Privacy Policy

PRIVACY POLICY FOR PROCESSING PERSONAL DATA BY GOSWIFT

This Privacy Notice describes the purpose and extent of processing your personal data by GoSwift. Depending on your geographic location, different entities within our group may process some of your personal data, specifically related to sales and marketing. The entity primarily responsible for processing your personal data when using Software as a Service (SaaS) is GoSwift Solutions OÜ (registry code 16845478, address, Tallinn, Mäealuse tn 2/1, 12618, e-mail info@goswift.eu). Contact us for further information about the specific entities responsible for processing your personal data.

  1. GENERAL PROVISIONS
    1. GoSwift processes your personal data when you access and use the Services provided by GoSwift.
    2. GoSwift ensures that the processing of personal data is in accordance with the legislation regarding the protection and security of personal data including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR), other personal data protection legislation, and good business practices.
    3. GoSwift considers the privacy of individuals and the protection of their data important and makes the best efforts to ensure the security and protection of the information system and other data carriers.
  2. DEFINITIONS
    1. Client means a person obtaining Services from GoSwift and who can authorise End Users to access and use the Services.
    2. End User means a person authorised to access and use the Services, including vehicle drivers and passengers, as well as logistics specialists.
    3. GoSwift refers to a corporate structure wherein a collection of companies are interconnected under the governance and strategic direction of a Parent Company. Further details regarding our Group Structure can be found on our official website.
    4. GoSwift App means the mobile App developed by GoSwift, which grants the End User access to features on the App.
    5. Processing of personal data means viewing, collecting, saving, storing, altering, transmitting, or receiving personal data and other activities related to personal data.
    6. Services means the intelligent transport management solution provided and maintained by GoSwift and/or the data processors via the GoSwift website, SaaS and the GoSwift App.
  3. PURPOSE OF THE PROCESSING OF PERSONAL DATA AND ITS LEGAL BASIS
    1. GoSwift processes personal data necessary for providing and maintaining the Services. GoSwift processes the End Users’ personal data when the End Users access the Services via the website and the GoSwift App.
    2. In general, the legal basis for such a purpose is carried out in accordance with Article 6(1)(b) of the GDPR. Such processing is necessary for the performance of the services agreement between GoSwift and the Client. Sometimes the processing of data is necessary for legitimate interests under Article 6(1)(f) of the GDPR provided those interests are not outweighed by the End Users’ rights and interests.
    3. GoSwift is processing the following personal data:

Processing activity

Data categories

Purpose

Legal basis

Account management

Full name

Email address

Phone number

To register End Users and create individual user accounts that allow access to features via the Services

Contractual obligation (Article 6(1)(b) of the GDPR)

Vehicle registration

Vehicle number plate

Vehicle country of origin

Vehicle RFID

Trailer number plate

Trailer country of origin

To register vehicles on the Services and manage vehicles’ access to premises

Contractual obligation (Article 6(1)(b) of the GDPR)

Booking management

Full name

Email address

Phone number

Vehicle number plate

Vehicle country of origin

To manage vehicles’ arrival and automatic access to premises at predetermined times

Contractual obligation (Article 6(1)(b) of the GDPR)

Notifications

Full name

Email address

Phone number

To send notifications and reminders about bookings to End Users including via email, SMS, WhatsApp, and push notifications

Contractual obligation (Article 6(1)(b) of the GDPR)

Location tracking

Mobile device location data

To manage queues and access by tracking End Users’ location during transit via the GoSwift App

Contractual obligation (Article 6(1)(b) of the GDPR)

Statistics

Booking statistics

Driving status statistics

To provide the Client with statistical information in regards to accounts, vehicles, bookings, and driver location

Contractual obligation (Article 6(1)(b) of the GDPR)

Feedback

Full name

Message content

To provide a feedback system in which the End Users can communicate with the Client and its representatives via the Services

Contractual obligation (Article 6(1)(b) of the GDPR)

Analytics

Usage data (e.g. access dates and times)

Browser and device information

Cookies

System activity

To analyze how the Services are used and to identify areas for technical improvement and enhancement

Legitimate interest, to improve and optimize the functionality and content of the Services (Article 6(1)(f) of the GDPR)

Technical Support

User account data

Technical logs

Interaction data (for troubleshooting)

To provide assistance with technical issues or account-related problems

Legitimate interest, to ensure the reliable operation of the Services and user satisfaction (Article 6(1)(f) of the GDPR)

Security Measures

Login data

Access logs

Network information

To safeguard the platform from unauthorized access, cyber threats, and to ensure the integrity of personal data

Legal obligation, to ensure the security of personal data under data protection laws (Article 6(1)(c) of the GDPR)

 

  1. HOW GOSWIFT COLLECTS PERSONAL DATA
    1. GoSwift collects personal information on the Services directly when the Client or the End User:
      • manages accounts on the Services, providing information for account management;
      • manages vehicles on the Services, providing information for vehicle management;
      • manages bookings on the Services, providing information for booking management;
      • interacts with the feedback system;
      • submits data through communication means for technical assistance.
    2. GoSwift collects personal information indirectly on the Platform when:
      • collecting data via cookies and similar technologies to facilitate functionality of the Services, including but not limited to login data, IP addresses, browser types, and access times;
      • creating the initial administrative account for the Client;
      • collecting data about the devices used to access the services;
      • collecting drivers’ location data;
      • collecting communications data;
      • collecting analytical and statistical information.
  1. TRANSMISSION OF THE PERSONAL DATA
    1. GoSwift processes personal data in the European Union (EU) and within the European Economic Area (EEA). GoSwift receives, transmits, and processes personal data only digitally.
  2. DISCLOSURE OF PERSONAL DATA
    1. GoSwift engages third-party service providers to provide, run, and maintain the Services on its behalf. These service providers have access to your personal data only to the extent necessary to perform their services, and they are contractually obligated to maintain the confidentiality and security of your information.
    2. GoSwift may disclose your personal data if required to do so by law or in good faith belief that such action is necessary to comply with legal obligations, such as platform exchange of tax information or anti-money laundering obligations.
    3. Infrastructure service providers

Data Processor

Processing activity

Territory

CITIC Telecom CPC Estonia OÜ

Server hosting and network connections

Estonia
  1. RETENTION AND DELETION OF PERSONAL DATA
    1. The storage period of personal data depends on the legal obligations to store data (i.e. accounting regulations), contractual obligations, and legitimate interest or consent to provide the best services:

Data type

Purpose

Retention time

User account data

Vehicle registration data

Booking data

Feedback data

Notification data

Location data

Communication logs

To manage access to the Services and provide the Client with features via the Services

Retained for the duration of the Client agreement, and for a period of 3 years after the expiry of the agreement, except for information necessary for accounting purposes, which shall be retained for 7 years after the expiry of the Client agreement

Technical logs and usage data

Technical support data

To ensure the integrity, security, and improvement of the Services

Retained for the duration of the Client agreement, and for a period of 3 years after the expiry of the agreement, then securely deleted or anonymized
  1. RIGHTS OF THE DATA SUBJECT
    1. The data subject shall have the right at any time to request:
    2. access to personal data (accessed via the Services);
    3. correction of inaccurate personal data;
    4. require the deletion of personal data;
    5. restriction of processing of personal data;
    6. withdrawal of consent (if applicable).
    7. In order to exercise these rights, the data subject must submit a declaration to info@goswift.eu. The application shall be responded to within a maximum of 30 calendar days.
    8. The data subject has the right to lodge a complaint against the processing of personal data with the supervisory authority, which is the Estonian Data Protection Inspectorate (www.aki.ee, info@aki.ee).
  2. CHANGES AND VALIDITY
    1. GoSwift has the right to change the conditions for processing personal data. In the event that there are substantial changes, GoSwift will provide at least 1 (one) month’s advance notice through the Services before the substantial changes take effect.
    2. The conditions for processing personal data are valid from 19.03.2024.