August 2023.

This privacy policy sets out the conditions under which the company collects and uses your personal data. It may change according to the legal and regulatory context.

Personal data is collected and processed in compliance with the regulations in force applicable to the processing of personal data and, in particular, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 applicable from 25 May 2018.

1. The data collected

In particular, the following categories of data may be collected when a person uses TRANSALLIANCE DRIVER’s app:

· Personal identification data such as the surname, first name, job title and e-mail and telephone contact details of the driver, persons involved in the collection or processing of the data ;

· Electronic identification data such as IP addresses, cookies, connection logs, etc. ;

· Geolocation data ;

· Any other data required to establish by electronic way the bill of lading (CMR), delivery note for the persons in the supply chain. Data can be collected to give a geolocation of the transported goods to the persons in the supply chain.

2. The identity of the data controller

The company acts as "Data Controller", in the sense that it determines the means and purposes of processing personal data. The company can be contacted at the following e-mail address dpo@transalliance.eu

3. Recipients and sub-contractors

Your personal data may be sent to the following recipients:

· client of the loader and the parties of the carrier agreement;

· Public administration and jurisdictions on require;

· To the host and publisher of the Platform: B’FAST, located in 28 Avenue Michel Verdier– 72320 Vibraye (publisher) et IBM Cloud /IBM France (Montpellier) (host)

4. Purposes of processing

These data are collected and processed within the framework of the use of the TRANSALLIANCE DRIVER application to provide TRANSALLIANCE's transport partners with a platform to inform and send consignment notes, delivery notes and reserves to the persons involved in the supply chain as well as ensuring the real-time tracking of shipments

5. Data retention period

The data will be kept for a maximum of 10 years.

The data collected will be stored in the EU.

6. Safety and security

Our company takes appropriate organizational, technical, software and physical measures to protect personal data against alteration, destruction and unauthorized access.

7. Your rights

Pursuant to the regulations applicable to personal data, as the owner of the personal data collected by our company you have the following rights in particular:

· rectify, update or delete your personal data;

· exercise your right of access to details of your personal data collected by our company. In this case, before exercising this right, we reserve the right to request proof of identity;

· object to the processing of your personal data. The exercise of this right is only possible in one of the following two situations: when the exercise of this right is based on legitimate grounds or aims to prevent the data collected from being used for commercial prospecting purposes;

· request the portability of your data where processing is based on your consent and is carried out using automated processes;

· request the restriction of the processing of your data, for a certain period of time, when :

o you dispute the accuracy of the personal data,

o the processing is unlawful but you object to the deletion of the personal data in question,

o the data controller no longer needs your personal data but it is still necessary for you to establish, exercise or defend legal claims,

o you objected to processing on legitimate grounds ;

lodge a complaint with a supervisory authority: If you consider that our company is not complying with its obligations with regard to the protection of personal data, you may lodge a complaint or a request with the competent authority. By way of example and without claiming to be exhaustive:

o "Commission Nationale de l'Informatique et des Libertés" in FRANCE,

o "Commission Nationale de contrôle de la protection des Données à Caractère Personnel" in LUXEMBOURG,

o "Data Protection Authority" in BELGIUM,

o "Agencia de Protección de Datos" in SPAIN,

o "Garante per la protezione dei dati personali" in ITALY,

o "National Authority for Data Protection and Freedom of Information in HUNGARY,

o "Information Commissioner's Office in the UNITED KINGDOM,

o And so on.

These requests have to be sent to : dpo@transalliance.eu