CUSTOMER PRIVACY NOTICE

This customer privacy notice (here after the “Notice”) sets out details on how Personal Data (as defined in Section 1 below) relating to you will be handled by companies from the Redspher Group as data controllers (collectively “Redspher”, “us” or “we”). The affiliates of the Redspher Group which handle Personal Data (here after the “Redspher Companies”) are listed in Annex 11 .

This Notice describes what data we collect about you, how we collect that data, for what purposes we use it, the legal bases for processing, to whom we may disclose the data and how you can exercise your rights, as well as other information necessary to ensure fair and transparent processing of your Personal Data. Please read this Notice before providing Personal Data to us. This policy covers both online and offline data collection.

Key Information

Redspher Companies, as data controllers, collect and use Personal Data that you provide as part of your interaction with us, together with additional Personal Data that we collect when you (or your company) register as a customer and throughout the course of providing services to you (or your company), e.g. when we operate as an intermediary between you and a carrier for the provision of the most suitable transport services.

The Personal Data we collect is used primarily for providing you with marketing and communication material upon your request, for managing our website, and then performing our obligations under customer service contracts and applicable law. All purposes and legal bases for such processing are detailed in this notice.

You have rights with respect to your Personal Data, which are described in Section 6 of this notice. To obtain further information or ask any questions regarding these rights, or if you have any queries regarding Redspher’ processing of your Personal Data, please send an email to dataprivacy@redspher.com.

1. PERSONAL DATA WE COLLECT AND FOR WHAT PURPOSES

We may collect “Personal Data”, which is information that either directly identifies you or could be used in combination with other information to identify you.

Personal Data that we collect includes:

If you do not provide us with such information, we may not be able to enter into or perform our contract with you (or your company). We will inform you when providing your Personal Data that it is necessary and what the effects will be on our relationship if you do not provide it

2. WHAT ARE REDSPHER’S LEGAL BASES FOR PROCESSING YOUR PERSONAL DATA?

To process your Personal Data lawfully, we will be relying on one of the following legal bases:

3. SOURCES OF PERSONAL DATA

Your Personal Data is primarily provided to us directly by you (for example, through the contact form on our website, through emails you send or through verbal information). From time to time, we may receive Personal Data about you from third parties (for instance, other customers and business partners).

In some circumstances, Personal Data may be collected indirectly from monitoring devices or by other means, for example, via email and websites access logs, if and to the extent permitted by applicable laws

4. WHO HAS ACCESS TO YOUR PERSONAL DATA?

We may disclose your Personal Data, where permitted by applicable law and on a need-to-know basis, to entities within the Redspher Group, our relevant service providers and/or other third parties including:

Where these third parties act as a data processor, they carry out their tasks on our behalf and upon our instructions for the above mentioned purposes.

Where applicable, you are entitled, upon a written request sent via email to dataprivacy@redspher.com, to receive a copy of the list of providers and/or other third parties processing your Personal Data.

5. WILL REDSPHER TRANSFER YOUR PERSONAL DATA OUTSIDE OF THE EU/EEA?

We may share your data within the Redspher Group or with third party vendors and carriers, as indicated above, where necessary to provide you with our services.

Some Redspher Group entities, vendors or carriers may be located outside the EU/EEA, in countries which do not offer the same level of protection to your Personal Data. Internal transfers within the Redspher Group as well as transfers to third party vendors or carriers located outside the EU/EEA will be made pursuant to agreements that incorporate appropriate safeguards (for example the European Commission-approved Standard Contractual Clauses).

Where applicable, you are entitled, upon a written request sent via email to dataprivacy@redspher.com, to receive a copy of the relevant provisions of the contract that have been taken to protect your Personal Data.

Transfers of Personal Data in accordance with this Section 5 are based on the same legal grounds as applicable for the respective purposes of processing as set forth in Section 1 above.

6. WHAT ARE YOUR RIGHTS WITH RESPECT TO YOUR PERSONAL DATA?

You have a number of rights in relation to your Personal Data, which are set out below.

7. HOW SECURE IS THE PERSONAL DATA YOU PROVIDE?

We implement physical, technical and administrative security standards designed to protect your Personal Data from loss, misuse, alteration, unauthorized access, destruction or damage.

We take steps to limit access to your Personal Data to those individuals who need to have access to it for one of the purposes listed in Section 1.

However, no Internet transmission is ever fully secure or error free. In particular, Personal Data sent using email or our websites (e.g., via the contact form) may not be secure. You should take special care before deciding to send us information via email or our websites. For instance, if you create an account on Redspher websites, it is your responsibility to protect your access credentials from unauthorized use.

8. FOR HOW LONG DOES REDSPHER RETAIN YOUR PERSONAL DATA?

We retain your Personal Data for no longer than is necessary for the purposes for which the Personal Data are processed, which will in many cases be for the period during which we have a business relationship with you. We may retain your Personal Data for longer periods of time corresponding to:

This is done to ensure that we have an accurate record of your dealings with us in the event of any complaints or claims, or where we are required to do so in accordance with legal, tax and/or accounting requirements, or if required to do so by a legal process, legal authority, or other governmental entity having authority to make the request.

9. GENERAL

This Notice only applies to Redspher customer data processing, including those performed on our websites. Redspher websites also may contain hyperlinks to third party websites and online resources. We do not endorse nor are responsible for the content of such third-party websites and resources. Our privacy notice does not apply to any sites that are not affiliated with Redspher, even if you access them via a hyperlink on any of our websites.

The policy we have outlined here is current as of August 2019. Redspher reserves the right to amend this notice at its discretion. When changes are made, we will post the updated notice and the date of revision.

Last update: August 2019