Privacy Policy

This Privacy Policy applies to the processing of personal data by CargoPoint (“Controller”, “we”, “us”, “our”) and describes how and for what purposes we process your personal data as a User Representative, Driver, Recipient, website visitor and the personal data of others on the CargoPoint Website and CargoPoint Applications (the “Platform”). This policy also describes how a person can exercise his or her rights as a data subject. We process personal data in accordance with the General Data Protection Regulation (“GDPR”) and other applicable laws. Unless otherwise stated, the terms used in this Privacy Policy have the same meaning as the terms defined in Article 4 of the GDPR and the terms defined in the CargoPoint General Terms and Conditions.

By using our services provided through the Platform, you acknowledge that you have read our Privacy Policy.

1. What personal data are processed

In order to provide you with our services and to achieve the purposes set out in this Privacy Policy, we process certain personal data relating to you. We have indicated below which categories of personal data we process.

Identification data – may include information such as a person’s name, surname, personal identification number or date of birth, right of representation.

Contact Information – We may process your email address, phone number, and address in order to contact you.

Order data – information about the Cargo (e.g., Cargo description, weight and volume), place and time of loading and unloading of the Cargo, delivery distance, address.

Location data – information about the location and time (GPS data) when driving to the Cargo loading place and performing the Cargo delivery received from the application user’s smart device.

2. How we obtain your personal data

During the provision of our services, we may obtain your personal data directly from you or from third parties. We collect some of your personal data from you when you use the features of the Platform, or the information is provided to us by Users you represent or work for.

Information about a shipment to Recipients who are not the Sender is received from the Sender in order to be able to execute Orders.

3. For what purposes and on what legal basis are your data processed?

In this section, we provide you with details of the purposes for which we may process different categories of personal data, as well as identify the legal basis on which we process your personal data.

Aim Category of personal data Legal basis
Entering into a CargoPoint Agreement and creating a User Account User Representative Identification Data, Contact Information When acting as a representative of the User, the processing of your data is based on our legitimate interest in being able to fulfill the agreement entered into with the User you represent and to verify your right to represent the User (GDPR 6.1.f.).
Authentication and Management of Administrators, Managers and Drivers on the Platform Identification data and mobile phone numbers of Administrators, Managers and Drivers Legitimate interest in enforcing the agreement entered into with the User and providing access to the Platform (GDPR 6.1.f.).
Preparation and execution of the Order offer Order Details, Recipient or Representative Identification Data and Contact Information, Driver Location Data, Identification Data and Contact Information Legitimate interests to ensure the performance of the contract concluded with the User (GDPR 6.1.f.).
Confirmation of the Order execution using the PIN code system Recipient, User-specified telephone numbers Legitimate interests to ensure and record the performance of the contract concluded with the User (GDPR 6.1.f.).
Preparation and sending of Order fulfillment confirmation, delivery report to the Users and the Recipient Order Data, Identification and Contact Information of the Recipient or its Representative, Location Data of the Driver’s Route, Identification Data and Contact Information, Photographs of the Cargo and of loading / unloading points of the cargo Legitimate interests to ensure the performance of the contract concluded with the User and to ensure obtaining of evidence for the performance of the Order (GDPR 6.1.f.).
Accounting, invoicing Identification data, Order data The processing of transaction documents is our legal obligation (GDPR 6.1.c) arising from the accounting legal framework.
Contacting us, including handling complaints Full name, country, e-mail address, subject and message sent by you It is in our legitimate interest to ensure the quality of the services provided and the Platform and to provide answers to your questions (GDPR 6.1.f.).

 

We may also process your personal data for other lawful purposes if the legal basis of the GDPR complies with doing so, such as if you have given us your consent (GDPR 6.1.a.) or if we have a legitimate interest (GDPR 6.1.f.). If we process your personal data for purposes other than those listed in the table above, we will ensure that such processing is compatible with the purposes for which the personal data were collected. Whenever possible, we will notify you of new data processing purposes.

4. How long we will process your personal data

We will only retain your personal information for as long as is necessary for the purposes set out in this Privacy Policy.

The accounts registered on the platform and the personal data specified therein are processed until Users delete them or until the agreement with us is terminated. Location data records are stored for 1 year and then stored in delivery reports.

If your personal data is included in contracts concluded with us, we may retain this data until termination of the relevant contract and thereafter until the end of the limitation period for any claims arising from such contract, or longer if such retention is for a legitimate purpose (such as for accounting purposes).

Personal data included in accounting data may be stored in accordance with applicable accounting laws, but not for less than five years.

Proofs of Order fulfillment, delivery reports and personal data included therein may be stored for four years from the end of the respective calendar year. The information you provide to us when you contact us may be retained for four years from the end of the last calendar year.

Personal data may also be processed for a longer period if there is a legal basis for this, for example if the applicable law provides for a longer retention period or if this is necessary to resolve a potential or existing dispute.

5. When personal data may be shared with third parties

For the purpose of providing our services, we may share your personal information with Shippers, Suppliers and Recipients involved in the execution of the relevant Order, for example, to ensure receipt and execution of orders. Please note that Shippers, Suppliers and Recipients may process your personal data for their own purposes, including for execution of the Order, confirmation of your authorization under the relevant Order and for other purposes. For complete information about third-party privacy practices, please contact the appropriate Shipper, Supplier and/or Recipient.

We may share your personal information with persons we have authorized and with our partners who assist us in providing our services, such as IT service providers (including but not limited to email service providers, website maintenance services, server providers or maintainers, etc.), marketing service providers, payment service providers and others. When we share your personal information with third parties, we will take all necessary steps to ensure that the third parties provide adequate protection of your personal information.

Additionally, we may share your personal data in the following situations:

  1. Upon founded request, we may, in accordance with the procedures of applicable law, share your personal information with persons authorized by law to obtain it (e.g., investigating authorities);
  2. If necessary to protect our legally protected interests (for example, if a person has violated our interests), we may share personal information with courts, bailiffs or other relevant government agencies;
  3. Where applicable, with our partners, such as auditors, lawyers and other professionals or consultants, financial institutions, insurers; also, on a need-to-know basis, data may be shared with our shareholders, financiers and potential buyers of our business or shares thereof;
  4. To payment service providers to the extent necessary to make or receive payments;
  5. To CargoPoint Group companies for administrative purposes.

We will not share your personal data with third parties unless there is a legitimate purpose and a legitimate basis for doing so.

In certain situations where we interact with third parties (for example, using the services of financial service providers), in addition to this Privacy Policy, the privacy policies of those third parties will also apply to the processing of your personal data. We encourage you to read the relevant privacy policies, however, we do not accept any responsibility for their content.

Finally, if you are acting as a representative of a User or Recipient, we may share your data with the company/person you represent.

6. Information on transfers of personal data outside the EU

We do not process your personal data outside the EU/EEA.

7. Processing of children’s personal data

We do not knowingly collect personally identifiable information from anyone under the age of 18 (“Child” or “Children”). If you have parental responsibility for a child and you know that the child has provided us with personal information, please contact us. If we become aware that we have obtained personal information from a Child without parental consent, we will take the necessary steps to remove that information from our servers and, to the extent possible, not process it further.

8. Automatic decision making

We do not process your personal data in a way that makes automatic decisions about you.

9. Your rights as set forth in the GDPR

In accordance with the General Data Protection Regulation (GDPR), you have certain rights regarding the processing of your personal data. In the situations specified by GDPR, you have the following rights:

  1. (i) Right to access
  2. (ii) Right to amend
  3. (iii) Right to delete
  4. (iv) Right to object
  5. (v) Right to withdraw consent
  6. (vi) Right to restrict the processing of personal data
  7. (vii) Right to data portability

To claim your rights, please contact us by email: info@cargopoint.com. Please note that in order to fulfill your requested rights, we may need to process additional personal data and request identification.

In situations when you are not satisfied with our data processing activities, you always have the right to submit a complaint to the Latvian Data State Inspectorate (e-mail: pasts@dvi.gov.lv; website: www.dvi.gov.lv) or to your national data protection authority. (You can find your data protection authority at: https://edpb.europa.eu/about-edpb/about-edpb/members_en).

10. Changes to the Privacy Policy

We reserve the right to unilaterally update this Privacy Policy at any time. An updated version of the Privacy Policy will be available on our Platform. We encourage you to periodically review this Privacy Policy to be notified of any changes.

11. Controller’s Contact Information

If you have any questions about the processing of personal data or this privacy policy, please contact us by writing to our e-mail address: info@cargopoint.com or using the contact information here:

SIA “Cargopoint”
Registration number: 40203274608
Legal address: Maskavas Street 240-3, Riga, LV-1063, Latvia

This Privacy Policy is effective beginning December 1st, 2021.