GDPR Means: General Data Protection Regulation
Policy Prepared By: Universe Logistics
Approved by Management on: 5th June 2018
Policy became operational on: 5th June 2018
Goal of the EU General Data Protection Regulation (GDPR)
The EU General Data Protection Regulation (GDPR) is the most important change in data privacy regulation in 20 years. The regulation fundamentally reshapes the way in which data is handled across every sector; these rules apply regardless of whether data is stored electronically, on paper or on other materials.
To comply with the law, personal information must be collected and used fairly, stored safely and not disclosed unlawfully; with the following key areas covering the main changes from the previous directive;
Increased Territorial Scope, Penalties, Consent, Breach Notification, Right to Access, Right to be Forgotten, Data Portability, and Privacy by Design.
Universe Logistics is a company based and incorporated in England.
We are a forward-thinking logistics provider covering all aspects of freight forwarding and Procurement support services, we offer Road, Sea, and Air Freight solutions worldwide on Project Cargo, Commercial Goods and Personal Effects.
Our approach to business is guided by our core values; Integrity, Accuracy, and Consistency. And by affirming our compliance with the GDPR, we aim to respect and protect our Clients’ information, promote a continual corporate ethical identity both within the company and beyond, and encourage positive standards amongst our partners.
Security policy and responsibilities in the company
This policy applies to the head office of Universe Logistics, all its branches, all staff and volunteers, and all contractors, suppliers and other people working on behalf of Universe Logistics.
This policy applies to all the data which Universe Logistics holds relating to identifiable individuals
This policy is designed to explain the information we collect, how and why we collect it, when it will be used, and who will use it.
This policy stands as a compliance benchmark, and subject to review and update where necessary
This policy helps to promote our commitment to continuous improvement of data protection management system, training, sensitisation and obligation of the employees
Legal Framework in the Company
Your personal data is used for Legitimate interests to fulfil our obligations to you, such as:
Responding to quote requests, received via our online platform, telephone conversation, or through direct mail.
Providing you with regular updates on the progress of transactions assigned to us
Collecting additional necessary information required specifically for your enquiry
Collecting yours or third party details to aid logistics process and progress
We may be required to provide your information to carefully selected partners operating on behalf of Universe Logistics, only for the purposes of carrying out required logistics activities where necessary.
We may (from time to time) need to provide you important news updates which may affect our obligations to you, such as severe weather warnings, public/bank holidays and so on.
We may also notify you during our promotions period, of deals and promotions which may be of cost saving benefits to you.
You have the option to opt out of any (or all) communication from us as you wish.
We will not, (and have no financial or any other interest to) provide your information to a third party for marketing purposes.
With reasonable and admissible justification, we may provide necessary information to carefully selected specialist partners, for credit checks and payment default accounts management.
Data Collection and Management
We always keep data request minimal, and only require additional data where necessary. Personal data collected is usually limited to your name, e-mail address, contact number, and company details (if applicable).
For quotations, we’d only require an area code and/or town/city name, of which only confirmed bookings will require full address details required for collection (pick-up) and delivery purposes.
All data is stored securely in our databases and held by us, as Data Controllers.
Due to the nature of our operations, we act as both Data Controller and Data Processor.
Our operations software is developed, hosted and secured at the Microsoft Windows® Azure™ datacentre, a world leading cloud provider, delivering the highest levels of availability, performance and security.
External access to servers is controlled by multiple layers of firewalls, intrusion detection and prevention systems, load balancers and routers, which are configured and monitored according to industry best practices.
Your data is retained for a period of five (5) years after which it will be automatically removed.
We endeavour to seek your “Consent” before processing and/or storing your data.
In compliance with the General Data Protection Regulations (GDPR), we are required to notify you in the event of, as well as the extent of any “Breach” to your data from within our servers.
In compliance with the General Data Protection Regulations (GDPR), you have a right to request for some/all personal data of yours which we hold.
You also have the Right to be Forgotten; where upon your written request, we must oblige and remove your information from our servers, except we are not obligated to do so if we need to retain such data in order to comply with a legal obligation or to establish, exercise or defend legal claims.
For more information, please contact us at firstname.lastname@example.org