The protection of Personal Data and the privacy of individuals is one of GEODIS' priorities. As a Data Controller, GEODIS is committed to complying with European and international regulations regarding the protection of personal data, and to implement all necessary measures to respect the confidentiality of Your Personal Data and to ensure their protection.
The aim of this Privacy Policy is to inform you about the reasons why we process your data, how long we keep your data, what are your rights and how you can exercise them.
If you want information on the use of cookies, please refer to our Cookie Policy.
Any term beginning with a capital letter and not defined in this Privacy Policy has the meaning indicated in the Terms of Use.
Why does GEODIS process your data?
GEODIS processes the Personal Data for the following purposes. These purposes each relate to a lawful basis for processing, as required by applicable law.
Type | Purposes | Legal basis |
Delivering our Services |
|
|
Cookie Management |
|
|
Data Protection request management |
|
|
Comply with legal obligations |
|
|
How long does GEODIS keep your data?
Your Personal Data will be kept for as long as needed or permitted to fulfill the purposes described above, in compliance with the applicable laws and regulations. In particular, we will retain Your Personal Data for the length of time We have an ongoing relationship with You, and notably as long as You have an active account on the Website. We may also retain Your Personal Data for longer periods if We are required to by law or if this is advisable in light of our legal position (such as in regard of the enforcement of the Terms of Use, applicable statutes of limitations, litigation or regulatory investigations). In addition, we will retain Your Personal Data for 3 years from the end of Our relationship with You or from the last contact from the User in accordance with the regulations in force concerning marketing activities.
With whom does GEODIS share your data?
The User is informed that Personal Data may be communicated to Our service providers and partners.
In order to protect the confidentiality of Your Personal Data, GEODIS undertakes to share Your data only with persons or services authorized to know such information and exclusively for the purposes mentioned.
During the execution of our contracts, and in order to ensure the relationship with our customers and the continuity of our services, we will share your data with our service providers and business partners. We may also disclose Your information, including Your Personal Data, to courts, governmental or law enforcement authorities or authorized third parties, if required or permitted by law.
GEODIS ensures that Your Personal Information is shared in accordance with applicable laws and under technical and organizational measures to ensure its protection.
hCaptcha
We use the hCaptcha security service (hereinafter "hCaptcha") on our website. This service is provided by Intuition Machines, Inc., a Delaware US Corporation ("IMI").
hCaptcha is used to check whether user actions on our online service (such as submitting a login or contact form) meet our security requirements. To do this, hCaptcha analyzes the behavior of the website or mobile app visitor based on various characteristics. This analysis starts automatically as soon as the website or mobile app visitor enters a part of the website or app with hCaptcha enabled. For the analysis, hCaptcha evaluates various information (e.g. IP address, how long the visitor has been on the website or app, or mouse movements made by the user). The data collected during the analysis will be forwarded to IMI. hCaptcha analysis in the "invisible mode" may take place completely in the background. Website or app visitors are not advised that such an analysis is taking place if the user is not shown a challenge. Data processing is based on Art. 6(1)(b) of the GDPR: the processing of personal data is necessary for the performance of a contract to which the website visitor is party (for example, the website terms) or in order to take steps at the request of the website visitor prior to entering into a contract. Our online service (including our website, mobile apps, and any other apps or other forms of access offered by us) needs to ensure that it is interacting with a human, not a bot, and that activities performed by the user are not related to fraud or abuse. In addition, processing may also be based on Art. 6(1)(f) of the GDPR: our online service has a legitimate interest in protecting the service from abusive automated crawling, spam, and other forms of abuse that can harm our service or other users of our service. IMI acts as a "data processor" acting on behalf of its customers as defined under the GDPR, and a "service provider" for the purposes of the California Consumer Privacy Act (CCPA).
For more information about hCaptcha’s privacy policy and terms of use, please visit the following links: https://www.hcaptcha.com/privacy and https://www.hcaptcha.com/terms
Transfer of Personal Data
GEODIS operates worldwide. Your Personal Data could thus be sent for storage and usage in countries in which GEODIS and our affiliates and partners operate, in compliance with applicable legal requirements.
To facilitate our global operations, we may transfer information internationally and allow access to that information from countries in which the GEODIS affiliated entities have operations for the purposes described in this policy. GEODIS would only transfer information internationally to realize the purposes listed above, in the strict respect of any applicable legislation.
Your Personal Data may be transferred for storage and use outside the European Economic Area to countries in which GEODIS and our affiliates operate. Where transfers are to take place outside the EEA, they will be made in compliance with regulations and after signing Standard Contractual Clauses, approved by the European Commission. These clauses ensure a sufficient level of protection of privacy and fundamental rights.
Can my Personal Data be sold?
As a matter of respect for our principles, and unless otherwise specified, GEODIS does not sell your personal data.
How GEODIS protects your Personal Data?
Information Security is a key aspect of GEODIS’ overall IT solution. Data security controls and measures are in place throughout the enterprise and integrated in processes and procedures used in everyday operations. Several methodologies are used to govern and protect access to GEODIS’ system resources and data.
These include physical security measures (security of access to premises, badges, etc.), organizational security measures (training, procedures, etc.), as well as IT security measures (antivirus, password security, backup, etc.). Measures are also in place to ensure that only authorized recipients have access to data, under appropriate security conditions
What are Your rights and how can You exercise them?
Depending on the contractual relationship, we may collect and process Personal Data on behalf of a particular customer in order to provide the services for which that customer has engaged us, in accordance with our contract with such customer. If you would like to exercise your rights with respect to your Personal Data that we hold as a service provider for a particular customer, you should contact that customer directly.
For data processing where GEODIS is qualified as Data Controller under the GDPR or Service Provider under the CCPA or any equivalent quality defined by applicable data protection regulation, Users are entitled to request access, rectification and/or erasure of Personal Data concerning them. Users also have the right to request that we restrict the processing of their personal data and the right to give instructions regarding the use of their personal data after their death. Each User is entitled to request the provision of their Personal Data to them or to a third party in machine readable format. Please note that, where We rely on consent for the use of your Personal Data, you can withdraw at any time Your consent. In the event of difficulties relating to the management of your personal data, or if you consider that your rights have not been respected, you can address a complaint to the competent supervisory authority.
Users may exercise their rights by using this form or dpo[at]geodis[dot]com or the following address:
For European-based and World Users
GEODIS
Data Protection Officer
26 Quai Charles Pasqua
Espace Seine
92300 Levallois-Perret
France
For USA-based Users
GEODIS Logistics LLC
Data Protection Officer
7101 Executive Center Drive
Suite 333
Brentwood - TN 37027
USA
Please note that we may ask you to verify your identity before taking any further action regarding your request. We also reserve the right to charge a fee or refuse your request where permitted by law, for instance if your request is manifestly unfounded or excessive.
Applicable Law
The Privacy Policy is subject to French law. This Privacy Policy constitutes the entire agreement between GEODIS and the User. It supersedes and replaces all prior or contemporaneous understandings or agreements, written or oral, regarding such subject matter, and prevails over any conflicting terms. The Privacy Policy is established in several languages. In any case, the French language version of this Privacy Policy shall prevail over any other version. In the event of any dispute arising out of the validity, interpretation and/or performance of the Privacy Policy, GEODIS and the User agree to meet to try and find an amicable solution to their dispute. In the event the parties fail to reach an amicable solution, any dispute concerning the interpretation, validity, and/or performance of the Privacy Policy shall be submitted to the competent courts of Paris, including in the case of multiple defendants or introduction of a third party, for proceedings aiming to obtain urgency or protective measures, in summary proceedings or on application.