CargoBloom LogoCargoBloom Logo
ArticlesProducts
Watchlist
Search routes...
CargoBloom LogoCargoBloom Logo

Real-time market intelligence for the logistics industry. Empowering data-driven decisions with transparency and precision.

[email protected]

Products

  • Public Hub
  • Extension
  • API
  • Watchlist

Company

  • About Us
  • Articles
  • FAQ

Legal

  • Terms of Service
  • Privacy Policy

Socials

  • X (Twitter)
  • LinkedIn

© 2025 CargoBloom. All rights reserved.

Privacy Policy

Last updated: November 30, 2024

1. Introduction

CargoBloom ("we", "our", or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and share information when you use our website and browser extension (collectively, the "Service").

This policy is designed to comply with the European Union General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws.

2. Data Controller

CargoBloom is the data controller responsible for your personal data. If you have any questions about this Privacy Policy or our data practices, you can contact us at:

  • Email: [email protected]
  • General inquiries: [email protected]

3. Information We Collect

3.1. Market Data (Extension)

When you use the CargoBloom Extension on supported third-party freight exchange platforms (Trans.eu, Timocom), we automatically collect specific market data visible on your screen. This includes:

  • Route details (Origin and Destination locations, postal codes).
  • Freight details (Vehicle body type, weight, dimensions).
  • Price information (Offered rates, currency).
  • Timestamps of the offers.

Important: We do NOT collect personal data of the parties involved in the transaction (such as driver names, phone numbers, or specific company names unless they are part of the public offer text). The data is anonymized and aggregated to calculate market averages.

3.2. Account Information

If you create an account with us, we collect your email address and authentication credentials (via Google Auth or email/password).

3.3. Usage Data

We collect information on how you access and use the Service, such as your browser type, device type, and pages visited.

3.4. Technical Data

For rate limiting and security purposes, we collect and process IP addresses. IP addresses are immediately hashed using SHA-256 encryption and are not stored in their original form. These hashed identifiers are retained for a maximum of 2 hours.

4. Legal Basis for Processing (GDPR)

Under the GDPR, we process your data based on the following legal grounds:

  • Consent (Art. 6(1)(a)): When you install the browser extension or create an account, you consent to the collection of market data and account information.
  • Contract Performance (Art. 6(1)(b)): Processing necessary to provide you with the Service you requested.
  • Legitimate Interests (Art. 6(1)(f)): We have a legitimate interest in aggregating market data to provide valuable insights to the logistics industry, improving our Service, and ensuring security through rate limiting.
  • Legal Obligation (Art. 6(1)(c)): Processing necessary to comply with legal requirements.

5. How We Use Your Information

We use the collected information for the following purposes:

  • To Provide the Service: Aggregating market data to display price indices, trends, and heatmaps.
  • To Improve the Service: Analyzing usage patterns to enhance user experience and features.
  • To Communicate: Sending you updates, security alerts, and administrative messages.
  • To Ensure Security: Rate limiting and preventing abuse of our systems.

6. Data Retention

We retain your data for the following periods:

  • Raw market offers: 30 days
  • Enriched/aggregated market data: 90 days
  • Historical snapshots: 90 days
  • Rate limiting data (hashed IPs): 2 hours
  • Account information: Until you delete your account or request deletion
  • Watchlist preferences: Until you delete your account or remove them

After these retention periods, data is automatically and permanently deleted from our systems.

7. Data Sharing and Disclosure

We do not sell your personal data. We may share information in the following circumstances:

  • Aggregated Data: We share aggregated, non-personally identifiable market data publicly on our platform and with our enterprise customers.
  • Service Providers: We use Supabase (database hosting) and Railway (application hosting) to provide our Service. These providers process data on our behalf under data processing agreements.
  • Legal Requirements: We may disclose your data if required to do so by law or in response to valid requests by public authorities.

8. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data outside the EEA, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission
  • Data processing agreements with our service providers
  • Transfers to countries with adequate data protection laws

9. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption of data in transit (HTTPS/TLS)
  • Hashing of IP addresses for privacy
  • Rate limiting to prevent abuse
  • Regular security reviews and updates

However, no method of transmission over the internet or method of electronic storage is 100% secure and reliable, and we cannot guarantee absolute security.

10. Your Data Rights

Under GDPR and other applicable laws, you have the following rights:

  • Right of Access (Art. 15): Request a copy of your personal data.
  • Right to Rectification (Art. 16): Request correction of inaccurate data.
  • Right to Erasure (Art. 17): Request deletion of your personal data ("right to be forgotten").
  • Right to Restrict Processing (Art. 18): Request limitation of processing in certain circumstances.
  • Right to Data Portability (Art. 20): Receive your data in a structured, machine-readable format.
  • Right to Object (Art. 21): Object to processing based on legitimate interests.
  • Right to Withdraw Consent (Art. 7): Withdraw consent at any time by uninstalling the extension or deleting your account.

To exercise these rights, contact us at [email protected]. We will respond within 30 days.

11. Cookies and Tracking

Our website uses essential cookies required for the Service to function properly (authentication, preferences). We do not use third-party advertising or tracking cookies. Any analytics we perform use aggregated, anonymized data.

12. Children's Privacy

Our Service is not intended for individuals under the age of 16. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at [email protected], and we will delete such information.

13. Third-Party Platforms

The CargoBloom Extension operates on third-party freight exchange platforms (Trans.eu, Timocom). We are not affiliated with these platforms, and your use of their services is governed by their respective privacy policies and terms of service. We only collect publicly visible market data and do not access your account credentials or private information on these platforms.

14. Right to Lodge a Complaint

If you believe that our processing of your personal data infringes data protection laws, you have the right to lodge a complaint with a supervisory authority. In the EU, you can contact the data protection authority in your country of residence.

15. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

16. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data rights, contact us at:

  • Privacy inquiries: [email protected]
  • General support: [email protected]