Privacy Policy

1. Scope and Purpose

This Privacy Policy explains how CargoULD (“we”, “our”, “us”) collects, uses, stores, and protects personal data in connection with our website, analytics platform, and related services (“Service”).

We process personal data in accordance with applicable data protection laws, including the EU General Data Protection Regulation (GDPR) and applicable Italian data protection rules.

2. Data Controller

The data controller for the CargoULD Service is Kline Power, a sole proprietorship based in Italy (“Provider”).

For privacy questions or data protection requests, use the button below to reveal the contact email (spam-protected).

3. Data We Collect

We may collect the following categories of personal data:

• Account data: first name, last name, email address, company name, job title, and account role.
• Authentication data: username, hashed password, session identifiers, and login-related security records.
• Usage and technical data: IP address, browser type, device information, operating system, access times, pages viewed, and activity logs within the Service.
• Billing and transaction data: billing contact details, company billing information, VAT number, subscription status, and limited transaction information processed via our payment provider (e.g. Stripe).
• Communication data: emails, support requests, commercial communications, and other messages you send to us.
• Customer-provided data: data, notes, settings, preferences, or other content submitted by authorised users through the Service.

4. How We Use Data

• Operate, provide, maintain, and secure the Service;
• Manage user registration, authentication, and account administration;
• Provide customer support and respond to enquiries or requests;
• Process subscriptions, billing, payments, and related administrative records;
• Monitor performance, troubleshoot issues, and improve the Service;
• Send service, operational, legal, billing, and security-related communications;
• Prevent fraud, abuse, unauthorised access, and other harmful activity;
• Comply with legal obligations and protect our rights, users, and business.

5. Lawful Basis

Where the GDPR applies, we rely on one or more of the following legal bases:

• Performance of a contract — where processing is necessary to provide the Service or manage a subscription;
• Compliance with legal obligations — where we must retain or disclose data under applicable law;
• Legitimate interests — including service security, fraud prevention, support, analytics, product improvement, business administration, and B2B relationship management;
• Consent — where required, for example for optional cookies or specific communications.

6. Data Retention

Personal data is retained only for as long as necessary for the purposes described in this Policy, including to provide the Service, maintain security and audit records, comply with legal obligations, resolve disputes, and enforce agreements.

Account and service-related data may be deleted or anonymized after account closure or prolonged inactivity, subject to legal, tax, accounting, contractual, or legitimate business retention requirements.

7. Sharing and Transfers

We do not sell personal data. We may share personal data only where necessary with:

• Service providers and processors such as hosting providers, infrastructure providers, analytics tools, payment processors, communication tools, and support systems;
• Professional advisers such as accountants, legal advisers, or consultants, where reasonably necessary;
• Authorities or courts where required by law, regulation, legal process, or enforceable request;
• Successors or counterparties in connection with a merger, acquisition, reorganisation, financing, or sale of assets.

Where personal data is transferred outside the European Economic Area, we will do so only where appropriate safeguards are in place, such as adequacy decisions, Standard Contractual Clauses, or another lawful transfer mechanism.

8. Security

We implement reasonable technical and organisational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access.

These measures may include access controls, encryption where appropriate, authentication safeguards, system monitoring, logging, backup procedures, and security reviews. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

9. Cookies

We use strictly necessary cookies and similar technologies required for authentication, session handling, security, and core website functionality.

Where enabled, optional analytics cookies or similar tools may be used to understand website and Service performance. Where legally required, these optional technologies will be activated only on the basis of consent.

For more information, see our Cookie Policy.

10. Your Rights

Subject to applicable law, you may have the right to:

• Request access to your personal data;
• Request correction of inaccurate or incomplete data;
• Request deletion of personal data;
• Object to certain processing activities;
• Request restriction of processing;
• Request portability of data where applicable;
• Withdraw consent where processing is based on consent;
• Lodge a complaint with a competent supervisory authority.

Privacy requests can be submitted using the contact method in Section 12.

11. Changes to this Policy

We may update this Privacy Policy from time to time. The latest version will always be available on this page, together with the date of last update. Where changes are material, we may also provide notice through the Service or by email.