SafePorter Corporate Client or Vendor
PRIVACY NOTICE

Data that we hold and how we use it:

As a corporate client or SafePorter vendor, we hold the contact and payment details required to carry out our contract with you, data to manage our relationship and, for clients, data to keep you up to date with changes and improvements to our services. This data would have been sourced from you directly. For
potential clients or vendors, we may have collected your data from our own network, from websites
and public sources. We then use this data to contact you about solutions.

Lawful basis for processing:

For the purposed of the GDPR, our lawful basis for processing your data is a combination of
Contract and Legitimate Interest. We use legitimate interest when we use your data to keep
you up to date with changes and improvements to our goods and services. Or contact you
with a view to introducing you to our products. Our legitimate interest balancing test
indicates that this is a legitimate purpose; it is necessary for the purpose of keeping you
updated and growing our business, and unlikely to cause you risk or harm. All other data is
processed to enable us to fulfill our contract with you and manage our relationship with you.

Data Sharing and Transfers

Like most companies, we use a number of other companies as part of our data processing, for
example cloud services and technology services. We have Data Processing Agreements in
place with these providers. We also transfer your data to our accountants to ensure we are
paid appropriately. Where you are UK or EU based and data is transferred outside of the
UK/EEA, we ensure that appropriate protection and mechanisms are in place, for example
Standard Contractual Clauses. We do not sell your data to anybody

Retention Periods

We hold contact information for Corporate Clients  and SafePorter vendors for the length of time that you are a client of ours, then for another 5 years in case of any dispute.