FourKites Partner Portal Privacy Notice

Last Modified: November 13, 2023

 

Introduction

At FourKites, Inc., including its affiliates (hereafter “FourKites“, “we“, “us“, or “our“), your privacy is of great importance. This FourKites Partner Portal Privacy Notice (“Notice“) describes our privacy practices specifically for this Partner Portal (“Portal”). It describes how and why we are processing personal information.

Please read this Notice carefully to learn about information that we collect that personally identifies you directly or indirectly (“personal information” or “personal data”), how we use, protect, and disclose your personal information when you interact with this Portal, and how you can exercise your privacy rights wherever you are located. 

If you are unable to access this Notice due to a disability or any physical or mental impairment, please contact us using the contact details in section 1 and we will arrange to supply you with the information you need in an alternative format that you can access.

1. FourKites

FourKites is the world’s leading supply chain intelligence platform, delivering real-time visibility and execution for 1200+ companies and third-party logistics firms across 200 countries. Using a patented artificial intelligence to calculate shipment arrival times, FourKites enables customers to lower operating costs, improve on-time performance, and strengthen end-customer relationships.

To ask questions, comment or provide feedback about this Notice and our privacy practices, contact us at: [email protected].

EU Representative. If you are located in the EEA, you can contact FourKites’ EU Representative, FourKites B.V., at Schiphol Boulevard 175, 1118 BG in Schiphol, the Netherland.

UK Representative. If you are located in the UK, you can contact FourKites’ UK Representative Lionheart Squared Limited at [email protected], or at Lionheart Squared Limited, 17 Glasshouse Studios, Fryern Court Road, Fordingbridge, Hampshire, SP6 1QX, United Kingdom.

2. FourKites as a Data Controller

FourKites is the controller of the processing activities described in this Notice. You may contact FourKites with any questions relating to this Notice or this service at [email protected].

Information Collected and Used

a. Information you provide directly to us when using the Portal:

There are various areas within the Portal where you will provide personal information directly to us. This personal information may include:

  • your name, email address, or any other identifier by which you may be contacted online or offline;
  • your username, password, or other credentials you use to access and use the Portal;
  • your work title, department information, role and other information related to your work or employer; and
  • Other information you may volunteer to us

b. Information users provide to us when using the Portal:

Users of the Portal may submit personal information of other parties for the purpose of our marketing activities. Where a user provides us with your personal information, we presume that you have authorized such collection.

c. Information we collect automatically through the Portal: 

When you use the Portal, we may use technology to automatically collect information and data as detailed below. In some countries, including countries in the European Economic Area, the UK and in Switzerland, Australia, Brazil, Canada, and New Zealand, this information may be considered personal information under the law.

We may collect this information as part of log files as well as by using cookies or other tracking technologies. Our use of cookies and other tracking technologies is discussed more below, and in more detail in our Cookie Policy.

  • Usage Details. FourKites may automatically collect certain details of your access to and use of the Portal, including location data, traffic data, logs, error and crash reports and other communication data and the FourKites documentation that you access and use on or through the Portal (such as which features you access) and how you use them (such as session times and navigation journey).
  • Device Information. We may collect information about the device with which you connect to the Portal and internet connection, including the device’s hardware model, operating system version, unique device identifiers, IP address, browser type, mobile network information, and telephone number.

3. Purposes for which the Personal Information is Collected and Used

We use the personal information that we collect about you, directly or indirectly, for the following business and commercial purposes:

  • To operate, support and maintain our Portal, conduct identity verification, authentication and other fraud prevention or detection activities to ensure secured access and use of the Portal.
  • To administer your activity on the Portal and provide credentials.
  • Respond to, or follow up on, your questions or data provided, and otherwise provide you with any other information that you request from us.
  • Give you notices about your account.
  • Track Portal usage and performance to better serve you and improve user experience, including by monitoring usage patterns, storing information about your preferences, allowing us to customize our Portal according to your individual settings and recognize you when you use the Portal.
  • To enforce compliance with our terms of use and other policies in connection with legal claims, compliance, regulatory and investigatory purposes as necessary or to otherwise enforce or protect our rights under applicable law, including, without limitation, FourKites’ intellectual property rights.
  • To perform marketing activities to establish a relationship with a customer and/or maintain as well as extend a relationship with a customer or partner.
  • Where you ask us to send marketing information via a medium where we need your consent. For more information about how to modify your preferences about marketing communications, please see the Section on Individual Privacy Rights below.
  • To carry out other legitimate business purposes, as well as other lawful purposes, such as a request by government or law enforcement authorities conducting an investigation.

In addition, we anonymize and/or aggregate personal information that we collect about you or that you or other Portal users provide to us to prepare reports, studies, analyses; maintain and improve the performance or functionality of the Portal; demonstrate the effectiveness of the Portal, and develop new features, products, and other work product.

4. Legal Basis for Processing Your Personal Information

If you are from a country or region (e.g., EEA, Chile, Indonesia, Turkey, Thailand, South Africa, United Kingdom) where a legal basis is necessary for the processing of personal data, our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.

However, we will normally collect and use personal information from you where the processing is in our legitimate interests, as described in this Section, and not overridden by applicable law, your data-protection interests, or fundamental rights and freedoms. 

In some other limited cases, we may also have a legal obligation to collect personal information from you. If we ask you to provide personal information to comply with a legal requirement, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not, as well as of the possible consequences if you do not provide your personal information.

If you are from a country or region that requires us to ask for consent for any processing or transferring data (e.g., Canada, Colombia, Panama, Turkey, Taiwan) we collect, use, disclose and otherwise process the personal information described above only with your consent. If you do not wish to provide us with any personal information which is indicated as compulsory, we may not be able to communicate with you or provide certain services or features to you. Further, if you provide us with details of any other individual (e.g., prospects), you must give a copy of this Privacy Notice to, and obtain consent from, that individual before giving their personal information to us where consent is required by applicable laws.

5. Recipients of Personal Information

In addition to and based on the specific purposes set out in this Notice, we may disclose personal information that we collect or that you provide to the following categories of recipients:

  • Subsidiaries and affiliates. We share your personal information with our subsidiaries and affiliates, including FourKites India Private Limited (India), FourKites B.V. (the Netherlands), FourKites Singapore Pte. Ltd, FourKites Poland, sp. z o., and NIC GmbH (Germany). If and to the extent necessary for the performance of their tasks, access will be granted to your personal information to our employees who are bound by confidentiality.
  • Third-party vendors and other service providers. We may share your personal information with our third-party vendors, contractors, service providers, and other third parties we use to support our business and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them.
  • Business transfers. We may share your personal information with a buyer or other successor in the event of a merger, divestiture, restricting, reorganization, dissolution, or other sale or transfer of some or all of FourKites’ assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by FourKites about Portal users and/or prospects is among the assets transferred.
  • Compliance with laws. We may share your personal information to comply with any court order, law, or legal process, including responding to government or regulatory requests or with law enforcement agencies or for an investigation related to public safety, in any applicable jurisdiction.
  • Legal rights. We may share your personal information to enforce our rights arising from any contracts entered into between you or your company and us, including agreements for subscriptions to the Portal, and for billing and collection, or if we believe disclosure is necessary or appropriate to protect our rights, property, or safety of FourKites, our customers, or others or to enable us to take precautions against liability.
  • To any other third party you authorize us to disclose it to.

FourKites may disclose anonymized information without restriction.

6. Location and Retention of Your Personal Information

If you are using our Portal from outside the United States, be aware that your information will be transferred to, and maintained on, IT infrastructure located within the United States and further that your information may be accessed within the United States and/or our teams in Europe and India. The collection, use, retention, and any other processing of your information will be governed by United States law, to the extent applicable, and further by the specific jurisdictions within the United States where that information is stored, unless otherwise specified. Accordingly, your information may be accessible to law enforcement and/or regulatory authorities according to applicable United States law. 

We hold your personal information only for as long as necessary to fulfil the purposes set out in this Notice If you would like more information about specific retention periods you can email us at [email protected].

7. International Transfers

When we transfer your personal information outside of the jurisdiction in which you live or work, we do this where we are satisfied that adequate levels of protection are in place to protect the integrity and security of your personal data and/or adequate security measures are adopted, in compliance with applicable data protection laws.

Adequacy Decision or Contractual Clauses. This means that whenever your personal information is transferred to a different jurisdiction, we make sure that such transfers is either approved by the authorities from the jurisdiction the personal information originates from through so called ‘adequacy decisions’ or is subject to appropriate safeguards such as contractual clauses for transfers as approved by those authorities (e.g., Argentina, Brazil, EEA, Indonesia, Israel, Singapore, The Philippines, Uruguay). 

Consent. If you are from a country where consent is the only ground available to transfer data (e.g., Canada, Malaysia, Mexico, Panama, Peru, Saudi Arabia, Turkey), we will transfer overseas and process the personal information described above only with your consent. International transfers of your personal data shall comply with the legal basis set forth in the applicable law of your country, and any instructions provided by the regulatory authority and/or applicable law.

Data Privacy Framework. FourKites complies with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”) and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce.  FourKites has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Program Principles (“EU-U.S. DPF Principles”) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF.  FourKites has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Program Principles (“Swiss-U.S. DPF Principles”) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

In compliance with the EU-US Data Privacy Framework Principles, FourKites commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the DPF Principles.  European Union and Swiss individuals with DPF inquiries or complaints should first contact FourKites at [email protected]

FourKites has further committed to refer unresolved privacy complaints under the DPF Principles to an independent dispute resolution mechanism, Data Privacy Framework Services, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers for more information and to file a complaint. This service is provided free of charge to you.

If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. 
See https://www.dataprivacyframework.gov/s/article/G-Arbitration-Procedures-dpf?tabset-35584=2.

8. Protection of your Personal Information

At FourKites, protecting the information that we are trusted with is our priority. We take contractual, technical, and organizational security measures in accordance with the state of the technology to protect the processed data against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons. Your personal data will be protected within the scope of the following points:

  • Safeguarding the confidentiality of your personal information. To maintain the confidentiality of your data stored by us, we have taken various measures such as access control, pseudonymization and encryption. Additionally, we ensure that actual or suspected data breaches are investigated and reported in accordance with applicable law.
  • Safeguarding the integrity of your personal data. To maintain the integrity of your data stored by us, we have taken various measures to control disclosure and input and train our employees as part of our information security program. 
  • Maintaining the availability of your personal data. To maintain the availability of your data stored with us, we have taken various control measures to ensure the resilience of processing systems and services.
  • Testing, assessing, and evaluating the effectiveness of measures implemented. The security measures in place are continuously improved in line with technological developments.

FourKites is SOC 2 Type II compliant. SOC 2 is an evaluation of the design and operating effectiveness of controls that meet the AICPA’s Trust Services Principles criteria. Every year FourKites is subject to independent audit. If you would like more information about specific measures taken to protect your personal information you can email us at [email protected].

9. Your Privacy Right and Choices

Based on the law applicable to the use of your personal information, you have rights in relation to your personal information. Note that we will have to balance your rights and your request to exercise them against our rights and obligations to process your personal information and to protect the rights and freedoms of others. A number of the rights you may have in relation to your personal information are explained below: 

  • You have the right to be informed on the processing of your personal information, and in some countries, this may include the right to information about the public and privacy entities with which we have shared your information and how we have used your information in the 12 months prior to your request.
    • California consumers have the right to opt-out of the sale of their personal information. We do not and will not sell your personal information.  We may provide third parties with certain personal information to provide or improve our products and services, for example to deliver products or services at your request. In such cases, we require those third parties to handle the information in accordance with applicable laws and regulations.
  • You may have the right to access, correct, update, anonymize, or delete your personal information by emailing [email protected]. Note that we cannot delete your personal information without also deleting your user account. We may not accommodate a request to delete or change information if we believe the deletion or change would violate any law or legal requirement (including contractual) or cause the information to be incorrect. Proper access and use of information in connection with the Services is governed by our agreements with the company licensing access to the Services.
  • You may have the right to object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information by emailing [email protected].
  • Promotion by FourKites. If you do not want us to use your email address to promote our own or third parties’ products or services, you can opt-out of receiving marketing emails at any time by sending an email to [email protected] or by using the unsubscribe function on the marketing communication.
  • When we have collected and processed your personal information with your consent, then you can withdraw your consent at any time by emailing [email protected]. Withdrawing your consent will not affect the lawfulness of any processing conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful grounds other than consent. In some countries you may also have the right to request for proof of your consent.
  • You have the right not to receive discriminatory treatment for exercising your privacy rights.
  • You have the right to complain to a data protection authority about our collection and use of your personal information. In some countries this right to complain might be restricted. Some data protection laws require you to first use our complaints procedure as explain in this Privacy Notice before you can submit your complaint to your local data protection authority. For more information, please contact your local data protection authority.

Please note that we will respond to your request in accordance with the applicable data protection laws and regulations. The rights you have may vary depending on the country. This list does not grant you any rights.

Privacy Rights Procedure. We respond to all requests we receive from individuals wishing to exercise their privacy rights in accordance with applicable data protection laws. This section includes a description of how we handle your request when you choose to exercise your rights.

When we receive your request, we will verify your request and your rights against applicable data protection laws. This means that we will take steps to verify your identity by a method appropriate to the type of request you are making to ensure you are the individual about whom we have personal information, confirm your right to exercise these rights, and if confirmed, proceed with the request.

We will respond to your request within a reasonable period and in accordance with the periods prescribed by applicable data protection laws. We may charge you a reasonable fee for processing your request.

We may decline your request and if we do, we will give you a written notice that sets out the reasons for the refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.

Choices. You can exercise control over the following uses of your information.

  • Tracking Technologies. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse cookies or block the use of other tracking technologies, some parts of the Portal may then be inaccessible or not function properly. For more information see our Cookie Notice.

Complaint Procedure. If you wish to make a complaint about or provide us with feedback on any processing activity or practice conducted by FourKites, please contact us by using the contact details in section 1 and we will take reasonable steps to address the feedback or investigate the complaint and respond to you. 

In order to protect your personal information, we will verify your identity by a method appropriate to the type of request you are making. We may also request that your authorized agent have written permission from you to make requests on your behalf, and we may also need to verify your authorized agent’s identity to protect your personal information.

10. Special Note About Children and Minors

The Portal is not intended for children under the age of 18, and we do not knowingly collect personal information from children under the age of 18. If we learn we have collected or received personal information from a child under the age of 18 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under the age of 18, please contact us at [email protected].

11. Changes to Our Notice

We may update this Notice from time to time in response to changing legal, technical, or business developments. When we update our Notice, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Notice changes if and where this is required by applicable data protection laws.

You are responsible for ensuring we have an up-to-date active and deliverable email address and/or mobile phone number for you and for periodically visiting this privacy notice to check for any changes.