Convelio complies with the Data Protection Legislation as defined by European Union law with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and in the United Kingdom by the Data Protection Bill. The protection measures implemented here also comply with other regulations worldwide such as the California Consumer Privacy Act (“CCPA”).
Why do we collect and use your personal information?
Your personal information is included in the purchasing contract you agreed to when transacting on our partner website. Part of that contract relates to your shipment that we are organizing as a freight forwarder.
We may use your personal information to provide quotes when requested. This processing relies on the execution of pre-contractual measures.
We also execute statistical analyses but only on anonymized data.
What type of information do we collect?
In order to provide you with our shipping services, we collect the following information:
Your company name, if any;
Your email address;
Your phone number;
A copy of your ID (for natural persons who import goods and are located in some countries requiring the ID copy in accordance with local legislation);
Your mail address;
The goods transported;
Your access door code, if any;
Your house number, if any;
Your flat number, if any;
Our voice conversation, if any;
If the purchase is done on behalf of a company, the EORI number;
If the purchase is done on behalf of a company, the VAT number;
Your customer reference number.
How do we collect your personal information?
Your personal data has been transferred to us by a partner who integrated our technology. You may have used our technology on their platform.
How do we use your personal information?
In order to process this information and provide you with relevant services, we share your information with the following recipients:
Convelio team and affiliates, but only duly authorized individuals.
Our shipment suppliers in order to deliver your goods
Software processors that we use as our hosting services, CRM and client management tools providers, order tracking and customs clearance tools, emailing and internal messaging systems, calling applications, data analysis and processing tools, logging applications
When we need to transfer your personal data outside of the European Union, the transfer relies on one of the following mechanisms:
Standard contractual clauses approved by the European Commission which regulate the transfer of personal data outside of the EU between the different entities of Convelio Group (in order to provide you with the quickest answer as possible)
Transfers are necessary in the case of an order or quote request with a pickup or destination outside of the EU, or the UK. In that case, we require strict contractual warranties from our suppliers.
We sign standard contractual clauses with our IT services providers, who may locate their storage servers and data centres or their maintenance team in the US or other countries.
Convelio has taken all necessary and adequate measures to ensure a level of protection and security of personal data in accordance with the prerequisites imposed by European Union law and the applicable regulation.
How long do we retain your personal information?
In accordance with applicable regulations and legislation:
We need to retain information and documents relating to a specific order for 5 years after that order is fulfilled
Voice conversations, if any, are deleted at latest two months after the phone call takes place.
Invoice information, order confirmation and accounting documents are retained for a duration of 10 years.
What are your rights regarding your personal information?
Identity and contact details of data controller:
Convelio is a joint data controller and you can request any information by writing to email@example.com or 68 avenue Parmentier 75011 Paris FRANCE
The other joint controller is the partner that is using our API and you could directly request information to them about their usage of your personal information.
Rights of the data subject (within the limits of the regulations and legislation in force)
right to be informed:you have the right to know all necessary information about your personal data processing. For additional questions, please contact our team.
right to access: you can ask for a copy of your personal data any time
right to rectification: if information we have about you is incorrect or incomplete, please let us know and we will make the correction immediately.
right to erasure or right to be forgotten: you can ask for us to delete your personal information from our databases any time, unless we must retain them for legal reasons (invoices, order confirmations, etc.)
right to data portability: you can ask for your personal data with the intention of sending it to other providers.
Right to restrict processing of personal data in the cases provided for by law and regulation.
For any of these situations, please send an email to firstname.lastname@example.org or a post request to 68 avenue Parmentier, 75011 PARIS FRANCE. Depending on the request, we may ask you to provide proof of identification.
You have the right to lodge a complaint to a regulatory authority for any potential misuse.