This policy describes how WOOP SOFTWARE SRL (the "Provider") collects, uses, stores and protects the personal data of users of the Woop TMS SaaS (Software as a Service) platform. We are committed to complying with all legal obligations in accordance with Regulation (EU) 2016/679 (GDPR).
1. Information About the Data Controller
Data Controller: WOOP SOFTWARE SRL
Address: ARAD, Str. EGALITĂȚII, Nr. 31, Arad County, Romania
Contact email: contact@woop.pro
2. Types of Data Collected
- Platform user data: first name, last name, authentication information.
- Driver data: copies of identity documents and other documents required for managing operations.
- Documents with expiration dates: personal documents and documents related to the company's fleet (e.g., licences, permits, insurance).
- Operational data: clients, orders, invoices, reports generated within the platform.
3. Purposes of Data Processing
The collected data is used exclusively for:
- Providing the functionalities of the Woop TMS platform, including user management and access control.
- Generating reports and managing documents with expiration dates.
- Integration with third-party services (e.g., GPS, expenses, accounting software).
4. Use of Cookies
The Provider uses cookies strictly for platform functionality. They are not used for analytics or advertising.
5. Data Storage and Deletion
Data is stored on secure servers and protected through appropriate technical and organizational measures.
Upon contract termination:
- All client data is exported and delivered to the client.
- Data is completely deleted from the platform according to a documented process.
6. Relationship with Third Parties
Client data may be transmitted to third parties through:
- XML exports and imports into other applications.
- Third-party APIs, configured by the client within the platform by entering credentials (passwords are encrypted through a hashing process to ensure security).
- Emails sent directly from the Woop TMS platform, with attached documents. These emails are sent from the address noreply@woop.pro.
The Provider does not enter into data processing agreements with these third parties unless they explicitly request it.
7. User Rights
In accordance with the GDPR, users have the following rights:
- Access to data: Users may request a copy of their personal data.
- Data rectification: Any incorrect or incomplete data can be corrected directly by the Client.
- Data deletion: Users may request the deletion of their data from the platform.
- Data portability: Data can be transferred to another controller at the Client's request.
8. Data Security
The Provider implements advanced security measures to protect data, including:
- Encryption protection for all sensitive communications.
- Data storage on servers compliant with security standards.
- Data access limited to authorized personnel only.
9. Storage Period
Data is stored for the duration of the contract and subsequently in accordance with applicable legal obligations. After contract termination, data is deleted according to the procedures described above.