FourKites Privacy & Cookie Policies

This section applies to personal information that we collect and process related to individuals who access the Platform and in the usual course of our business (“Platform Users“). In this section “you” and “your” refers to Platform Users.

The Platform provides real-time visibility and predictive analytics and insights to enable our customers (primarily shippers, third party logistics providers, brokers and carriers) in the shipping industry to plan and track loads over the road, by train, by ocean and by air; manage operations at a shipping or warehouse facility including managing and scheduling appointments and managing gate check-in and check-out, dock scheduling and yard operations; manage rates, carrier bookings and document collaboration; create visualizations and analysis tools to identify trends in the supply chain and at facilities and measure impact in real-time and over time; create a network and allow people to communicate with others participating in the trucking and/or shipping industry; and provide customer support.

Where we provide the Platform, we primarily act as a processor on behalf of our customers, however we do process some of your information for our own purposes. The following information applies only to our role as a data controller.

A. Information we collect about Platform Users

Information you provide directly to us when using the Platform: There are various areas within the Platform where you may provide personal information directly to us. This personal information may include:

• your name, postal address, email address, telephone number, mobile telephone number, or any other identifier by which you may be contacted online or offline;
• your user name, password or other credentials you use to access and use the Platform; and
• your work title, department information, role and other information related to your work or employer.

Information other Platform Users provide directly to us when using the Platform: We may ask other Platform Users to provide personal information about you (e.g. as their carrier or telematics provider).  This may include your name and contact information in order to facilitate sending emails to you to invite you to join the FourKites network or onboard you onto the Platform so that freight you carry can be tracked through the Platform.  Where a Platform User provides us with your personal information, we presume that you have authorized such collection.

Information we collect automatically through the Platform: When you download, access, and/or use the Platform, we may use technology to automatically collect information and data as detailed below. In some countries, including countries in the European Economic Area, the UK and in Switzerland, Australia, Brazil, Canada, and New Zealand, this information may be considered personal information under the law. We may collect this information as part of log files as well as through the use of cookies or other tracking technologies. Our use of cookies and other tracking technologies is discussed more below, and in more detail in our Cookie Policy.

• Usage Details. FourKites may automatically collect certain details of your access to and use of the Platform, including location data, traffic data, logs, error and crash reports and other communication data and the resources that you access and use on or through the Platform (such as which features you access) and how you use them (such as session times and navigation journey).
• Device Information. We may collect information about the device with which you connect to the Platform and internet connection, including the device’s hardware model, operating system version, unique device identifiers, IP address, browser type, mobile network information, and telephone number.

B. How We Use Platform Users Information 

We use the personal information that we collect about you or that you or other Platform Users provide to us for the following business and commercial purposes:

• Provide, operate, optimize, manage, maintain and improve the Platform, including customizing and improving the content, navigation and layout, system administration and ensuring the functionality and security.
• To contact you about onboarding carriers and your telematics data to the Platform.
• Respond to, or follow up on, your comments and questions, and otherwise provide customer service or provide you with any other information that you request from us.
• Notify you when updates are available and of changes to the Platform.
• Give you notices about your account or subscriptions, including expiration or renewal notices.
• Track Platform usage and performance to better serve our customers and improve user experience, including by monitoring usage patterns, storing information about your preferences, allowing us to customize our Platform according to your individual settings and recognize you when you use the Platform.
• To send you marketing communications about our Services and events, including via email and in-app notifications, in accordance with your marketing preferences.
• To carry out other legitimate business purposes, as well as other lawful purposes.

In addition, we anonymize and/or aggregate personal information that we collect about you or that you or other Platform Users provide to us to prepare reports, studies, analyses; maintain and improve the performance or functionality of the Platform; demonstrate the effectiveness of the Platform, and develop new features, products, and other work product.

Some features of the Platform may enable participants in the shipping and/or trucking industry and/or other companies with which we work to communicate and share data, including shippers, carriers, beneficial cargo owners, third-party logistic providers, system integrators and device manufacturers. In order for us to make these features available within the Platform, it may be necessary for us to share your personal information with these parties. These parties are not allowed to use personally identifiable information except for the purpose of making such features available through the Platform. There is functionality within the Platform to restrict sharing (e.g. you can control carrier connections sent to you via FourKites Connect) or disable features of the Platform that automatically collects your personal information (e.g. you may disable location access from your mobile device for the Platform).

This section applies to personal information that we collect and process about individuals who visit the Website or interact with FourKites online or offline, such as in connection with our recruitment, events, sales and marketing activities (“Visitors“). In this section “you” and “your” refers to Visitors.

A. Information We Collect about Visitors

Information you provide directly to us when using the Website or interact with us online or offline: Certain parts of our Website may ask you to provide personal information voluntarily. For example, we may ask you to provide certain personal information (such as your name, contact details, company name, profile information) in order to find out more about FourKites or the Services, apply for a role with FourKites, or otherwise submit inquiries or make contact with us. We may also collect personal information, such as your contact and job details and feedback, when you attend our events, take part in surveys, register to receive a gift from our swag store or through other business or marketing interactions we may have with you for the purposes outlined below. You may choose to provide additional information when you communicate with us or otherwise interact with us, and we will keep copies of any such communications for our records.

The personal information that you are asked to provide, and the reasons why we want it, will be made clear to you at the point we ask you to provide it. We will also let you know prior to collection whether the provision of the personal information we are collecting is compulsory or may be provided on a voluntary basis and the consequences, if any, of not providing the information.

Information we collect automatically through the Website: When you visit our Website, we may also collect certain information automatically from your device. In some countries, including countries in the European Economic Area and in the UK, Switzerland, Canada, and Brazil, this information may be considered personal information under the law.

Specifically, the information we collect automatically may include your IP address, your operating system, your browser ID, your browsing activity, and other information about your system and connection and how you interact with our Websites and other websites. We may collect this information as a part of log files as well as through the use of cookies or other tracking technologies. Our use of cookies and other tracking technologies is discussed more below, and in more detail in our Cookie Policy.

B. How we use Personal Information about Visitors 

We may use the personal information we collect through our Website for a number of reasons, including:

• To provide, operate, optimize, manage and maintain the Website, including customizing and improving the content, navigation and layout, system administration and security.
• To send you information about FourKites and its services/products for marketing purposes, in accordance with your marketing preferences.
• For recruitment purposes if you have applied for a role with FourKites.
• To respond to your online inquiries and requests, and to provide you with information and access to resources about the Services that you have requested from us.
• To identify any server, network or other IT issues.
• To compile aggregated statistics about usage and to better understand the preferences of our Visitors.
• To carry out research and development to improve the Website.
• To carry out other legitimate business purposes, as well as other lawful purposes.

This section applies to personal information that we collect and process related to individuals who use our Community Site (“Community Users“). In this section “you” and “your” refers to Community Users.

The Community Site enables its users to connect with one another and create connection groups and/or to post, submit, publish, display, or transmit to other Community Users or to us comments, content, feedback, or materials. The Community Site also enables its users to take part in online learning modules and earn certifications.

A. Information We Collect about Community Users

Information you provide directly to us when using the Community Site: Certain parts of our Community Site may ask you to provide personal information voluntarily. For example, we may ask you to provide certain personal information (such as your first name, contact details, company name, profile information) in order to access the Community Site, take part in our learning modules or otherwise make contact with us. You may choose to provide additional information when you communicate with us or other Community Users, such as feedback. Note, we may keep copies of any such communications for our records, within the bounds of law.

The personal information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide it.

Information we collect automatically through the Community Site: When you visit our Community Site, we may also collect certain information automatically from your device. In some countries, including countries in the European Economic Area and in the UK, Switzerland, Canada, and Brazil, this information may be considered personal information under the law.

Specifically, the information we collect automatically may include your IP address, your operating system, your browser ID, your browsing activity, and other information about your system and connection and how you interact with our Community Sites and other websites. We may collect this information as a part of log files as well as through the use of cookies or other tracking technologies. Our use of cookies and other tracking technologies is discussed more below, and in more detail in our Cookie Policy.

B. How we use your personal information 

We may use the information we collect through our Community Site for a range of reasons, including the following business and commercial purposes:

• To provide, operate, optimize, manage, maintain and improve the Community Site and the learning modules, including customizing and improving the content, navigation and layout, system administration and security.
• To respond to your online inquiries and requests, and to provide you with information and access to resources about the Services that you have requested from us.
• To identify any server, network or other IT issues.
• To compile aggregated statistics about usage and to better understand the preferences of Community Users.
• To carry out research and development to improve the Community Site.
• To carry out other legitimate business purposes, as well as other lawful purposes.

This section applies to personal information that we collect and process related to individuals who use CarrierLink such as drivers and other consumers (“CarrierLink Users“). In this section “you” and “your” refers to CarrierLink Users.

CarrierLink provides you with the ability to provide information about a load assigned to you by a customer of the FourKites platform (an “Assigned Load”) which information is integrated into the Platform to enable our customers to plan and track their freight and communicate with you and others. CarrierLink enables you to:

• Provide your truck’s location and notes on an Assigned Load;
• Send messages directly to the shipper or the receiver’s facility to provide information on status of the Assigned Load;
• Check-in and check-out of the shipper or receiver’s facility (including, without limitation, complete and submit forms required by the facility, schedule appointments with the facility and receive instructions as to the dock assigned to you to load or unload the freight); and
• Facilitate the signature of various documents for the Assigned Load provided by the shipper and/or receiver such as bill of ladings and proof of delivery (“e-Documents”).

In addition, CarrierLink also provides you with the ability to (a) to view, rate and review shipping and warehouse facilities; (b) use turn-by-turn navigation; and (c) explore nearby places such as gas stations and truck stops.

A. Information We Collect about CarrierLink Users

Information you provide directly to us when using CarrierLink: When you use CarrierLink, we may ask you to provide personal information voluntarily. For example, when you sign into CarrierLink we will ask you for your name, mobile number and verification code in order to facilitate your access to certain features of CarrierLink. You may also provide us with personal information, such as your name, mobile number and email address to set up a profile, when you rate and review shipping or warehouse facilities and amenities or when you request user support. You may also provide your signature or name when signing e-Documents. The personal information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide your personal information.

Information we collect automatically through CarrierLink: When you use CarrierLink, we may also collect certain information automatically from your device. In some countries, including countries in the European Economic Area and in the UK, Switzerland, Canada, and Brazil, this information may be considered personal information under the law.

Specifically, the information we collect automatically may include:

• Device Information: We may collect your IP address, your operating system, your mobile browser ID, your browsing activity, and other information about your mobile phone and connection and how you use CarrierLink. We may collect this information as a part of log files as well as through the use of tracking technologies. Our use of tracking technologies is discussed more below, and in more detail in our Cookie Policy.
• Usage Details: We may collect certain details about your access to and use of CarrierLink, including traffic data, logs, error and crash reports and other communication data and the resources that you access and use on or through the CarrierLink (such as which features you access) and how you use them (such as session times and navigation journey). In addition, CarrierLink may access metadata and other information associated with other files stored on your device or other systems.
• Location Information: If you enable location sharing on your device, FourKites collects real-time information about the location of your device only when CarrierLink is open and running in the foreground or background of your device. This includes your actual location as determined by GPS signals sent by your mobile device or other tracking technologies to determine location, some of which may be made available through third-party licensors. Our use of tracking technologies is discussed more below, and in more detail in our Cookie Policy. FourKites collects your location data in order to track shipments for shippers, brokers and carriers; to provide turn-by-turn navigation; and to help you explore nearby places.

In addition, we anonymize and/or aggregate personal information that we collect about you or that you provide to us to prepare reports, studies, analyses; maintain and improve the performance or functionality of CarrierLink and the Platform; demonstrate the effectiveness of CarrierLink and the Platform, and develop new features, products, and services.

B. How we use personal information of CarrierLink Users

We may use the information we collect through CarrierLink for a range of reasons, including the following business and commercial purposes:

• Provide, operate, optimize, manage, maintain and improve the Platform and CarrierLink, including customizing and improving the content, navigation and layout, system administration and ensuring the functionality and security.
• Collect ratings and reviews of shipping or warehouse facilities and amenities.
• Respond to, or follow up on, your comments and questions, and otherwise provide customer service or provide you with any other information that you request from us.
• Notify you when updates are available and of changes to CarrierLink.
• Give you notices about your account.
• Track CarrierLink usage and performance to better serve our customers and improve user experience, including by monitoring usage patterns, storing information about your preferences, allowing us to customize CarrierLink according to your individual settings and recognize you when you use CarrierLink.
• To carry out other legitimate business purposes, as well as other lawful purposes.

If you are located in the European Economic Area (EEA), the UK or Switzerland, you have the following privacy rights:

• You can access, correct, update or delete your personal information by emailing [email protected]. Note that we cannot delete your personal information without also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement (including contractual) or cause the information to be incorrect. Proper access and use of information in connection with the Services is governed by our agreements with the company licensing access to the Services.
• You can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information by emailing [email protected].
• Promotion by FourKites. If you do not want us to use your email address to promote our own or third parties’ products or services, you can opt-out of receiving marketing emails at any time by sending an email to [email protected] or by using the unsubscribe function on the marketing communication.
• If we have collected and processed your personal information with your consent, then you can withdraw your consent at any time by emailing [email protected] Withdrawing your consent will not affect the lawfulness of any processing conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful grounds other than consent.
• You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority. Contact details are available here.

This Section of our Privacy Policy provides information for California residents, as required under California privacy laws, including the California Consumer Privacy Act (“CCPA”).  California privacy laws require that we provide California residents information about how we use their personal information, whether collected online or offline, and this document is intended to satisfy that requirement.

Under the CCPA, “personal information” is any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household.  For the purposes of this Section of our Privacy Policy the personal information we collect is primarily information collected on our Website, on the Community Site, via CarrierLink, and from potential customers, including those who engage in pilot programs that we offer from time-to-time.

a. Categories of Personal Information that We Collect, Disclose, and Sell 

The categories of personal information about California consumers that we collect depends on the context in which you interact with us. Information we collect in connection with potential customers, the Website, the Community Site and Carrier Link include:

• Identifiers, including name, user name. postal address, email address, telephone contact information, unique device identifiers, and IP address;
• Professional or employment-related information, including your work title, department information, role and other information related to your work or employer;
• Internet or other electronic network activity information, including traffic data, logs, usage data, error and crash reports and other communication data; IP address, your operating system, your browser ID, your browsing activity, and other information about your system and connection and how you interact with our Websites and other websites;
• Geolocation data, including location data and only in certain contexts; and
• Electronic Information, including information related to your internet connection, the device’s hardware model, operating system version, browser type, and mobile network information.

Our uses are set out in the Sections titled How We Use Your Personal Information. Please refer to the appropriate section for our uses: 

• Platform Users 
• Visitors
• Community Users 
• CarrierLink Users

We may disclose the personal information we collect as set forth in Section 6C (Who do we share your personal information with) of the Section titled General Information.

b. California Residents’ Rights

California law grants California consumers certain rights and imposes restrictions on particular business practices as set forth below.

• You may request access to, or for a copy of the personal information we have collected, used, disclosed, and sold about you over the past twelve (12) months. 
• You may also request that we delete certain personal information we have collected from you. 
• You have a right not to receive discriminatory treatment for the exercise of your CCPA privacy rights
• California consumers have the right to opt-out of the sale of their personal information. We do not and will not sell your personal information.  We may provide third parties with certain personal information to provide or improve our products and services, for example to deliver products or services at your request. In such cases, we require those third parties to handle the information in accordance with applicable laws and regulations.

Submitting Requests. If you are a California consumer seeking to exercise your CCPA rights, or if you are an authorized agent wishing to exercise CCPA rights on behalf of someone else, please e-mail us at [email protected].  We will respond to verifiable requests received as required by law.  

Please note that to protect your personal information, we will verify your identity by a method appropriate to the type of request you are making. We may also request that your authorized agent have written permission from you to make requests on your behalf, and we may also need to verify your authorized agent’s identity to protect your personal information.

California Civil Code Section 1798.83 permits users of our Services that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to [email protected]. 

If you have questions about your rights under CCPA, please send us an email to [email protected].

Right to Opt-out.  California residents have the right to opt-out of our sale of their personal information. We do not and will not sell your personal information.

Right to Opt-In. We do not sell personal information about residents who we know are younger than 16 years old.

Notice at Collection. We are required to notify California residents, at or before the point of collection of their personal information, the categories of personal information collected and the purposes for which such information is used.

Verifiable Requests to Delete, and Requests to Know. Subject to certain exceptions, California residents have the right to make the following requests, at no charge, up to twice every 12 months:

Right of Deletion: California residents have the right to request deletion of their personal information that we have collected about them, subject to certain exemptions, and to have such personal information deleted, except where necessary for any of a list of exempt purposes.

Right to Know – Right to a Copy: California residents have the right to request a copy of the specific pieces of personal information that we have collected about them in the prior 12 months and to have this delivered, free of charge, either (a) by mail or (b) electronically in a portable and, to the extent technically feasible, readily useable format that allows the individual to transmit this information to another entity without hindrance.  

Right to Know – Right to Information: California residents have the right to request that we provide them certain information about how we have handled their personal information in the prior 12 months, including the: 

• categories of personal information collected;
• categories of sources of personal information;
• business and/or commercial purposes for collecting and selling their personal information;
• categories of third parties/with whom we have disclosed or shared their personal information;
• categories of personal information that we have disclosed or shared with a third party for a business purpose;
• categories of personal information collected; and
• categories of third parties to whom the residents’ personal information has been sold and the specific categories of personal information sold to each category of third party.

Submitting Requests. Requests to exercise the right of deletion, right to a copy, and / or the right to information may be submitted by emailing us at [email protected].  We will respond to verifiable requests received from California consumers as required by law.  Note that we cannot delete your personal information except by also deleting your user account. We may still retain copies of your personal information in cached and archived copies or might have been copied or stored by other users of the Services. Proper access and use of information in connection with the Services is governed by our agreements with the company licensing access to the Services.

Right to Non-Discrimination, and Incentives. The CCPA prohibits discrimination against California residents for exercising their rights under the CCPA and imposes requirements on any financial incentives offered to California residents related to their personal information.

California Civil Code Section 1798.83 permits users of our Services that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to [email protected].

This section applies if your information is collected from within Australia.

Access and correction

You may access the personal information we hold about you, by making a request.  We will respond to your request within a reasonable period, and in any event within 30 days.  We may charge you a reasonable fee for processing your request (but not for making the request for access).  We may decline a request for access to personal information in circumstances prescribed by the Personal Information Protection and Electronic Documents Act (Canada PIPEDA) or relevant substantially similar provincial privacy law, and if we do, we will give you a written notice that sets out the reasons for the refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.

If, upon receiving access to your personal information or at any other time, you believe the personal information we hold about you is inaccurate, incomplete or out of date, please notify us immediately. We will take reasonable steps to correct the information so that it is accurate, complete and up to date. If we refuse to correct your personal information, we will give you a written notice that sets out our reasons for our refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.

Complaints and feedback

If you wish to make a complaint about a breach of Canada PIPEDA or a relevant substantially similar provincial privacy law, please contact us using the details below and we will take reasonable steps to investigate the complaint and respond to you.

If after this process you are not satisfied with our response, you can submit a complaint to the Office of the Privacy Commissioner of Canada or the equivalent office in your province if you are subject to a substantially similar provincial privacy law.

If you have any queries or concerns about our privacy policy or the way we handle your personal information, please contact our privacy officer using the Contact Information set out in section J below.

This section applies if your information is collected from within New Zealand.

Access and correction

You may access the personal information we hold about you, by making a request.  We will respond to your request within a reasonable period, and in any event within 20 working days.  We may charge you a reasonable fee for processing your request (but not for making the request for access).  We may decline a request for access to personal information in circumstances prescribed by the Privacy Act 1993 (New Zealand Privacy Act), and if we do, we will give you a written notice that sets out the reasons for the refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.

If, upon receiving access to your personal information or at any other time, you believe the personal information we hold about you is inaccurate, incomplete or out of date, please notify us immediately.  We will take reasonable steps to correct the information so that it is accurate, complete and up to date.  If we refuse to correct your personal information, we will give you a written notice that sets out our reasons for our refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.

Complaints and feedback

If you wish to make a complaint about a breach of the New Zealand Privacy Act, or a privacy code that applies to us, please contact us using the details below and we will take reasonable steps to investigate the complaint and respond to you.

If after this process you are not satisfied with our response, you can submit a complaint to the Office of the Privacy Commissioner.

If you have any queries or concerns about our privacy policy or the way we handle your personal information, please contact our privacy officer using the Contact Information set out in section XX below.

This Section of our Privacy Policy provides information for Brazilian data subjects, as required by Brazil’s General Data Protection Law (LGPD).

Brazilian Data Subjects’ Rights

LGPD grants certain rights, especially the ones addressed under its Article 18, with respect to your personal data, as set forth below:

Right of Confirmation and Access. You have the right to obtain confirmation as to whether or not your personal data is being processed and if so, the right to obtain a copy of this data.  

Right to Rectification. You have the right to request the correction of incomplete, inaccurate or out-of-date personal data.

Right to Anonymization, Blocking or Erasure. Under this right, you may request anonymization, blocking or erasure of unnecessary or excessive personal data or personal data processed in non-compliance with the provisions of the LGPD.

Data Portability. Upon express request, you have the right to have your personal data transmitted to another service or product provider, limited to commercial or industrial secrets.

Right to Erasure. Under this right, you may request the erasure of your personal data processed on the basis of consent. This right does not arise to the extent that we use another legal basis for processing your information, such as in case processing is necessary for compliance with a legal or regulatory obligation to which we are subject to.

Right to Withdraw Consent. Under this right, you may withdraw your consent at any time, in case it is the legal basis of processing, through an easy to use and free of charge procedure.

Right to Obtain Information About the Possibility of Denying Consent. You also have the right to be informed about the possibility of denying your consent and the consequences of such denial.

Right to Obtain Information About Shared Data. You have the right to obtain information about the public and private entities with which we have shared data.

Right to Petition. Under this right, you may petition with the Brazilian regulatory authority as well as consumer protection entities regarding the processing of your personal data.

Right to Object. You have the right to object to the processing carried out based on one of the legal basis other than your consent, in case it is noncompliant with the provisions of the LGPD.

Right to Revision of Automated Decision Making. You may request the revision of decisions taken solely on the basis of automated processing of personal data that affects your interests, including decisions intended to define your personal, professional, consumer or credit profile or aspects of your personality, providing clear and adequate information regarding the criteria and procedures used for an automated decision, subject to commercial and industrial secrecy.

This section applies where Singapore and Hong Kong Special Administrative Region (SAR) data privacy laws apply to our collection, use, disclosure or other processing of your personal information.

Your rights

You may have certain rights under applicable data privacy laws with respect to your personal information including:

Right of Access. You have the right to access your personal information and (if Singapore’s Personal Data Protection Act 2012 applies) to obtain information about how we have used your personal information in the 12 months prior to your request. We will respond to these requests in accordance with applicable data protection laws.  We may take reasonable steps to verify your identity when you send a request. Where permitted by applicable law, we may charge a reasonable fee for the processing of any data access request.

Right to Correction. You have the right to request the correction of incomplete, inaccurate or out-of-date personal information.

Right to Deletion. You may have the right to request deletion of your personal information in certain circumstances. We will respond to these requests in accordance with applicable data protection laws.  

Right to Withdraw Consent. You may withdraw your consent to the processing of your personal information and/or to direct marketing communications at any time.

Right to Object to Automated Decision Making. You may submit a complaint to any decision that significantly affects you being taken solely by automated decision making.

Right to De-register an Account: If you are located in Mainland China and you have registered an account with us, you have the right to de-register your account.

This section applies if your information is collected from within Canada.

Access and correction

You may access the personal information we hold about you, by making a request.  We will respond to your request within a reasonable period, and in any event within 30 days.  We may charge you a reasonable fee for processing your request (but not for making the request for access).  We may decline a request for access to personal information in circumstances prescribed by the Personal Information Protection and Electronic Documents Act (Canada PIPEDA) or relevant substantially similar provincial privacy law, and if we do, we will give you a written notice that sets out the reasons for the refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.

If, upon receiving access to your personal information or at any other time, you believe the personal information we hold about you is inaccurate, incomplete or out of date, please notify us immediately.  We will take reasonable steps to correct the information so that it is accurate, complete and up to date.  If we refuse to correct your personal information, we will give you a written notice that sets out our reasons for our refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.

Complaints and feedback

If you wish to make a complaint about a breach of Canada PIPEDA or a relevant substantially similar provincial privacy law, please contact us using the details below and we will take reasonable steps to investigate the complaint and respond to you.

If after this process you are not satisfied with our response, you can submit a complaint to the Office of the Privacy Commissioner of Canada or the equivalent office in your province if you are subject to a substantially similar provincial privacy law.

If you have any queries or concerns about our privacy policy or the way we handle your personal information, please contact our privacy officer using the Contact Information set out in section J below.

This section of our Privacy Policy provides information for the holders of Argentine personal data, as required by the Argentine Personal Data Protection Law (PDPL).

Argentinean Data Subject’ Rights.

The PDPL grants you the rights of information, access, rectification, updating or deletion of data, with respect to your personal data, as established below:

Right of information. You have the right to request information from us about the existence of files, registers, databases or personal data banks where we may be storing your personal information, and for what purpose we use it.

Right of access. You have the right, after verifying your identity, to request and obtain confirmation on whether or not your personal data is being processed and, if so, the right to obtain a copy of this data. By virtue of Provision No. 10/2008, issued by the National Directorate for the Protection of Personal Data, we inform you:

The data subject has the faculty to exercise the right of access to them free of charge at intervals not less than six months, unless a legitimate interest is credited to effect in accordance with the established in article 14, in article 14 law No. 25,326.

We will respond to your request as required by law, namely within ten days from the date of your request.

Right to rectify, rectify, update or delete data. You have the right to request the rectification, updating or deletion of your personal data, as appropriate, in the legal terms and deadlines and when appropriate. The deletion of any data will not proceed when it could cause damage to the rights or legitimate interests of third parties, or when there is a legal obligation to keep the data. We will respond to your request as required by law, namely within five days from the date of your request.

You have the right, at any time, to revoke your consent granted for the processing of your personal data. Withdrawing your consent will not affect the legality of any treatment carried out before the revocation of your consent, nor will it affect the treatment of your personal information carried out based on legal reasons other than consent as allowed by the PDPL.

Complaints.

You have the right, if you consider it necessary, to go to the National Directorate for Personal Data Protection of Argentina to file a complaint in the event that any of your rights with respect to your personal data is denied.

This Section of our Privacy Policy provides information for Mexican data owners, as required by Mexico’s Federal Law on Protection of Personal Data held by Private Parties (FLPPDPP).

Mexican Data Owners’ Rights.

The FLPPDPP grants you rights of access, rectification, erasure and/or opposition (ARCO by its Spanish acronym) with respect to your personal data, as set forth below:

Right of access. You have the right to obtain confirmation on whether or not your personal data is being processed and, if so, the right to obtain a copy of this data. You have the right to receive a copy of your personal data free of charge once a year, otherwise we may charge the fee indicated by the FLPPDPP.

Right of rectification. You have the right to request the correction of incomplete, inaccurate or outdated personal data. When requesting such rectification, you must indicate the changes to be made and provide documentation supporting your request.

Right of Erasure. You have the right to request the deletion or elimination (erasure) of your personal data, however, according to the provisions of the FLPPDPP, not in all cases personal data may be deleted, for example, when it is necessary for compliance with legal obligations.

Right of opposition. You have the right to object to the processing of your personal data, in the event that such processing does not comply with the provisions of the FLPPDPP.

You must submit your request in compliance with the provisions of article 29 of the FLPPDPP.  Likewise, we will respond to these requests in accordance with the FLPPDPP, namely, we will take steps to verify your identity, confirm your right to exercise these rights, and if these proceed. Please note that we may deny your request under the provisions of articles 26 and 34 of the FLPPDPP. We will respond to your request as indicated by law, namely, within a period of twenty days from the date of your request, when we will inform you if your request proceeds, in which case, we will make it effective within the following fifteen days.

You have the right, at any time, to revoke the consent granted to FourKites for the processing of your personal data. Withdrawing your consent will not affect the legality of any treatment carried out before the revocation of your consent, nor will it affect the treatment of your personal information carried out based on legal reasons other than consent as permitted by the FLPPDPP.

Complaints and Feedback.

You have the right to go to the National Institute of Transparency, Access to Information and Protection of Personal Data (INAI) to assert any complaint related to the processing of your personal data by FourKites.

This section of our Privacy Policy provides information for Colombian data subjects, as required by the General Law for the Protection of Personal Data (GLPPD).

Rights of the Holders of personal data in Colombia.

• You have the right to know, update, rectify, consult (Habeas Data) regarding your personal data with us, with respect to data that you consider partial, inaccurate, incomplete, fractioned and/or in error.
• You have the right to request proof of the authorization (consent) under which we process your data, except in those cases in which we have the legal right to process the data of the owner.
• You have the right to request that we inform you about how we use your personal data.
• You have the right to free access to the personal data that you voluntarily decide to share with us. We will respond to your request as indicated by law, namely, within a period of fifteen business days from the date of your request, but in any case no more than 23 business days.

You have the right to revoke your authorization and / or request the deletion of any data when you consider that we have not respected your rights and constitutional guarantees. The request to delete your information and the revocation of the authorization will not proceed when there is a legal or contractual duty for you to remain in the database. Withdrawing your consent will not affect the legality of any treatment carried out before the revocation of your consent, nor will it affect the treatment of your personal information carried out on the basis of legal reasons other than consent, as allowed by the GLPPD.

Complaints.

You have the right to present before the Colombian Superintendency of Industry and Commerce the complaints that you consider pertinent to enforce your right to Habeas Data.

This section of our Privacy Policy provides information for Chilean data subject, as required by the Personal Data Protection Law (PDPL).

Rights of the holders of personal data in Chile.

The LPDCP grants you the following rights with respect to your personal data:

The right of access or information. You have the right to be informed if we have your personal information and, if so, the right to obtain a free copy of this data. You can exercise the right of access to data free of charge at intervals of no less than six months.

The right of modification or rectification. You have the right to request the rectification of those data that concern you, and that are erroneous, inaccurate, misleading or incomplete data. When requesting rectification, you must indicate to us the modifications to be made.

The right of cancellation. You have the right to demand the destruction of the stored data, whatever the procedure used for it, when the storage of the data lacks a legal basis or when it is out of date. The data will have no legal basis each time a data processing is carried out in contravention of the provisions of the law, or for example, if the law that authorized it is repealed.

The right to block. You can demand the temporary suspension of any of the data processing operations; This blocking will proceed in all those cases in which the accuracy of the data cannot be established or its validity is doubtful and for which the cancellation does not correspond. You may also request either the cancellation or the blocking of the data as appropriate, in the cases of the data lists that are used for commercial communications (marketing).

The right of objection. You can object to the use of your personal data for advertising, market research or opinion polling purposes.

You have the right, at any time, to revoke the consent granted to FourKites for the processing of your personal data. Withdrawing your consent will not affect the legality of any treatment carried out before the revocation of your consent, nor will it affect the treatment of your personal information carried out based on legal reasons other than consent as allowed by the PDPL.

Complaints.

Complaints related to the protection of your personal data can be presented to the Chilean Council for Transparency.

This section of our Privacy Policy provides information for holders of Chilean personal data, as required by the Law on Protection of Personal Data (LPPD).

Rights of the Holders of personal data in Panama.

Right of access. You have the right to obtain your personal data that is stored or subject to treatment, in addition to obtaining information on the origin and purpose for which they were collected.

Right of rectification. You have the right to request the correction of your personal data that is incorrect, irrelevant, incomplete, out of date, inaccurate, false or irrelevant.

Right of cancellation. You have the right to request the deletion of your personal data that is incorrect, irrelevant, incomplete, out of date, inaccurate, false or irrelevant.

Right of opposition. You have the right to refuse to provide your personal data or that they are subject to certain treatment for well-founded and legitimate reasons.

Right of portability. You have the right to obtain a copy of your personal data in a structured way, in a generic and commonly used format, which allows it to be operated by different systems and / or transmit them to third parties.

You have the right, at any time, to revoke the consent granted to FourKites for the processing of your personal data. Withdrawing your consent will not affect the legality of any treatment carried out before the revocation of your consent.

Complaints.

You have the right to present to the National Authority for Transparency and Access to Information of Panama any complaint that you consider pertinent to enforce your rights.

This section of our Privacy Policy provides information for Peruvian personal data subjects, as required by the Personal Data Protection Law of Peru (PDPL).

Rights of the Holders of personal data in Peru.

The PDPL grants you the following rights with respect to your personal data:

Right of information. You have the right to be informed in a detailed, simple, express, unequivocal way and prior to its collection, about the purpose for which your personal data will be processed; where and for how long it will be stored and the transfer and recipients of said data.

Right of access. You have the right to obtain a copy of your information.

Right of updating, inclusion, rectification and deletion. You have the right to update, include, rectify and delete your personal data when it is inaccurate, incomplete, or false, when it is no longer necessary for the purpose for which it was collected or if the term established for its processing expires.

Right to prevent its distribution. You have the right to prevent your data from being provided to others (other than in a controller-processor relationship or as otherwise required by the PDPL), especially when this affects your fundamental rights.

Right of opposition. Provided that the PDPL does not indicate the contrary or provided you have not given consent, you can oppose the processing of your personal data when there are well-founded and legitimate reasons related to a specific personal situation.

Right to objective treatment. You have the right not to be subjected to a decision with legal consequences or that affects you in a significant way, based solely on the processing of personal data intended to evaluate certain aspects of your personality or conduct, without prejudice to the possibility of you defending your position to safeguard your legitimate interests.

The above rights may be limited as indicated in the PDPL. For example, the rights of access, deletion and opposition may be denied for reasons based on the protection of the rights and interests of third parties or when this may hinder ongoing judicial or administrative actions related to the investigation of your compliance with tax or social security obligations, in the case of criminal investigations on the commission of misdemeanors or crimes, in the case of the development of health and environmental control functions, for the verification of administrative offenses, or when so provided by law.

Complaints or Reports.

If you consider that you have been denied the exercise of your rights under the PDPL, you can appeal to the National Authority for the Protection of Personal Data of Peru or to the Judiciary for the purposes of your Habeas Data legal action.

Right to be compensated.

If you have been affected as a result of the breach of your rights, you have the right to obtain the compensation established in the PDPL.

Pursuant to Article 11 of the Protection of Personal Data Law no. 6698 (PDPL), you have the following rights:

• To know whether your personal data is processed.
• To request information about processing if personal data about you are processed.
• To know what the purpose of the processing is, and whether the data are being processed in accordance with these purposes.
• To know the third parties located inside or outside Turkey to whom your personal data are transferred.
• To request the rectification of incomplete or inaccurate information, if any.
• To request erasure of your personal data in case the legal ground for processing ceases to exist.
• To ensure that your request for the correction, erasure, or destruction of your personal data are notified to the third parties to whom your personal data have been transferred.
• To object to the occurrence of any result that is to your detriment by means of analysis of personal data exclusively through automated means.
• To request compensation for the damages arising from the unlawful processing of your personal data.

In addition, if we have collected and processed your personal information with your consent, then you can withdraw your consent at any time by emailing [email protected] Withdrawing your consent will not affect the lawfulness of any processing conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful grounds other than consent.

This section of our Privacy Policy provides information for Uruguayan data subjects, as required by the Law on Protection of Personal Data and Action of Habeas Data of Uruguay (LPPDAHD).

Rights of the Data Subjects in Uruguay.

The LPPDAHD grants you the following rights with respect to your personal data:

Right of information. You have the right to be informed expressly, precisely and unequivocally and prior to its collection, about the purpose for which your personal data will be processed; where and for how long it will be stored, the transfer and recipients of said data, and that you have rights of access, rectification and deletion of the data (Habeas Data).

Right of access. You have the right, after we verify your identity, to obtain all the information that we have about you. You can exercise this right free of charge at six-month intervals (or more frequently in the circumstances indicated by law), within five business days of being requested. We will provide you with a complete copy of all your personal data in our possession, however in no case may the report reveal data belonging to third parties, even if this data is linked to yours.

Right of rectification, update, inclusion or deletion. You have the right to request the rectification, update, inclusion or deletion of your personal data, after you provide verification of the error or falsehood or exclusion in your data, at no cost to you. We will proceed with the rectification, update, inclusion or deletion within a maximum period of five business days after receiving the request, or we will inform you of the reasons why your request does not apply.

Right to challenge personal assessments. You have the right not to be subjected to a decision with legal effects that significantly affects you, which is based on automated data processing intended to evaluate certain aspects of your personality, such as your job performance, credit, reliability, conduct, among others. You also have the right to challenge the decision made based on said assessment, and to obtain information both on the assessment criteria and on the automated program that was used to make the decision.

Rights regarding the communication of data. You have the right that your personal data is only communicated for the fulfillment of the purposes directly related to the legitimate interest on which the data processing is based and with your prior consent.

You have the right, at any time, to revoke the consent granted to FourKites for the processing of your personal data. Withdrawing your consent will not affect the legality of any processing carried out before the revocation of your consent, nor will it affect the processing of your personal information carried out based on legal reasons other than consent, as permitted by the LPPDAHD.

Complaints or Reports.

If your exercise of these rights is denied or not fulfilled within the deadlines for reasons not justified in accordance with the LPPDAHD, you have the right to present the Habeas Data action provided for in the LPPDAHD before the Regulatory and Control Unit of Personal Data of Uruguay (URCDP).

You may have certain rights as a personal data owner under Indonesian data protection laws and regulations with respect to your personal data. If you are a personal data owner in Indonesia seeking to exercise your privacy rights, please contact [email protected].

If you are from the European Economic Area, the UK, Switzerland or Turkey, our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.

However, we will normally collect and use personal information from you where the processing is in our legitimate interests and not overridden by applicable law, your data-protection interests or fundamental rights and freedoms. Typically, our legitimate interests include improving, maintaining, providing, and enhancing our technology, products, and services (including the Services); ensuring the security of the Services; and for our marketing activities.

However, we will normally collect and use personal information from you where the processing is in our legitimate interests and not overridden by applicable law, your data-protection interests or fundamental rights and freedoms. Typically, our legitimate interests include improving, maintaining, providing, and enhancing our technology, products, and services (including the Services); ensuring the security of the Services; and for our marketing activities.

If you are someone who has downloaded CarrierLink (such as a driver), we need your personal information to perform a contract with you (that is providing the CarrierLink App and connected services). Similarly, this will be the case if you have decided to join the Community Site, you will form a contract with us, and we will need your personal information in order to provide the Community Site.

In some other limited cases, we may also have a legal obligation to collect personal information from you. If we ask you to provide personal information to comply with a legal requirement, we will make this clear at the relevant time and advise you whether the provision of your personal information  is mandatory or not, as well as of the possible consequences if you do not provide your personal information.

If you are from Hong Kong, Indonesia, Japan, Malaysia, Singapore, Taiwan Thailand or The Philippines, we collect, use, disclose and otherwise process the personal information described above with your consent where required by applicable law. If you do not wish to provide us with any personal information which is indicated as compulsory, we may not be able to communicate with you or provide certain services or features to you. Further, if you provide us with details of any other individual (e.g. any other Platform User), you must give a copy of this Privacy Policy to, and obtain consent from, that individual before giving their personal information to us where consent is required by applicable laws.

If you are from Canada, we collect, use disclose and otherwise process the personal information described above with prior notice in the applicable situations or as authorized by Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA). If you do not wish to provide us with any personal information which is indicated as compulsory, we may not be able to communicate with you or provide certain services or features to you. Further, if you provide us with details of any other individual (e.g. any other Platform User), you must give a copy of this Privacy Policy to, (and obtain consent from, that individual if such individual is resident in the Province of Québec) before giving their personal information to us where consent is required by applicable laws (for example, with respect to individuals resident within the Province of Québec).

If you are from a Latin American country  (including without limitation, Argentina, Brazil, Chile,  Colombia, Mexico, Panama, Peru and Uruguay), we collect, use, disclose and otherwise process the personal information described above with your consent where required by applicable law. If you do not wish to provide us with any personal information which is indicated as compulsory, we may not be able to communicate with you or provide certain services or features to you. Further, if you provide us with details of any other individual (e.g. any other Platform User), you must give a copy of this Privacy Policy to, and obtain consent from, that individual before giving their personal information to us where consent is required by applicable laws.

If you are from Turkey, we collect, use, disclose, transfer overseas and otherwise process the personal information described above with your consent where required by applicable law. International transfers of your personal data shall comply with the legal basis set forth in the applicable law of your country, and any instructions (including any applicable model or standard clauses for international transfers) provided by the regulatory authority and/or applicable law.

Please see https://www.fourkites.com/privacy-policy/ for information on FourKites’ approach to international data transfers following the Court of Justice of the European Union’s invalidation of the EU-U.S. Privacy Shield as a lawful transfer mechanism for transfers of EU personal data from the EU to the U.S. Please be assured, to the extent we have ongoing obligations under our existing Privacy Shield Certification, we will continue to honor them.

FourKites complies with the EU-U.S. and the Swiss-U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from EU member countries, the United Kingdom and Switzerland to the United States pursuant to Privacy Shield. FourKites has certified to the Department of Commerce that it adheres to the Privacy Shield principles with respect to such data. If there is any conflict between the policies in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit www.privacyshield.gov/list.

FourKites’ responsibility for data it receives pursuant to the Privacy Shield and subsequently transfers to third parties is detailed in the Privacy Shield Principles. FourKites complies with the Privacy Shield Principles for all onward transfers from the EU and Switzerland, including the onward transfer liability provisions. FourKites remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Principles, unless FourKites proves that it is not responsible for the event giving rise to the damage.

With respect to personal information received or transferred pursuant to the Privacy Shield Frameworks, FourKites is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including as required to meet national security or law enforcement requirements.

Pursuant to the Privacy Shield Frameworks, EU and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to [email protected]. If requested to remove data, we will respond within a reasonable timeframe.

We will provide an individual opt-out choice before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to [email protected]. In the event that we ever collect, use, or share sensitive data, we will provide appropriate opt-in choice. FourKites commits to responding to complaints about your privacy and our collection and use of your personal information within 30 days of receiving your complaint. Individuals with questions or complaints regarding this Privacy Policy should first submit inquiries via e-mail to [email protected]. FourKites has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.

Under limited circumstances, binding arbitration may be a dispute resolution mechanism if your complaint is not resolved through these channels. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.

If you are from Hong Kong, Indonesia Japan, Malaysia, Singapore, Taiwan, Thailand or The Philippines, we collect, use, disclose, transfer overseas and otherwise process the personal information described above with your consent where required by applicable law. If you do not wish to provide us with any personal information which is indicated as compulsory, we may not be able to communicate with you or provide certain services or features to you. Further, if you provide us with details of any other individual (e.g. any other Platform User), you must give a copy of this Privacy Policy to, and obtain consent from, that individual before giving their personal information to us where consent is required by applicable laws.

If you are from a Latin American country  (including without limitation, Argentina, Brazil, Chile,  Colombia, Mexico, Panama, Peru and Uruguay), we collect, use, disclose, transfer overseas and otherwise process the personal information described above with your consent where required by applicable law.   International transfers of your personal data shall comply with the legal basis set forth in the applicable law of your country, and any instructions (including any applicable model or standard clauses for international transfers) provided by the regulatory authority and/or applicable law. If we transfer your personal data to a jurisdiction that does not provide adequate, equal or higher levels of data protection than those of your country, we will comply (including by contract) with the legal requirements of your jurisdiction.

If you are from Turkey, we collect, use, disclose, transfer overseas and otherwise process the personal information described above with your consent where required by applicable law. International transfers of your personal data shall comply with the legal basis set forth in the applicable law of your country, and any instructions (including any applicable model or standard clauses for international transfers) provided by the regulatory authority and/or applicable law.