Privacy Policy for Swipload Technologies

This privacy policy applies to the processing of personal data for Swipload Technologies AS.  ("Swipload" , "we" or "us") processes personal data in the capacity of data controller, for instance related to the processing of personal data that we collect about you in connection with your visit to our websites, registration as a supplier, carrier, partner, prospective customer or customer.
This privacy policy provides you with information about how Swipload collects personal information about you, what information we collect, how we use the collected information and what rights you have when we process personal data in the capacity of data controller.

1. WHO WE ARE
‍
‍Swipload offers a digital platform ("Platform" or "System") for the management of transportation services ("Services"). The Service and applications ("Applications") are offered to cargo owners and buyers of transport services ("Customers") to be carried out by carriers ("Carriers"), and their users "(Users).  

Our contact information is:
Swipload Technologies AS
Tangen 76,
4608 Kristiansand, Norway
‍
Phone number: 
922 201 080

For any questions regarding our processing of your personal data, please contact us at sup@swipload.no. You can also contact us if you want to exercise your rights in accordance with the GDPR, as described below in Section 7.

2. WHO WE PROCESS PERSONAL DATA ABOUT
‍
‍This privacy policy governs the processing of personal data for the following persons:
Contact persons at our suppliers, customers, carriers or prospective partnersIndividuals contacting us via our websiteVisitors to our websites

3. PURPOSE, CATEGORIES OF PERSONAL DATA, LEGAL BASIS, AND RETENTION PERIOD
‍
‍All processing of personal data is carried out in accordance with the applicable data protection rules, including the General Data Protection Regulation (GDPR).
Below you will find an overview of the purposes for which Swipload processes personal data, what personal data is processed, the legal basis for the processing and retention periods.
‍
3.1. When you enter into a customer or supplier agreement with us
‍When we enter into agreements with customers or suppliers, we collect and process personal data of designated contact persons. The same applies when carriers are using our Services in accordance with the Swipload Technologies Terms of Service. S data may include names, contact details (such as phone numbers, email addresses, and job titles), and any other information necessary for the negotiation, conclusion, and management of the agreement.
This information is used to establish, manage, and execute contractual relationships with customers, suppliers and carriers. It facilitates essential communication related to the performance of the contract and other administrative matters.
The legal basis for this processing is our legitimate interest in managing and fulfilling contractual relationships, as outlined in Article 6(1)(f) of the GDPR.
We retain personal data collected for this purpose until the relevant agreement expires. Beyond this period, data may be retained only as required by applicable laws or for the establishment, exercise, or defense of legal claims.

3.2. Inquiries
‍When you communicate with us, including to make a request or other inquiries through email or the contact form on our website and/ or Service, we will collect your name and contact information (such as your name, phone number and e-mail address), as well as any information that you choose to provide to us in the inquiry itself.We use this information to respond to and/or follow-up your request, and to provide information in response to the requests and inquiries.The legal basis for this processing is our legitimate interest in responding to your request, cf. Article 6 no. 1 (f) of the GDPR.Personal data processed for this purpose will be deleted once the inquiry is resolved. For existing customers or suppliers, the data will be retained until the customer or supplier agreement has expired.

3.3. Marketing and newsletters
‍If you subscribe to our newsletter, we process your e-mail address, IP address and browser user agent string. The purpose of this processing is to send you our newsletters and help spam detection. The legal basis for this processing is your consent, cf. Article 6 no. 1 (a) of the GDPR. Personal data processed for this purpose will be deleted upon your withdrawal of consent, which you can do at any time by clicking the unsubscribe link in the relevant email or by contacting us directly.As a registered supplier, partner, or customer, we may communicate with you regarding offers, updates, product selections, service functionalities, changes, or other information deemed relevant to your interests. These communications may be delivered via email. The legal basis for processing your personal data for these purposes is our legitimate interest in marketing our services, as provided by Article 6(1)(f) of the GDPR, as well as our existing customer relationship with you, in accordance with Section 15(3) of the Norwegian Marketing Act.

3.4. Surveys and improvements
‍We may process personal data to understand the needs of our supplier, partner or clients and to improve and develop the services we provide. The purpose of the processing is to contact our supplier, partner, client or prospect to conduct surveys about opinions on our products and services.The legal basis for processing personal data for this purpose is our legitimate interest in improving our services, cf. Article 6 no. 1 (f) of the GDPR. The personal data processed for these purposes are deleted upon termination of the agreement with the supplier, partner, client or prospect.

4. COOKIES
‍
‍When you visit our website, we use cookies and similar technologies to enhance your browsing experience, analyze website traffic, and support marketing activities. With your consent, we place cookies categorized as necessary cookies, functional cookies, statistic and analysis cookies, and marketing cookies.Through our cookie banner, you can choose to accept all cookies, decline all cookies, or customize your preferences based on the category of cookies. For more detailed information about each cookie and its purpose, please refer to the "More Details" section in the cookie banner.The legal basis for processing personal data through cookies is your consent, cf. Article 6 no. 1 (a) of the GDPR.You may withdraw your consent at any time by adjusting your preferences in the cookie settings available on our website.

5. RECIPIENTS OF YOUR PERSONAL DATA
‍
‍We may disclose personal data to others to the extent necessary for execution of the transportation services in the Service, for the administration of our operations and to carry out our business. We may, among other things, share your personal data with our suppliers of IT systems, accountant provider, and technical assistance. This includes IT providers who operate our web site, analytics, e-mail services, newsletter and CRM systems. This processing is necessary in order to provide our products and services. These parties process your personal by virtue of their role as data processors, and their processing is subject to a data processing agreement. The suppliers are required to act according to documented instructions from us and ay not use personal data for their own purposes.In addition, we may in some cases disclose your personal data to others who will themselves be responsible for how they process your personal data. For example, we may disclose your personal data to public authorities if this is required by law or by a legally enforceable judgment or order. If we sell or buy any business or assets, we may transfer your personal data to a prospective seller or buyer of such business or assets. If we or a significant part of our assets are sold to another company, your personal may also be shared in connection with the sale. We always implement appropriate technical and organizational security measures in accordance with applicable data protection legislation to ensure that your personal data is handled in a secure manner when transferring or sharing your personal data with a third party.
‍
6. TRANSFERS OF YOUR DATA TO COUNTRIES OUTSIDE THE EU/EEA
‍
‍Generally, we process your personal data within the EU/EEA. If the personal data is processed outside the EU/EEA, there is either an adequacy decision from the European Commission in place, which ensures that the third country in question guarantees an adequate level of protection, or we ensure that appropriate safeguards are in place to ensure that your rights under the GDPR are safeguarded.
Examples of such appropriate safeguards are that the data transfer is subject to the European Commission's Standard Contractual Clauses (SCC's) or that the relevant third party follows approved standards of conduct.
If you would like more information about the security measures we have implemented, please contact us by using the contact details set out at the end of this privacy policy.

7. SECURITY OF THE PROCESSING
‍
‍All our processing of personal data is secured by appropriate and necessary technical and organizational measures.
We handle personal data so that it is accurate, accessible and processed in accordance with the degree of sensitivity of the data. We also use a range of security technologies and information security procedures to protect personal data from unauthorized access, use or disclosure.
We have entered into data processing agreements with all our suppliers that process personal data.
We restrict access to personal data strictly to the staff or third parties who have a necessary need to process the data on our behalf. These parties are subject to a duty of confidentiality.
‍
8. YOUR RIGHTS WHEN WE PROCESS PERSONAL DATA ABOUT YOU
‍
‍Swipload has implemented relevant and appropriate technical and organizational security measures to protect your data and ensure your rights. Below is an overview of your rights under the GDPR:Right to information and access:We strive to be open and transparent about how we process your personal data. If you wish to know more about how we process your personal data or wish to receive the personal data we process about you, you can request access to the information we have stored about you. If we receive an access request, we may ask you to provide more information about who you are to ensure that we provide the data to the right person.

The right to rectification: If you become aware that we hold outdated or inaccurate information about you, you can ask us to correct the error at any time by contacting us.

The right to erasure and restriction: You have the right to request that your personal data is erased or that its use is restricted, for example, if you believe that your personal data is being processed in violation of applicable law. We will as far as possibly comply with a request to erase personal data, but we cannot do this if we are required by law to store certain data e.g. for accounting purposes or to comply with a legal claim.

The right to data portability: In some cases, you may have the right to obtain the personal data you have provided to us in a structured, commonly used and machine-readable format. If technically possible, you may also request that the data be transferred to a third party.

The right to object: You have the right to object to our processing of your personal data if, for example, it is processed on the basis of our legitimate interests.

The right to withdraw consent: If you have given consent to our processing of your personal data, you always have the right to withdraw this consent at any time by contacting us. However, this does not affect the lawfulness of the processing based on your consent until you have withdrawn it.

To exercise your rights, you can contact us at [e-mail]. Your inquiry will be answered as quickly as possible, and within one month at the latest. If it takes longer than one month, you will be notified. If you feel that our processing of personal data does not comply with what we have described here or that we are otherwise in breach of the data protection regulations, you can complain to the Norwegian Data Protection Authority: Datatilsynet
Postboks 458 Sentrum
0105 Oslo
E-mail: postkasse@datatilsynet.no
You can find more information about complaints to the Norwegian Data Protection Authority on their websites.
‍
9. CHANGES

If there are changes made in how we process your personal data, we will update or change our privacy policy. In the event of major changes, we will inform you of this.