Products

Products

Container Brokers

Container Brokers

Looking to buy or sell containers?

Our expert brokers are here to help. Get personalized advice, market insights, and real-time offers tailored to your needs.

Contact Broker Book a demo for our marketplace
Pricing Reviews
Resources

Stay Up-to-date

Use for free

Other

Featured

How Pier Containers (US) grew their family-owned container business with xChange

Success story

How Pier Containers (US) grew their family-owned container business with xChange

Login
EN CN
Contact us

Products

Container Brokers

Container Brokers

Looking to buy or sell containers?

Our expert brokers are here to help. Get personalized advice, market insights, and real-time offers tailored to your needs.

Contact Broker Book a demo for our marketplace

Stay Up-to-date

Use for free

Other

Featured

How Pier Containers (US) grew their family-owned container business with xChange

Success story

How Pier Containers (US) grew their family-owned container business with xChange

Privacy Policy

Privacy Policy
Last updated: 01, Aug. 2025

We at xChange Solutions GmbH are committed to protecting your personal data. This Privacy Policy explains how we process your personal information, for what purposes, and what rights you have under applicable data protection laws including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA/CPRA), and others.

1. Name and Contact Details of the Responsible Party

xChange Solutions GmbH
 Represented by: Johannes Schlingmeier
 Neue Burg 1, 20457 Hamburg, Germany

2. Data Protection Officer

External Data Protection Officer
 ePrivacy GmbH
 Represented by: Prof. Dr. Christoph Bauer
 Große Bleichen 21, 20354 Hamburg, Germany

For general inquiries: jsc@container-xchange.com
 For sensitive matters, please contact our Data Protection Officer by post. Email may not be secure. Mention that your request concerns xChange Solutions GmbH.

3. Categories of Personal Data We Process

We may collect and process the following categories of personal data:

  • Contact information (e.g., name, email, phone number, address)
  • Account and login details (e.g., usernames, hashed passwords)
  • Communication data (e.g., emails, support tickets, chat transcripts)
  • Payment details (e.g., IBAN, credit card number, billing address)
  • Contract-related data (e.g., signed agreements via Docusign)
  • Online identifiers (e.g., cookie IDs, IP addresses, browser/device data)
  • Usage data (e.g., Google Analytics, Mixpanel, Segment events)

4. Purpose of Processing

Your personal data is processed for the following purposes:

  • Providing, maintaining, and improving our services and digital products
  • Managing customer relationships and support interactions
  • Processing contracts, invoices, and payments
  • Sending newsletters and marketing communications (if consented)
  • Product analytics and feature optimization
  • Ensuring IT security, fraud prevention, and legal compliance

5. Legal Basis for Processing

We rely on the following legal bases:

  • Your explicit consent (Art. 6(1)(a) GDPR)
  • Contractual necessity (Art. 6(1)(b) GDPR)
  • Compliance with legal obligations (Art. 6(1)(c) GDPR)
  • Our legitimate interests (Art. 6(1)(f) GDPR), such as improving services and ensuring system security

6. Cookies and Tracking Technologies

We use cookies and similar technologies for core functionality, analytics, and marketing.

Cookie Consent:

  • Website visitors: A cookie consent banner allows users to manage preferences before non-essential cookies are set.
  • Subscription platform users: Acceptance of cookies is governed by our Terms of Use and this Privacy Policy.

You can manage or revoke cookie consent through your browser settings at any time.

7. Data Recipients (Processors & Partners)

We work with trusted service providers that process data on our behalf. These include:

Customer Support: Zendesk
 Email, Calls, SMS: Twilio, Zoom
 CRM: Pipedrive CRM
 Analytics: Google Analytics, Twilio Segment, Mixpanel
 Hosting & Infrastructure: AWS, Raidboxes, Fly.io
 AI & LLMs: OpenAI, Google Gemini
 Document Signing: Docusign
 Payments: Stripe, Wise, PayPal

All providers act under Data Processing Agreements (DPAs), and where necessary, Standard Contractual Clauses (SCCs) are in place to ensure data protection.

8. Use of AI and Language Models (LLMs)

We use Large Language Models (LLMs), such as OpenAI and Google Gemini, to enhance selected features including:

  • Summarizing support tickets
  • Generating content drafts
  • Assisting internal productivity tools

These models may process minimal user data. Data is:

  • Pseudonymized or minimized where possible
  • Not used for LLM training unless explicitly agreed
  • Processed under GDPR-compliant terms, with no long-term storage by the model provider

9. International Data Transfers

Some data may be transferred to countries outside the European Economic Area (EEA), including:

  • United States: OpenAI, Google, Twilio, Zendesk

We use EU Standard Contractual Clauses (SCCs) and additional safeguards to ensure adequate protection of personal data.

10. Data Retention

We retain personal data only as long as necessary for the purposes for which it was collected or to meet legal requirements:

  • Based on consent: until withdrawal
  • Based on contracts: as long as the agreement is in effect
  • Based on legal obligations: as required by tax, commercial, or other laws
  • Based on legitimate interests: until your objection or when data is no longer needed

11. Your Rights

You have the following rights regarding your personal data:

  • Access your data and details about its processing
  • Correct or complete inaccurate or incomplete data
  • Delete your data (“right to be forgotten”)
  • Restrict processing in certain situations
  • Object to processing based on legitimate interests
  • Withdraw your consent at any time
  • Receive your data in a portable format (data portability)
  • File a complaint with a supervisory authority

12. How to Exercise Your Rights

You can exercise your rights at any time by contacting us at jsc@container-xchange.com with the subject line:
 “Data Request – [Your Full Name]”

We may require identity verification before fulfilling certain requests. We will respond within the timelines required by applicable laws.

13. California Consumer Privacy (CCPA/CPRA)

If you are a resident of California, you have additional rights under the California Consumer Privacy Act (CCPA/CPRA), including:

  • The right to request disclosure of the categories and specific pieces of personal information collected
  • The right to request deletion of your personal information
  • The right to opt out of the “sale” or “sharing” of personal information

We do not “sell” or “share” your personal information with third parties as defined by the CCPA/CPRA. If this changes, we will update this Privacy Policy and provide a mechanism to opt out.

14. Children’s Privacy

Our services are not directed to or intended for use by children under the age of 16 (or 13, where applicable under U.S. law). We do not knowingly collect personal data from children. If we become aware that a child has provided us with personal data, we will delete it immediately.

15. Updates to This Privacy Policy

This policy may be updated due to changes in regulations or services. The latest version is always published on our website. It is effective from the “Last Updated” date shown above.

16. Contact

If you have questions or requests regarding this Privacy Policy, please contact:

Email: jsc@container-xchange.com
 Post:
 Data Protection Officer
 ePrivacy GmbH
 Große Bleichen 21
 20354 Hamburg
 Germany