Data Protection Notice

Introduction

MEDLOG S.A., “MEDLOG” or “we”, having its register office at Chemin Rieu 12,1208 Genève, Switzerland , is committed to protecting the privacy and security of your “Personal Data” (as defined in section 2) when acts as data controller in accordance with the Swiss Federal Act on Data Protection and any other applicable data protection laws, including the applicable data protection laws when you deal with MEDLOG`s agencies and the Regulation (EU) 2016/679 “GDPR” (collectively “Data Protection Laws”).

This data protection notice (referred to as the “Notice”) describes how we collect, use, share and transfer (together referred to as “Processing “or “Process”) Personal Data during and after the business relationship we have with our customers, their employees, and partners (together referred to as “Customer “or “you”).

MEDLOG operates through its agencies established across the world which, depending on the purpose, may act as data controller when Processing your Personal Data or Process your Personal Data on behalf of MEDLOG.

MEDLOG uses appropriate technical and organizational measures to ensure a level of safety appropriate to the risk of the Processing to grant confidentiality, availability and integrity of your Personal Data.

It is important that you read this Notice, together with any other data protection notices and MEDLOG policies we may provide on specific occasions when we are Processing Personal Data about you, so that you are aware of how and why we are using such data.

 What are the Personal Data we collect from you?

Personal Data is any piece of information relating to an identified or identifiable natural person. MEDLOG may Process the following categories of Personal Data about you:

A particular category of Personal Data is the “Sensitive Personal Data” with the meaning of 1) data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or 2) concerning health, a natural person sex life or sexual orientation. Such Sensitive Personal Data also includes genetic and biometric data, and information relating to criminal convictions and offences.

Unless strictly required under applicable laws, MEDLOG doesn`t collect Sensitive Data.

 How will we use your Personal Data about you?

We will only use your Personal Data when the law allows us to, for the following purposes (referred as “Purposes”) and corresponding legal basis as described in the following schedule:

Purpose

Type of data

Lawful basis for processing

 

 

 

To execute the obligations envisaged by the contract we have with you

Identity

Contact details

cargo description

Glocalization of the container (if required by you)

bill of lading number

container number to perform the contract with you

 

 

 

 

To perform the contract with you

 

 

To allow the performance of the security check at the terminal

 

Identity

Passport, identity card or driving license

 

 

 

To comply with a legal obligation

 

Identify Vendor details (subcontractors) following the customer’s premises

 

Driver’s license

ID card

Others

 

 

To perform the contract with you

 

Performance of the custom`s declaration to the local authority

Identification code from which we can retrieve Personal Data

identity

contact

To comply with a legal obligation when envisaged by the local jurisdiction or when the processing is necessary for the purpose of our legitimate interest

 

 

To review and improve our services

Identity

Email address

Professional information

 

 

Legitimate interest

To complete the booking

identity

contact details (i.e professional email address, professional phone number) (c) cargo description

container number

 

 

Legitimate interest

To provide you the transport service (by sea, road, rail, warehousing or through forwarding activities)

Identity

Contact

your bank details

customer code

cargo description

Glocalization of the container (if required by you)

bill of lading and contact details of the parties involved in the transportation service (i.e Consignee, notify party etc)

container number

 

 

 

 

 

Legitimate interest

 

 

To review and improve our services

 

Identity

Passport or driving license

Mail address

Professional information

 

 

Legitimate interest

 

 

Compliance check to prevent a fraud and illicit traffic (security screening, background check)

Identity

bank details

shipping data such as cargo description, container and bill of loading numbers

passport

political opinions

 

The legal obligation to comply with applicable laws and the legitimate interest to prevent the stoppage of the service

 

 

Commercial and Marketing Activities

Email address

Telephone number

IP, login data, browser type and version, time zone setting and location your preference

 

 

Your consent

 

 

Building a commercial relationship with you by keeping you informed about our business services

professional mail address

Professional telephone number

IP, login data, browser type and version, time zone setting and location of the professional device

 

 

 

Legitimate Interest

 

 

To respond to and defend against       legal claims

Identity

IP address

Passport, identity card or driving license

 

 

Legitimate interest

 

 

 

MEDLOG will only Process your Personal Data to meet the above Purposes. If we need to use your Personal Data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so or obtain your consent when it is required by the Data Protection Laws. If you fail to provide certain Personal Data when requested, we may not be able to provide the requested service, or we may be prevented from complying with our legal obligations.

 Disclosure of your personal data

We may disclose your Personal Data strictly for the Purpose(s) mentioned in section 3 to the following recipients, as described in the below list, who are required to take appropriate security measures to protect your Personal Data and to treat them only for the Purpose(s) for which they were provided and in accordance with our instructions:

We may also disclose your Personal Data to a third party when it is required by applicable law, court order or governmental regulation and when it is necessary to detect and prevent fraud or support any legal investigation or proceeding.

We may also use service providers to Process your Personal Data and in this case the service is governed by a contract that complies with the Data Protection Laws and ensures adequate protection of your rights.

In the event of the sale, merger, reorganization of part or all the business assets of MEDLOG, we may disclose your Personal Data to a third party involved in this procedure.

When Processing your Personal Data for the purposes outlined in section 3, it may be necessary for us to transfer your Personal Data outside of Switzerland or the European Economic Area. In the event that we do so, we will only transfer the Personal Data to a country which is subject to a European Commission adequacy decision or, where no such decision has been made, if appropriate safeguards have been implemented such as the stipulation of the Standard contractual clauses approved by the European Commission. If you require full details of any international transfers of your Personal Data and the applicable safeguard, please contact us at the following address: ch001-data.protection@msc.com

 Data Security

We have put in place appropriate technical and organizational security measures to ensure a level of safety appropriate to the risk and to protect Personal Data against accidental or illegal destruction, accidental loss, alteration, unauthorized disclosure, or unauthorized access, notably when transferred to another country, and against any illegal means of Processing. We also provide regular training to our employees to ensure they comply with privacy principles when handling your Personal Data.

 Retention Period

We may retain your Personal Data as long as required to fulfill the Purpose(s) for which they were collected and in compliance with MEDLOG Policies relating to the use of your Personal Data.

We shall keep your Personal Data for a longer period when we are obliged to do so by the applicable laws, regulatory requirements and for the time required to protect and defend our rights.

 Your rights to your Personal data

According to the Data Protection Laws, you are granting to exercise the following rights:

In addition to the rights and in compliance with the Data Protection Laws, you are entitled to lodge a complaint with the competent supervisory authority.

If you want to exercise the rights above described, please fill this form here, or if you have any questions about this Notice, you may address your request to ch001-data.protection@MEDLOG.com.

 Changes to this Privacy Notice

We reserve the right to update this Notice at any time and we will provide you with the update Notice when we make any substantial changes. We may also notify you in other ways from time to time about the Processing of your Personal Data.