HomeAboutServicesContact
Menu
Close
Home
About
Services

Finerton Privacy Notice

  1. Introduction:

    Finerton and its affiliates (“Finerton,” “we,” “our,” or “us”) operate a technology platform providing logistics tracking, coordination, workflow automation, and related digital services (the “Platform”).

    We process Personal Data in accordance with applicable data protection laws, including the UAE Federal Decree-Law No. 45 of 2021 (PDPL), the EU General Data Protection Regulation (GDPR), and the Swiss Federal Act on Data Protection (FADP), where applicable.

    We are committed to processing Personal Data in a lawful, transparent, and secure manner.

    This Privacy Notice explains:

    • What Personal Data we collect

    • How we use and share it

    • Our role as Controller and Processor

    • Your rights under applicable data protection laws

    • How we protect Personal Data

    This Privacy Notice applies to:

    • Our websites

    • Our Platform

    • Customer and partner interactions

    • Marketing and communications

    • Business operations across our affiliated entities

  2. Scope and Data Protection Roles

    1. When Finerton acts as Controller: We act as a data controller when we determine the purposes and means of processing Personal Data, including:

      • Account registration and administration

      • Billing and commercial management

      • Website usage and analytics

      • Marketing communications

      • Vendor and partner management

      • Security and fraud prevention

      • Compliance with legal obligations

      • Internal analytics and product development

      • Service improvement and feature enhancement

      • Corporate governance and internal administration

    2. When Finerton acts as Processor: We act as a data processor when we process Personal Data on behalf of our customers in connection with their use of the Platform.  Customers may upload or transmit Personal Data relating to:

      • Their employees or users

      • Contractors or agents

      • Logistics counterparties

      • Drivers, transport providers, or warehouse personnel

      • Third parties involved in supply chain operations

      In such cases:

      • The customer is the data controller.

      • Finerton processes such data only in accordance with the applicable customer agreement and documented instructions. Where required under applicable data protection laws, such processing will be governed by a data processing agreement (“DPA”) entered into between Finerton and the relevant customer.

      Customers are responsible for ensuring that Personal Data provided to Finerton has been collected, processed, and disclosed in accordance with applicable law and that they have an appropriate legal basis to transfer such Personal Data to Finerton.

      If you are an individual whose data has been provided to us by one of our customers, you should contact that customer directly to exercise your rights.

      Finerton does not independently determine the purposes or means of processing such customer-provided Personal Data.

  3. Categories of Personal Data we Process. Depending on the context, we may process:

    We collect and process Personal Data that is adequate, relevant, and limited to what is necessary for legitimate business and operational purposes.

    • Account and Business Contact Information

      • Name

      • Job title

      • Company name

      • Email address

      • Telephone number

      • Account credentials

      • Billing details

    • Platform and Operational Data provided by customers or on their behalf

      • Names of users or third parties

      • Contact information

      • Role or function within logistics operations

      • Location or shipment-related identifiers

      • Communication records

      • Operational workflow data

    • Technical and Usage Data

      • IP address

      • Device identifiers

      • Log data

      • Browser type

      • System activity

      • Platform usage metrics

    • Communications

      • Support tickets

      • Emails and correspondence

      • Meeting records

    We collect and process Personal Data that is adequate, relevant, and limited to what is necessary for legitimate business and operational purposes.

    In some cases, we may obtain Personal Data from third parties, including business partners, customers, publicly available sources, or service providers, where permitted by applicable law.

    Finerton does not intentionally collect or process special categories of Personal Data (such as health information, biometric data, or data revealing racial or ethnic origin) unless expressly required by applicable law or agreed contractually with a customer.

  4. Cookies and Tracking Technologies: We use cookies and similar technologies (such as pixels, web beacons, and local storage) to operate, secure, and improve our websites and Platform.

    Cookies may be used for the following purposes:

    • Authentication and session management

    • Security monitoring and fraud prevention

    • Website functionality

    • Performance analytics

    • Service improvement

    Some cookies are strictly necessary for the operation of the Platform. Other cookies may be used for analytics or performance monitoring.

    Where required by applicable law, we obtain consent before placing non-essential cookies on your device. You may manage your cookie preferences through your browser settings or any cookie consent tools made available on our website.

    Certain third-party service providers may place cookies on our behalf. These providers are contractually required to process data in accordance with applicable law.

  5. Purposes of Processing: We process Personal Data for the following purposes:

    • Providing and operating the Platform

    • Enabling logistics tracking and automation workflows

    • Managing user accounts

    • Improving platform functionality and performance

    • Monitoring system security and integrity

    • Preventing fraud and misuse

    • Providing customer support

    • Complying with legal obligations

    • Enforcing contractual rights

    • Managing corporate transactions

    We may generate and use aggregated, anonymized, or de-identified data derived from Personal Data for analytics, benchmarking, security monitoring, research, product development, and service improvement purposes.

    In certain circumstances, the provision of Personal Data may be necessary to enter into or perform a contract, comply with legal obligations, or enable access to the Platform. Failure to provide required Personal Data may result in the inability to provide services.

  6. Legal basis for processing: Where required under applicable data protection laws (including GDPR, Swiss FADP, and UAE PDPL), we rely on one or more of the following legal bases:

    • Performance of a contract

    • Compliance with legal obligations

    • Legitimate business interests (or equivalent legitimate purpose under UAE PDPL), including service improvement, fraud prevention, security monitoring, and internal analytics

    • Consent (where required)

    Where processing is based on consent, consent may be withdrawn at any time without affecting the lawfulness of processing prior to withdrawal. Where we rely on legitimate interests, we assess and balance our interests against the rights and freedoms of affected individuals.

  7. Sharing of Personal Data: We do not sell personal data. We may share Personal Data with:

    • Finerton affiliates for operational, administrative, technical, governance, or security purposes

    • Cloud infrastructure and hosting providers

    • Technical service providers

    • Professional advisors

    • Auditors

    • Regulators and authorities where legally required

    • Parties involved in corporate transactions

    Finerton requires all affiliates and service providers who receive or access Personal Data to implement appropriate technical and organizational measures to protect such data, consistent with the standards required under this Privacy Notice and applicable data protection law.

    Where required by applicable law, we will provide information regarding categories of service providers and may make available additional information upon request.

  8. International Data Transfers: Personal Data may be transferred to and processed in jurisdictions outside the country in which it was originally collected.

    Where required by applicable law, we implement appropriate safeguards for cross-border transfers, which may include:

    • Contractual safeguards (EU Standard Contractual Clauses (2021) where applicable)

    • Adequacy mechanisms (European Commission adequacy decisions, where applicable)

    • Organizational and technical protections

    Such safeguards are designed to ensure that Personal Data receives a level of protection consistent with applicable data protection laws.

    Customers are responsible for ensuring that they have an appropriate legal basis for transferring Personal Data to Finerton.

  9. Data Security: We implement appropriate technical and organizational measures designed to:

    • Protect against unauthorized access

    • Prevent accidental loss

    • Maintain data integrity

    • Ensure system resilience

    Security measures are proportionate to the nature, scope, context, and sensitivity of the Personal Data processed and are designed to meet applicable legal requirements.

    Where Finerton acts as a processor, we will notify the relevant customer without undue delay following confirmation of a Personal Data breach. Where we act as a controller, we will notify affected individuals and competent authorities where required by applicable law.

  10. Data Retention: We retain Personal Data only for as long as necessary to fulfill the purposes described in this Privacy Notice, including to provide the Platform, comply with legal, accounting, or regulatory obligations, resolve disputes, enforce agreements, and protect our legitimate business interests.

    Retention periods may vary depending on the nature of the data and legal requirements.

    Upon termination of services, Personal Data processed on behalf of customers will be returned or deleted in accordance with the applicable agreement.

  11. Individual Rights: Subject to applicable law, individuals may have rights to:

    • Access Personal Data

    • Correct inaccurate data

    • Request deletion

    • Restrict or object to processing

    • Data portability

    • Withdraw consent

    Requests may be submitted to: privacy@Finerton.com

    We may require identity verification before responding.

    Individuals in the European Union or Switzerland also have the right to lodge a complaint with a competent data protection supervisory authority in their country of residence, place of work, or place of alleged infringement.

  12. Automated decision-making: Finerton does not engage in automated decision-making that produces legal or similarly significant effects on individuals without appropriate safeguards.

  13. Children’s Data: The Platform is not directed to children. We do not knowingly process Personal Data of children.

  14. Updates to this Privacy Notice: We may update this Privacy Notice from time to time. Material changes will be reflected by updating the “Last Updated” date and, where required, notifying customers.

  15. Contact Information: Finerton

    Reef Tower, 20th Floor, Unit 20-04
    Cluster O, Jumeirah Lakes Towers
    Dubai, United Arab Emirates
    P.O. Box 5003326
    Email: [privacy@Finerton.com]

    Where required under applicable law, Finerton may designate a representative within the European Union or Switzerland. Details of such representative, if appointed, will be made available on our website.

    For individuals located in the European Union or Switzerland, the relevant supervisory authority may depend on the location of the data subject or the place of the alleged infringement.