- Identity of operator/processor
- Scope of application
- Relation between Us and the Client and between Us and the data subjects
- PD collected
- PD processing activities
- Use of the PD
- Basis of PD processing
- Sources of PD
- Storage and erasure of PD
- Transfer of PD to third parties and countries outside the EU
- Rights of the data subjects
The logistia.app website, mobile applications and related services (the “Platform”) are operated by FESPORE IT SRL, headquartered in Bucharest, District 4, No. 17 Sold. Nicolae Barbu Alley, Floor 2, Apt. 10, email: email@example.com (“Us”, “We”).
Vlad Retca: email at: firstname.lastname@example.org; post to: Bucharest, District 4, No. 17 Sold. Nicolae Barbu Alley, Floor 2, Apt. 10.
The legal relation for providing the services of the Platform is between Us and a legal entity (“Client/Clients”).
1. Platform Users – natural persons that are representatives of the Client and have registered an account on the Platform. Platform User Notice [link].
2. Client Drivers – natural persons that are employed by the Client for delivery. Client Driver Notice [link].
3. Platform Visitors and Email Senders – natural persons that only visit the site or send emails. Client Representative quality prevails over Platform Visitor and Email Senders quality. Platform Visitor and Email Sender Notice [link].
4. Client Business Partners – natural persons (suppliers, recipients, etc.) or representatives of the Client suppliers, recipients, etc. Client Business Partner notice [link].
If you are a data subject, you can view the PD processed and your rights in the section that applies to you (Platform User, Client Drivers, Platform Visitor or Email Sender, Client Business Partners).
If you are a Client, in almost all of the processing of PD is done by Us as processor under your direction as controller.
In some limited cases PD (contact data, login credentials, invoicing, etc.) is processed by us as independent controller.
We will process PD in accordance with the Client instructions. We reserve the right to refuse the carrying out of instructions of the Client that violate the GDPR or the rights of the data subjects. We will inform the Client when the instructions issued violate the GDPR or the rights of the data subjects. Please note that almost all of the relevant operations can be carried out via the Platform.
We will inform the Client and the Client will inform Us about PD requests from data subjects and both Us and the Client will ensure a legal and coherent response to the data subject requests.
We will make available upon request to the Client all information necessary to demonstrate compliance with the obligations laid down in GDPR and allow for and contribute to audits, including inspections, conducted by the Client or another auditor mandated by the controller.
If security breaches relevant for the PD provided by the Client, We will inform the Client in his capacity as controller to ensure compliance with the GDPR.
You, the Client, authorize Us to engage sub-processors.
You, the Client, authorize Us to transfer PD to third countries outside the EU using appropriate safeguards.
You, the Client, represent and warrant that you will inform all relevant data subjects about the PD processing and their respective rights. In this regard you will provide at least the information contained in the notices mentioned in section 3. In particular, you will provide information about the GPS processing of Drivers and Platform Users. We can provide the DPIA upon request to ensure the documentation of this processing.
When operating the Platform, we collect PD like: name, email, telephone, logon credentials, address, geolocation, cookies, IP, browser data, deliveries and other PD as needed for providing the service.
The following processing activities will be carried out by us: access to PD by authorized persons, storage of PD in the physical archive or in electronic format, on our infrastructure or the infrastructure of sub-processors, transfer of PD to said third parties, other processing operations carried out for the purpose and on the basis of those grounds.
We use the collected PD to: create the user account, to process payments, to invoice, to manage, drivers and client business partners (suppliers, receivers, etc.), to manage stocks, to calculate routes, to track deliveries, add new functionalities to the Platform as they are developed.
PD is processed on the basis of:
art. 6 (1) (a) GDPR – the processing is performed based on the consent of the data subject;
art. 6 (1) (c) GDPR – the processing is necessary for the fulfillment of the legal obligations of the Operator regarding archiving, taxing and other similar obligations;
art. 6 (1) (f) GDPR – the processing is necessary to achieve the legitimate interest of the Operator to pursue its business activity.
PD is obtained from the Client, from the data subject, from the integrated services and from the cookies.
PD is stored on our infrastructure and on the infrastructure of the service providers.
We will store the minimum amount of PD to ensure the functionality of the Platform.
The PD is also erased when an erasure request is received and all the conditions above are meet.
We transfer PD to third countries like USA, Canada, Switzerland and others based on appropriate safeguards.
We review the privacy policies, practices and technologies of our service providers periodically to ensure that such transfers are in accordance with the GDPR.