PURPOSE AND SCOPE OF THIS POLICY
At DTDC, we value your privacy and we are committed to protecting your personal data.
The purpose of this Policy is to provide you with information about how and why DTDC collects and processes your personal data under the following cases:
- When you visit this website
- When you chat with our Customer care agents
- When you fill the ‘Request a callback’ form, or the ‘Leave a Message’ form
- When you place a booking on our eBooking portal
- When you place a booking through other means (email, telephone, and walk-in)
- When you apply for a job on our careers portal
- When you contact us for any queries, or requests, or complaints through email or phone call.
Who are we?
Collection of your personal data
How we process your personal data
How long do we keep your personal data?
Disclosure of your personal data
International data transfers
Your rights as data subjects
WHO ARE WE?
DTDC Express Limited provides courier, parcel and express mail services to retail and corporate customers across the globe.
DTDC is the Controller when processing personal data received from individual customers, website visitors, and employment candidates.
DTDC is the Processor when processing personal data that is received from its business customers.
Our full details are: Unit 4 , Marlin Park, Central Way,
Feltham TW14 0AN
Customer Services: +02034117333 Ext.: 3908 / 3912
Ext.: 3907 / 3916
Full name of legal entity: DTDC Courier & Cargo UK Ltd
Email address of the Privacy team: firstname.lastname@example.org
If you are a resident of the European Union, you have the right to make a complaint at any time to supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement.
In the UK, the supervisory authority is the Information Commissioner’s Office (ICO). The relevant details regarding the ICO can be found at https://ico.org.uk/.
We would, however, appreciate the chance to deal with your concerns before you approach the ICO or your local supervisory authority. Therefore, please contact us in the first instance, if you are agreeable to the same.
COLLECTION OF YOUR PERSONAL DATA
PERSONAL DATA DIRECTLY OR VOLUNTARILY PROVIDED BY YOU:
DTDC collects the personal data that you directly or voluntarily provide us through the following means:
- When you fill the ‘Callback’ form: We collect personal data such as Name, Email address, Phone number, Pickup and Delivery Pin code, Delivery add and any other personal data that you share with us in the Message Text box.
- When you fill the ‘Leave a message’ form: We collect personal data such as Name, Email address and any other personal data that you share with us in the Message Text box.
- When you sign up on our website: We collect personal data such as Name and Email address.
- When you place a booking on our eBooking portal: We collect personal data such as Name, Email address, Phone number, Address and Pick up address. We will also collect Name, Delivery address, Email address and phone number of the recipient (Consignee) from you.
- When you make a booking over email/phone call: We collect personal data such as Name, Address, Email Address, Phone number of the along with records of your Payment and your payment information, such as credit or debit card or bank account details. We will also collect Name, Delivery address, Phone number and email address of the consignee from you.
- When you walk into our franchises or branches and make a booking: We collect personal data such as Name, Address, Email Address, and Phone number. We will also collect Name, Delivery address, Phone number and email address of the consignee from you.
- When you send emails regarding any requests, or complaints, or queries: We collect personal data such as the Name (as discernible from the Email Address), Email Address and any other personal data shared by you in the body or signature of the email.
PERSONAL DATA WE COLLECT FROM OUR BUSINESS CUSTOMERS:
We also offer our services to our business customers. When we offer such services, we do not directly collect information from the data subjects. Our business customers will share with us appropriate personal data such as Name, email address, phone number and address of the original shipper and end recipient.
PERSONAL DATA WE COLLECT FROM PROSPECTIVE CANDIDATES
We have a Careers page on our website which provides details on any job openings.
We may collect resumes of prospective candidates when they apply for job openings.
INFORMATION WE AUTOMATICALLY COLLECT FROM YOU
When you use our Site and services, our servers automatically record information that your browser sends whenever you visit our websites (“Log Data”). This Log Data may include information such as your IP address, browser type or the domain from which you are visiting, the web-pages you visit, your current location, the search terms you use, and any advertisements on which you click.
HOW WE PROCESS YOUR PERSONAL DATA
As a Data controller, DTDC will process your personal data only if there is a lawful basis for us to do so.
All our processing activities falls under one of the following lawful basis:
1. Where we need to perform the contract we are about to enter into or have entered into, with you;
2. Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests;
3. Where we need to comply with a legal or regulatory obligation.
We have set out below, in a table format, a description of all the ways we plan to process your personal data along with the corresponding lawful bases for the same.
|Purpose/Activity||Lawful basis for processing|
|To register you as a new customer on our website.||Performance of a contract with you|
|Providing postal/courier services to you using our own network or through the use of a third-party network.||Performance of a contract with you|
|Responding to enquiries, complaints or claims relating to our services.||Necessary for our legitimate interests (We may need to process your data so we can handle and resolve any enquiry, or complaint, or request, or claim raised by you or another person.).|
|To use data analytics (through the use of Google analytics cookies) to improve our website, services, customer relationships, and experiences.||Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy).|
|Disclosing your personal data to Regulatory authorities for Customs and Tax clearance, and security screening (for inbound and outbound shipments).||Necessary to comply with a Legal Obligation (we need to process personal data to comply with revenue, customs, and other applicable regulations.).|
|Retaining manifests (containing personal data) for a certain number of years||Necessary to comply with a Legal obligation|
|Collecting CVs of prospective candidates for the purpose of recruitment.||Necessary for our legitimate interests (to assess the compatibility of multiple individuals to identify the best possible candidate)|
As a Data Processor, DTDC will process personal data based on instructions from our Business customers, as reflected in the Data Processing agreements, or addendums to the larger contract, or similar legal instruments between DTDC and such customers.
HOW LONG DO WE KEEP YOUR PERSONAL DATA
We retain your personal data only for the minimum period required to fulfill the purposes of processing such as providing the services you have requested, or complying with our legal obligations, or resolving disputes, or enforcing our policies, or other essential purposes.
PROTECTION OF YOUR PERSONAL DATA
DTDC has implemented reasonable physical, technical and administrative security measures to protect your personal data from loss, misuse, alteration or destruction. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
DISCLOSURE OF YOUR PERSONAL DATA
DTDC may share your personal data with third parties in the following circumstances:
I. Third Party Courier/ Postal network: We do employ third-party courier/ postal organizations to process your orders.
II. Payment Gateway Provider: We use a third party payment gateway provider for authorizing card and bank payments made by you on our website.
III. Third Party Customer Service Platform (LiveChat): Your personal data such as Name, Email address and any other personal data attribute that you share in the Message Field will be retained in LiveChat servers and communicated to our customer care agents.
We require all third parties to respect the security of your personal data and to treat it in accordance with all applicable laws. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
In addition to the above mentioned third parties, we also share your personal data with Regulatory Authorities, as required by applicable laws. We share certain shipment data to the authorities of the country of transit or destination for customs and tax clearance or for security screening, as required by the laws of such countries.
INTERNATIONAL DATA TRANSFERS
We offer Cross Border Management Services to our customers. In line with our services, we may share your personal data with other DTDC or third-party entities established outside your country. DTDC will ensure that such international data transfers are subject to appropriate safeguards.
For data transfers from EU to outside EU, DTDC uses standard contractual clauses to safeguard the data transfer.
YOUR RIGHTS AS DATA SUBJECTS
The European Union’s General Data Protection Regulation and other countries’ privacy laws provide certain rights for data subjects. If you wish to exercise your rights as Data Subjects, please contact our Privacy team at email@example.com
You have the following rights under GDPR:
1. The right to be informed
2. Right of access
You have the right to access your personal data and details of how we process it. You can request details of the personal data that we hold about you by contacting our Privacy team. In order to service your request, we would request the following information from you:
- Proof of Identification
- Details of Processing Activity related to their access request
- Date of Processing Activity
3. Right to rectification
You have the right to have personal data about you rectified if it is inaccurate or incomplete. DTDC will ensure that personal data is kept accurate and up to date as far as is reasonably possible. However, DTDC relies on customers to ensure that some of the information it holds about them is accurate and up-to-date. We encourage customers to inform DTDC of any changes to their information (e.g. by updating your account details on DTDC websites or by contacting our Privacy team).
4. Right to object
Individuals also have the right to object to the processing of personal data based on legitimate interests.
5. Right to erasure
This right enables you to ask us to delete or remove personal data where there is no good reason for us to continue processing it or where applicable law requires erasure. Please note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
6. Right to restrict processing
You have the right to ‘block’ the processing of personal data in limited circumstances. This right may apply:
- If the accuracy of your personal data needs to be verified,
- If the legal basis for processing your personal data is disputed and needs to be considered by DTDC
- Pending verification of whether DTDC’s interests override your interests, when you exercise your right to object.
A cookie is a series of data characters that, when programmed into a website, is placed by the web server into the browser's application folder on the user’s computer. Once placed onto the user’s computer, the cookie will allow the web site to "recognize" you as a unique user of the website.