GDPR Compliance


GDPR compliant and Data Protection Policy.



Purpose and Background

LOGISTIFIE LTD holds information about customer’s business details provided at the time of application signup, customers and other people involved with our business activities.  LOGISTIFIE LTD has a responsibility to look after this information properly, and to ensure we comply with the EU General Data Protection Regulation (GDPR) which comes into force in the UK from 25th May 2018.  It is expected that the GDPR will continue to form the basis of UK Data Protection legislation, even once the UK has left the EU, so it is therefore fully taken into account in this policy.

Data Protection good practice is not just a matter of legal compliance and ticking boxes.  Data Protection is about taking care of our drivers and clients and ensuring that we are respecting their privacy.  Poor practice or a serious breach could not only harm individuals but would also have a serious effect on the reputation of LOGISTIFIE LTD and we value our good name.

Scope

This policy applies to information relating to customer’s (who use our product and services) which is held by LOGISTIFIE LTD

Our legal basis for using people’s data

Everything we do with records about individuals – obtaining the information, storing it, using it, sharing it, even deleting it – will have an acceptable legal basis.  There are six of these:

  • Consent from the individual (or someone authorized to consent on their behalf).
  • Where it is necessary for connection with a contract between LOGISTIFIE LTD and a Customer.
  • Where it is necessary because of a legal obligation – if the law says we must.
  • Where it is necessary for an emergency, to protect a Customer’s ‘vital interests’.
  • Where it involves the exercise of a public function – i.e. most activities of most government, local government, and other public bodies.
  • Where it is necessary for our legitimate interests, as long as these are not outweighed by the interests of the individual.

Where we are basing our processing on consent we will be able to ‘demonstrate’ that we hold consent.  This means having a record of who gave consent, when they gave it, how they gave it (e.g. on the website, on a form, verbally), and what they actually consented to. 

In the case of legitimate interests, we will do a balancing test, and be confident that our legitimate interests in using the data in a particular way – for example in providing our services – are not overridden by the interests of the individual.

 

Data Protection Principles

Data Protection compliance is based largely on a set of Principles. 

The six GDPR Principles say that:

  • Whatever you do with people’s information has to be fair and legal. This includes making sure that they know what you are doing with the information about them.
  • When you obtain information, you must be clear why you are obtaining it, and must then use it only for the original purpose(s).

    • You must hold the right information for your purposes: it must be adequate, relevant, and limited to what is necessary.
    • Your information must be accurate and, where necessary, up to date.
  • You must not hold information longer than necessary.
  • You must have appropriate security to prevent your information from being lost, damaged, or getting into the wrong hands.

This policy reflects each of these principles.

Transparency & purposes (first and second principles)

We will make key information available to people at the time we collect information from them. 

This includes:

  • the identity and contact details of LOGISTIFIE LTD and the person who is responsible for Data Protection;
  • the purposes we intend to use the data for and our ‘legal basis’ for this;
  • what we regard as our ‘legitimate interests’, if this is our basis for processing;
  • any specific recipients of the data (eg. TfL or Google Analytics).

Other information will be made available where relevant.  This includes:

  • the period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period;
  • details of the individual’s rights, such as to request a copy of all the data held;
  • the right to withdraw the consent if that is the legal basis for processing (but not retrospectively);
  • whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether the data subject is obliged to provide the personal data and of the possible consequences of failure to provide such data.

In both cases, we will only tell people things they won’t already know.  When a customer signs up for our LOGISTIFIE LTD service they know that we will keep a record of them and their activities with us. 

Direct marketing

One explicit right that people have is to stop us from sending them marketing material (by post, phone, email, or text) if they don’t want it. 

When we collect information from people that might be used for marketing we will say so at the time and ask them if they are happy to hear from us.  The wording will be along the lines of: “We would like to keep you up to date with information about LOGISTIFIE LTD services.  Please tick here to indicate which method(s) you are happy for us to use: Mailo, Phone o, Email o, Text o”

These rules are only for marketing. They do not stop us from contacting people in whatever is the most convenient way to give them information about things they have already signed up to, or for other administrative purposes.

Data quality, record keeping, and retention (third, fourth and fifth principles)

Our activities will be more effective and appropriate if we have good quality records about the people we are working for and with, our customers.  GDPR insists on this.  We will ensure we have the information we need, but no more (it must be adequate, relevant, and limited to what is necessary) and it will be as accurate as we can make it and – where necessary – kept as up to date as possible.  We will not keep it longer than necessary.

We will ensure that our staff is fully aware that the individual concerned has the right to see all the information recorded about them by LOGISTIFIE LTD. 

LOGISTIFIE LTD has a clear policy on how long to keep personal information and this is directly linked to the retention for our compliance with Transport for London obligations of service.  We have established a process for ensuring that data is deleted or destroyed at the appropriate time to comply with this requirement.

Security (the sixth principle)

We will take good care of the information we hold, whether on our computer systems or on paper and make sure that all our staff has the appropriate guidance and training so that they treat your information appropriately.

Responsibilities

Responsibility for compliance with the GDPR lies with LOGISTIFIE LTD, not with any specific individual.  However, LOGISTIFIE LTD has designated someone to lead on, keeping up to date with any developments, checking that we are complying and have the evidence to prove it, giving advice to drivers/clients, and handling any issues such as a data breach or a Subject Access Request. 

The individual currently designated can be contacted at the following email address

support@logistifie.com

 

 

 

×

Take Your Business To A New Level With Our Intelligent Software - A System Trusted By Several Chauffeur Companies

Like most websites, this site uses cookies to assist with navigation and your ability to provide feedback, analyse your use of products and services so that we can improve them, assist with our personal promotional and marketing efforts and provide consent from third parties.

ACCEPT