Convelio complies with the Data Protection Legislation as defined by European Union law with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and in the United Kingdom by the Data Protection Bill. The protection measures implemented here also comply with other regulations worldwide such as the California Consumer Privacy Act (“CCPA”).
Why do we collect and use your personal information?
Your personal information is used as part of the service contract agreed for you to perform shipping services on our behalf.
We may also use your personal information when your service contract is about to be signed, during the execution of pre-contractual measures.
We might use your personal data later on in order to understand how you use our services, to improve the quality of our service, and to offer you and our clients improved and personalized services to manage order delivery, and thus is in our legitimate interest.
We also execute statistical analyses but only on anonymized data.
What type of information do we collect?
In order to execute the service contract we agreed on, we need the following information:
Your company name, if any;
Your email address;
Your phone number;
The contact job title;
Your payment information or bank account;
Your mail address;
Your EORI number;
Your VAT number;
Our voice conversation, if any;
Activity logs on Convelio shipping platforms, if any.
How do we collect your personal information?
We only use the personal information you provided when developing the commercial relationship.
How do we use your personal information?
In order to process this information and provide you with relevant services to perform, we share your information with the following recipients:
Convelio team and affiliates, but only duly authorized individuals.
Our shipment and customs suppliers, in order to proceed with the previous and next steps of the logistics chain
The orders’ client, pickup or dropoff contact points if you are in need to get in touch with them
Software processors that we use as our hosting services, VRM and vendor management tools providers, order tracking tools, emailing and internal messaging systems, calling applications, data analysis and processing tools
When we need to transfer your personal data outside of the European Union, the transfer relies on one of the following mechanisms:
Standard contractual clauses approved by the European Commission which regulate the transfer of personal data outside of the EU between the different entities of Convelio Group (in order to provide you with the quickest answer as possible)
Transfers are necessary for any order where the preceding or following supplier in the logistic chain is located outside of the EU, or the UK. In that case, we require strict contractual warranties from our suppliers.
We sign standard contractual clauses with our IT services providers, who may locate their storage servers and data centres or their maintenance team in the US or other countries.
Convelio has taken all necessary and adequate measures to ensure a level of protection and security of personal data in accordance with the prerequisites imposed by European Union law and the applicable regulation.
How long do we retain your personal information?
In accordance with applicable regulations and legislation:
We need to retain information and documents relating to a specific order for 5 years after that order is fulfilled
We retain all your contact information for 3 years after the end of our commercial relationship, meaning our last contact
Voice conversations, if any, are deleted at latest two months after the phone call takes place.
Activity logs on the shipping platforms, if any, are deleted 6 months after collection.
Invoice information, proof of pickup or delivery and order confirmations are retained for a duration of 10 years.
What are your rights regarding your personal information?
Identity and contact details of data controller:
Convelio is the data controller and you can request any information by writing to firstname.lastname@example.org or CONVELIO - WeWork 198 Avenue de France, 75013, Paris, France.
Rights of the data subject (within the limits of the regulations and legislation in force)
right to be informed: you have the right to know all necessary information about your personal data processing. For additional questions, please contact our team.
right to access: you can ask for a copy of your personal data any time
right to rectification: if information we have about you is incorrect or incomplete, please let us know and we will make the correction immediately.
right to erasure or right to be forgotten: you can ask for us to delete your personal information from our databases any time, unless we must retain them for legal reasons (invoices, order confirmations, etc.)
right to data portability: you can ask for your personal data with the intention of sending it to other providers.
Right to restrict processing of personal data in the cases provided for by law and regulation.
For any of these situations, please send an email to email@example.com or a post request to CONVELIO - WeWork 198 Avenue de France, 75013, Paris, France. Depending on the request, we may ask you to provide proof of identification.
You have the right to lodge a complaint to a regulatory authority for any potential misuse.