Updated: December 22, 2025
Introduction
Kaleris (“us”, “we”, or “our”) is firmly committed to safeguarding the privacy of individuals who interact with Kaleris websites (“Visitors”) and those affiliated with organizations utilizing our products and services (“Customers”). This Privacy Policy (“Policy”) outlines our privacy practices regarding all publicly accessible Kaleris websites (including https://kaleris.com), our online applications, and related services (“Services”).
When you use our products or services, you entrust us with your information. At Kaleris, protecting your personal information is a top priority. We implement industry-leading security measures and maintain a strong data governance framework to ensure the confidentiality, integrity, and lawful handling of your data.
We acknowledge that our customers may utilize our services to handle information related to individuals in the European Economic Area (EEA) or the United Kingdom. We are committed to assisting our customers in complying with the European Union (EU) General Data Protection Regulation (GDPR), the Data Protection Act of 2018, including the UK-GDPR (United Kingdom General Data Protection Regulation), and other applicable laws concerning any personal data of EEA or United Kingdom individuals received through our services.
Kaleris adheres to the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, as outlined by the U.S. Department of Commerce. We have certified to the U.S. Department of Commerce our commitment to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) regarding the processing of personal data received from the European Union and the United Kingdom. In case of any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall prevail. To learn more about the Data Privacy Framework (DPF) program and view our certification, please visit www.dataprivacyframework.gov.
In line with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, Kaleris commits to addressing complaints related to DPF Principles concerning the collection and use of personal information. Individuals from the EEA and the UK with inquiries or complaints regarding the handling of personal data in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF should first contact Kaleris at:
Kaleris
3460 Preston Ridge Rd. Suíte 600
Alpharetta, GA 30005
Phone: 480-714-8395
dpo@kaleris.com
Kaleris also commits to referring unresolved complaints about the handling of personal data, received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, to ICDR/AAA, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint or if we have not addressed your complaint to your satisfaction, please visit https://www.icdr.org/ for more information or to file a complaint. The services of ICDR/AAA are provided at no cost to you.
This Policy applies to all personal data processed by Kaleris related to:
This Policy does not apply to services or information provided by third parties or collected outside of Kaleris digital properties and platforms, or to websites, applications, or resources not maintained by us. When you follow a link to another website or interact with a third-party service, their privacy policy will apply.
When offering its products and services, Kaleris generally acts as a data processor and processes Personal Data on behalf of customers acting as data controllers, in accordance with applicable agreements, documented customer instructions, and relevant data protection laws.
In its role as a data processor, Kaleris restricts the processing of Personal Data to what is necessary to provide and support the contracted Services and does not determine the purposes or means of such processing.
Customers, acting as data controllers, are responsible for determining the categories of Personal Data processed through the Services, the lawful basis for processing, retention periods, and ensuring that their use of the Services complies with applicable data protection laws.
In limited and exceptional circumstances, Kaleris may act as an independent data controller, including when processing Personal Data in connection with:
In such cases, Kaleris processes Personal Data in accordance with this Privacy Policy and implements appropriate safeguards to protect the rights and freedoms of individuals.
7.1. Information Collection and Use
When Kaleris acts as a data controller, we collect personal information directly from individuals or automatically through interactions with our Services.
Providing certain personal information is voluntary; however, if such information is necessary to respond to an inquiry or provide requested Services, individuals may be notified that the information is required.
When personal information is submitted through the Services, individuals are informed of the categories of information collected and the purposes for which it is processed.
7.2. Types of Personal Data Collected
When acting as a data controller, Kaleris may collect the following categories of Personal Data:
Kaleris may use Personal Data to communicate with individuals regarding Services, provide updates, respond to inquiries, and, where permitted by law, deliver marketing or promotional communications. Individuals may opt out of marketing communications at any time.
7.3. Usage Data
Kaleris may collect information regarding how the Services are accessed and used (“Usage Data”).
Usage Data may include IP address, browser type and version, operating system, device identifiers, pages visited, access times, time spent on pages, and other diagnostic or performance-related information.
Usage Data is used to operate, secure, analyze, and improve the services.
7.4. Location Data
Where enabled, Kaleris may collect and process limited location information to support Service functionality, improve performance, and enhance user experience.
Location services may be enabled or disabled at any time through device or browser settings.
7.5. Tracking Technologies and Cookies
Kaleris uses cookies and similar tracking technologies (such as beacons, tags, and scripts) to operate, secure, analyze, and improve the Services.
Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
Examples of Cookies we use:
7.6. Use of Personal Data
Kaleris uses Personal Data for the following purposes:
Legal Basis for Processing Personal Data (GDPR)
For individuals located in the European Economic Area (“EEA”), United Kingdom, or Switzerland, Kaleris processes Personal Data based on one or more of the following legal bases:
7.7. Retention of Data
Kaleris retains Personal Data only for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.
Retention periods are determined based on contractual requirements, legal obligations, and legitimate business needs. Personal Data is securely deleted or anonymized when no longer required.
Usage Data is generally retained for a shorter period, unless it is required for security, fraud prevention, or legal compliance purposes.
7.8. International Data Transfers
Your information, including Personal Data, may be transferred to and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.
If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to the United States and process it there.
Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.
Kaleris will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.
7.9. Disclosure of Personal Data
DISCLOSURE FOR LAW ENFORCEMENT
Under certain circumstances, Kaleris may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
LEGAL REQUIREMENTS
Kaleris may also disclose Personal Data where necessary to:
7.10. Security of Data
Kaleris implements administrative, technical, and physical safeguards designed to protect Personal Data against unauthorized access, disclosure, alteration, or destruction.
While no method of transmission or storage is completely secure, Kaleris regularly reviews and updates its security controls in accordance with industry standards and risk assessments.
7.11. “Do Not Track” Signals
Do Not Track (“DNT”) is a preference you can set in your web browser to inform websites that you do not want to be tracked.
You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.
Your Data Protection Rights Under General Data Protection Regulation (GDPR) And The California Consumer Privacy Act (CCPA)
(GDPR) And The California Consumer Privacy Act (CCPA)
7.12. Individual Rights (GDPR, CCPA, and Other Applicable Laws)
Kaleris is committed to upholding the highest data subject and consumer rights standards available under the California Consumer Privacy Act (CCPA), the EU General Data Protection Regulation (GDPR), and other relevant laws. Depending on your jurisdiction, and subject to applicable law, you may have the following rights regarding your personal information we hold and process:
• Right to Access and Information
You may request confirmation of whether Kaleris processes your Personal Data and to obtain access to the categories and specific pieces of personal information we hold about you, including the purposes of processing, categories of recipients, and (where applicable) international transfers.
• Right to Correction/Rectification
You have the right to request correction of inaccurate or incomplete Personal Data.
• Right to Deletion (“Right to be Forgotten”)
You have the right to request the deletion of your Personal Data, subject to certain exceptions (such as for legal compliance, protection against fraud, or completion of a business transaction).
• Right to Restrict or Object to Processing
You have the right to:
• Object to processing for direct marketing or certain legitimate interest grounds.
Request restriction of processing where you contest the accuracy, legality, or necessity of the data being processed.
• Right to Data Portability
You have the right to receive the Personal Data you provided to us in a structured, commonly used, and machine-readable format, and to request that we transmit this data directly to another controller where technically feasible.
• Right to Withdraw Consent
If processing is based on your consent, you may withdraw your consent at any time with future effect, without affecting the lawfulness of processing before withdrawal.
• Right to Non-Discrimination (CCPA)
Kaleris will not discriminate against you for exercising any of your privacy rights. This means, for example, you will not be denied goods or services, charged different prices, or provided a different level or quality of service for exercising your rights under the CCPA.
California-Specific Rights (CCPA/CPRA)
If you are a California resident, you may have additional rights under the CCPA and CPRA, including but not limited to:
• Right to Opt-Out of Sale or Sharing: You have the right to direct us not to “sell” or “share” your Personal Information (as those terms are defined under California law). To exercise this right, click the “Do Not Sell or Share My Personal Information” link available on our homepage or contact us as specified below.
• Right to Limit Use of Sensitive Personal Information: Where applicable, you may request the restriction of use and disclosure of sensitive personal information.
• Authorized Agent: You may designate an authorized agent to make certain requests on your behalf.
European Data Subject Rights (GDPR, UK GDPR, EEA/UK/Switzerland/
Lichtenstein/Norway/Iceland)
If you are a resident of the European Economic Area, United Kingdom, or related jurisdictions, you are further entitled to:
• Right to Lodge a Complaint: If you are dissatisfied with our response, you have the right to lodge a complaint with a supervisory authority in the country of your habitual residence, your place of work, or the place of the alleged infringement.
• Right to Information on Profiling/Automated Decisions:
Kaleris does not make decisions based solely on automated processing, including profiling, that produce legal or similarly significant effects unless clearly disclosed.
Submission, Verification, and Timeframes
If you wish to exercise any right provided for in this Policy, please contact us:
Kaleris
3460 Preston Ridge Rd. Suíte 600
Alpharetta, GA 30005
Phone: 480-714-8395
For your protection, we will verify your identity prior to fulfilling any request and will respond in accordance with applicable legal timelines. Requests will be acknowledged within ten (10) business days and completed or responded to within the statutory timeline (typically 30-45 days for GDPR/CCPA requests), unless extensions are lawfully permitted.
If you submit a request through an agent, we may require written authorization and identity verification.
If we deny your request, we will provide the reason and explain any appeal or escalation mechanism available.
7.13. Service Providers
We may employ third party companies and individuals to facilitate our Service (“Service Providers”), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.
These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
Kaleris maintains contracts with these third parties restricting their access, use and disclosure of personal data in compliance with our EU-U.S. DPF Principles obligations, including the onward transfer provisions, and Kaleris remains liable if they fail to meet those obligations and we are responsible for the event giving rise to damage.
ANALYTICS
Kaleris employs third-party Service Providers to monitor, analyze, and improve the usage, performance, and effectiveness of our Services.
Google Analytics
Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network. You can opt-out of having made your activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity.
For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page.
Behavioural Remarketing
Kaleris uses remarketing services to advertise on third party websites to you after you visited our Service. We and our third-party vendors use cookies to inform, optimize and serve ads based on your past visits to our Service.
Google AdWords
Google AdWords remarketing service is provided by Google Inc. You can opt-out of Google Analytics for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page. Also recommends installing the Google Analytics Opt-out Browser Add-on for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page.
7.14. Links to Other Sites
Our Service may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.
We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.
7.15. Children’s Privacy
Kaleris takes child privacy seriously. Our Services are intended only for individuals age 18 and over. We do not knowingly collect, use, or retain personal information from anyone under the age of 18. If you are a parent or legal guardian and believe your child under 18 has provided us with personal information, please contact us immediately at dpo@kaleris.com.
Upon confirmation, we will promptly review and remove the child’s information from our servers, consistent with applicable law and best practices for children’s privacy protection.
8.1. Types of Personal Data (PII) Kaleris Collects
We collect, on behalf of the Controller, your PII when you register for an account, create, or modify your profile in our applications. For example, you input your name and email address when you create an account in any Kaleris product.
It is not the intent or purpose of any Kaleris product to collect, process and store PII of any kind. Kaleris does not want to receive or chooses to receive PII. When PII is received or collected, per the request of the data owner and for functionality of the product or service used, there are reasonable controls in place to protect the PII. Please refer to https://kaleris.com/compliance/ for more information.
For username authentication type of PII we collect and store the following information (mandatory entries in our products):
Data Minimization and Customer Control
The Kaleris provides customers with the flexibility to choose the data they want to share. It is not the intent or purpose of Kaleris to collect PII. The Kaleris products does not want to receive or store PII. Customers can choose per table and column in their application database, the data to be shared to Kaleris.
By default, Kaleris customers do not share shipping lines, consignees and agents’ information. The following information regarding trucking companies is share to Kaleris by default:
No other PII is shared with Kaleris without a customer request. Customers can choose to remove Trucking Companies PII from the default settings.
8.2. Why and How Kaleris Processes PII
We use your PII personal information to do all the things you expect from us and to meet our obligations to you under the terms and conditions in our agreements.
This includes:
The frequency of the transfer (e.g. whether the data is transferred on a one-off or continuous basis):
Nature of the processing
Purpose(s) of the data transfer and further processing
The period for which the personal data will be retained, or, if that is not possible, the criteria used to determine that period.
For transfers to (sub-) processors, also specify subject matter, nature and duration of the processing.
The nature of the transfer of data is to store the information in the cloud (hosted within the European Union).
8.3. How Kaleris Stores and Secures Your PII
All of the Kaleris products and services are built with strong security features that continuously protect your information. We also use industry standard organizational measures to secure the information we store. We have a dedicated team to make sure that your information is secured. If we do detect something risky that we think you should know about, we’ll notify you through steps to stay better protected.
The measures to ensure your PII are secured with us include:
While we implement safeguards designed to protect your information, no security system is impenetrable and due to the inherent nature of the Internet, we cannot guarantee that information, during transmission through the Internet or while stored on our systems or otherwise in our care, is absolutely safe from intrusion by others.
Furthermore, Kaleris cannot be held responsible for the misuse of administrative credentials granted to customers. This includes, but is not limited to, cases involving the creation of improper profiles for internal users, leakage of access login data, information security vulnerabilities related to the devices used to access Kaleris products and services, among other scenarios.
8.4. How Kaleris Transfers Your PII Internationally
We collect PII for some of our products or services and may transfer, process, and store your information outside of your country of residence, to wherever we or business partners operate for the purpose of providing you the products and services. All your PII are encrypted during the transfer.
List of countries we operate (we may transfer your PII information to these locations):
8.5. How Long Kaleris Keeps Your PII
We’ll use your PII for as long as you use our products and services. We’ll also keep your personal information for a certain period after you’ve stopped using our products and services.
When determining how long this period will last, we take into account our legal obligations and the expectations of data protection regulations.
8.6. What are Your Rights with Your PII
Kaleris may receive requests from its customers related to the exercise of rights by PII holders. Therefore, Kaleris will take action in accordance with the request received. See more in item 7.12.
Kaleris, as a personal data processing operator, will not directly handle requests made by PII holders. If you receive such requests, you must forward them to the Data Processing Controller for analysis and response.
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.
We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update the “effective date” at the top of this Privacy Policy.
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when posted on this page.
Representative for data subjects in the EU and UK
We value your privacy and your rights as a data subject and have therefore appointed Prighter as our privacy representative and your point of contact. Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data). If you want to contact us via our representative Prighter or make use of your data subject rights, please visit the following website. https://prighter.com/q/13894718090.
