Privacy Policy & GDPR

REF: LR-PRIV-2025-Q1

Effective Date: January 1, 2025. Compliant with EU GDPR (2016/679) and CCPA.

Data Controller & Scope

Lorraine Reed International S.L. ("The Controller") processes personal data strictly for the performance of logistics contracts and compliance with international transport regulations.

Legal Basis: Processing is necessary for the performance of a contract to which the data subject is party (Art. 6(1)(b) GDPR) and for compliance with legal obligations (Customs/Tax) (Art. 6(1)(c) GDPR).

Operational Data Types

We collect only "Minimum Necessary Data" required to execute secure transport:

Identity Data: Name, Passport/ID (for Customs), Biometric Signature (POD).
Contact Data: Corporate Email (for Status Alerts), Phone Number (for Driver coordination).
Telemetry Data: Geolocation, Device IP (Anti-Fraud), Cargo Environmental Logs.
Financial Data: VAT/EORI Numbers, Insurance Policy IDs.

Zero Commercial Usage

We maintain a strict firewall between operational data and marketing activities.

STRICT PROHIBITION:

Client data is NEVER sold, rented, leased, or aggregated for third-party behavioral advertising or lead generation. Your contact details are used exclusively for system notifications (ReedSecure™ Alerts).

Security & Subprocessors

To provide our services, we share strictly encrypted data segments with authorized infrastructure providers:

Cloud Infrastructure: AWS (Frankfurt Region) - for encrypted storage.
Notification Gateway: Mailgun Technologies / Twilio - strictly for delivery of transactional alerts.
Government Bodies: HMRC, CBP, and relevant Customs Authorities as mandated by law.

Data Retention: Operational logs are retained for 7 years to comply with the Limitation Act 1980 and IATA regulations, after which they are cryptographically shredded.

Data Protection Officer (DPO)
dpo@lorrainereed.com
Torre Espacio, Paseo de la Castellana 259D, Madrid.