For the purposes of the EU General Data Protection Regulation and the UK Data Protection Law 2018 (together the “GDPR”), as well as other applicable privacy laws, Company is a controller of the PII it processes in relation to its customers’ vendors, service providers and business representatives. When Company processes PII on behalf of its customers (such as data regarding customers’ authorized Company platform users or customers’ logistic sites’ staff), Company is a data processor under the GDPR, to the extent applicable. In that case, Company’s customer will be a data controller under the GDPR, and will be responsible to obtain the data subject’s consent or establish any other applicable lawful basis for processing and to ensure that data subjects can exercise their rights set forth in Section 9 below.
YOU OR YOUR DATA SUBJECTS ARE NOT LEGALLY REQUIRED TO PROVIDE US WITH PII, HOWEVER, USE OF THE SERVICES REQUIRES THAT YOU PROVIDE PII. IF YOU CHOOSE TO WITHHOLD ANY PII REQUIRED IN RESPECT THEREOF, IT WILL NOT BE POSSIBLE FOR YOU TO USE THE SERVICES. IF YOU DO NOT AGREE TO THE TERMS AND CONDITIONS SET FORTH HEREIN PLEASE DO NOT USE THE SERVICES.
“PII” means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
- Information We Collect and How We Use It.
In order to provide and operate our Services and provide services in connection therewith, we collect and process PII, including the following types of information:
- Your Account Information. When you subscribe to use the Services we ask you to provide PII, including: Full name, phone number, email address and position at your job.
- Usage Information. We collect all usage information, such as session times, impressions, pages visited etc. This information is retained and processed in order to monitor use of the Services; derive analytics and usage metrics; and improve the Services.
- Video. We receive footage from your sites’ cameras. We use the camera footage and videos in order to monitor activity in your sites and derive insights and reports regarding such activity on our customers’ behalf. We will use such footage in order to monitor objects and individuals in your sites. We track individuals mostly based on their wearables (e.g. type of vest and hat) and their activity (e.g. forklift, cleaner etc.). The main purpose of this footage is to enable our platform to help our customers achieve supply chain accuracy and efficacy by identifying mistakes and bottlenecks and optimizing processes. However, our customer will be responsible to define additional purposes of use of such information, which may include safety, compliance with work regulations, etc.
- WMS. We will also collect and process the data that our customer decide to share with us from its management systems, which may include information such as order number, item per order, time for order, shifts, types and roles of individuals working at the site, the purpose of each locations etc. While such data does not typically contain PII, at our customer’s request we will trace such information to the individuals working on the sites and captured by the footage that our customer provides to us and use such enriched data in order to derive analytics and reports on our customer’s behalf, as described in Section 1.5 below.
- Usage Information. When you use the Services, we automatically receive and record information from your browser, including without limitation information and statistics about your online/offline status, your IP address, geolocation data (including country and city), user login data, device identifiers, internet service provider, connection speed, search history, type of browser, your regional and language settings and software and hardware attributes. Our systems automatically record and store technical information regarding the method and nature of your use of the Services. An IP address is a numeric code that identifies your browser on a network, or in this case, the Internet. Your IP address is also used to gather broad demographic information. The Company uses all of the PII identified in this Section in order to understand the usage trends and preferences of our users, including recent visits to our Services and how you move around different sections of our Services for analytics purposes and in order to make our Services more intuitive.
- User Communications. When you send emails or other communications to the Company, we retain those communications in order to process your inquiries, respond to your requests, provide support and improve our Services.
- Aggregate and Analytical Data. In the effort to produce insights regarding use of the Services in order to improve our services and develop and improve automated processes on our Services, we often conduct research on the information submitted. This research is compiled and analyzed on an aggregate basis, and we share this aggregate data with Company’s affiliates, agents and business partners and also disclose aggregated information in order to describe our services to current and prospective business partners or investors. This aggregate information does not identify you or your customers or employees personally.
In order to collect the data described herein we use temporary cookies that remain on your browser for a limited period of time. We also use persistent cookies that remain on your browser until the Company’s Services are removed, in order to manage and maintain the Services and record your use of the Services. Cookies by themselves cannot be used to discover the identity of the user. A cookie is a small piece of information which is sent to and stored on your browser. Cookies do not damage your browser. Most browsers allow you to block cookies but you may not be able to use some features on the Services if you block them. You may set most browsers to notify you if you receive a cookie (this enables you to decide if you want to accept it or not). We also use web beacons via the Services to collect information. Web beacons or “gifs”, are electronic images that are used in our Services or in our emails. We use Web beacons to deliver cookies, count visits and to tell if an email has been opened and acted upon.
- If any of your data subjects (e.g. employees or customers) are minors under the age of 18, you must obtain parental consent prior to using our Services. The Company will not knowingly contact or engage with children under the age of 18 without said parental consent. If you have reason to believe that a child has provided us with their PII, please contact us at the address given above and we will endeavor to delete that PII from our databases.
- Information Sharing.
- Data Security. We follow generally accepted industry standards to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of PII. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your PII, we cannot guarantee its absolute security. We retain your PII only for as long as reasonably necessary for the purposes for which it was collected or to comply with any applicable legal or ethical reporting or document retention requirements.
- Data Retention.
- Company will retain PII in accordance with its record retention policy. PII associated with our customers and business partners, will be retained for seventy two (72) hours during our engagement, and a period of three months thereafter. Company performs periodic reviews of our databases, and have established specific time limits for data retention, based on the criticality of the PII and the purposes of the data processing. We will also retain PII to meet any audit, compliance and business best-practices.
- PII with respect to which Company is the processor will be deleted only on instruction of the controller, except where such data must be retained by us, in our judgment, as above.
- Rights of Data Subjects.
Subject to certain exemptions or derogations, the following rights may apply to certain individuals (some of which only apply to individuals protected by the GDPR or other applicable data protection laws):
- Right of Access and Rectification. Data subjects have the right to know what PII we collect about them and to ensure that such data is accurate and relevant for the purposes for which we collected it. Subject to our customers’ instructions, we allow data subjects the option to access and obtain a copy of their PII and to rectify such PII if it is not accurate, complete or updated. However we may first ask data subjects to provide us certain credentials to permit us to identify their PII.
- Right to Delete PII or Restrict Processing. Data subjects have the right to delete their PII or restrict its processing. We may postpone or deny such requests if the PII is in current use for the purposes for which it was collected or for other legitimate purposes such as compliance with legal obligations.
- Right to Withdraw Consent. Data subjects have the right to withdraw their consent to the processing of their PII. Exercising this right will not affect the lawfulness of processing the PII based on consent obtained before its withdrawal.
- Right of Data Portability. Where technically feasible, data subjects have the right to ask to transfer their PII in accordance with their right to data portability, if required pursuant to applicable law.
Data subjects whose data we control (our customers’ business representatives) may exercise the above rights by sending a request to firstname.lastname@example.org.
- Right to Lodge Complaint. Depending on their location, data subjects (such as individuals located in the EU or UK) also have the right to lodge a complaint with a data protection supervisory authority in the place of their habitual residence regarding the processing of their PII.
- Legal Justification For Processing.
When Company processes PII on behalf of its customers, Company is a data processor. In that case, Company’s customer will be a data controller, and will be responsible to obtain the data subject’s consent or establish any other applicable lawful basis for processing and we rely on our contractual relationship with the controller.
We will use the PII we process as controllers to provide our Services to our customers and meet our contractual and legal obligations. We make commercially reasonable effort to ensure that all PII is processed for the stated purposes of processing, including without limitaion:
Processing which is necessary for the performance of a contract to which you are a party:
- carrying out our obligations arising from any contracts entered into between you and Company and/or any contracts entered into with Company and to provide you with the information, support and Services that you request from Company;
- verifying and carrying out financial transactions in relation to payments you make in connection with the Services.
Processing which is necessary for the purposes of the legitimate interests pursued by Company or by a third party of providing an efficient and wide-ranging service to our customers:
- notifying you about changes to our platform and Services;
- contacting you to give you promotional information which may be of interest to you (after you provide consent, when required under applicable law). You can unsubscribe from these communications at any point;
- soliciting feedback in connection with the Services;
- for security purposes and to identify and authenticate your access to the login zone.
Processing which is necessary for compliance with a legal obligation to which Company is subject or for exercising and defending legal claims:
- compliance and audit purposes, such as meeting our reporting obligations in our various jurisdictions, anti-money laundering, tax related obligations, and for crime prevention and prosecution in so far as it relates to our staff, clients, service providers, facilities etc.;
- if necessary, we will use PII to enforce our terms, policies and legal agreements, to comply with court orders and warrants and assist law enforcement agencies as required by law, to collect debts, to prevent fraud, infringements, identity thefts and any other service misuse, and to take any action in any legal dispute and proceeding.
Last Date Updated: August 2023