;
  • Other personnel and business documents: up to 6 years.

3.4 Rights of Data Subjects

You have the right to access, rectification, erasure (right to be forgotten), restriction of processing, data portability, and objection. Where processing is based on consent, you may withdraw it at any time. You also have the right to lodge a complaint with a supervisory authority.

3.5 Requirement to Provide Data

The provision of personal data in connection with employment is a statutory requirement. Failure to provide data will make it impossible to conclude and perform the contract.

3.6 Transfer of Personal Data Outside the EEA

As a rule, employee data is not transferred outside the EEA. In the event of such a transfer, the Controller applies all obligations provided for in Chapter V GDPR.

4. Information Clause for Contractors/Freelancers

The Controller of your personal data is DAGO Express GmbH, Karl-Marx-Straße 193, 15230 Frankfurt (Oder), Germany.

For data protection matters: [email protected]

4.1 Purposes and Legal Bases for Processing

  • Performance of the concluded contract – Art. 6(1)(b) GDPR;
  • Compliance with legal obligations – Art. 6(1)(c) GDPR;
  • Legitimate interests (business contacts, protection of claims) – Art. 6(1)(f) GDPR.

4.2 Recipients of Data

Recipients of your data are exclusively: authorised employees, legally authorised institutions, and subcontractors (e.g. IT support, advertising, legal services).

4.3 Retention Period

  • Establishment of claims: up to 3 years;
  • Business correspondence: 6 years;
  • Accounting and tax documents: 10 years.

4.4 Rights of Data Subjects

You have the right to access, rectification, erasure, restriction of processing, data portability, and objection. You also have the right to lodge a complaint with a supervisory authority.

4.5 Requirement to Provide Data and Profiling

The provision of data is a contractual and statutory requirement. Failure to provide data will make it impossible to conclude a contract. Your data is not processed automatically and is not subject to profiling.

4.6 Transfer Outside the EEA

Your data may be transferred to third countries. The Controller ensures that this is done only on the basis of lawful safeguards under Chapter V GDPR.

5. Information Clause for Applicants (Recruitment)

The Controller of your personal data is DAGO Express GmbH, Karl-Marx-Straße 193, 15230 Frankfurt (Oder), Germany.

For data protection matters: [email protected]

5.1 Purposes and Legal Bases for Processing

  • Conducting the recruitment process – Art. 6(1)(a), (b) and (c) GDPR;
  • Establishment, exercise or defence of legal claims – Art. 6(1)(f) GDPR;
  • With separate consent for future recruitment – Art. 6(1)(a) GDPR.

5.2 Recipients of Data

Recipients of your data are exclusively: authorised employees, legally authorised institutions, and subcontractors (e.g. IT support, legal services).

5.3 Retention Period

  • For establishment of claims: up to 3 years after the end of recruitment;
  • With consent for future recruitment: 12 months after the end of current recruitment.

5.4 Rights of Data Subjects

You have the right to access, rectification, erasure, restriction of processing, data portability, and objection. Where processing is based on consent, you may withdraw it at any time. You also have the right to lodge a complaint with a supervisory authority.

5.5 Requirement to Provide Data and Profiling

The provision of data within the scope required by labour law (name, date of birth, education, employment history) is a statutory requirement. Failure to provide this data will make participation in recruitment impossible. Your data is not processed automatically and is not subject to profiling.

5.6 Transfer Outside the EEA

Your data may be transferred to third countries. The Controller ensures that this is done only on the basis of lawful safeguards under Chapter V GDPR.

6. Information Clause for the Contact Form

The Controller of your personal data is DAGO Express GmbH, Karl-Marx-Straße 193, 15230 Frankfurt (Oder), Germany.

For data protection matters: [email protected]

6.1 Purposes and Legal Bases for Processing

Your personal data is processed for the purpose of responding to enquiries submitted via the contact form. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in responding to enquiries).

6.2 Recipients of Data

Recipients of your data are exclusively: authorised employees, legally authorised institutions, and subcontractors (e.g. IT support, advertising, legal services).

6.3 Retention Period

Your data is stored for the time necessary to respond to the enquiry. For enquiries of a business correspondence nature, data is stored for 6 years in accordance with the German Commercial Code.

6.4 Rights of Data Subjects

You have the right to access, rectification, erasure, restriction of processing, data portability, and objection. You also have the right to lodge a complaint with a supervisory authority.

6.5 Requirement to Provide Data and Profiling

The provision of personal data (in particular name and email address) is voluntary but necessary in order to respond to your enquiry. Your data is not processed automatically and is not subject to profiling.

6.6 Transfer Outside the EEA

Your data may be transferred to third countries. The Controller ensures that this is done only on the basis of lawful safeguards under Chapter V GDPR.

7. Information Clause for Transport Partners (GPS Monitoring)

The Controller of your personal data is DAGO Express GmbH, Karl-Marx-Straße 193, 15230 Frankfurt (Oder), Germany.

For data protection matters: [email protected]

7.1 Purposes and Legal Bases for Processing

  • Execution of transport/forwarding orders – Art. 6(1)(b) or (f) GDPR;
  • Monitoring of routes and GPS location (order supervision, logistics optimisation, cargo security) – Art. 6(1)(f) GDPR;
  • Proper operational support (communication, instructions) – Art. 6(1)(f) GDPR;
  • Establishment, exercise or defence of claims – Art. 6(1)(f) GDPR;
  • Compliance with legal obligations (data subject requests, archiving) – Art. 6(1)(c) GDPR.

7.2 Recipients of Data

  • Customers: to the extent necessary for order fulfilment (driver name, phone number, vehicle location);
  • Supporting service providers: IT providers, insurers, law firms, accounting/HR service providers;
  • Public authorities: authorised state and regulatory authorities upon request.

7.3 Retention Period

  • For the duration of cooperation and full order completion;
  • For the limitation period for contractual claims;
  • GPS monitoring data: up to 30 days after order completion;
  • For statutory archiving and tax retention periods.

7.4 Rights of Data Subjects

You have the right to access, rectification, erasure, restriction of processing, data portability, and objection. You also have the right to lodge a complaint with a supervisory authority.

7.5 Requirement to Provide Data

The provision of your data is a contractual requirement for the execution of transport orders. Failure to provide data (including GPS location data) may make service provision impossible and lead to termination of cooperation.

7.6 Transfer Outside the EEA

Your data may be transferred to third countries. The Controller ensures that this is done only on the basis of lawful safeguards under Chapter V GDPR.

8. Information Clause for Social Media

The Controller of your personal data is DAGO Express GmbH, Karl-Marx-Straße 193, 15230 Frankfurt (Oder), Germany.

For data protection matters: [email protected]

Joint Controllership / Independent Controllers:

  • Facebook and Instagram: Joint controllership with Meta Platforms Ireland Limited for statistical purposes (Audience Insights).
  • LinkedIn: LinkedIn Ireland Unlimited Company is an independent controller.
  • YouTube: Google Ireland is an independent controller.
  • X (Twitter): Twitter International Unlimited Company is an independent controller.
  • TikTok: TikTok Technology Limited is an independent controller.

8.1 Purposes and Legal Bases for Processing

  • Provision of innovative services – Art. 6(1)(f) GDPR;
  • Responding to enquiries and comments – Art. 6(1)(f) GDPR;
  • Statistical analysis and communication improvement – Art. 6(1)(f) GDPR;
  • Establishment of legal claims – Art. 6(1)(f) GDPR.

8.2 Recipients of Data

Recipients of your data include: legally authorised institutions, external service providers, and the respective platform operators (Meta, Google, Microsoft, TikTok, etc.).

8.3 Retention Period

Your data is stored for as long as necessary for the processing purposes or until you request deletion. For protection of claims up to 3 years.

8.4 Rights of Data Subjects

You have the right to access, rectification, erasure, restriction of processing, data portability, and objection. You also have the right to lodge a complaint with a supervisory authority. You may exercise your rights against both the Controller and the respective platform operator.

8.5 Requirement to Provide Data

The use of social media profiles is voluntary. Processing is carried out in accordance with the terms of use of the respective platform.

8.6 Transfer Outside the EEA

Your data may be transferred by platform operators to third countries. The Controller and platform operators ensure that this is done only on the basis of lawful safeguards under Chapter V GDPR.

Courier in UK & all over Europe
This is what distinguishes our company
Bewertung des KurierdienstesCO2 neutral gehostet
exit-upchevron-right