The Customer (Data Controller) subscribes to a platform provided by Logentic Technologies, Inc.. (Data Processor) to enable shipping processes. As a natural part of providing the service, Logentic Technologies, Inc.. processes various personal data on the Customer’s behalf. This includes data concerning the Customer’s own customers—that is, information about the persons who are recipients of shipped orders.
As part of the subscription, the Data Processor (Logentic Technologies, Inc..) has access to and processes, on behalf of the Data Controller:
– The name and address of the persons receiving consignments;
– Information regarding the type of item sent and its value or price.
By virtue of providing subscription-based solutions to manage freight processes, Logentic Technologies, Inc.. stores personal data on behalf of the Data Controller. In turn, the Data Controller may exchange data with freight companies and customs authorities (if orders are cross-border).
The primary purpose of processing personal data is to manage the Data Controller’s freight processes.
The Data Processor may process personal data only to the extent necessary for the operation of the Data Controller’s subscription with Logentic Technologies, Inc.. and/or as required by applicable law.
It is emphasized that any freight companies to which personal data is disclosed are acting as Data Processors for the Data Controller—not as processors for Logentic Technologies, Inc.. In this context, Logentic Technologies, Inc.. serves solely as an intermediary.
Logentic Technologies, Inc.. shall process personal data only in accordance with the Data Controller’s instructions (e.g., as set out in the Logentic Technologies, Inc.. solution under which freight processes are managed).
The Data Processor is required to comply with all applicable personal data legislation and shall immediately notify the Data Controller if any instruction is, in its opinion, contrary to applicable data protection regulations (for example, the GDPR or its Canadian equivalents).
Logentic Technologies, Inc.. shall implement appropriate technical and organizational security measures to ensure that personal data is not destroyed, lost, degraded, or disclosed to unauthorized parties, and is not otherwise processed in breach of data protection legislation. These measures shall be in line with, for example, the requirements set out in Article 32 of the GDPR (or comparable Canadian standards).
In the event of a data breach, Logentic Technologies, Inc.. shall, without undue delay, notify the Data Controller of:
– The nature of the data breach;
– The type and number of affected data subjects, if possible, as well as the types and number of personal data records affected;
– The measures taken or proposed to address and mitigate the breach; and
– The probable consequences of the breach.
Upon request, the Data Processor shall provide sufficient information to the Data Controller to demonstrate that it has implemented the necessary technical and organizational security measures.
The Data Processor shall provide all necessary information to demonstrate compliance with applicable data protection requirements and shall cooperate with audits or inspections conducted by the Data Controller or a third-party auditor authorized by the Data Controller (all audit costs shall be borne by the Data Controller).
Logentic Technologies, Inc.. shall ensure that all individuals authorized to process personal data are bound by confidentiality obligations or statutory professional secrecy.
If a data subject requests access to or information about their personal data, the Data Processor shall immediately forward that request to the Data Controller.
The Data Processor shall assist the Data Controller by providing appropriate technical and organizational tools to help the Data Controller comply with data subjects’ rights (for example, as specified under Chapter III of the GDPR or equivalent Canadian legislation).
As an inherent part of the Logentic Technologies, Inc.. solution, the Data Processor is entitled to disclose personal data to the Data Controller’s other data processors (for example, freight companies) and to exchange data with customs authorities.
In all other cases, personal data may be disclosed or transferred to third parties or sub-processors only with the prior agreement of the Data Controller. Notwithstanding, if permitted by law, the Data Processor may transfer personal data without prior instruction.
If personal data is transferred to a sub-processor, Logentic Technologies, Inc.. shall enter into a sub-processor agreement requiring that the sub-processor is bound by conditions at least as protective as those in this section.
The Data Processor shall notify the Data Controller if it intends to add or replace sub-processors.
The Data Processor must not transfer personal data to third countries that have not been assessed as providing adequate protection (for example, according to EU Commission standards).
5.6 Foreign Sub-processor Requirements
If personal data is transferred to foreign sub-processors, the data processing agreement must include provisions requiring compliance with applicable data protection laws (such as the GDPR) and any additional local requirements.
Processing of personal data under this Agreement continues for as long as the Customer’s subscription with Logentic Technologies, Inc.. remains in force.
Even after subscription termination, the Data Processor remains bound by this Agreement as long as it retains access to personal data originating from the Data Controller.
Upon termination of the subscription, the Data Processor is required to delete any backups and all other copies of the personal data.
Logentic Technologies, Inc.. will maintain appropriate access controls to protect the Customer’s nonpublic information for the duration of this Agreement and while it retains such data.
The Customer is solely responsible for implementing and maintaining access controls on its own systems where Logentic Technologies, Inc.. is granted access as part of the service provision.
Logentic Technologies, Inc.. will restrict access to the Customer’s nonpublic information to those individuals who have a legitimate business need to access it in connection with providing the services (the “Authorized Persons”).
For the purposes of this Privacy Policy and these Terms:
The following sections (adapted from the original ShipHero notices) now apply to Logentic Technologies, Inc.. They describe how Logentic Technologies, Inc.. collects, uses, and shares Personal Data, and explain the rights of individuals. (For brevity, only key headings and summaries are provided below. In practice, these sections should be expanded to fully reflect your operational details and compliance obligations.)
Logentic Technologies, Inc.. values your privacy. This Notice explains how we collect, use, disclose, and process Personal Data for users located in Canada, in accordance with applicable federal and provincial privacy laws (such as PIPEDA and Quebec’s privacy legislation). It details:
For individuals associated with Logentic Technologies, Inc.. as employees, contractors, or applicants, this section explains what Personal Data is collected for employment-related purposes, how it is used (e.g., for payroll, benefits, performance evaluations), and your rights under applicable Canadian employment privacy laws. It specifies retention periods and data-sharing practices.
If you are located in Europe or subject to the GDPR, this Policy explains how Logentic Technologies, Inc.. processes your Personal Data. It covers:
For any questions regarding privacy, please contact our team at support@getlogentic.com.
If you have any questions or concerns regarding these Terms or our privacy practices, please contact us by mail at:
Logentic Technologies, Inc.
33 rue PrinceMontreal, QC, H3C 2M7Attention: Legal Department
