Privacy Notice On Processing Of Users' Personal Data in Singapore
Version 1.1, April 2023
This Privacy Notice describes how and why Einride Technologies (Singapore) Pte. Ltd and its global affiliates, including Einride AB (“Einride” or “We” or “Us” or “Our”) may collect, use, disclose, or otherwise process your personal data in accordance with the Personal Data Protection Act 2012 (“PDPA”) when you use Einride's services and what rights you have.PERSONAL DATA THAT WE PROCESS
We collect the following personal data about you:
- Name and contact details. First name, last name, phone number, email address.
- Login details. Email address and password.
- Device information. IP address, browser settings, operating system and platform etc.
- Information on how you interact with Us. For example, how you use the Einride Saga Platform, any download errors etc.
If you are a driver operating an Einride truck we also collect the following personal data about you:
- Location data. The location of the vehicle you operate.
- Transport planning data. For example, your driving schedule, availability windows, breaks and loading/unloading time.
SOURCES OF PERSONAL DATA
Your personal data is collected from different sources:
- From you, We collect your name and contact details, login details provided during account creation.
- When you use Einride's services, We collect device information and information on how you interact with Us.
- If you are a driver, from the Einride truck you operate, We collect your Location data and Transport planning data.
PURPOSES, LAWFUL BASIS AND RETENTION PERIODS
Processing carried out by Einride as data intermediary
We collect, use, disclose, or otherwise process most of the personal data about you on behalf of your employer or, if you are engaged as a sole proprietor, your principal (hereinafter referred to as the “Company”).
We carry out this processing in order to provide Einride’s services, such as the driver app, the customer portal or the carrier partner portal, that you use when representing your company. The legal basis for the processing carried out by Einride on the Company’s behalf is typically that the processing is necessary for the performance of your contract with the Company or for the purposes of the legitimate interests pursued by the Company, applicable as further specified by the Company.
The retention periods for each purpose are set out in the table below.
| Purposes of Processing Personal Data | Lawful Basis for Processing | Retention Periods |
|---|---|---|
| To create and administrate your user account | As further decided by the Company as set out above. | Personal data will be processed for this purpose until the user account is deleted. When a user account is deactivated by you or the Company, e.g. when you end your employment, the personal data is kept for a period of after such deactivation, in order to allow for reactivation. |
| To be able to plan and carry out the transports ordered by Einride's customers | As further decided by the Company as set out above. | Personal data will be processed for this purpose the transport ordered by Einride's customer is executed, unless they must be retained due to legal requirements, for purposes of safety, security and fraud prevention. |
| To provide support services for Einride's customers and the Company | As further decided by the Company as set out above. | Personal data will be processed for this purpose until the user account is deleted, unless they must be retained due to legal requirements, for purposes of safety, security, and fraud prevention. |
| To communicate with you | As further decided by the Company as set out above. | Personal data will be processed for this purpose until the user account is deleted, unless they must be retained due to legal requirements, for purposes of safety, security, and fraud prevention. |
| In order for the content on Our platform to be presented effectively for you on the device that you use | As further decided by the Company as set out above. | Personal data will be processed for this purpose until the user account is deleted, unless they must be retained due to legal requirements, for purposes of safety, security, and fraud prevention. |
Please contact the Company if you have any questions of the processing of your personal data in this regard.
Processing carried out by Einride for our own purposes
We also collect, use, disclose or otherwise process some of your personal data for Our own purposes as further specified below, for example in order to be able to develop Our products and services.
The lawful basis for such processing as well as retention periods per each purpose are also set out in the table below.
| Purposes of Processing Personal Data | Lawful Basis for Processing | Retention Periods |
|---|---|---|
| To conduct analyzes, including user experience analysis, and to improve and develop Our existing and new products and services. | Einride's legitimate interest to develop accurately functioning services with adequate functions | Personal data will be processed for this purpose until the user account is deleted. |
| To investigate errors or other anomalies in the platform and to defend Einride from potential legal claims | Einride's legitimate interests to defend Einride from legal claims | As Einride's customers globally have the right to present legal claims up to a period of ten years, such personal data must be stored for ten years as well in order to defend Einride from such claims. |
Please feel free to contact us if you have any questions about Our processing; see Our contact details below.
DISCLOSURE OF PERSONAL DATA
For the purposes listed above, your personal data may be shared with other trusted business partners of Einride, such as Our IT-suppliers, as it is reasonably necessary in order for Us to provide the Einride services. We may also share your personal data with other trusted business partners of Einride, such as companies that help Us with marketing services. Your personal data will also be disclosed to authorities, if We are obliged to do so by law. If and when we share your personal data with other actors, we always make sure to protect your personal data, for example by entering into necessary agreements, such as data processing agreements ("DPAs") with the relevant parties.
Some personal data about you may be processed by trusted business partners of Einride as well as by other entities within the Einride Group, located outside of Singapore (including in the EU/EEA and the United States) where reasonably necessary in order for Us to provide the Einride services. Where such processing is done, we always make sure that the recipient of your personal data is legally bound by DPAs (or other legally enforceable obligations) to protect your personal data to an extent that is at least comparable to the protection under the PDPA, and to ensure that the personal data disclosed will not be used or disclosed by these actors for any other purpose.
SECURITY
We are committed to protect your personal data. We take all appropriate and reasonable legal, technical and organizational security measures to adequately protect the personal data about you that We process. Our security measures are continuously improved in line with the development of available security products and services.
YOUR RIGHTS AND HOW TO EXERCISE THEM
You have the following rights:- You have the right to request receive access to the personal data about you that is in Our possession or control, and obtain information about how the personal data has been used or disclosed by Us in the year before your request (right of access).
- If you consider personal data about you to be inaccurate and/or incomplete, you have the right to request correction of your personal data (right to correction).
- Under some circumstances, you have the right to request erasure of personal data concerning you or request restriction of Our processing of personal data. Restriction means that personal data will only be processed for certain limited purposes.
- If you do not consent to Our collection, use, or disclosure of the personal data about you as outlined above, you have the right to notify Us of your non-consent at our contact details below.
You are welcome to contact Einride if you wish to make any request in accordance with above related to Einride's processing of your personal data, or if you have any question about Our processing of personal data. If you have any questions about the personal data processing carried out by the Company specifically, you should contact the Company.
If you consider Our processing to be wrongful or in breach of the PDPA, you are encouraged to first approach Us for clarification on Our actions and seek an amicable resolution of the matter. You also have the right to lodge a complaint to the Personal Data Protection Commission of Singapore (https://www.pdpc.gov.sg/).
CHANGES
We may change this Privacy Notice, from time to time, by publishing an updated version on Our website. All changes take effect automatically 30 days after they are published. However, if we make changes to our privacy notice that are deemed necessary to fulfill obligations under law or the authority's statement or decision, the new version shall apply immediately after it is published on Our website.
CONTACT DETAILS TO EINRIDE
Please do not hesitate to contact us if you have any questions about this Privacy Notice or would like to exercise any of your rights set out above.Email address: dataprotection@einride.tech
Postal Address: Einride Technologies (Singapore) Pte. Ltd., 25 North Bridge Road, #07-00 Singapore 179104 or Einride AB, Regeringsgatan 65, 111 56 Stockholm.