Last updated on 20 January 2022 (Version: 2.0)
Founded in 2017, we, LivingPackets SA ("LPSA"), together with our subsidiaries and affiliates ("LivingPackets", "we" , “our” or "us") were born from an idea of change. We want to connect users to each other, bringing control and transparency to their exchanges, effortlessly. To achieve this, we have designed technology solutions that evolve the delivery experience with intelligence, security and sustainability, that aim to replace hundreds of millions of cardboard boxes over the coming years.
We collect your personal data when you use our Box, our website (the “Website”) or our mobile applications (the “Application”) (collectively hereinafter referred to as our “Services”), you make a purchase, you participate in a survey, or you contact us. When you use our Services, this privacy policy will apply to you. The data controller is LPSA, having its registered office at Avenue C.F. Ramuz 80, 1009 Pully, Switzerland.
This privacy policy describes the types of personal data we collect, how and why we collect and use your personal data, when and why we might share your personal data, and your rights and choices you have to control them in accordance with the applicable laws.
Direct Links:
1. What information do we collect?
2. When do we collect your Personal Data and for what purpose?
3. How long do we keep your Personal Data?
4. How do we share your Data?
5. What are your rights and how do you exercise them?
6. Cookies
7. How do we secure personal data?
8. What is the lawfulness of processing?
9. Your California privacy rights
10. Update of our privacy policy
11. How do I delete my account?
12. Contact
We may collect personal data (“Personal Data” or “Data”) that identifies you:
either directly, such as your last name, your first name, your email address, your postal address or your phone number; or
indirectly, such as an online identifier (e.g. your account ID, your IP address, a cookie identifier) or a location data.
We may collect your Data and combine this Data with data provided by our partners:
a) You use our Services
We can collect some Data to provide you with our Services, to improve and personalize your online experience, to analyze trends and demographics, to prevent fraud and to improve the security of our Services. We may collect the following types of information:
Contact Details: this includes information such as your first name, your last name, your title, your postal address, your login and password, your email address, and your phone number (together your “Contact Details”).
Financial information: this includes your bank account number, payment status, and invoices.
Information related to the shipment and services: this includes the tracking number, tracking information, location data, the status of a shipment, the delivery location, the type of packaging, the quantity, the weight, an image of the package and customs information;
Information about the user and his preferences: this includes the shipping quantities, complaints, the progress of purchases and related business activities, communication, survey information, purchasing preferences.
Geolocation data: some of our Services and features require you to enable geolocation in your browser or app or operating system. We collect, use, and share accurate location data, including the real-time geographic location of your computer or device, to provide location-based services to you. This data is used for service purposes only. Where available, location-based services may use GPS, Bluetooth, and your IP address, as well as Wi-Fi hotspots and cell towers and other technologies to determine the approximate location of your devices. If you deactivate the respective function, your data will no longer be collected.
Technical information: this includes your browsing data and technical Information, to access to our Services and security of our Services, such as: visited pages, identifier of THE BOX, identifier of your device and the connection (IP address, MAC address), login dates and times, information concerning the browser and the operating system you use.
We use various types of technologies such as cookies (”Cookies”) to collect such Data when you use our Services or visit a third party site where we and our partners provide personalized content or carry out content use analysis.
We allow some of our partners to set and access their Cookies on your device. These partners’ use of Cookies is subject to their own privacy policies and not this privacy policy. To refuse Cookies or request their deletion as well as obtain the list of partners who are permitted to store and/or access these Cookies, please visit the Cookies section or the “What are your rights and how do you exercise them?” section below.
b) You sign up to our newsletters or ask to be contacted.
We collect your email address and other contact details when you sign up to our newsletters or ask to be contacted. You can unsubscribe at any time by clicking on the unsubscribe link available at the end of each newsletter.
c) You make a purchase or you participate in our Sharing Angel program.
We collect the Data needed to process your purchase or your participation (in particular to handle your order, participation, process invoices and payments, deliver your purchase, prevent fraud) such as your Contact Details, your bank and payment details and purchase history.
d) You are exposed to personalised advertisements or content on our Services or those of our partners.
We collect Data such as the advertisement, and the number of times it was watched, its location and the identifier of your device. We also collect information about your actions in relation to the advertisement, such as the sites visited as well as the dates and times of the visits.We may also use your Data collected to offer you personalised advertisements, products, services, or content) via our Services or those of our partners.If you wish to withdraw your consent or object to the personalisation of advertisements, please visit the “What are your rights and how do you exercise your rights?” section below.
e) You take part in a survey organised by us.
We may collect Data such as your last name, your first name, and your email addresses and survey responses.
We use this Data to administer the survey, to send you promotional offers and/or for internal statistical purposes.
f) You contact us via our customer care, customer experience team or social media.
If you contact us via our customer care or customer experience team, we collect Data such as your last name, your first name, your username, your email address, your date of birth, your postal address, depending on your questions or requests. We will record the content of our correspondence with you. This data could be used to monitor service quality and compliance, prevent fraud, or provide training for our staff and customer service teams.
If you contact us via social media, we collect some of the Data included on your profile.
g) You do not comply with our terms and conditions.
When you use our Services, we ask you to comply with our terms and conditions which are intended to protect our users, employees and our rights.
If you do not abide by these rules, you may be sanctioned including in the event of inappropriate conduct. We will keep your Data for the time needed to apply these exclusions. This Data may include for example your username, your IP address, and the identifier of your device.
Unless the law specifies a different retention period (e.g. for complying with legal, accounting, tax requirements and for managing your rights and/or our rights), we will only keep your Data for the time strictly necessary to carry out the operations for which said Data has been collected.
For example, if you purchase a product or a service from us, we retain some transactional data attached to your Contact Details to comply with legal, tax or accounting obligations, as well as to allow us to manage our rights (for example to assert our claims in Courts) during applicable laws and regulations.
At the end of this data retention period, your personal data will be erased or anonymized.
We may share your Data with:
Our partners and/or the technical service providers involved in the supply of the Services (such as for infrastructure, network and technology services, and storing, combining data, logistics, product delivery, promotion of the Services, payment Services). These partners and our service providers have to comply with applicable personal data protection laws.
The competent administrative or judicial authorities or any other authorized third party, in compliance with applicable laws. We always verify the legitimacy of the request.
Our subsidiaries involved in the administration of the Services.
Other companies we sell or transfer (or enter into negotiations to sell or transfer) any of our businesses or any of our rights or obligations under any agreement we may have with you. If the transfer or sale goes ahead, the companies receiving your personal data can use your personal data in the same way as us.
The partners who use your Data to provide you with personalized advertisements or content via Cookies: to consult the list of these partners, please visit the Cookies section.
These third-parties organizations (except our subsidiaries) have their own privacy policies which you may refer to for information about how they process your information and how to exercise your data subjects’ rights as provided under applicable laws. We do not accept any responsibility or liability for the policies of other organizations.
We may share Data to establish, exercise or defend our and/or your legal rights (this includes providing Data to our professional advisors).
Below, we set out the rights you have under the GDPR in relation to your personal data.
Obtain a copy of your Data – “Right of access and data portability”: You have a right to see the personal data we hold about you and you can request a copy of this data. You also have the right to request a copy, in an interoperable format (right to your data “portability”), of the personal data that you have provided to us for the performance of a contract with us or under your consent. You may also use it yourself or transfer it to another service provider. If you have been excluded in relation to our Services, we will not be able to give you access to the Data regarding your sanction to maintain our ability to detect or take action against such behavior.
Correct your Data – “Right to rectification”: If you believe we hold inaccurate or missing information, please let us know and we will correct it.
Object to our use of your personal data (Right to object): We will consider your objection to our use of your personal data. If on balance, your rights outweigh our interests in using your personal data, then we will at your request either restrict our use of it or delete it.
Give and withdraw your consent (Right to consent): At any time, you may withdraw your consent or object to:
The geolocation data
The reception of newsletters or email messages with news and information about our company (please use the unsubscribe link available in our newsletters and marketing emails)
The personalisation of advertisements, the sharing of your Data with some partners and the use of some categories of Cookies (please visit our Cookies section).
Right to erasure (Right to be forgotten): You can request the deletion of your Data when:
We no longer need to keep your personal data.
You have successfully made a general objection.
You have withdrawn your consent to us using your personal data (where we have relied on consent as the lawful basis for doing so).
We have unlawfully processed your personal data.
Limit the use of your data (Right to restriction of processing): you can restrict our use of your personal data (if you do not want us to delete it), if you have successfully made a general objection, you are challenging the accuracy of the personal data we hold, or we have used your personal data unlawfully.
If you object to the processing or withdraw your consent or ask for the deletion of your personal data by us, we will stop processing your personal data or erase it from our IT systems, except where we have legitimate and compelling grounds for processing, or for the purpose of ascertaining, exercising or defending its legal rights in accordance with the applicable laws and regulations.
To exercise your rights, you can also contact us via our Privacy Team but before we can facilitate these rights, we will first need to be able to identify you based on the information that we have about you.
We’d like the chance to resolve any complaints you have. However, if you feel that your rights have not been respected after having contacted us, you have the right to make a complaint to the regulatory authority in your country.
What is a “Cookie”?
We may store some information on your device when you access our Website. This information is commonly known as a “cookie”. A cookie is widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. We may use cookies or other similar technologies, or small electronic files known as web beacons, also referred to as SDKs, clear gifs, pixel tags and single-pixel gifs) (“Cookies”).
Why do we use “Cookies”?
The use of Cookies is an industry standard and is used by most major websites to provide the visitor with tailored information.
We may use Cookies in order:
to better understand how our Services are being accessed and used;
to determine if the Website and the applications are being delivered efficiently;
to enhance your online experience by customizing your use of the Website and eliminating the need for you to re-enter data every time you visit the Website;
to count users who have visited pages or opened an email and for other related Website statistics;
to provide you personalized ads and contents.
We allow some of our partners to set and access their Cookies on your device. These partners’ use of Cookies is subject to their own privacy policies and not our privacy policy.
How can you accept or refuse the use of Cookies?
Website:
Before placing Cookies in your device, a message displayed requests your consent to set up these Cookies via a banner that appears during your first visit. By consenting to place such Cookies, you give us and/or our partners the opportunity to improve our Services. You can also manage the use of Cookies at any time by setting up your browser software, using the ad blockers tool or by disabling Cookies.
Alternatively, you can adjust your browser settings to understand when these Cookies are stored on your device or to disable the Cookies by consulting your browser’s “Help” menu. Please note that these settings may affect your ability to access certain features of our Services whenever these Cookies are needed for the operation of our Services. To find out more about cookies, including how to see what cookies have been set, visit www.allaboutcookies.org.
Emails:
We adapt the content of our newsletter to your needs and interests on the basis of the data received from you and stored about you, such as your account information, order history or other information provided by you (including, for example, your participation in surveys or similar). If you have also consented to the placement of Cookies and the monitoring of your usage patterns on our Website, we use data about your use of our Website so that you can receive personalized messages that match your specific interests and preferences.
Our newsletter contains so-called tracking pixels. A tracking pixel is a thumbnail image embedded in such e-mails sent in HTML format to enable the recording and analysis of log files. This enables statistical analysis of the success or failure of online marketing campaigns. By means of the embedded tracking pixel we can see if and when an email was opened, and which links were called up in the email. You can unsubscribe from the newsletter at any time by clicking on the corresponding link at the end of the newsletter. In case of an objection or cancellation of our newsletter service, the corresponding data will be blocked and no longer processed for these purposes.
Smartphone and Tablet:
You can control the data on your Mobile by using the privacy settings on your smartphone or your tablet and activate “Limit Ad Tracking” on Apple smartphones, or “Opt-out of Ads Personalisation” on Android smartphones.
Who are our partners that use Cookies on our Services?
Website
The third-party services that we use for our websites are the following:
User experience - We use this Cookie for debugging purpose and improving the visitor experience (e.g. storage of the product ID, cache content, language selected).
Analytics - We use this Cookie to collect the information about how visitors use our Services to compile reports and to help us improve our Services.
Google - Google Analytics - https://tools.google.com/dlpage/gaoptout
Ads – We use this Cookie to make advertising more effective and relevant.
Google Remarketing and Google Ads https://policies.google.com/privacy
Facebook connect - https://www.facebook.com/policy.php
Chat - We use this Cookies to chat with you.
Crisp - https://crisp.chat/fr/privacy/
Displaying our content correctly and graphically appealing in all browsers –
Google Web Fonts - https://www.google.com/policies/privacy/
Video – We use Cookie to embed videos player on our Services.
YouTube videos - https://policies.google.com/privacy
Vimeo - https://vimeo.com/privacy
Tag Management – We use Cookies for managing the different tags we use on our Services.
Google Tag Manager - https://policies.google.com/privacy
Social media provider – We use Cookie for social media purpose.
Facebook connect - https://www.facebook.com/policy.php
Cookie preference – We use this Cookie to remember a user’s choice about cookies on our Services. Where users have previously indicated a preference, that user’s preference will be stored in this cookie.
Security - We use this Cookie to help maintain the security and performance of our website. Some traffic may receive a challenge to check if it is genuine and if it is, a Cookie is set so the user isn’t challenged again.
Mobile Applications
The third-party services that we use on our applications Mobile are the following:
Firebase - https://firebase.google.com/support/privacy
Crashlytics - https://firebase.google.com/support/privacy
You can control your data by using the privacy settings on your smartphone or your tablet and activate “Limit Ad Tracking” on Apple smartphones, or “Opt-out of Ads Personalisation” on Android smartphones.
Emails
The third-party services that we use for our newsletters and marketing emails are the following:
Sendinblue - https://www.brevo.com/fr/legal/privacypolicy/
Our website, products, applications and services may contain links to third party websites, products, and services. Our products and services may also use or offer products or services of third parties. Information collected by third parties, which may include location or contact information, is subject to their privacy practices and not this privacy policy.
In order to ensure the security and confidentiality of your Data, we implement appropriate physical, electronic and organizational procedures to safeguard and secure Data throughout our Services, in particularly, to prevent your Data from being distorted, damaged or communicated to unauthorized third parties, by ensuring an appropriate level of security with regards to the risks associated with the processing and the nature of Data to be protected.
You are responsible for keeping your password confidential. We ask you not to share your username and/or password with anyone.
We cannot guarantee the security of Data that you transfer over the internet or a telecommunication network to us; however, we do take appropriate technical and organizational measures to safeguard your personal data. In particular, your personal data is protected against unauthorized access, the confidentiality of your personal data is guaranteed, the integrity and availability of your personal data are maintained, our staff is trained in the requirements of information security and actual or suspected data protection violations are reported in accordance with applicable law. In order to guarantee the security of your data during transmission, we use state-of-the-art encryption procedures (e.g. SSL) via HTTPS.
The lawfulnesses of the data processings are:
A contract between you and us to provide you with Services (including making a purchase, access to completed assessments for a user’s purchase including managing payments, asking to leave a review or taking a survey)
A legitimate interest: offering you the best possible user experience (including understanding our product – strengths, weaknesses, opportunities and threats, testing and developing new products and services as well as improve existing ones, understanding and keeping abreast of current, new and emerging trends in our industry), administering and protecting our Services (maintaining the integrity of our IT services and network security, troubleshooting, system maintenance, support, reporting and hosting of data), managing payments, responding to your requests and questions or sending you our newsletters, keeping our records up to date.
Your consent: offering you personalized advertisements depending on your data via Cookies. You may withdraw your consent for us to process your Data.
Complying with a legal obligation: responding to complaints and queries from competent administrative or judicial authorities or any other authorized third party, in compliance with applicable laws
This privacy notice for California Residents supplements the information contained in this privacy policy and applies to visitors, users, and others who reside in the State of California. Consumers residing in California have certain rights with respect to their personal information under the California Consumer Privacy Act (“CCPA”).
Collection and Use of Personal Data: In the preceding 12 months, we may have collected the following categories of Data: identifiers, personal information categories listed in the California Customer Records statute, commercial information, internet or other similar network activity, and geolocation data. For examples of more specific information we collect and the sources of such collection, please see the section “What information do we collect?”.
Disclosure of Personal Data: We may share your Data with third parties as described in the “How do we share your Personal Data?” above. In the preceding 12 months, we have disclosed the following categories of your Data for business or commercial purposes: identifiers, personal information categories listed in the California Customer Records statute, commercial information, internet or other similar network activity, and geolocation data.
Sale of Data: California law requires that we provide transparency about your Data we “sell,” which for the purposes of the CCPA, means scenarios in which personal information is shared with third parties/partners in exchange for valuable consideration. In the preceding 12 months, we have “sold” the following categories of your Data, depending on how the CCPA is interpreted: identifiers, personal information categories listed in the California Customer Records statute, commercial information, internet or other similar network activity, and geolocation data.
Your Rights and Choices: Some US states have enacted laws (including the CCPA) that give you the ability to opt out of the sale of your Data to third parties. In effect, this will disable targeted advertising provided by our third-party partners, which means that we will no longer share your Data with third-party partners to customize your advertising experience.
We enable you to do so by using the following privacy controls.
On our website: please find in our Cookies section above the list of third parties’ privacy policies that may implement and/or access cookies on your computer or mobile device. You can opt-out by using their opt-out management tools.
On our mobile application and on our partners’ mobile applications: You may opt out of the sale of your personal information directly in the settings menu of your telephone or tablet by activating “Limit Ad Tracking” on Apple telephones, or “Opt-out of Ads Personalization” on Android telephones.
You can also opt-out of the sale of your Data by contacting our customer support team.
You also have the right to (1) request more information about the categories and specific pieces of Data we have collected, sold and disclosed for a business purpose in the last 12 months, (2) deletion of your Data, and (3) be free from discrimination for exercising your rights under the CCPA. To exercise your rights described above, please submit a verifiable consumer request to us as specified in this privacy policy.
If we need additional information to verify your identity, we will contact you to request that information. If we are not able to verify your identity, we will deny your request. If you would like to designate an authorized agent to make a request on your behalf, you must (i) provide the agent signed permission to do so, (ii) provide proof of your identity, and (iii) directly confirm you provided the authorized agent permission to submit the request. If we do not receive the above, we will deny the request.
California Shine the Light Law: California Civil Code Section 1798.83 permits users of services that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to our Privacy Team.
We may still retain your information to resolve disputes, enforce our user agreement, or comply with legal requirements.
California Do Not Track Disclosures: "Do Not Track" is an internet browser setting regarding tracking and your browser may allow you to set a DNT signal indicating that you do not wish your online activity to be tracked. As there are currently no agreed upon standards for the DNT signals or how to respond to them, our system does not support and cannot act on DNT signal headers that we may receive. However, the choices that we provide you concerning collection and use of your personal information will continue to operate as described in this privacy policy.
Please note that we may update or change this privacy policy. If we update our privacy policy, we will post those changes to other places we deem appropriate. You are deemed to have accepted the new terms of the privacy policy when you first use the Services.
You have the right to ask us to delete your personal information, subject to certain limitations and restrictions.
Please note that if you request the deletion of your personal information:
In all cases, we may retain personal information that is necessary for our legitimate business interests, such as detecting and preventing fraud and improving security.
We may store and use your personal information to the extent necessary to comply with our legal obligations.
For example, if you participate in programs such as Sharing Angel or BNR, your information will be retained for tax obligations, legal reports, and auditing purposes.
Application activity and performance data will be automatically deleted after 90 days, unless otherwise specified due to specific legal requirements.
Data shared via the Crisp chat with our customer service department may be retained for historical purposes, including for resolving disputes.
This data will be treated with the greatest care and will only be used as necessary for these purposes.
To exercise your right to be deleted or if you have any questions about the management of your personal data, please log into your LivingPackets account in the account information section.
If you have any questions about this privacy policy, please contact us.
We may process or transfer some of your data with partners who have servers or who are based outside the EEA. In such cases, your Data may be transferred to countries located outside of the European Union who provide an equivalent level of protection. In the event of transfer to other countries, the protection of your Data is especially ensured by the signature of standard contractual clauses approved by the European Commission or equivalent legal mechanisms (such as those defined in chapter V of the Regulation (UE) 2016/679 of the European Parliament and of the Council of 27th April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter "GDPR”)).
