Convelio complies with the Data Protection Legislation as defined by European Union law with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and in the United Kingdom by the Data Protection Bill. The protection measures implemented here also comply with other regulations worldwide such as the California Consumer Privacy Act (“CCPA”).
Why do we collect and use your personal information?
Your personal information is included in the purchasing contract you agreed to when transacting with our partner. Part of that contract relates to your shipment that we are organizing as a freight forwarder.
What type of information do we collect?
In order to provide you with our shipping services, we collect the following information:
Your company name, if any;
Your email address;
Your phone number;
Your payment information or bank account;
Your credit card number;
A copy of your ID (for natural persons who import goods and are located in some countries requiring the ID copy in accordance with local legislation);
Your mail address;
The goods transported;
Your access door code, if any;
Your house number, if any;
Your flat number, if any;
Our voice conversation, if any;
If the purchase is done on behalf of a company, the EORI number;
If the purchase is done on behalf of a company, the VAT number;
Your customer reference number.
How do we collect your personal information?
We only use the personal information you provided to our partner when transacting with him and choosing your shipment services.
How do we use your personal information?
In order to process this information and provide you with relevant services, we share your information with the following recipients:
Convelio team and affiliates, but only duly authorized individuals.
Our shipment suppliers in order to deliver your goods
Software processors that we use as our hosting services, CRM and client management tools providers, order tracking and customs clearance tools, payment management tools, emailing and internal messaging systems, calling applications, data analysis and processing tools
When we need to transfer your personal data outside of the European Union, the transfer relies on one of the following mechanisms:
Standard contractual clauses approved by the European Commission which regulate the transfer of personal data outside of the EU between the different entities of Convelio Group (in order to provide you with the quickest answer as possible)
Transfers are necessary for any order with a pickup or destination outside of the EU, or the UK, and strict warranties are required contractually from all our suppliers
We sign standard contractual clauses with our IT services providers, who may locate their storage servers and data centres or their maintenance team in the US or other countries.
Convelio has taken all necessary and adequate measures to ensure a level of protection and security of personal data in accordance with the prerequisites imposed by European Union law and the applicable regulation.
How long do we retain your personal information?
In accordance with applicable regulations and legislation:
We need to retain information and documents relating to a specific order for 5 years after that order is fulfilled
Voice conversations, if any, are deleted at latest two months after the phone call takes place.
Invoice information, order confirmation and accounting documents are retained for a duration of 10 years.
What are your rights regarding your personal information?
Identity and contact details of data controller:
Convelio is the data controller and you can request any information by writing to email@example.com or CONVELIO - WeWork 198 Avenue de France, 75013, Paris, France.
The partner you entered into contract with is also acting as a data controller and you could directly request information to them about their usage of your personal information.
Rights of the data subject (within the limits of the regulations and legislation in force)
right to be informed: you have the right to know all necessary information about your personal data processing. For additional questions, please contact our team.
right to access: you can ask for a copy of your personal data any time
right to rectification: if information we have about you is incorrect or incomplete, please let us know and we will make the correction immediately.
right to erasure or right to be forgotten: you can ask for us to delete your personal information from our databases any time, unless we must retain them for legal reasons (invoices, order confirmations, etc.)
right to data portability: you can ask for your personal data with the intention of sending it to other providers.
right to object: you can deny us the right to use your personal data for marketing and commercial purposes. This would enable us to retain your personal information but not contact you for commercial purposes. However we may need to retain your personal data to process and complete your orders. Objection to commercial prospection by email can be done with the unsubscription link at the bottom of our emails.
Right to restrict processing of personal data in the cases provided for by law and regulation.
For any of these situations, please send an email to firstname.lastname@example.org or a post request to CONVELIO - WeWork 198 Avenue de France, 75013, Paris, France. Depending on the request, we may ask you to provide proof of identification.
You have the right to lodge a complaint to a regulatory authority for any potential misuse.