Skip to main content

Privacy Policy

Last Updated: March 2026

1. Data Controller Information

Data Controller: Swiftora Solutions
Registered Address: 1017HL Amsterdam, The Netherlands
Company Registration Number: 1023479-M
Email: support@swiftorasolutions.com
Office Hours: Monday – Saturday, 9:00 AM – 5:00 PM (UTC)

2. Data Protection Officer (DPO)

We have appointed a Data Protection Officer to oversee compliance with data protection laws. Contact our DPO at dpo@swiftorasolutions.com for any privacy-related concerns or to exercise your rights.

3. Information We Collect

We collect and process the following categories of personal data:

  • Identity Data: First name, last name
  • Contact Data: Email address, phone number
  • Business Data: Company name (if provided)
  • Transaction Data: Shipment tracking numbers, pickup/delivery addresses, shipment type, weight, delivery speed
  • Technical Data: IP address, browser type and version, time zone setting, browser plug-in types, operating system, and platform
  • Usage Data: Information about how you use our website and services
  • Marketing Data: Your preferences in receiving marketing communications

4. Legal Basis for Processing

We process your personal data under the following legal bases:

  • Contract (GDPR Art. 6(1)(b)): Processing necessary for the performance of our logistics services contract with you, including shipment coordination and delivery.
  • Consent (GDPR Art. 6(1)(a)): Where you have given explicit consent for marketing communications or optional cookies.
  • Legal Obligation (GDPR Art. 6(1)(c)): Processing necessary to comply with legal and regulatory requirements, including tax and customs regulations.
  • Legitimate Interests (GDPR Art. 6(1)(f)): Processing necessary for our legitimate business interests, including fraud prevention, network security, and service improvement, provided these interests do not override your fundamental rights.

5. How We Use Your Information

We use your personal data for the following purposes:

  • Providing shipment tracking and logistics coordination services
  • Processing and managing shipment requests
  • Communicating shipment updates and delivery notifications
  • Responding to inquiries and providing customer support
  • Enhancing website security and preventing fraudulent activity
  • Complying with legal, regulatory, and customs requirements
  • Improving our services and website functionality (with your consent for analytics)
  • Sending marketing communications (only with your explicit consent)

6. Data Recipients and Third-Party Processors

We may share your data with the following categories of recipients:

  • Service Providers: Supabase (database hosting), Zoho (email services), hosting providers
  • Logistics Partners: Courier and freight companies involved in shipment delivery
  • Regulatory Authorities: Customs, tax authorities, and other government agencies as required by law
  • Legal Advisors: When necessary to establish, exercise, or defend legal claims

All third-party processors are bound by data processing agreements ensuring compliance with GDPR and appropriate security measures.

7. International Data Transfers

As an international logistics provider, your data may be transferred to countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place:

  • Transfers to countries with adequacy decisions from the European Commission
  • Standard Contractual Clauses (SCCs) for transfers to countries without adequacy decisions
  • Binding Corporate Rules where applicable

8. Data Retention Periods

We retain your personal data only as long as necessary for the purposes outlined:

  • Shipment Data: 7 years (legal obligation for tax and customs records)
  • Contact Information: Duration of business relationship + 3 years
  • Marketing Consent Records: Duration of consent + 2 years after withdrawal
  • Website Analytics: 26 months (with consent)
  • Cookie Consent Records: 12 months from consent date

After the retention period expires, data is securely deleted or anonymized in accordance with our data retention policy.

9. Your Data Protection Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right to Access (Art. 15): Request a copy of your personal data we hold.
  • Right to Rectification (Art. 16): Request correction of inaccurate or incomplete data.
  • Right to Erasure (Art. 17): Request deletion of your data where legally permitted.
  • Right to Restrict Processing (Art. 18): Request limitation of processing in certain circumstances.
  • Right to Data Portability (Art. 20): Receive your data in a structured, machine-readable format.
  • Right to Object (Art. 21): Object to processing based on legitimate interests or direct marketing.
  • Right to Withdraw Consent: Withdraw consent at any time without affecting lawfulness of prior processing.

To exercise your rights: Email dpo@swiftorasolutions.com with your request and proof of identity. We respond within 30 days.

10. Cookies and Tracking Technologies

We use cookies and similar technologies as described in our Cookie Policy. You can manage your cookie preferences at any time by clicking the "Cookie Settings" button at the bottom-left of our website.

11. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • SSL/TLS encryption for all data transmissions
  • Secure server infrastructure with access controls
  • Regular security assessments and penetration testing
  • Employee training on data protection
  • Incident response procedures for data breaches

While we apply industry-standard safeguards, no digital transmission can be guaranteed fully secure. Users are responsible for safeguarding tracking numbers and avoiding submission of sensitive data through unsecured channels.

12. Automated Decision-Making and Profiling

We do not use automated decision-making or profiling that produces legal effects or similarly significant consequences for individuals. All shipment pricing is calculated using transparent, rule-based algorithms without discriminatory factors.

13. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a minor, please contact us immediately for deletion.

14. Changes to This Privacy Policy

We may update this Privacy Policy periodically. Significant changes will be communicated via email or prominent notice on our website. The "Last Updated" date at the top indicates when changes were made.

15. Complaints and Supervisory Authority

If you believe we have violated your data protection rights, you have the right to lodge a complaint with the supervisory authority:

Autoriteit Persoonsgegevens (Dutch DPA)
Bezuidenhoutseweg 30, 2594 AV The Hague
Website: autoriteitpersoonsgegevens.nl

We encourage you to contact us first at dpo@swiftorasolutions.com to resolve any concerns.

16. Contact Us

For any questions about this Privacy Policy or our data practices, please contact:

Data Protection Officer
Email: dpo@swiftorasolutions.com
Address: Swiftora Solutions, 1017HL Amsterdam, The Netherlands