Security Code of Conduct
Delivery Mates Overview
Delivery Mates is a Last Mile Logistics management platform which enables businesses to boost their productivity and to focus on delivering an outstanding service to their customers.
We are on a mission to change the on-demand last-mile industry because we believe that on-demand and time-sensitive deliveries have been an afterthought for too long. Re-thinking the delivery flow process represents a great opportunity for all businesses along the last mile delivery value-chain, to improve customer experience and transform frustrated customers into happy ones.
Delivery Mates employs industry-standard security best practices and fully manages our platform security, leaving users with the peace of mind necessary to focus on their operations and pursue their business objectives.
Commitments to Trust and Privacy
Trust is fundamental to our mission and inspires our everyday work. It is the responsibility of every employee at Delivery Mates to protect the privacy of our customers and of their data.
We, as data processors, work in line with the EU General Data Protection Regulation (GDPR) and we are committed to assisting our customers in complying with the law. Even customers outside of the EU will benefit because the GDPR represents a strict set of data protection rules, that protects the rights and privacy of the individual.
We are taking appropriate technical and organisational measures to guarantee that we fully comply with the GDPR, such as the minimisation of data processing, pseudonymisation of data and transparency of processes.
Delivery Mates’s Access to Customers’ Data
Customers’ data are only accessible to authorised members of staff to perform administrative tasks and for the purpose of better customer service and nothing else.
Right to access and privileges are only provided to employees when required by their business role, and a strict password and data protection policy is enforced.
All employees are informed of their responsibilities and all activities are recorded and reviewed periodically.
We are very aware that Delivery Mates is a fundamental resource for our customers’ business operations and this is something we are proud of and take extremely seriously. For this reason, we operate a failover system across multiple, separate data centres to guarantee business continuity in case of any serious incidents or disasters. This mitigates the risk to our customers due to the Delivery Mates platform becoming unavailable, and we maintain our own disaster recovery policies to further protect customers’ operations in case of a catastrophic event.
We rely on Amazon Web Services, Google Cloud Platform and a Third Operator which operate to the strictest, industry security standards and control the on-site access controls at their data centres.
Customers’ Data Retention
Customers’ data are securely archived for no longer than necessary.
The retention period of personal data is reviewed on a regular basis and takes into consideration various factors. When an account is deleted from our database, data are purged and made irretrievable after two months.
Customers’ Data Protection Best Practice
The data you enter into Delivery Mates are encrypted in transit and at rest, using SHA-256 SSL and AES-256 block-level storage encryption respectively.
To further protect the integrity and confidentiality of your data we use pseudonymisation and encryption of personal data and enforce a restricted use of any USB devices.
Any sensitive data is anonymised and kept on-site, with strict access restrictions and protocols, to maintain a high level of confidentiality.
Use of Third Parties
We employ a third-party service, Amazon Web Services (AWS), Google Cloud Platform (GCP), Cloudflare, to boost our security practices as AWS and GCP operates to the strictest, industry security standards.
We specifically share data with third parties applications as part of our data processing
More specifically, we delegate to Amazon Web Services and Google Cloud Platform the vulnerability monitoring and the implementation of firewalls and level intrusion detection systems, in addition to the hosting and storage of our data.
Rights of the Data Subject
Delivery Mates has procedures and technologies in place to enable our customers to respond to data subject’s rights introduced by the GDPR, such as the “Right to Data Portability” and the “Right to be Forgotten”.
For instance, our users are guaranteed access to data concerning themselves or any other individual in a machine-readable form without undue delay. In case an individual demands his/her data to be deleted from our database, Delivery Mates will allow users to purge those data in a rapid and efficient way.
Delivery Mates has in place the strictest measures to prevent and control data breaches. We also adopt strong breach detection, investigation and reporting procedures to ensure that all data breaches are addressed appropriately and in a timely manner to prevent any damages to be caused.
We are also committed to notifying our customers without unjustifiable delay when becoming aware of a personal data breach.