The General Data Protection Regulation (“GDPR”) is an EU-wide comprehensive data protection law that replaces the Data Protection Directive to strengthen personal data governance in light of rapid technological advancements, increased globalization, and more complex international flows of personal data. 

Unlike the Data Protection Directive, the GDPR is relevant to any globally operating company that processes personal data about people present in the EU (+ Switzerland and Norway), not just those residing in the EU. Parcel Perform is fully aware of the complexities of GDPR (or German: EU Datenschutz Grundverordnung) and is committed to creating exceptional delivery experiences for your organization and your customers without compromising data protection. 

What GDPR means for parcel data 

As per terms defined under the GDPR, between Parcel Perform and our customers, Parcel Perform is the “data processor” and your company is the “data controller”. Your company as a data controller collects data from end-users, who are considered the “data subjects”. If Parcel Perform processes the personal data of the end-users, your organization remains in charge of the way it is treated through instructions. For example, if someone wants to make use of their “right to be forgotten”, Parcel Perform will delete their data as well as part of our standard services. 

As the leading parcel tracking platform, Parcel Perform receives millions of data points every day from all over the globe, including personal data of data subjects, usually email addresses, phone numbers, or residential addresses. While you are taking measures to safeguard your customer’s rights, Parcel Perform is also committed to adhering to the requirements of the GDPR to protect your data. 

Your data on Parcel Perform is protected as per EU-GDPR

Parcel Perform is EU-GDPR or EU-DSGVO compliant and we protect your data like our own. Our company has established a comprehensive Privacy Policy as we take the privacy of our customers very seriously and aim to provide a safe, reliable, and GDPR-compliant online experience:

• User Controls:

  Our system allows you to assign different kinds of user permissions to your organization's users, restricting data access to only authorized persons.

• Encryption & Data Storage:

  Unauthorized change or access of personal data is prevented through encryption “at rest” (when stored), “in motion” (when transferred), and in backups.

• Logging of Data:

  Any upload, transmission, access, and/or alteration of personal data and other data is logged by our systems.

• Data Security:

  All of our services are hosted and processed on servers of ISO 27001-certified cloud service providers Amazon Web Services (AWS), Microsoft Azure (Azure), and Google Cloud Platform (GCP) that offer robust privacy and security.

• Data Ownership:

  All your data entirely belongs to you. Parcel Perform will only use any personal data to provide our services and will delete it at your request.

• Data Recoverability & Reliability:

  We have a data recovery system in place to monitor system statuses and can restore data in the event of an unlikely technical fault. Your data is regularly updated and backed up in our system.

• Processing on behalf:

  When further sub-processors are involved in handling your data, we carry out the appropriate checks to ensure they are also operating in line with GDPR regulation. A list of our sub-processors is part of any commercial agreement and we will inform you in advance about any changes.

We make sure that GDPR is always at the forefront

• Servicing of data erasure requests:

  Your customers have a “right to be forgotten” (as mandated in Art. 17 GDPR) and Parcel Perform is equipped to service such requests. 

• Compliance documentation

  : Parcel Perform can provide legal documentation to ensure compliance with GDPR including, Data Processing Agreements (DPA), Technical and Organizational Measures (TOMs) and Standard Contractual Clauses (SCCs). 

• Data Incident Response

  : In the unlikely event that a system breaks down and the personal data of clients could be compromised, we will notify all customers immediately in accordance with legal and contractual obligations.

At Parcel Perform, our team is dedicated to helping you confidently maintain compliance when sending post-purchase communication to your customers and using our product. If you have any questions about GDPR, please contact your Account Manager or sales.