Privacy Policy

1) Scope

This Policy applies to our websites (including logfex.com and subdomains), communications, marketing forms, and service delivery to current/prospective clients, suppliers, and partners.

Separate or additional notices may apply for certain services, countries, or contracts.

2) Service Model Clarifications (How We Operate)

Customs brokerage: LogFex does not provide brokerage services itself. We coordinate services via our network of independent, contracted customs brokers.
International forwarding: We provide forwarding services without owning trucks; transportation is executed with rented/chartered vehicles and partner carriers.
Warehousing & fulfillment: Offered through partner warehouses/3PLs under separate arrangements.
Corporate brand & website: We provide corporate brand development and website services.
Product compliance documentation: We prepare/compile documentation (e.g., Technical Files, DoC, labeling requirements). We are not a test laboratory and do not perform testing or issue certificates.
Supplier verification: We perform supplier due diligence/verification as part of risk management.
Labeling & packaging conformity: We provide requirements mapping and design/adaptation support.
Supply Chain Control Tower: We offer control-tower oversight (visibility, coordination, exception management) across partners in the supply chain.

Depending on the engagement, our partners may act as independent controllers or processors. Contractual safeguards are applied accordingly.

3) Data We Collect

A. Data you provide

Identity & contact (name, title, company, email, phone, address, country).
Business & compliance data (customs/HS info, invoices, packing lists, product specs, technical files, declarations, certificates, regulatory correspondence). Note: You may share test reports from third-party labs; we do not provide or conduct lab tests.
Transactional & contractual data (RFQs/quotes, POs, invoices, contracts, signatures, KYC/AML screening results where legally required).
Communications & preferences (emails, forms, support requests, marketing consents).

B. Data we obtain automatically

Technical data (IP, device, browser, OS, pages viewed, timestamps, referral/UTM) via cookies or similar technologies.
Approximate location (country/region) inferred from IP for security, compliance, or localization.

C. Data from third parties

Public sources (registries, sanctions/denied-party lists).
Partners we coordinate (carriers, customs brokers, warehouses/3PLs, fulfillment centers), payment and analytics providers.

We do not intentionally collect special category data (sensitive data) unless legally required (e.g., KYC/AML) or provided by you for a specific purpose. Please avoid sharing unnecessary sensitive data.

4) Purposes & Legal Bases

Purpose	Examples (aligned with our model)	Legal basis
Service delivery & coordination	Forwarding planning/booking with partner carriers; coordination with independent customs brokers; partner warehouse/fulfillment arrangements; control-tower coordination; product compliance documentation (no lab testing).	Contract performance; legitimate interests.
Client onboarding / KYC	Reasonable screening and identity verification where required by law or partner policies.	Legal obligation; legitimate interests.
Operations & security	Fraud prevention, access logs, incident response, platform monitoring.	Legitimate interests; legal obligation where applicable.
Marketing & analytics	Corporate brand & website communications, newsletters, campaign measurement, website analytics.	Consent where required; legitimate interests otherwise.
Legal & compliance	Recordkeeping, tax, dispute handling, regulatory requests.	Legal obligation; legitimate interests; establishment/exercise/defense of legal claims.

Where we rely on consent, you can withdraw it at any time (see “Your Rights”).

5) Cookies & Analytics

We use cookies and similar technologies to operate and secure our website, remember your settings, understand how visitors use our services, personalize certain content, and—where permitted—deliver features from partners that help us show more relevant information about our services.

What are cookies?

Cookies are small text files placed on your device by a website. They are widely used to make websites work, or work more efficiently, as well as to provide information to the site owners. We also use comparable technologies such as local storage and pixel tags for the purposes described below.

How we categorize cookies

Essential – strictly necessary for core site functions (e.g., security, load balancing, session continuity, consent storage). These cannot be switched off in our systems and do not store directly identifiable personal data.
Functional – remember choices and enhance features (e.g., language, layout, preferences). If you do not allow these, some or all of these services may not function properly.
Statistics – help us understand how the site is used (e.g., pages visited, time on site) to improve performance. We deploy analytics only after consent where required.
Advertising – used to deliver more relevant information about our services and measure campaign performance. Served only with prior consent where applicable.
Unclassified – cookies that are in the process of being categorized; these are kept to a minimum and are always on for technical integrity where used.

Legal basis & region-specific notes

Where required by law (e.g., GDPR/ePrivacy in the EEA/UK), we request your consent before setting non-essential cookies. In other regions, our use of cookies may rely on legitimate interests provided your rights and freedoms are not overridden. You may withdraw or modify consent at any time.

How you can control cookies

You can manage preferences at any time via Cookie Settings or your browser settings. Blocking some types of cookies may impact your experience of the site and the services we are able to offer.

Cookies we use (illustrative list)

Cookie	Category	Provider	Purpose	Retention
`logfex_cc`	Essential	LogFex	Stores your cookie preferences (categories and consent timestamp).	12 months
`.AspNetCore.Culture`	Essential	LogFex	Remembers the selected UI language/culture.	Up to 12 months
`.AspNetCore.Antiforgery.*`	Essential	LogFex	CSRF protection for forms.	Session
`_ga`, `_ga_*`, `_gid`, `_gat`	Statistics	Google Analytics (gtag)	Website usage metrics and performance insights (deployed only after consent in applicable regions).	24 months (varies)
`_fbp` (if used)	Advertising	Meta	Helps deliver more relevant ads and measure campaign performance (only with consent).	3 months

Retention & third parties

Cookie lifetimes vary by purpose. We aim to keep retention to what is necessary. Some cookies are set by third parties (e.g., analytics or advertising providers). Please refer to those providers’ policies for more detail about their processing and retention. Where required, non-essential third-party cookies are loaded only after you consent to their category.

Do Not Track

Browser signals like Do Not Track are not consistently honored across providers. Where a reliable signal (e.g., supported GPC) is detected and applicable to your region, we will make reasonable efforts to respect it.

For full details about how we process personal data and your rights, please see our Privacy Policy (also available in other languages via the language selector).

6) Sharing & Processors

We share personal data with trusted recipients for the purposes above:

Cloud hosting & infrastructure providers.
Analytics, CRM, email delivery, and customer support tools.
Payment processors & accounting providers.
Logistics ecosystem partners: independent customs brokers, partner carriers (rented/chartered vehicles), warehouses/3PLs, fulfillment centers.
Professional advisors and auditors; authorities where legally required.

Roles vary by engagement: some partners act as processors under our instructions; others act as independent controllers (e.g., customs brokers). We implement appropriate contracts (e.g., DPAs) and safeguards.

7) International Transfers

Where data is transferred outside your jurisdiction (e.g., from EEA/UK/Türkiye to other countries), we use lawful transfer mechanisms such as:

EU Standard Contractual Clauses (SCCs) and UK IDTA/Addendum where appropriate.
Adequacy decisions where available.
Contractual and organizational safeguards, plus transfer risk assessments.

8) Data Retention

We retain data only as long as necessary for the purposes described or as required by law.

Category	Typical retention
Contracts, invoices, customs/compliance records	5–10 years (jurisdiction-dependent statutory periods).
Client account & communications	Active relationship + up to 3 years after last activity, unless longer required.
Analytics events (pseudonymous)	14–26 months (tool configuration).
Security logs	Up to 12 months, unless needed for investigations.

9) Your Rights

Depending on your location, you may have some or all of the following rights:

Access – know whether we process your data and obtain a copy.
Rectification – correct inaccurate or incomplete data.
Erasure – request deletion where applicable.
Restriction – limit processing in certain cases.
Portability – receive data in a structured, common format.
Objection – object to processing based on legitimate interests or to direct marketing.
Consent withdrawal – withdraw consent at any time (does not affect prior processing).

Region-specific

🇪🇺 GDPR / 🇬🇧 UK GDPR – full suite of rights as above.
🇹🇷 KVKK – rights to learn whether processed, request information, correction, deletion, and objection within KVKK scope.
🇺🇸 CCPA/CPRA (California) – right to know, delete, correct, and opt-out of “sale”/“sharing” of personal information; no discrimination for exercising rights.

To exercise rights, contact info@logfex.com. We may verify your identity before responding.

10) Security

We apply administrative, technical, and organizational safeguards (access controls, encryption in transit at minimum, least-privilege, monitoring). No method is 100% secure; we maintain incident response procedures.

11) Children

Our services are B2B and not directed to children. We do not knowingly collect data from individuals under the age required by local law. If you believe a child has provided data, contact us to delete it.

12) Changes to this Policy

We may update this Policy from time to time. Material changes will be highlighted on this page and, where appropriate, notified by email or banner.

13) Contact & Regulators

Primary contact: info@logfex.com

Supervisory authorities (examples)

🇳🇱 Dutch DPA (Autoriteit Persoonsgegevens) – if our EU establishment is NL.
🇬🇧 UK ICO – for UK data subjects.
🇹🇷 Kişisel Verileri Koruma Kurumu (KVKK) – for Türkiye data subjects.

You can lodge a complaint with your local authority; we encourage contacting us first to resolve concerns.

This Policy is provided in English. Translations (TR/DE/NL/…) may be provided for convenience; in case of conflict, the English version prevails unless local law requires otherwise.

Your Privacy at LogFex

Contents