Privacy Policy

1. Scope and Purpose

This Privacy Policy explains how CargoULD (“we”, “our”, “us”) collects, uses, and protects personal data in connection with our website, analytics platform, and related services (“the Service”).

We comply with applicable data protection laws, including the UK GDPR and, where relevant, the EU GDPR.

2. Data Controller

The data controller is the entity operating the CargoULD Service (“the Provider”). For any privacy questions, use the button below to reveal the contact email (spam-protected).

3. Data We Collect

We may collect the following categories of data:

• Account data: name, surname, email address, company name, and role.
• Login data: username, hashed password, session tokens.
• Usage data: IP address, browser type, device information, access times, and activity logs within the Service.
• Billing data: company billing details and VAT number (processed by our payment provider, e.g. Stripe).
• Communication data: emails, support requests, or messages you send to us.

4. How We Use Data

• Operate, maintain and secure the Service;
• Manage user accounts and authentication;
• Provide support and respond to requests;
• Analyse Service performance and usage;
• Send administrative or legal notices;
• Comply with applicable laws and protect our rights.

5. Lawful Basis

• Performance of a contract (providing the Service to the customer);
• Compliance with legal obligations;
• Legitimate interests (e.g. security, analytics, service improvement).

6. Data Retention

Personal data is kept for as long as necessary to fulfil the purposes described, or as required by law. Accounts and associated data may be deleted upon request or after prolonged inactivity, subject to legal or contractual retention duties.

7. Sharing and Transfers

We do not sell personal data. We may share data only with:

• Trusted service providers (e.g. hosting, analytics, payment processing) acting as data processors under appropriate data protection terms;
• Authorities where legally required;
• Affiliates or successors in case of merger, acquisition, or reorganisation.

Transfers outside the UK/EU occur only where adequate safeguards are in place (e.g. Standard Contractual Clauses).

8. Security

We apply appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure or destruction, including encryption, access control, and regular monitoring.

9. Cookies

We use technical cookies strictly necessary for authentication and session management. Optional analytics cookies (if enabled) help us understand Service performance.

For more information, see our Cookie Policy.

10. Your Rights

Under applicable law, you may have the right to:

• Access and obtain a copy of your data;
• Request correction or deletion of your data;
• Object to processing or request restriction;
• Data portability (where applicable);
• Lodge a complaint with a supervisory authority.

Requests can be submitted via the contact method in Section 12 (spam-protected).

11. Changes to this Policy

We may update this Privacy Policy periodically. The latest version is always available on this page, with the date of last revision.