Movitus
PlatformHow it worksFAQGet started
Sign inCreate account
Back to home

Privacy Policy

1. Purpose & Scope

This privacy policy (“Privacy Policy”) explains how and for what purposes Movitus UG (haftungsbeschränkt) processes personal data when you: visit our website, use our platform, post or execute transport orders, or interact with us as a driver, shipper, carrier, or business partner. We have written this policy in clear, understandable language.

In short:

  • We process personal data to facilitate the secure, efficient, and legally compliant brokerage and execution of transport orders.
  • The legal basis is primarily the General Data Protection Regulation (GDPR).
  • For questions, you can contact us at: info@movitus.de

2. Controller

The controller under the GDPR is:

Movitus UG (haftungsbeschränkt)
Angerstraße 15
86869 Oberostendorf
Germany
Email: info@movitus.de

3. Categories of Data Subjects

We process personal data of the following groups:

  • Website visitors
  • Shippers / clients
  • Carriers / transport companies
  • Truck drivers
  • Prospects
  • Service providers / suppliers
  • Participants in online meetings

4. How and Why We Process Personal Data

4.1 Website & Platform Visitors

Data processed: IP address, browser type, operating system, referrer URL, date and time of access, usage data (page views, clicks), location data (derived from IP address), cookie data.

Purpose: Ensuring system stability, protection against cyberattacks, error analysis, platform optimization, display of relevant content.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest), Art. 6(1)(a) GDPR (consent for marketing cookies).

4.2 Shippers / Clients

When you post or execute transport orders via our platform: Data processed: Name, position within the company, company name, business address, email address, phone number, billing data, communication content, transport data (pickup address, delivery address, reference numbers).

Purpose: Execution and brokerage of transport orders, communication, invoicing, documentation (e.g., eCMR), fraud prevention.

Legal basis: Art. 6(1)(b) GDPR (contract performance), Art. 6(1)(c) GDPR (legal obligations), Art. 6(1)(f) GDPR (legitimate interest).

4.3 Carriers / Transport Companies

Data processed: Contact data, license and insurance documents, bank details, VAT ID, creditworthiness information, communication data, performance data (delivery times, damage rates).

Purpose: Contract execution, carrier vetting, quality assurance, payment processing, compliance with transport regulations.

Legal basis: Art. 6(1)(b) GDPR, Art. 6(1)(c) GDPR, Art. 6(1)(f) GDPR.

4.4 Truck Drivers

When you perform a transport as a driver: Data processed: Name, phone number, employer, driver’s license data (if applicable), ID data (if applicable), GPS position data (if enabled).

Purpose: Identification at pickup/delivery, transport coordination, shipment tracking, security measures.

Legal basis: Art. 6(1)(f) GDPR (legitimate interest in transport execution), Art. 6(1)(c) GDPR (legal obligations).

4.5 GPS Tracking

Location data is processed only if the carrier activates tracking, or the driver gives explicit consent. Purpose: Transparency for shippers, route optimization, security monitoring. No automated decision-making with legal effects takes place.

4.6 Prospects

If you contact us or we approach you for business: Data processed: Name, company, contact details, communication content. Purpose: Offer preparation, contract initiation, marketing (where legally permitted). Legal basis: Art. 6(1)(f) GDPR (legitimate interest), Art. 6(1)(a) GDPR (consent for newsletters).

4.7 Service Providers & Suppliers

For contract execution we process: contact data, billing data, contract data, bank details. Legal basis: Art. 6(1)(b) GDPR.

4.8 Online Meetings (e.g., Microsoft Teams)

For participation in video conferences: name, email address, meeting metadata, audio/video recordings (only with consent). Legal basis: Art. 6(1)(b) GDPR, Art. 6(1)(a) GDPR (for recordings).

5. Data Sharing

We may share personal data with:

  • Transport companies
  • Shippers
  • IT service providers (cloud, hosting)
  • Payment providers
  • Tax advisors / lawyers
  • Authorities (if legally required)

All processors are contractually bound under Art. 28 GDPR.

6. International Data Transfers

If data is transferred outside the EU/EEA, it is done only on the basis of an adequacy decision, or using EU Standard Contractual Clauses.

7. Retention Periods

We store personal data only as long as necessary. Typical periods:

  • Contract & invoice data: 6–10 years (tax obligations)
  • Transport data: 12 months (unless longer retention is required)
  • Application data: 6 months
  • Tracking data: max. 12 months

8. Automated Decision-Making

No automated decision-making under Art. 22 GDPR takes place.

9. Security

We apply technical and organizational measures, including: TLS/SSL encryption, access restrictions, firewalls, monitoring systems, regular security reviews. Despite high security standards, absolute security cannot be guaranteed.

10. Your Rights

You have the following rights:

  • Access (Art. 15 GDPR)
  • Rectification (Art. 16 GDPR)
  • Erasure (Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Objection (Art. 21 GDPR)
  • Withdrawal of consent (Art. 7(3) GDPR)
  • Complaint to a supervisory authority

The competent authority in Germany is the data protection authority of the respective federal state.

11. Changes to This Privacy Policy

We may update this policy due to legal or operational changes. The current version is available on our website.